Public Key Encryption with Authorized Equality Test on Outsourced Ciphertexts for Cloud-Assisted IoT in Dual Server Model

Abstract

In cloud computing, the outsourced data face many privacy and security threats. To allow the cloud server to perform comparison, search, and classification on outsourced ciphertexts while simultaneously providing privacy guarantee, the encryption method that supports the ciphertext equality test is considered as a promising way. Users are able to authorize the cloud server to conduct the ciphertext equality test, so that two ciphertexts can be determined whether they encrypt the same message without being decrypted. In this process, users do not need to retrieve, decrypt, and then perform comparison on data; thus, the computing and communication efficiency can be greatly improved, and the privacy of user data can be guaranteed at the cloud server side. However, existing encryption schemes supporting authorized ciphertext equality test in the single server model cannot resist the keyword guessing attacks, and the solutions in the dual server model do not provide simultaneous authorization on two servers. To address these issues, this paper proposes a public key encryption scheme supporting authorized equality test on ciphertexts in the dual server model (PKE-AUT), where the primary server and secondary server must get the authorization from users before performing a sequential equality test on ciphertexts. Security and performance analysis demonstrate that the proposed PKE-AUT scheme not only guarantees the privacy of user data and authorization but also is practical in cloud-assisted IoT-related applications.