A Decryptable Attribute-Based Keyword Search Scheme on eHealth Cloud in Internet of Things Platforms

Recently, attribute-based keyword search (ABKS) schemes have been used to provide fine-grained search over encrypted data on eHealth cloud in the Internet of Things (IoT) platforms. As compared to conventional public key encryption with keyword search (PEKS) schemes, ABKS schemes provide more powerful and flexible search operations which allow encrypted data to be retrieved by multiple users that satisfy set of attributes. However, there are still some limitations and security issues on the existing ABKS schemes. Many of the existing ABKS schemes only support for the encryption of keyword and require a separate cryptographic primitive to encrypt the message. Also, most of the schemes cannot resist offline keyword guessing attacks by inside attackers (i.e., the honest-but-curious servers). A secure-channel is needed for most of the ABKS schemes to transmit the trapdoors between the server and receivers. To solve these problems, we propose a secure-channel free ciphertext-policy decryptable attribute-based keyword search (CP-DABKS) scheme. The proposed scheme allows the authorised user who satisfy the access structure to decrypt the ciphertext. Our scheme not only resists the insider keyword guessing attack, but also eliminates the secure channel for trapdoor transmission. We formally define and prove the security of the proposed CP-DABKS scheme. We also demonstrate its application on an eHealth cloud platform.