In the field of public key cryptography (PKC), public-key encryption with keyword search (PEKS) is known as technique which enables a keyword search while the keyword is encrypted (for instance, Non-Patent Literature 1). In the following, the public-key encryption with keyword search will be referred to as PEKS.
The PEKS implements, for instance, applications like the following. It is assumed that “a sender sends a data file including confidential information via an external database (“server”, hereinafter) to a receiver”. That is, a case is considered, in which the sender uploads the data file to the server, and the receiver downloads his necessary data file from the server using a keyword search. Here, the sender and the receiver want to share both of the data file and the keyword, while the server is unaware of them.
The receiver prepares a pair of a public key and a secret key of the public key cryptography (used for encrypting and decrypting the data file itself) and a pair of a public key and a secret key of PEKS (used for encrypting a keyword and generating a search query) beforehand. Then, the receiver releases both public keys.
The sender encrypts the data file using the public key of the public key cryptography of the receiver and generates ciphertext of the data file. In addition to the above, the sender encrypts the keyword using the public key of PEKS to generate ciphertext of the keyword. In the following, the ciphertext of the keyword generated by using the public key of PEKS is referred to as an “encryption tag”. The sender uploads the ciphertext of the data file with the encryption tag to the server.
The receiver generates data corresponding to a digital signature of the keyword using the secret key of PEKS. In the following, data corresponding to the digital signature of the keyword generated by using the secret key of PEKS is referred to as a “trapdoor”. The receiver sends the trapdoor to the server as a search query. The server conducts a secret search of ciphertext of all the data files of the database for each encryption tag using the received trapdoor. Then, the server sends the ciphertext of the data file hit by the secret search to the receiver.
In this manner, PEKS takes an essential role upon implementing an outsourcing application of the encrypted data.