Server-Aided Public Key Authenticated Searchable Encryption With Constant Ciphertext and Constant Trapdoor

Public key authenticated encryption with keyword search (PAEKS) is an advanced asymmetric searchable encryption technique secure against inside keyword guessing attacks. A common application of PAEKS is searching for encrypted Electronic Health Records (EHR) within a healthcare cloud. Nevertheless, the standard PAEKS necessitates the sender (e.g., doctor) to separately encrypt the same keyword with each receiver's public key to enable multiple researchers to search for the encrypted EHR. Similarly, to search for encrypted EHRs from multiple senders, a receiver (e.g., researcher) must create distinct trapdoors for the same keyword, using each sender's public key separately. These features render the standard PAEKS impractical for use in multi-user scenarios. To resolve this challenge, we introduce the server-aided public key authenticated encryption with keyword search (SA-PAEKS) scheme, the novelty of which lies in the incorporation of two additional servers, specifically a sender server and a receiver server. With the help of these two servers, the sender encrypts the keyword just once, allowing any receiver to search for his encrypted EHR, and the receiver creates a single trapdoor to search for the encrypted EHR of any sender. When multiple sender servers and receiver servers are introduced in the system, our scheme is scalable in the sense that the size of the ciphertext and trapdoor remains constant. Furthermore, we provide a generic approach to achieve ciphertext deduplication and fast search, enhancing the overall efficiency. This approach is compatible with any PAEKS scheme and may be of independent interest. Finally, we provide both theoretical and experimental evaluations of our scheme, demonstrating its competitive performance.