A. Contribution

  1. Problem addressed by the paper

The paper proposes a public-key searchable encryption scheme based on the inverted index.

  1. Solution proposed in the paper. Why is it better than previous work?

This paper overcomes one-time only search limitation on previous works. In addition, it also supports conjunctive multi-keyword search, unlike previous works. It is also more efficient and breaks the trapdoor linkability. It is more efficient because it only uses multiplication and exponentiation in the process, unlike previous works that rely heavily on expensive pairing operations. It also adds an efficient oblivious transfer protocol and combines with blind storage.

  1. The major results.

The paper provides both a theoretical analysis and a simulation study using real-world dataset of Enron email data. The simulation results show that the scheme is suitable for practical usage and the overhead is moderate.

B. Basic idea and approach. How does the solution work?

There are three entities in the system, a cloud server, a data owner and multiple users. The data owner generates the encrypted index and outsources it along with the encrypted data into the cloud. An authorized user submits a query request to the server in the form of a trapdoor which he gets from the data owner through a secure channel. After receiving the trapdoor, the cloud server matches the encrypted index with the trapdoor. Finally, the cloud server returns the matching documents as the search result.


C. Strengths

  1. A novel probabilistic trapdoor generation algorithm so that the query of related inverted lists is combined together secretly without letting the cloud server know which inverted lists are retrieved.

 D. Weaknesses

  1. It requires two rounds communication for better security. Consequently, it requires more communication bandwidth as the trade-off.
  2. The secure/encrypted index is saved in the cloud. It might leak many information if known by other party which is the index file. It should be saved in the users’ offline computers as it contains the mapping of encrypted data to the real data.
  3. An attacker might still get something by analyzing data transfer pattern by eavesdropping the patterns of trapdoors and query results.