Dynamic Searchable Symmetric Encryption With Efficient and Complete Access Control for Multi-User Cloud Computing

Searchable symmetric encryption (SSE) enables the storage and retrieval of encrypted data on untrusted cloud servers, while dynamic searchable symmetric encryption (DSSE) further supports updating encrypted data. To date, in multi-user environments, most DSSE schemes cannot achieve simultaneous access control for both keyword retrieval and data updates. To address this issue, we propose a new DSSE scheme with efficient and complete (keyword retrieval and update) access control for multi-user environments, named EFCAM. Our work has simultaneously achieved efficient, flexible, and fine-grained access control for keyword retrieval and updating, this is extremely rare in existing research. For update operations, we combine file index encoding and homomorphic encryption (HE) technology, so that EFCAM optimizes the calculation. To achieve flexible access control, we adopt an equality test scheme that can detect three types of update authorization. For retrieval operations, users do not need to share keys. By executing a single query, the users can effectively retrieve all the data that they have permission to access. To enhance system security and operational efficiency, we have extended EFCAM with a dynamic policy update mechanism for flexible and real-time adjustment of access control policies. We formally analyze the security of EFCAM to prove that our scheme has forward security (FS) and backward security (BS). Experimental results show that, EFCAM maintains outstanding efficiency in encrypted data retrieval and update operations within multi-user environments, while also exhibiting strong scalability.