RESEARCH ARTICLE Efficient encryption with keyword search in mobile networks Wei-Chuen Yau 1 * , Swee-Huay Heng 2 , Syh-Yuan Tan 3 , Bok-Min Goi 4 and Raphael C.-W. Phan 5† 1 Faculty of Engineering, Multimedia University, Jalan Multimedia, 63100 Cyberjaya, Selangor Darul Ehsan, Malaysia 2 Faculty of Information Science and Technology, Multimedia University, Jalan Ayer Keroh Lama, 75450 Melaka, Malaysia 3 Faculty of Information and Communication Technology, Tunku Abdul Rahman University, Jalan Universiti, Bandar Barat, 31900 , Perak, Malaysia 4 Faculty of Engineering and Science, Tunku Abdul Rahman University, Jalan Genting Kelang, 53300 Setapak, Kuala Lumpur, Malaysia 5 Department of Electronic and Electrical Engineering, Loughborough University, Ashby Road, LE11 3TU, Leicestershire, United Kingdom ABSTRACT On these days, users tend to access to online content via mobile devices, for example, e-mails. Because these devices have constrained resources, users may wish to instruct e-mail gateways to search through new e-mails and only download those corresponding to particular keywords, such as “urgent.” Yet, this searching should not compromise the user’s privacy. A public key encryption with keyword search (PEKS) scheme achieves both these requirements. Most PEKS schemes are constructed on the basis of bilinear pairings. Recently, Khader proposed the first PEKS scheme that does not require bilinear pairings and is provably indistinguishable chosen-keyword attack (IND-CKA) secure in the standard model. Such a scheme is more efficient than pairing-based ones. In this paper, we show a drawback of Khader’s scheme in that it depends on an unnecessary security assumption: Its IND-CKA security requires its underlying identity-based encryption building block to be indistinguishable chosen-ciphertext attack secure. We construct a more efficient PEKS scheme that achieves the same level of PEKS security as Khader’s but that only requires the underlying identity-based encryption to be indistinguishable chosen-plaintext attack secure. We give a direct proof that the proposed scheme is IND-CKA secure. Our scheme outperforms other recent PEKS schemes in literature. Copyright © 2012 John Wiley & Sons, Ltd. KEYWORDS encryption; keyword search; analysis; underlying assumption *Correspondence Wei-Chuen Yau, Faculty of Engineering, Multimedia University, Jalan Multimedia, 63100 Cyberjaya, Selangor Darul Ehsan, Malaysia. E-mail: wcyau@mmu.edu.my † Part of this work was carried out while the author was visiting Multimedia University 1. INTRODUCTION To provide secure message communication within mobile networks, public key encryption schemes that allow for keyword searching, so-called public key encryption with keyword search (PEKS), are desirable. These schemes protect the confidentiality of encrypted messages but at the same time allow intermediary gateways to search encrypted messages for any keywords as instructed by the receiving mobile nodes. This is especially vital in view that mobile nodes such as personal digital assistants or mobile phones on these days allow users to connect to the Internet while on the go but have much restricted storage capacity compared with computers. Therefore, for speed of access and prolonging battery life when connecting to mobile Internet, a user may wish to only download the messages that are more important to him or her so it would be ideal if the user could instruct the gateway to search and download only those messages associated to some keywords such as “urgent” and “work.” More precisely, a PEKS scheme allows user delegates to search capabilities on publicly encrypted data to a third party without revealing information in the messages. The following PEKS application scenario is described in [1,2]. As shown in Figure 1, consider an e-mail system that consists of three entities, namely, a sender (Bob), a receiver (Alice), and a server (e-mail gateway). Bob sends an encrypted message appended with an encrypted keyword that associated with SECURITY AND COMMUNICATION NETWORKS Security Comm. Networks 2012; 5:1412–1422 Published online 8 February 2012 in Wiley Online Library (wileyonlinelibrary.com). DOI: 10.1002/sec.505 Copyright © 2012 John Wiley & Sons, Ltd. 1412