Report When Malicious: Deniable and Accountable Searchable Message-Moderation System

Abstract

Encrypted retrieval ensures the secure retrieval over the encrypted data without sacrificing the confidentiality. Its applications in the database systems have brought this primitive under the spotlight. Once the malicious sender sends the wrong message, conventional encrypted retrieval is arduous to provide message-moderation and even abuse reporting arises when any receiver is allowed to fabricate and convince a malicious message. We introduce the idea of searchable message-moderation, a newly exquisite framework named CleanSE that enables the system to simultaneously provide encrypted retrieval and fallacious reporting resistance. In a nutshell, CleanSE is achieved via a securely technical combination of asymmetric message franking and searchable encryption. We design two CleanSE schemes. The first, called Recon, leverages designated verifier signatures to generate a report proof such as to prevent fallacious report and undeniability, and assists with designated-server searchable encryption to protect confidentiality and privacy. Our improved scheme is called Reclean. Compared with Recon, Reclean adds an additional algorithm, Clean, to filter forged message and employs asymmetric message franking to provide stronger deniability and accountability. We implement and evaluate prototype of our CleanSE system to highlight its feasibility and practicality.