Security Analysis and Enhancement of a Certificateless Searchable Public Key Encryption Scheme for IIoT Environments

Abstract

With the fast development of Industrial Internet of Things (IIoT), IIoT storage, which provides a lower cost, higher reliability of data, remote access services, and expandable storage space, is received much attention among enterprises and individual users. However, providing a secure IIoT storage service could be a challenging task for some situations, for example, how to search encrypted data in the IIoT. In this paper, we examine the security of a recent proposed certificateless searchable public key encryption scheme for IIoT environments by Ma et al. We find that their scheme is insecure against an off-line keyword guessing attack. Then, we propose an enhancement based on the scheme and prove the security of our enhancement with a formal model.