Multi-user Fuzzy Keyword Searchable Encryption Scheme Based on Certificateless Cryptosystem

Nowadays, the application prospect of cloud storage is more and more extensive, and the security problem of cloud storage has become one of the hotspots of research. Searchable encryption can make full use of the huge computing resources of cloud servers and solve the problem of secure search after data encryption and upload. However, the existing searchable encryption schemes have the problems of high computational cost, low security, and insufficient flexibility in the way of searching keywords. In order to solve these problems, we propose a new certificateless multi-user fuzzy keyword searchable encryption scheme, which introduces the key distribution center, effectively reduces the computational cost, solves the problem of certificate management and key escrow, and uses the optimized wildcard technology to realize the fuzzy search of multiple users, which is not only brings convenience to users, but also realizes flexible search methods. Finally, the analysis results show that our scheme has indistinguishable security under keyword guessing attacks. Simulation experiments and performance analysis results show that our scheme has higher computational efficiency.


Introduction
Uploading a large amount of data to cloud servers through outsourcing has become the choice of more and more people or companies, but because cloud data is out of people's control, the ensuing data leakage problem has aroused everyone's attention and discussion [1]. The traditional search based on plaintext data is no longer suitable for cloud storage. Therefore, the security of cloud data has become a problem to be solved [2]. It is necessary to design a search scheme suitable for cloud storage to deal with this problem.
Song et al. [3] first proposed the idea of searchable encryption, Boneh et al. [4] subsequently proposed the asymmetric searchable encryption scheme is the first public key encryption scheme using keyword search, which solves the problem of untrustworthy server routing, but trapdoor transmission relies on the secure channel, Chang et al.
[5] realized a more efficient index-based searchable encryption scheme by establishing a hash table corresponding to keywords and data files, Tian [6] realized identity-based search encryption without a secure channel, although the calculation overhead of the public key is reduced and the CA certification link is omitted, there is a problem of key escrow, Peng [6] et al. putted forward the concept of certificateless public key encryption, which solved the problems of certificate management and key escrow, but it did not support multi-user search and cannot support the sharing of encrypted files, Yang et al. [7] added the nature of multi-user on the basis of certificateless, but it does not support inaccurate keyword search by users. Li [8] used In view of the high computational cost and low security of existing searchable encryption schemes and inspired by research ideas on emerging computer-related topics [9], [10], [11], [12] we propose a new certificateless fuzzy keyword searchable encryption scheme. Our scheme has the following characteristics. (1) Introducing KGC to generate partial keys, avoiding the use of public key certificates. (2) Use the identity of the visiting user to realize multi-user search (3) Combine fuzzy keywords set and tree index structure to realize users' fuzzy search. (4) Random values are added in the ciphertext index and trapdoor generation stage to ensure that cloud server provider cannot tamper with the data.  • Non-degenerate. For any generators

Difficult Problem Hypothesis
Give a four-tuple ( , , , ) g ag bg cg , ,, is a Bilinear Diffie-Hellman (BDH) difficult problem. Definition. If there is no polynomial algorithm adversary (PPT) that can solve BDH with a non-negligible probability, BDH is called a difficult problem.

System model
The system model diagram of this scheme as shown in Figure 1 . CSP is responsible for receiving and storing the ciphertext file and fuzzy keywords index, and returning the ciphertext to u id . KGC is mainly responsible for generating system parameters and distributing partial keys.

Scheme Structure
Setup: Enter system parameter  , and the Key Generation Center (KGC) selects two multiplicative cyclic groups are respectively. EncInd: The data owner extracts the key set from the data file that needs to be encrypted, of which  is the key subset initialized. n is the maximum number of keywords, o id constructs the one-to-one index, and inputs the distance parameter dis, and uses the optimized wildcard algorithm and the primary keyword to generate the fuzzy keyword set Compared with the existing fuzzy searchable encryption scheme [13], this paper optimizes the wildcard algorithm, sets the three keywords after the main keyword as common spelling errors, and removes redundant generated keywords. Note that the data owner may not generate fuzzy keyword sets for sensitive keywords. The plaintext index structure of the set keywords is shown in Figure 2.

Safety Analysis
Here we introduce two types of adversaries to play a security game with a challenger, where  is defined as an adversary who does not know the master key but can replace the public key of any user. On the contrary, adversary  knows the master. The key, but it cannot replace the public key of any user. The two parties involved in the game are opponents,  or  and challenger  .  In this section, we evaluate the related schemes [7,14] from the perspectives of computing performance and functional characteristics. Among them, we have realized this scheme and scheme by simulation [7], function and calculation cost comparison are shown in Table 1.
Where √ means satisfaction, × means dissatisfaction, we define h as the execution time of a hash function, E is the execution time of a power operation, and P is the execution time of a bilinear pairing operation. It can be seen that our scheme has advantages.
The simulation experiment was run on a laptop computer with a 2.7GHZ Intel Core i7-5700HQ processor, 8GB memory and 128GB hard disk space. The simulation program is carried out in the software environment of the 64-bit Windows 10 operating system and the  Figure 3. After adding multiple users, the comparison chart is shown in Figure 4. The experiment shows that our scheme has certain advantages.

Conclusion
Certificateless searchable encryption is one of the hotspots in recent years. We propose a new certificateless multi-user fuzzy keyword searchable encryption scheme. Our scheme can be realized fuzzy keyword search requests from multiple users, while avoiding certificate management and key escrow issues, reducing computing overhead and network bandwidth, are very suitable for cloud storage environments. Security analysis shows that our scheme meets the indistinguishability under keyword guessing, and performance analysis shows that our scheme has better performance.