@inproceedings{oai:ipsj.ixsq.nii.ac.jp:00201461,
 author = {上村, 真弘 and 矢内, 直人 and 岡村, 真吾 and ジェイソン, ポール クルーズ and Masahiro, Kamimura and Naoto, Yanai and Shingo, Okamura and Jason, Paul Cruz},
 book = {コンピュータセキュリティシンポジウム2019論文集},
 month = {Oct},
 note = {Cui ら (IEEE Trans. on Comp. 2016) によって提案された鍵集約検索可能暗号(KASE) は,マルチユーザ設定において,単一の集約鍵を通じた効率的なアクセス制御およびデータ検索が可能である.<br>しかし,著者らの知る限り,Cui らの研究および後続の研究において,安全性の定式化とその証明は正しく議論されていない.本稿では,KASE の安全性を定式化し,その安全性を満たす方式を提案する.具体的には,まずサーバが一台の設定において,暗号文と集約鍵に関してBDHE仮定とDHE仮定の下で証明可能安全な方式を示す.次に,サーバが二台の設定において,検索内容のプライバシーについてもXDH仮定の下で安全性の証明可能な方式を示す.さらに,この二つの方式に対して実装評価を行ったところ,5000個のファイルに対して,前者の方式では3秒程度,後者の方式では6秒程度で検索が可能であることを確認した., Key-aggregate searchable encryption (KASE) proposed by Cui et al. (IEEE Trans. on Comp. 2016) is able to perform access control efficiently in the multi-user setting by a single aggregate key.<br>However, to the best of our knowledge, Cui et al. and their subsequent works have never discussed the security correctly. In this paper, we discuss the security of KASE formally and propose provably secure schemes. More specifically, we first proposed a provably secure scheme with respect to encrypted files and aggregate keys under the BDHE assumption and the DHE assumption in the single-server setting, respectively. Next, in two-server setting, we propose a provably secure scheme which can guarantee the privacy for search, as well as encrypted files and aggregate keys under the XDH assumption. Furthermore, we evaluate the performance of our schemes and we show that search can be performed within about three seconds in the former scheme and within about six seconds in the latter scheme for 5000 files.},
 pages = {1195--1202},
 publisher = {情報処理学会},
 title = {証明可能安全な鍵集約検索可能暗号の構成と実装評価},
 volume = {2019},
 year = {2019}
}