A Secure Data-Sharing Model Resisting Keyword Guessing Attacks in Edge–Cloud Collaboration Scenarios
Ye Li, Mengen Xiong, Junling Yuan, Qikun Zhang, Hongfei ZhuIn edge–cloud collaboration scenarios, data sharing is a critical technological tool, yet smart devices encounter significant challenges in ensuring data-sharing security. Attribute-based keyword search (ABKS) is employed in these contexts to facilitate fine-grained access control over shared data, allowing only users with the necessary privileges to retrieve keywords. The implementation of secure data sharing is threatened since most of the current ABKS protocols cannot resist keyword guessing attacks (KGAs), which can be launched by an untrusted cloud server and result in the exposure of sensitive personal information. Using attribute-based encryption (ABE) as the foundation, we build a secure data exchange paradigm that resists KGAs in this work. In our paper, we provide a secure data-sharing framework that resists KGAs and uses ABE as the foundation to achieve fine-grained access control to resources in the ciphertext. To avoid malicious guessing of keywords by the cloud server, the edge layer computes two encryption session keys based on group key agreement (GKA) technology, which are used to re-encrypt the data user’s secret key of the keyword index and keyword trapdoor. The model is implemented using the JPBC library. According to the security analysis, the model can resist KGAs in the random oracle model. The model’s performance examination demonstrates its feasibility and lightweight nature, its large computing advantages, and lower storage consumption.