Plaintext-Checkable EncryptionSebastien Canard, Georg Fuchsbauer, Aline Gouget, Fabien Laguillaumie, Plaintext-Checkable Encryption. Topics in Cryptology - CT-RSA 2012. ISBN 978-3-642-27953-9, pp. 332–348. February 2012. PDF, 415 Kbytes.
We study the problem of searching on encrypted data, where the search is performed using a plaintext message or a keyword, rather than a message-specific trapdoor as done by state-of-the-art schemes. The use cases include delegation of key-word search e.g. to a cloud data storage provider or to an email server, using a plaintext message. We define a new cryptographic primitive called "plaintext-checkable encryption" (PCE), which extends public-key encryption by the following functionality: given a plaintext, a ciphertext and a public key, it is universally possible to check whether the ciphertext encrypts the plaintext under the key. We provide efficient generic random-oracle constructions for PCE based on any probabilistic or deterministic encryption scheme; we also give a practical construction in the standard model. As another application we show how PCE can be used to improve the efficiency in group signatures with verifier-local revocation (VLR) and backward unlinkability. These group signatures provide efficient revocation of group members, which is a key issue in practical applications.