Improvement of multi-user searchable encrypted data scheme

Nowadays, since the amount of information is increasing quickly, data owners have tendency to publish their data to external service provider called Cloud Computing. Using Cloud Computing, users can reduce the burden of data management. However, since the service provider is not fully trusted, there are many challenges in securing the data stored on Cloud: integrity, availability and privacy. In this paper, we focus mainly on the third one, privacy. To ensure privacy of outsourced data, the common solution is to encrypt the data so that the server cannot know the plaintext. The problem is that: how can the authorized users access the encrypted data and how can the server perform its allowed operations for user´s request, i.e, searching, modifying, inserting, deleting such encrypted data without knowing the plaintext. To address this problem, researchers have proposed multiuser searchable encrypted data schemes which supports encrypted queries over encrypted data. Especially, C. Dong et al [1] are the newest recent authors proposing a new multi-user searchable encrypted data scheme which does not need to depend on shared key among multiple users and is efficient in key revocation. Unfortunately, C. Dong´s scheme cannot thoroughly deal with a dangerous and common attack in Cloud: collusion attack which happens when a certain user colludes with the server to learn the secret information. In this paper, we improve C. Dong´s scheme to become a completely secure scheme. Firstly, our scheme can efficiently and thoroughly prevent collusion attack with low overhead by using only one server. Secondly, to satisfy the strictly condition: the server is untrusted, our scheme does not allow the server to keep any secrete information, unlike C. Dong´s scheme in which the server keeps a partial secrete information.