Security and privacy are the key issues for the Internet of Things (IoT) systems. Especially, secure search is an important functionality for cooperation among users’ devices and non-trusted servers. Public-key encryption with keyword search (PEKS) enables us to search encrypted data and is expected to be used between a cloud server and users’ mobile devices or IoT devices. However, those mobile devices might be lost or stolen. For IoT devices, it might be difficult to store keys in a tamper-proof manner due to prohibitive costs. In this paper, we deal with such a key-exposure problem on PEKS and introduce the concept of PEKS with key-updating functionality, which we call key-updatable PEKS (KU-PEKS). Specifically, we propose two models of KU-PEKS: the key-evolution model and the key-insulation model. In the key-evolution model, a pair of public and secret keys can be updated if needed (e.g., the secret key is exposed). In the key-insulation model, the public key remains fixed while the secret key can be updated if needed. The former model makes a construction simple and more efficient than the latter. On the other hand, the latter model is preferable for practical use since a user never updates their public key. We show constructions in each model in a black-box manner. We also give implementation results on Raspberry Pi 3, which can be regarded as a reasonable platform of IoT devices.

中文翻译：

---

可通过关键字搜索进行可密钥更新的公钥加密（或者：如何通过针对物联网环境的高效密钥更新来实现PEKS）

安全和隐私是物联网（IoT）系统的关键问题。尤其是，安全搜索是用户设备与不受信任服务器之间进行协作的重要功能。带有关键字搜索（PEKS）的公钥加密使我们能够搜索加密的数据，并且有望在云服务器与用户的移动设备或IoT设备之间使用。但是，这些移动设备可能会丢失或被盗。对于物联网设备，由于成本过高，可能难以以防篡改的方式存储密钥。在本文中，我们解决了PEKS上的这种密钥暴露问题，并介绍了具有密钥更新功能的PEKS概念，我们将其称为密钥可更新PEKS（KU-PEKS）。具体来说，我们提出了KU-PEKS的两种模型：密钥演化模型和密钥隔离模型。在密钥演化模型中，可以根据需要更新一对公共密钥和秘密密钥（例如，公开秘密密钥）。在密钥隔离模型中，公钥保持固定，而秘密密钥可以根据需要进行更新。前者的模型比后者简化了结构，并提高了效率。另一方面，后一种模型对于实际使用是可取的，因为用户从不更新其公钥。我们以黑盒方式显示每个模型的构造。我们还将在Raspberry Pi 3上给出实施结果，Raspberry Pi 3可被视为物联网设备的合理平台。