# Enhancing Security and Efficiency: A Fine-Grained Searchable Scheme for Encryption of Big Data in Cloud-Based Smart Grids

^{1}

^{2}

^{3}

^{4}

^{*}

## Abstract

**:**

## 1. Introduction

#### 1.1. Motivation

#### 1.2. Contributions

#### 1.3. Related Work

#### 1.4. Organization

## 2. Preliminaries

#### 2.1. Notations

#### 2.2. Bilinear Pairs

- (1)
- Bilinearity: $\forall a,b\in {Z}_{q}^{*},\phantom{\rule{4pt}{0ex}}\forall {g}_{1},{g}_{2}\in {G}_{1}$, such that $e({g}_{1}^{a},{g}_{2}^{b})=e{({g}_{1},{g}_{2})}^{ab}$ holds.
- (2)
- Non-degeneracy: $\exists {g}_{1},{g}_{2}\in {G}_{1}$, such that $e({g}_{1},{g}_{2})\ne 1$, where 1 is the unit element of ${G}_{2}$.
- (3)
- Computability: For $\forall {g}_{1},{g}_{2}\in {G}_{1}$, there exist efficient algorithms that can compute $e({g}_{1},{g}_{2})$.

#### 2.3. Difficult Assumptions

**Assumption 1.**

**Assumption 2.**

#### 2.4. Access Tree

**Definition 1**

**.**An access tree is used to describe an access structure. Each intermediate node of tree x represents a relation function, which can be “or”, “with”, or other threshold. Assuming that $nu{m}_{x}$ denotes the number of children of a node and ${k}_{x}$ represents its threshold, $0\le {k}_{x}\le nu{m}_{x}$ is satisfied. Each leaf node of tree x represents an attribute item and threshold ${k}_{x}=1$. In implementation, it is generally necessary to adopt a top-down approach to select a polynomial of degree ${d}_{x}={k}_{x}-1$, ${q}_{x}$ for each node x, satisfying ${q}_{x}\left(0\right)={q}_{p\left(x\right)}\left(index\left(x\right)\right)$. Here, $p\left(x\right)$ denotes the parent of node x, and $index\left(x\right)$ is the index of node x.

- (1)
- When x is a leaf node, ${T}_{x}\left(S\right)=1$ if and only if $a{t}_{x}$ is an attribute in attribute set S.
- (2)
- When x is an internal node, we compute ${T}_{z}\left(S\right)$ for each child z of x. ${T}_{x}\left(S\right)=1$ if and only if there are at least ${k}_{x}$ children.

## 3. System Model and Security Model

#### 3.1. System Model

**Definition 2.**

- (1)
- System Initialization: This PPT algorithm is executed by the $KGC$ to initialize the global system. Taking security parameter λ as input, it outputs the system master key, $MK$, and the system public parameters, $params$.
- (2)
- Encryption: This PPT algorithm is executed by the $DO$ to perform encryption. Taking the system public parameters, $params$, data m, keywords ${w}_{m}$ and access structure T as input, it outputs the ciphertext, $CT$, which is then uploaded to the cloud.
- (3)
- User Private Key Generation: This PPT algorithm is executed by the $KGC$ to generate a user private key. Taking the system public parameters, $params$, the system master key, $MK$, and attribute set S as input, it outputs a user private key, $SK$.
- (4)
- Trapdoor Generation: This PPT algorithm is executed by the $DU$ to generate a search trapdoor. Taking the system public parameters, $params$, the user private key, $SK$, and keyword w as input, it outputs the trapdoor, ${Trap}_{w}$.
- (5)
- Search and Transformation: This PPT algorithm is executed by the $CSP$ to perform search and transformation operations. Taking the system public parameters, $params$, the keyword ciphertext, $CT$, and trapdoor ${Trap}_{w}$ as input, it outputs the search result and server-aided decrypted ciphertext $C{T}^{\prime}$ and returns them to the search user.
- (6)
- Decryption: This PPT algorithm is executed by the $DU$ to perform decryption. Taking the system public parameters, $params$, the ciphertext, $C{T}^{\prime}$, and private key $SK$ as input, it outputs plaintext data m.

#### 3.2. Security Model

**Definition 3**

- (1)
- If attribute set S satisfies access tree ${T}_{*}$, key queries of S are prohibited.
- (2)
- If attribute set S satisfies access tree ${T}_{*}$, trapdoor queries with $(S,{w}_{1}^{*})$ and $(S,{w}_{2}^{*})$ are prohibited.

**Definition 4**

**.**Assuming that ${\mathcal{A}}_{1}$ is the attacker and $\mathcal{C}$ is the challenger, the INA-KGA security model can be defined by security game $Gam{e}_{KGA}$ between the challenger, $\mathcal{C}$, and the attacker, ${\mathcal{A}}_{1}$, and game $Gam{e}_{KGA}$ is described as follows:

- (1)
- Encryption of data m, $w\in \{{w}_{0},{w}_{1}\}$, and access structures T (${S}_{*}$ satisfies T) is not permitted.
- (2)
- Private key queries on attribute set ${S}_{*}$ are not permitted.

## 4. Construction of the SA-CP-SABE Scheme

- 1.
- System initialization: this algorithm selects two multiplicative groups $({G}_{1},{G}_{2})$ with the same prime order q. We define bilinear map $e:{G}_{1}\times {G}_{1}\to {G}_{2}$, and g is the generator of group ${G}_{1}$. We choose four random numbers $a,b,d,u\in {Z}_{q}^{*}$ and compute $f={g}^{d}$, ${K}_{1}=e{(g,g)}^{a}$ and ${K}_{2}=e{(g,g)}^{b}$. We define hash function $H:{\{0,1\}}^{*}\to {G}_{1}$. Finally, PKG publishes system parameters $params=\{{G}_{1},{G}_{2},{K}_{1},{K}_{2},H,{g}^{u}\}$ and the secret system master key $MK=\{a,b,d,u\}$. We use ${L}_{i,s}={\prod}_{l\in I,l\ne i}(x-l)/(i-l)$ to denote the Lagrange coefficients of $i\in {Z}_{q}$ and $S=\{{s}_{1},{s}_{2},\cdots ,{s}_{m}\in {Z}_{q}\}$.
- 2.
- Encryption: Given data $m\in {\{0,1\}}^{*}$ and keyword ${w}_{m}\in {G}_{2}$, the DO selects a symmetric encryption algorithm $(Enc,Dec)$ and encryption key $ck$ and encrypts m with algorithm $Enc$ and key $ck$ represented as ${C}_{m}=En{c}_{ck}\left(m\right)$. Then, we define access structure T and encrypt $ck$ and keyword ${w}_{m}$ according to T in the following steps:
- (1)
- We randomly select $r\in {Z}_{q}^{*}$ and calculate ${C}_{ck}=ck\xb7{K}_{1}^{r}$, ${C}_{w}=e(H{\left(w\right)}^{r},{g}^{u})\xb7{K}_{2}^{r}$, $C={f}^{r}$.
- (2)
- Using a top-down approach, we start from the root node, and for each node x, we select polynomial ${q}_{x}$ of degree ${d}_{x}={k}_{x}-1$. When x is the root node, we make ${q}_{x}\left(0\right)=r$. Otherwise, we let ${q}_{x}\left(0\right)={q}_{p\left(x\right)}\left(index\left(x\right)\right)$ where $p\left(x\right)$ is the parent of node x and $index\left(x\right)$ is the index of node x. We let Y denote the set of all leaf nodes. Each leaf node y corresponds to a specific attribute value, which is denoted as $a{t}_{y}$. We compute $C{T}_{at}=\left\{\forall a{t}_{y}\in Y:{C}_{y}^{1}={g}^{{q}_{y}\left(0\right)},{C}_{y}^{2}=H{\left(a{t}_{y}\right)}^{{q}_{y}\left(0\right)}\right\}$.
- (3)
- Finally, we upload ciphertext $\{T,{C}_{m},{C}_{ck},{C}_{w},C,{C}_{at}\}$ to the cloud.

- 3.
- User Private Key Generation: Once the KGC receives a request from a data user (with attribute set S) to generate a key, it first randomly selects $s\in {Z}_{p}^{*}$ and calculates ${D}_{d}={g}^{a}{g}^{s}$ and ${D}_{s}={g}^{\frac{b+s}{d}}$. Then, we randomize ${r}_{i}\in {Z}_{q\phantom{\rule{4pt}{0ex}}i=1,2,\cdots ,\left|S\right|}^{*}$ and calculate ${L}_{S}=\left\{\forall a{t}_{i}\in S:\phantom{\rule{4pt}{0ex}}{D}_{i}={g}^{s}H{\left(a{t}_{i}\right)}^{{r}_{i}},{{D}_{i}}^{\prime}={g}^{{r}_{i}}\right\}$. Finally, we send $SK=\left\{{D}_{d},{D}_{s},{L}_{S}\right\}$ to the data user.
- 4.
- Trapdoor Generation: When the data user requests the search permission of keyword w from the KGC, the KGC randomly selects k and calculates ${T}_{w}=H{\left(w\right)}^{\frac{u}{d}}{g}^{\frac{k}{d}}$ and ${g}^{k}$, and returns it to the data user. After receiving it, the data user calculates the trapdoor,$$Tra{p}_{w}=\left\{\begin{array}{cc}\hfill \phantom{\rule{1.em}{0ex}}& T{r}_{1}={D}_{s}\xb7{T}_{w},\hfill \\ \hfill \phantom{\rule{1.em}{0ex}}& {{Tr}_{S}}^{\prime}=\left\{\forall a{t}_{i}\in S:\phantom{\rule{4pt}{0ex}}{E}_{i}={g}^{k}{D}_{i},{{E}_{i}}^{\prime}={{D}_{i}}^{\prime}\right\}\hfill \end{array}\right\},$$
- 5.
- Search and Transform: Upon receiving $Tra{p}_{w}$, the cloud first verifies whether the user’s attribute set S satisfies access control tree T in ciphertext $CT$. If not, it returns ⊥. Otherwise, the search is conducted as follows:
- (1)
- The cloud defines two recursive algorithms, $Test(CT,Tra{p}_{w},x)$ and $CS(CT,x)$, which take as input ciphertext $CT$, trapdoor $Tra{p}_{w}$, attribute set S, and node x in access tree T and return the result as follows. The actual attribute $a{t}_{x}=attr\left(x\right)$ is used to represent leaf node x.
- (i)
- If x is a leaf node and $a{t}_{x}=attr\left(x\right)\in S$, then we define$$\begin{array}{cc}\hfill Test(CT,Tra{p}_{w},x)& =\frac{e({E}_{i},{C}_{x}^{1})}{e({{E}_{i}}^{\prime},{C}_{x}^{2})}\hfill \\ \hfill \phantom{\rule{1.em}{0ex}}& =\frac{e({g}^{k}{g}^{r}H{\left(a{t}_{x}\right)}^{{s}_{x}},{g}^{{q}_{x}\left(0\right)})}{e({g}^{{s}_{x}},H{\left(a{t}_{x}\right)}^{{q}_{x}\left(0\right)})}\hfill \\ \hfill \phantom{\rule{1.em}{0ex}}& =e{(g,g)}^{(k+s){q}_{x}\left(0\right)}\hfill \end{array}$$$$CS(CT,x)={C}_{x}^{1}$$
- (ii)
- If x is a leaf node and $a{t}_{x}=attr\left(x\right)\notin S$, then we define $Test(CT,Tra{p}_{w},x)=\perp $, $CS(CT,x)=\perp $.
- (iii)
- If x is a non-terminal node, then we create the set ${A}_{x}=\left\{z\left|Test\right(CT,Tra{p}_{w},z)\ne \perp \right\}$ where z is the left child of node x. When $\left|{A}_{x}\right|$ is less than the threshold ${k}_{x}$, we make $Dec(CT,SK,x)=\perp $. Otherwise, we choose a subset of ${A}_{x}$ that satisfies $\left|{{S}_{x}}^{\prime}\right|={k}_{x}$, ${{S}_{x}}^{\prime}\subseteq {A}_{x}$ and denote the set $\{i=index\left(z\right)|z\in {{S}_{x}}^{\prime}\}$ by ${S}_{x}$. Finally, we define$$\begin{array}{cc}\hfill \phantom{\rule{1.em}{0ex}}& Test(CT,Tra{p}_{w},x)\hfill \\ \hfill \phantom{\rule{1.em}{0ex}}& =\prod _{z\in {{S}_{x}}^{\prime}}Test{(CT,Tra{p}_{w},z)}^{{L}_{i,{S}_{x}}\left(0\right)}\hfill \\ \hfill \phantom{\rule{1.em}{0ex}}& =e{(g,g)}^{(k+s){q}_{x}\left(0\right)}\hfill \end{array}$$$$\begin{array}{cc}\hfill \phantom{\rule{1.em}{0ex}}& CS(CT,x)\hfill \\ \hfill \phantom{\rule{1.em}{0ex}}& =\prod _{z\in {{S}_{x}}^{\prime}}CS{(CT,z)}^{{L}_{i,{S}_{x}}\left(0\right)}\hfill \\ \hfill \phantom{\rule{1.em}{0ex}}& ={g}^{{q}_{x}\left(0\right)}\hfill \end{array}$$

- (2)
- The cloud calls $Test(CT,Tra{p}_{w},R)$ and $CS(CT,R)$ to obtain $e{(g,g)}^{(k+s)r}=Test(CT,Tra{p}_{w},R)$ and ${g}^{r}=CS(CT,R)$, respectively, where R is the root node.
- (3)
- Ciphertext Verification.The cloud server verifies whether $e(T{r}_{1},C)={C}_{w}\xb7Test(CT,Tra{p}_{w},R)$ holds.
- (i)
- If it holds, it implies that the keyword of the ciphertext matches the keyword in the trapdoor. Therefore, the cloud returns the ciphertext as follows:$$C{T}^{\prime}=\{{C}_{m},{C}_{ck},{C}_{R}=Test(CT,Tra{p}_{w},R),{C}_{s}=CS(CT,R)\}$$
- (ii)
- If it does not hold, it indicates that the ciphertext is not the one searched by the data user.In fact, here are$$\begin{array}{cc}\hfill e(T{r}_{1},C)& =e({D}_{s}\xb7{T}_{w},{f}^{r})\hfill \\ \hfill \phantom{\rule{1.em}{0ex}}& =e({g}^{\frac{b+s}{d}}H{\left(w\right)}^{\frac{u}{d}}{g}^{\frac{k}{d}},{g}^{dr})\hfill \\ \hfill \phantom{\rule{1.em}{0ex}}& =e({g}^{b+s+k}H{\left(w\right)}^{u},{g}^{r})\hfill \\ \hfill \phantom{\rule{1.em}{0ex}}& =e(H{\left(w\right)}^{u},{g}^{r})e{(g,g)}^{br}e{(g,g)}^{(k+s)r}\hfill \\ \hfill \phantom{\rule{1.em}{0ex}}& ={C}_{w}\xb7Test(CT,Tra{p}_{w},R)\hfill \end{array}$$

- 6.
- Decryption: The data user receives $C{T}^{\prime}$ and calculates $ck=\frac{{C}_{ck}\xb7{C}_{R}}{e({D}_{d}{g}^{k},{C}_{s})}$. Finally, the data user can obtain the plaintext $m={Dec}_{ck}\left({C}_{m}\right)$.

## 5. Analysis of the SA-CP-SABE Scheme

#### 5.1. Security Analysis

**Theorem 1.**

**Proof.**

- (1)
- If attribute set S satisfies access tree ${T}_{*}$, key queries of S are prohibited.
- (2)
- If attribute set S satisfies access tree ${T}_{*}$, trapdoor queries with $(S,{w}_{1}^{*})$ and $(S,{w}_{2}^{*})$ are prohibited.

**Theorem 2.**

**Proof.**

- (1)
- We randomly select $l,{r}_{i}\in {Z}_{q\phantom{\rule{4pt}{0ex}}i=1,2,\cdots ,\left|{S}_{*}\right|}^{*}$ and calculate$$T{r}_{{S}_{*}}^{\prime}=\left\{\begin{array}{cc}\hfill \phantom{\rule{1.em}{0ex}}& \forall a{t}_{i}\in {S}_{*}:\phantom{\rule{4pt}{0ex}}{D}_{i}={R}^{l}{g}^{{r}_{i}{r}_{a{t}_{i}}}={R}^{l}H{\left(a{t}_{i}\right)}^{{r}_{i}},\hfill \\ \hfill \phantom{\rule{1.em}{0ex}}& {{D}_{i}}^{\prime}={g}^{{r}_{i}}\hfill \end{array}\right\}.$$
- (2)
- We calculate $T{r}_{1}={\left(\left({g}^{{\gamma}_{2}{\lambda}_{2}}\right)H{\left({w}_{b}\right)}^{u}\right)}^{{d}^{-1}}$.
- (3)
- We return $Tra{p}_{{w}_{b}}=\left\{T{r}_{1},T{r}_{{S}_{*}}^{\prime}\right\}$.

- (1)
- It is not possible to encrypt data m, $w\in \{{w}_{0},{w}_{1}\}$ and access structures T (${S}_{*}$ meets T).
- (2)
- Private key queries cannot be performed on attribute set ${S}_{*}$.

#### 5.2. Performance Analysis

#### 5.2.1. Functionality Comparison

#### 5.2.2. Storage Cost

#### 5.2.3. Computation Cost

#### 5.2.4. Discussion

## 6. Conclusions

## Author Contributions

## Funding

## Data Availability Statement

## Conflicts of Interest

## Abbreviations

ABE | Attribute-Based Encryption |

KP-ABE | Key-Policy Attribute-Based Encryption |

CP-ABE | Ciphertext-Policy Attribute-Based Encryption |

PEKS | Public Key Searchable Encryption |

SABE | Searchable Attribute-Based Encryption |

KGC | Key Generation Center |

DO | Data Owner |

DU | Data User |

CSP | Cloud Server Provider |

## References

- Mell, P.; Grance, T. The NIST Definition of Cloud Computing. Available online: http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-145.pdf (accessed on 7 May 2024).
- Tabrizchi, H.; Rafsanjani, M.K. A survey on security challenges in cloud computing: Issues, threats, and solutions. J. Supercomput.
**2020**, 76, 9493–9532. [Google Scholar] [CrossRef] - Sahai, A.; Waters, B. Fuzzy Identity-Based Encryption. In Advances in Cryptology—EUROCRYPT 2005; Cramer, R., Ed.; Springer: Berlin/Heidelberg, Germany, 2005; pp. 457–473. [Google Scholar]
- Goyal, V.; Pandey, O.; Sahai, A.; Waters, B. Attribute-based encryption for fine-grained access control of encrypted data. In Proceedings of the 13th ACM Conference on Computer and Communications Security, OCT 2006, Alexandria, VA, USA, 30 October–3 November 2006. [Google Scholar] [CrossRef]
- Bethencourt, J.; Sahai, A.; Waters, B. Ciphertext-Policy Attribute-Based Encryption. In Proceedings of the 2007 IEEE Symposium on Security and Privacy (SP ’07), Oakland, CA, USA, 20–23 May 2007; pp. 321–334. [Google Scholar] [CrossRef]
- Wang, S.; Ye, J.; Zhang, Y. A keyword searchable attribute-based encryption scheme with attribute update for cloud storage. PLoS ONE
**2018**, 13, e0197318. [Google Scholar] [CrossRef] [PubMed] - Li, H.; Jing, T. A lightweight fine-grained searchable encryption scheme in fog-based healthcare IoT networks. Wirel. Commun. Mob. Comput.
**2019**, 2019, 1019767. [Google Scholar] [CrossRef] - Zhang, K.; Long, J.; Wang, X.; Dai, H.N.; Liang, K.; Imran, M. Lightweight Searchable Encryption Protocol for Industrial Internet of Things. IEEE Trans. Ind. Inform.
**2021**, 17, 4248–4259. [Google Scholar] [CrossRef] - Miao, Y.; Tong, Q.; Choo, K.K.R.; Liu, X.; Deng, R.H.; Li, H. Secure Online/Offline Data Sharing Framework for Cloud-Assisted Industrial Internet of Things. IEEE Internet Things J.
**2019**, 6, 8681–8691. [Google Scholar] [CrossRef] - Miao, Y.; Ma, J.; Liu, X.; Li, X.; Jiang, Q.; Zhang, J. Attribute-Based Keyword Search over Hierarchical Data in Cloud Computing. IEEE Trans. Serv. Comput.
**2020**, 13, 985–998. [Google Scholar] [CrossRef] - Chen, D.; Cao, Z.; Dong, X. Online/offline ciphertext-policy attribute-based searchable encryption. J. Comput. Res. Dev.
**2016**, 53, 2365–2375. [Google Scholar] [CrossRef] - Niu, S.; Xie, Y.; Yang, P.; Du, X. Cloud-Assisted Attribute-Based Searchable Encryption Scheme on Blockchain. J. Comput. Res. Dev.
**2021**, 50, 811–821. [Google Scholar] [CrossRef] - Yin, H.; Zhang, J.; Xiong, Y.; Ou, L.; Li, F.; Liao, S.; Li, K. CP-ABSE: A Ciphertext-Policy Attribute-Based Searchable Encryption Scheme. IEEE Access
**2019**, 7, 5682–5694. [Google Scholar] [CrossRef] - Li, J.; Lin, X.; Zhang, Y.; Han, J. KSF-OABE: Outsourced Attribute-Based Encryption with Keyword Search Function for Cloud Storage. IEEE Trans. Serv. Comput.
**2017**, 10, 715–725. [Google Scholar] [CrossRef] - Wang, H.; Ning, J.; Huang, X.; Wei, G.; Poh, G.S.; Liu, X. Secure Fine-Grained Encrypted Keyword Search for E-Healthcare Cloud. IEEE Trans. Dependable Secur. Comput.
**2021**, 18, 1307–1319. [Google Scholar] [CrossRef] - Bao, Y.; Qiu, W.; Cheng, X. Secure and lightweight fine-grained searchable data sharing for IoT-oriented and cloud-assisted smart healthcare system. IEEE Internet Things J.
**2022**, 9, 2513–2526. [Google Scholar] [CrossRef] - Song, D.X.; Wagner, D.; Perrig, A. Practical techniques for searches on encrypted data. In Proceedings of the Proceeding 2000 IEEE Symposium on Security and Privacy, S&P 2000, Berkeley, CA, USA, 14–17 May 2000; pp. 44–55. [Google Scholar] [CrossRef]
- Boneh, D.; Di Crescenzo, G.; Ostrovsky, R.; Persiano, G. Public Key Encryption with Keyword Search. In Advances in Cryptology—EUROCRYPT 2004; Cachin, C., Camenisch, J.L., Eds.; Springer: Berlin/Heidelberg, Germany, 2004; pp. 506–522. [Google Scholar]
- Rhee, H.S.; Park, J.H.; Susilo, W.; Lee, D.H. Trapdoor security in a searchable public-key encryption scheme with a designated tester. J. Syst. Softw.
**2010**, 83, 763–771. [Google Scholar] [CrossRef] - Yang, N.; Zhou, Q.; Xu, S. Public-Key Authenticated Encryption with Keyword Search without Pairings. J. Comput. Res. Dev.
**2020**, 57, 2125–2135. [Google Scholar] [CrossRef] - Chen, R.; Mu, Y.; Yang, G.; Guo, F.; Huang, X.; Wang, X.; Wang, Y. Server-Aided Public Key Encryption With Keyword Search. IEEE Trans. Inf. Forensics Secur.
**2016**, 11, 2833–2842. [Google Scholar] [CrossRef] - Yu, S.; Ren, K.; Lou, W.; Li, J. Defending against Key Abuse Attacks in KP-ABE Enabled Broadcast Systems. In Security and Privacy in Communication Networks; Chen, Y., Dimitriou, T.D., Zhou, J., Eds.; Springer: Berlin/Heidelberg, Germany, 2009; pp. 311–329. [Google Scholar]
- Wei, J.; Chen, X.; Huang, X.; Hu, X.; Susilo, W. RS-HABE: Revocable-Storage and Hierarchical Attribute-Based Access Scheme for Secure Sharing of e-Health Records in Public Cloud. IEEE Trans. Dependable Secur. Comput.
**2021**, 18, 2301–2315. [Google Scholar] [CrossRef] - Liang, K.; Liu, J.K.; Lu, R.; Wong, D.S. Privacy Concerns for Photo Sharing in Online Social Networks. IEEE Internet Comput.
**2015**, 19, 58–63. [Google Scholar] [CrossRef] - Li, S.; Xu, M. Attribute-based public encryption with keyword search. Chin. J. Comput.
**2014**, 37, 1017–1024. [Google Scholar] - Zhou, R.; Zhang, X.; Du, X.; Wang, X.; Yang, G.; Guizani, M. File-centric multi-key aggregate keyword searchable encryption for industrial internet of things. IEEE Trans. Ind. Inform.
**2018**, 14, 3648–3658. [Google Scholar] [CrossRef] - Lai, J.; Deng, R.H.; Guan, C.; Weng, J. Attribute-Based Encryption With Verifiable Outsourced Decryption. IEEE Trans. Inf. Forensics Secur.
**2013**, 8, 1343–1354. [Google Scholar] [CrossRef] - Delerablée, C.; Pointcheval, D. Dynamic Threshold Public-Key Encryption. In Advances in Cryptology—CRYPTO 2008; Wagner, D., Ed.; Springer: Berlin/Heidelberg, Germany, 2008; pp. 317–334. [Google Scholar]

Schemes | Consistent with Data Access and Search Permissions | Supporting Trapdoor Queries | Based on the Strategy | Server-Aided Decryption |
---|---|---|---|---|

Literature [6] | × | √ | CP-ABE | √ |

LFSE [7] | × | √ | CP-ABE | √ |

LSABE [8] | × | - | CP-ABE | √ |

DSF [9] | √ | √ | CP-ABE | √ |

ABKS-HD [10] | √ | √ | CP-ABE | √ |

Literature [12] | √ | × | CP-ABE | √ |

Literature [11] | √ | × | CP-ABE | √ |

Literature [13] | √ | √ | CP-ABE | × |

LABSE [16] | √ | √ | KP-ABE | √ |

KSF-OABE [14] | × | √ | KP-ABE | √ |

FKS-HPABE [15] | √ | √ | CP-ABE | × |

Literature [25] | - | √ | KP-ABE | × |

Notation | Meaning | Notation | Meaning |
---|---|---|---|

q | a large prime | $params$ | system parameters |

${Z}_{q},{Z}_{q}^{*}$ | ${Z}_{q}$ denotes the residue group modulo, ${Z}_{q}^{*}={Z}_{q}/0$ | T | the access structure |

${G}_{1},{G}_{2}$ | two multiplicative cyclic groups with the equal prime order p | x | a node of the access tree T |

e | the bilinear pair map between the two groups | $a{t}_{x}$ | an attribute associated with the leaf node x in the access tree |

g | the generator of the group ${G}_{1}$ | $CT/C{T}^{\prime}$ | the original ciphertext/the transformed ciphertext |

${g}_{1},{g}_{2}$ | two elements of the group ${G}_{1}$ | S | the attribute set |

$MK/SK$ | the system master key/the user’s private key | $Tra{p}_{w}$ | the search trapdoor |

Schemes | Ciphertext Indistinguishability | Trapdoor Indistinguishability | Keyword Guessing Attack | Based on the Strategy | Server-Aided Decryption |
---|---|---|---|---|---|

DSF [9] | No | No | Yes | CP-ABE | Yes |

Literature [13] | No | No | Yes | CP-ABE | No |

ABKS-HD [10] | No | No | Yes | CP-ABE | Yes |

LABSE [16] | No | No | Yes | KP-ABE | Yes |

Ours | Yes | Yes | No | CP-ABE | Yes |

Schemes | Size of User Key | Size of Ciphertext | Size of Trapdoor |
---|---|---|---|

DSF [9] | $(k+4)\left|{G}_{1}\right|+\left|{Z}_{q}\right|$ | $(3l+4)\left|{G}_{1}\right|+l\left|{z}_{q}\right|+2\left|{G}_{2}\right|$ | $2\left|{G}_{1}\right|$ |

ABKS-HD [10] | $2(k+1)\left|{G}_{1}\right|$ | $(2l+4)\left|{G}_{1}\right|+l\left|{G}_{2}\right|$ | $(2k+3)\left|{G}_{1}\right|$ |

Ours | $2(k+1)\left|{G}_{1}\right|$ | $(2l+1)\left|{G}_{1}\right|+2\left|{G}_{2}\right|$ | $(2k+1)\left|{G}_{1}\right|$ |

Stage | ABKS-HD [10] | Ours |
---|---|---|

Encryption | $3{T}_{m}+(2l+7){T}_{e}$ | $2{T}_{m}+(2l+4){T}_{e}+{T}_{p}$ |

Trapdoor Generation | ${T}_{m}+(2k+4){T}_{e}$ | $(k+1){T}_{m}+3{T}_{e}$ |

Search and Transform | ${n}_{1}{T}_{d}+{n}_{2}d{T}_{m}+{n}_{2}{T}_{e}+(2{n}_{1}+3){T}_{p}$ | ${n}_{1}{T}_{d}+(2{n}_{2}d+1){T}_{m}+2{n}_{2}{T}_{e}+(2{n}_{1}+1){T}_{p}$ |

User Decryption | $2{T}_{d}+{T}_{e}+{T}_{p}$ | ${T}_{d}+2{T}_{m}+{T}_{p}$ |

Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |

© 2024 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).

## Share and Cite

**MDPI and ACS Style**

Wen, J.; Li, H.; Liu, L.; Lan, C.
Enhancing Security and Efficiency: A Fine-Grained Searchable Scheme for Encryption of Big Data in Cloud-Based Smart Grids. *Mathematics* **2024**, *12*, 1512.
https://doi.org/10.3390/math12101512

**AMA Style**

Wen J, Li H, Liu L, Lan C.
Enhancing Security and Efficiency: A Fine-Grained Searchable Scheme for Encryption of Big Data in Cloud-Based Smart Grids. *Mathematics*. 2024; 12(10):1512.
https://doi.org/10.3390/math12101512

**Chicago/Turabian Style**

Wen, Jing, Haifeng Li, Liangliang Liu, and Caihui Lan.
2024. "Enhancing Security and Efficiency: A Fine-Grained Searchable Scheme for Encryption of Big Data in Cloud-Based Smart Grids" *Mathematics* 12, no. 10: 1512.
https://doi.org/10.3390/math12101512