Non-interactive Publicly Verifiable Searchable Encryption with Forward and Backward Privacy

Publicly Verifiable Symmetric Searchable Encryption (PV-SSE) enables a client to delegate verification process of search results to an auditor without revealing private information. However, most of existing PV-SSE schemes are only designed for static databases, and how to design dynamic PV-SSE (PV-DSSE) schemes with strong security and good efficiency remains an open problem. In this paper, we propose a new dynamic PV-SSE scheme, which is, to the best of our knowledge, the first non-interactive PV-DSSE with forward privacy and Type-II backward privacy. In particular, we achieve both strong backward privacy and public verifiability within one roundtrip, by leveraging a special cryptographic primitive called compressed symmetric revocable encryption (CSRE) and developing a novel verification method based on set hash functions. Moreover, we provide concrete implementation of our scheme, and conduct a comprehensive performance evaluation compared with the state-of-art. In a typical network environment, our result shows that the search process in our scheme is 5x to 7x faster than the state-of-art with 8x to 9x lower communication cost.