Public key encryption supporting equality test and flexible authorization without bilinear pairings

Abstract Public key encryption with equality test (PKEET) is an important cryptographic primitive for protecting users’ outsourced data in the cloud-based email systems. Due to the fact that it is required to deploy different authorization policies for the demand of dynamic privacy protection in the cloud-based email systems, Ma et al. recently presented a new related primitive, called public key encryption with equality test supporting flexible authorization (PKEET-FA). In their proposal, four types of authorization were considered to support different authorization policies. Their proposal is based on the bilinear pairings. However, as the basic operation of equality test, bilinear pairings are expensive operations compared with modular multiplications and modular inverses. Hence, it is desired to propose a new method for constructing efficient equality test with modular multiplications and modular inverses. In this paper, we present such a PKEET-FA scheme. Compared with Ma et al.’s, our proposal is (surprisingly) more efficient, especially in terms of equality test. Moreover, our proposal supports an additional type of authorization, called user-specific ciphertext-to-user (or user-specific user-to-ciphertext) level authorization. Hence, ours is more flexible than Ma et al.’s.