Oblivious keyword search with authorization
Oblivious keyword search (OKS) allows a user to search and retrieve the data associated with a chosen keyword in an oblivious way. The database supplier issues a trapdoor (used for searching) of a specific keyword chosen by the user while learns nothing about this keyword. In this paper, we propose a new cryptographic primitive called oblivious keyword search with authorization (OKSA). In OKSA, the supplier is able to verify the to-be-search keyword belonging to the authorized keyword set for a user before running the OKS protocol. The proposed OKSA augments the traditional OKS by providing assurance of keyword authorization besides oblivious search. Then we present an OKSA protocol and formally prove its security. The proposed protocol features with one-round (two-pass) interaction and constant size communication cost between the supplier and the user in the transfer phase. Precisely, the communication cost nseeds only four group elements (three group elements for keyword token and proof, and one group element for assigned trapdoor), independent of the size of authorized keyword set.