Link to publisher version (URL)
Searchable encryption enables the data owner to outsource their data to the cloud server while retaining the search ability. Recently, some researchers proposed a variant of searchable encryption, named single-writer/multi-reader searchable encryption (SMSE), in which any authorized data user can perform a search query. That is, each document identifier is encrypted using attribute-based encryption (ABE), such that an arbitrary authorized user whose attributes match the corresponding access policy can access the document. However, the cloud server cannot determine whether the user has the ability to decrypt the matched data. Thus, it has to response all the search results to the data user, which causes a heavy communication and computation cost. To cope with this problem, we present a novel SMSE scheme based on server-side match technique, where the cloud can filter the documents that cannot be decrypted by the user and only return the matched ones. In addition, the decryption is also efficient, independent with the access policy structure. Security and efficiency evaluation show that our proposed scheme can achieve the desired security goals, while dramatically reducing the communication and computation overhead.