Recently, Yang et al. introduced an efficient searchable encryption scheme titled "Dynamic Consensus Committee-Based for Secure Data Sharing With Authorized Multi-Receiver Searchable Encryption (DCC-SE)," published in IEEE Transactions on Information Forensics and Security (DOI: 10.1109/TIFS.2023.3305183). According to the authors, DCC-SE meets various security requirements, especially the keyword trapdoor indistinguishability against chosen keyword attacks (KT-IND-CKA). In this letter, however, we reveal a significant vulnerability of DCC-SE: any users involved in the system can execute attacks against KT-IND-CKA security. This flaw potentially results in the unintended disclosure of sensitive keyword information related to the documents. We present a detailed cryptanalysis on DCC-SE. In addition, to address this vulnerability, we discuss the root cause and identify a flaw in the security proof of DCC-SE. Subsequently, we provide a solution that effectively addresses this concern without significantly increasing computational overhead.
@article{arxiv.2311.08813,
title = {Comments on "Dynamic Consensus Committee-Based for Secure Data Sharing With Authorized Multi-Receiver Searchable Encryption"},
author = {Zi-Yuan Liu and Raylin Tso},
journal= {arXiv preprint arXiv:2311.08813},
year = {2023}
}