Plaintext-checkable encryption (PCE), first introduced by Canard et al., allows users searching on encrypted data through plaintexts. It provides a useful primitive in the cloud computing security. However, existing PCE schemes could not guarantee verifiability to prevent from malicious adversaries. To concentrate with, we provide the notion of plaintext-verifiably-checkable encryption (PVCE). Our PVCE scheme could check that if a ciphertext is valid, even though it could pass the check

more »

... e, to avoid malicious ciphertexts. Furthermore, we extend the work in dual-server setting, called dual-server plaintext-verifiablycheckable encryption (DS-PVCE), to resist offline message recover attack. We also give the security definition IND-CCA-FS, IND-CCA-BS and IND-CCA-BS-II in standard model for DS-PVCE and prove that DS-PVCE is secure under these security notions. Then we give constructions of PVCE and DS-PVCE from pairing-friendly smooth projective hash function (PF-SPHF) and their instantiations based on k-MDDH assumption. At the end of this paper, we provide implementation to compare existing PCE schemes and our schemes, which shows that DS-PVCE has very high check efficiency compared with other PCE schemes. INDEX TERMS Plaintext-checkable encryption, verifiability, pairing-friendly smooth projective hash function, dual-server, offline message recover attack, k-MDDH assumption. . His research interests include cryptography and information security, in particular, cryptographic protocols design and analysis. He has published more than 100 research papers in international conferences, and journals in the area of cryptography and information security. He has served as a Programme Committee Member in many international conferences.