Public key encryption with equality test via hash proof system

Public key encryption with equality test (PKEET) allows a tester to know whether ciphertexts are the encryptions of a same message or not by using the trapdoors issued from their owners, which is a useful cryptographic primitive can be deployed in many applications, such as in the mechanism of searching over encrypted data. Based on Hash Proof System (HPS) introduced by Cramer and Shoup, this paper presents an oversimplified paradigm for constructing PKEET in the standard model. Compared with the previous works that use identity-based encryption, strongly unforgeable one-time signature or other strong cryptographic primitives, our paradigm requires only the universal₂ property of HPS and provides an efficient way to obtain concrete PKEET schemes based on different assumptions in the standard model, since HPS has been shown can be easily realized from a board range of NP languages (e.g., DLIN-based, DCR-based, Lattice-based and so on). Moreover, to demonstrate the practicality of the proposed paradigm, we instantiate it based on two kinds of NP languages respectively, one is based on the decisional Diffie-Hellman (DDH) assumption, the other one is based on the decisional composite residuosity (DCR) assumption, which results in the first concrete PKEET schemes that in the standard model without using pairing operations, and the schemes' security are also based on the standard DDH assumption and the standard DCR assumption respectively.