Verifiable Conjunctive Field Keyword Searchable Encryption with Aggregate Keys for E-Health Cloud

With the rapid proliferation of Internet of Things (IoT)-enabled healthcare systems, sensitive data such as electronic health records (EHRs) are increasingly outsourced to semi-trusted e-health clouds, raising critical concerns about privacy and verifiability. This paper investigates secure and efficient keyword-based data retrieval in such environments. Key-aggregate searchable encryption (KASE) enables a data owner to share multiple encrypted documents with users using a single compact key, but existing schemes offer limited resistance to offline keyword guessing attacks (KGA) and insufficient protection against keyword privacy leakage. To systematically expose broader vulnerabilities in existing KASE constructions, we present a novel and general attack, termed expanded inside trapdoor attack (EITA), which targets both the security of aggregate keys and the privacy of keywords in unauthorized documents. Furthermore, flexible search methods and result verification are essential for improving KASE performance. To this end, we propose a new KASE scheme that supports conjunctive queries and employs aggregate signatures for verification, while being able to resist KGA and EITA. The security analysis and performance evaluation both demonstrate that our proposed scheme is provably secure and practically efficient in IoT-enabled healthcare settings.