Updatable Multi-User Dynamic Searchable Encryption Scheme with Bidirectional Verification

Among searchable encryption techniques, multi-user dynamic searchable encryption (MUDSE) schemes are an important research direction. After the data owner transfers data to the cloud, it may be necessary to authorize different users to access some or all of the data while allowing for dynamic updates. Enabling dynamic data sharing in cloud storage while preserving users’ ability to search the data is crucial for promoting data flow and maximizing its value. This approach is particularly significant in addressing the data silo problem. However, existing security mechanisms remain imperfect, and most current scenarios assume that cloud servers are merely “curious but honest”. In reality, cloud servers may exhibit malicious behavior, such as returning incorrect or incomplete search results. Similarly, malicious users might falsify search results—for example, to avoid payment—or collude with cloud servers to steal other users’ search privacy. To address these challenges, this paper proposes an updatable multi-user dynamic searchable encryption scheme with bidirectional verification. The scheme enables secure dynamic data sharing in multi-user scenarios by constructing an index structure using homomorphic message authentication codes and bitmaps. This ensures secure updates to encrypted data without revealing the relationship between files and keyword search keys while providing forward and backward security. Regarding privilege management, the scheme employs updatable keys, ensuring that users can only generate valid search commands if they possess the latest encryption key. Additionally, blockchain technology is introduced to assist in verifying user honesty. Through actual testing and security analysis, the proposed solution demonstrates improved search speed over traditional methods while maintaining security. It also exhibits high adaptability for handling frequently changing cloud data.