Attribute-Based Searchable Encryption: A Survey

Round 1

Reviewer 1 Report

In this paper, the authors describe the trends of attribute-based searchable encryption in development, focusing on enhancing security, improving computational efficiency, and increasing flexibility. Furthermore, this paper introduces several common application areas and summarizes the relevant schemes. They also summarize the efficiency improvement schemes in outsourcing computing, online/offline encryption mechanisms, and index structure optimization for ABSE. However, the following questions that should be considered.

(1)    The authors did not spend sufficient time in describing the formal security models and threat models in this domain. This is quite essential for understanding the complexity of solving the problems covered in this survey. A brief summary of these security models would have strengthened this survey considerably and made it more accessible to a larger audience.

(2)    The authors provided comprehensive survey of ABSE scheme. However, some important references for ABE or ABSE are lost. In order to reflect research progress, related works about Efficient revocable attribute-based encryption with verifiable data integrity; Efficient CP-ABE scheme with shared decryption in cloud storage; Flexible and fine-grained attribute-based data storage in cloud computing; Attribute based encryption with privacy protection and accountability for CloudIoT; KSF-OABE: outsourced attribute-based encryption with keyword search function for cloud storage; Key Escrow-free Attribute Based Encryption with User Revocation should be discussed.

(3)    Some descriptions are accurate. For example, it may be better for “2.2. Attribute-Based Searchable Algorithm Model” to modify as “2.2. Syntax of Attribute-Based Searchable Encryption”. Please check the similar questions carefully.

(4)    Some information of references (such as refs [2,7,11,12,34,37,44,83,88,90]) are not complete. Please fix the related information.

(5)    There are some grammar errors or typos that should be checked carefully.

There are some grammar errors or typos that should be checked carefully.

Author Response

Please see the attachment.

Author Response File: Author Response.pdf

Reviewer 2 Report

The paper is an overview of attribute based searchable encryption (ABSE). In my personal opinion, the paper covers the essential information one needs to get updated with the state of the field. Also, always stating the advancements of the initial schemes (e.g. ABE) and then comparing them with ABSE is a nice touch. Therefore, I recommend acceptance after the authors proof read the paper.


Comments:
line 42 - "Identity-Free Binary Encryption" -> "Fuzzy Identity Based Encryption"
line 59 - "Zheng" -> "Zheng et al."
lines 96-98 - please reformulate. it's meaning is unclear
lines 101-112 - please add a space after ":"
line 111 - after the arrow you can put $b$ and in the return part you can put something like "$b=1$, ; otherwise, it returns $b=0$."
line 136, 139 - "Nishide" -> "Nishide et al."  
- please verify that papers with multiple authors are cited with the first author and the an "et al." after it
line 138 - I think that you mean proven secure in the random oracle model
line 160 - "keySey -> "KeySea"
line 198-200 - please reformulate. it's meaning is unclear
line 201 - "and resistants" -> "and is resistant"
line 202 - please define KGA. also, you can use the acronym throughout the section, instead of Keyword Guessing Attacks.
line 223 - "
line 217 - "devices[31]. " -> "devices [31]. "
line 223 - "Liu et al.[35,36]" -> "Liu et al. [35,36]"
line 237 - please use the name of the authors here "they [20]"
line 290 - "so on.." -> "so on."
line 311 - " Yang[63]" ->  Yang [63]"
line 314 - "Niu’s[61]" -> "Niu’s [61]"
- please check that you have a space between author and citation when referring to a paper
table 2 - either capitalize the first letter or not in both column 2 and 3
line 430 - "wasn’t" -> "was not"
line 469, 471 - something is wrong here "structures[]" and here "program[72,90]"
- please check the references regarding eprints. some have been published, see [72] which is published in PKC
sect 5.2 - I would personally add a line about what expressiveness means
lines 501-503 - I would personally expand this paragraph a little and add more details. in my opinion is to short, compared with the rest.
line 539 - I think that you mean "using" instead of "combining"
line 583 - "traditional digital theory assumptions, such as scheme[28]" -> "traditional hardness assumptions, such as scheme [28] which is based on bilinear maps"
lines 586-590 - please reformulate. it's meaning is unclear
lines 596-597 - please reformulate. it's meaning is unclear

see above comments

Author Response

Please see the attachment.

Author Response File: Author Response.pdf

Reviewer 3 Report

The paper presents a survey for attribute-based searchable encryption. Updated surveys are much needed; therefore, the subject of the paper is relevant. The included references are relevant to the study. However, I have the following suggestions:

1.      A related work section is needed. There are some literature reviews on the subject of “searchable encryption”. It would help to highlight the strengths of your literature review compared to existing ones.

2.      A research methodology section would be greatly appreciated. It should include the list of consulted digital libraries, key terms used to search for relevant papers, inclusion/exclusion criteria, etc. An example of a research methodology section on a similar subject can be found here: https://www.mdpi.com/2227-7390/11/13/2948

3.      Some figures summarizing key findings can also be added, such as a figure summarizing the type of search, security models, etc.

4.      Table 1,3 – this manuscript presents a survey. Therefore, there are too few papers analyzed (maybe, indeed, this is the number of relevant papers that the authors found in their search in the digital libraries – this is one of the reasons why a research methodology section is needed. However, for example, on a quick search on ScienceDirect digital library for keywords “attribute based searchable encryption,” there are 2535 results in the range of 2021-2024 for the year publication).

5.      Page 11, line 469, missing citation

6.      I suggest renaming Sections 3.4 , 4.4 from “Conclusions” to “Discussions” (or something similar), because it can be misleading with the conclusions of the paper.

Author Response

Please see the attachment.

Author Response File: Author Response.pdf

Reviewer 4 Report

The main question of this paper  is to explore and assess the recent advancements and trends in Attribute-Based Searchable Encryption (ABSE). The study aims to explore and analyze ABSE, focusing on its development, security enhancements, computational efficiency improvements, flexibility enhancements, common application domains, and future directions. The research methodology employed involves: reviewing existing literature; analyzing various schemes and developments in ABSE; summarizing common application domains and discussing challenges. The research provides a comprehensive overview of various schemes and examines their applications across different domains. What sets it apart is its holistic approach to ABSE development, discussing challenges and future directions for improvement. Additionally, the research makes a significant contribution to understanding the issues and opportunities within ABSE, expanding our knowledge in this field.

The conclusions are consistent with the evidence and arguments presented, effectively addressing the main question.

Below I leave my suggestions for improving the paper:

1. The descriptions of attack behaviors lack clarity and would be improved by providing more explicit explanations.

2. In the main conclusion section, only a summary of the paper is provided: the results are not discussed. 

3. I suggest including a list of abbreviations.

4. I suggest including the references:

- https://doi.org/10.1007/s11042-023-16818-4

- https://doi.org/10.1016/j.sysarc.2023.102889

- https://doi.org/10.1109/JIOT.2023.3290975

- https://doi.org/10.3390/app132011525

Author Response

Please see the attachment.

Author Response File: Author Response.pdf

Reviewer 5 Report

This manuscript describes the trends and related schemes of attribute-based searchable encryption. Some concerns are listed as follows.

1.       As a survey, only one figure is presented in the manuscript. To better illustrate the methods and applications, more figures should be presented.

2.       In Table 1, there is no references of 2023 and 2024. Recent literatures should be reviewed in the manuscript.

3.       Some abbreviations should be given full words, such as ABS in line 68, LSSS in line 146 and so on.

Minor editing of English language required

Author Response

Please see the attachment.

Author Response File: Author Response.pdf

Reviewer 6 Report

This survey paper summarizes Attribute-Based Searchable Encryption (ABSE), aimed at facilitating efficient attribute-based search within encrypted datasets. Explaining ABSE applications extend across diverse sectors such as cloud computing, data sharing, and privacy protection, this paper also compares encrypted data based on attributes. The research emphasizes the enhancement of ABSE's flexibility, computational efficiency, and security, discussing evolving strategies and their implications across different domains. However, I have few minor comments to improve the paper - 

(1) The paper could be organized differently - starting with a research framework like PRISMA framework. 

(2) It is sometimes difficult to follow large sentences like in the very begining "The smart grid is a modernized electrical grid system that utilizes advanced communication, control, and information technologies to achieve real-time monitoring, control, and optimization of the power system."

"By integrating a large number of sensors, communication devices, and intelligent control equipment, the smart grid can monitor and manage various aspects of the power system."

"In cloud computing and big data environments, outsourcing the management of smart grid system data to cloud servers for processing is an economical solution."

"In ABSE, revocability allows data owners or authorized authorities to revoke granted access permissions, thereby restricting further access to data, enabling flexible management and control of data access permissions, and enhancing the security and privacy protection level of data."

In conclusion "ABSE is at the forefront of privacy protection technologies, with research on ABSE security mainly focusing on policy hiding, resistance against keyword guessing attacks, and access control optimization." 

Please rewrite the paper with readable format. 

(3) I recommend few more summary tables (e.g. ABSE applications comparison table etc.).

As mentioned above, the writing is taught to understand. 

Author Response

Please see the attachment.

Author Response File: Author Response.pdf

Round 2

Reviewer 1 Report

In this paper, the authors describe the trends of attribute-based searchable encryption in development, focusing on enhancing security, improving computational efficiency, and increasing flexibility. In the revised version, the authors solved my partial concerns. However, there are still some grammar errors or typos that should be checked carefully.

 There are some grammar errors or typos that should be checked carefully.

Author Response

Dear Reviewer,

Thank you for your feedback. We have carefully reviewed the comments and have made the necessary revisions to address the grammar issues in the manuscript.

Thank you again for your valuable input and time.

Best regards,

Tian Yin

Reviewer 3 Report

The authors addressed my comments accordingly.

Author Response

Dear Reviewer,

Thank you very much for your valuable comments and suggestions on our manuscript.  We believe that your suggestions have played a key role in improving the quality of our paper.

If you have any further suggestions or comments, we would be very pleased to hear them.

Thank you again for your valuable input and time.

Best regards,
Tian Yin