Registration device, server device, searchable encryption system, and searchable encryption method

The invention claimed is: 1. A registration device comprising: processing circuitry to generate an encryption keyword by encrypting a keyword corresponding to at least one ciphertext among a plurality of ciphertexts, with a particular registration key, and to generate an index including the generated encryption keyword and identification information which identifies the at least one ciphertext; to generate a conversion key to be used for proxy re-encryption by a server device, from the registration key and a search key which is used for encryption by a search device that generates a search query by encrypting a keyword to be used for search, the server device generating a re-encryption keyword by re-encrypting the search query and searching the index with the re-encryption keyword; and to transmit the plurality of ciphertexts, the generated index, and the generated conversion key, to the server device, wherein the plurality of ciphertexts are transmitted to the registration device by multiple registrants, the multiple registrants being associated with multiple registration keys, respectively, the at least one ciphertext being registered by a particular one of the multiple registrants that is associated with the particular registration key from among the multiple registration keys, wherein the processing circuitry executes a first conversion process and a second conversion process which is different from the first conversion process, separately on result data obtained by encrypting the keyword corresponding to the at least one ciphertext with the registration key, utilizes first conversion data obtained by executing the first conversion process, as the encryption keyword, and generates the identification information by encoding second conversion data obtained by executing the second conversion process, with a ciphertext identifier which uniquely expresses a combination of the at least one ciphertext. 2. The registration device according to claim 1 , wherein the first conversion process is a process of concatenating a first value to the result data, and calculating a hash value of data concatenated with the first value, as the first conversion data, and wherein the second conversion process is a process of concatenating a second value which is different from the first value to the result data, and calculating a hash value of data concatenated with the second value, as the second conversion data. 3. The registration device according to claim 2 , wherein the processing circuitry calculates an exclusive OR of the second conversion data and the ciphertext identifier, as the identification information. 4. The registration device according to claim 1 , wherein the processing circuitry calculates an exclusive OR of the second conversion data and the ciphertext identifier, as the identification information. 5. A server device comprising: processing circuitry to receive from a registration device a plurality of ciphertexts, a plurality of indexes, and a plurality of conversion keys which are to be used for proxy re-encryption, the indexes being generated for a respective plurality of registrants by the registration device that generates for each of the registrants an encryption keyword by encrypting a keyword corresponding to at least one ciphertext being registered by the corresponding registrant, with a registration key associated with the corresponding registrant, the index for the corresponding registrant being generated to include the encryption keyword and identification information which identifies the at least one ciphertext, the conversion keys being generated by the registration device for the respective registrants, each of the conversion keys being generated from the registration key of the corresponding registrant and a search key which is used for encryption by a search device that generates a search query by encrypting a keyword to be used for search; to register, in a database, the received plurality of ciphertexts, the received indexes, and the received conversion keys; to receive the search query; to generate a re-encryption keyword by re-encrypting the received search query, with the registered conversion key associated with a particular one of the registrants, to search the registered index of the particular registrant with the re-encryption keyword, and to acquire, from the searched index, the identification information identifying at least one ciphertext registered by the particular registrant if the corresponding encryption keyword is obtained as a search result, and to extract the ciphertext identified by the acquired identification information from the plurality of registered ciphertexts; and to transmit the extracted ciphertext to the search device, wherein the processing circuitry executes a first conversion process and a second conversion process which is different from the first conversion process, separately on result data obtained by re-encrypting the search query, utilizes first conversion data obtained by executing the first conversion process, as the re-encryption keyword, and if the corresponding encryption keyword is obtained as the search result, acquires a ciphertext identifier that uniquely expresses a combination of the at least one ciphertext registered by the particular registrant, by decrypting second conversion data obtained by executing the second conversion process, with the acquired identification information, and extracts a ciphertext included in the combination expressed by the ciphertext identifier, from the plurality of ciphertexts. 6. The server device according to claim 5 , wherein the first conversion process is a process of concatenating a first value to the result data, and calculating a hash value of data concatenated with the first value, as the first conversion data, and wherein the second conversion process is a process of concatenating a second value which is different from the first value to the result data, and calculating a hash value of data concatenated with the second value, as the second conversion data. 7. The server device according to claim 6 , wherein the processing circuitry calculates an exclusive OR of the second conversion data and the information identifier, as the ciphertext identifier. 8. The server device according to claim 5 , wherein the processing circuitry calculates an exclusive OR of the second conversion data and the information identifier, as the ciphertext identifier. 9. A searchable encryption system comprising: the registration device; the search device; and the server device according to claim 5 . 10. A searchable encryption system comprising: the registration device; the search device; and the server device according to claim 6 . 11. A searchable encryption system comprising: the registration device; the search device; and the server device according to claim 8 . 12. A searchable encryption system comprising: the registration device; the search device; and the server device according to claim 7 . 13. A searchable encryption method comprising: generating an encryption keyword by encrypting a keyword corresponding to at least one ciphertext among a plurality of ciphertexts, with a registration key, generating an index including the generated encryption keyword and identification information which identifies the at least one ciphertext, generating a conversion key to be used for proxy re-encryption, from the registration key and a search key which is used for encryption, and transmitting the plurality of ciphertexts, the generated index, and the generated conversion key; registering the plurality of ciphertexts, the index,