计算机科学

计算机科学 ›› 2018, Vol. 45 ›› Issue (5): 123-130.doi: 10.11896/j.issn.1002-137X.2018.05.021

• 信息安全 • 上一篇    下一篇

支持结果排序的安全密文检索方法研究

姚寒冰,邢娜娜,周俊伟,李勇华   

  1. 武汉理工大学计算机科学与技术学院 武汉430063;交通物联网技术湖北省重点实验室武汉理工大学 武汉430070,武汉理工大学计算机科学与技术学院 武汉430063,武汉理工大学计算机科学与技术学院 武汉430063;交通物联网技术湖北省重点实验室武汉理工大学 武汉430070,武汉理工大学计算机科学与技术学院 武汉430063;交通物联网技术湖北省重点实验室武汉理工大学 武汉430070
  • 出版日期:2018-05-15 发布日期:2018-07-25
  • 基金资助:
    本文受国家自然科学基金项目(61601337),湖北省自然科学基金重点项目(ZRZ2015000393),交通物联网技术湖北省重点实验室基金项目(2017III028-002),内河航运技术湖北省重点实验室基金项目(NHHY2017003)资助

Study on Secure Retrieval Scheme over Encrypted Data Supporting Result Ranking

YAO Han-bing, XING Na-na, ZHOU Jun-wei and LI Yong-hua   

  • Online:2018-05-15 Published:2018-07-25

PDF (PC)

881

摘要: 越来越多的企业和个人用户将数据部署到低成本、高质量的云存储中。为了保护敏感数据,用户在部署前会对其进行加密处理,但海量的加密数据给检索工作带来很大挑战。文中将传统的倒排索引结构改造成密文倒排索引,并在密文倒排索引上构建计数布隆过滤器,进而提出了基于计数布隆过滤器的密文安全索引(SICBF),其在保证隐私安全的前提下实现了对密文的快速检索。为减少SICBF索引中的数据冗余,设计了计数布隆过滤器的剪枝算法。为保护密文倒排索引中相关分的隐私安全,采用一对多保序加密机制(OPME)对相关分进行加密,并在密文相关分上对检索结果直接进行排序,将最相关检索结果top-k返回给授权用户。安全分析表明, 不同于原始数据分布,OPME算法加密后的相关分分布隐藏了数据的峰值,能防止针对相关分的统计攻击。实验结果表明,SICBF的检索效率高,计算量小,适用于海量加密数据文件的快速安全检索。

关键词: 倒排索引,相关分,计数布隆过滤器,数据隐私,排序搜索

Abstract: More and more organizations and users outsource their data into the low-cost and high-quality cloud storage.In order to protect the sensitive data,users will encrypt them before deployment,but this will bring big challenge to retrieval.This paper modified the traditional inverted index into the encrypted inverted index,and then built counting Bloom filter(CBF) on the encrypted inverted index.It proposed secure index based on counting Bloom filter(SICBF) to search encrypted data,which meet strict keyword and index privacy requirements.It also designed the CBF pruning algorithm to reduce redundancy of SICBF index.In order to protect the privacy of the relevance score(RSC) in SICBF,it employed one-to-many order-preserving mapping encryption(OPME) to encrypt RSC.The search results are directly sorted on the encrypted RSC,and only the most relevant top-k documents are returned to the authorized users.Security analysis illustrates that the encrypted RSC distribution is different from the original RSC,which hides the peak value of the RSC to prevent statistical attacks.The experiments show that the SICBF has high retrieval efficiency and low computational cost,which is suitable for searching massive encrypted data.

Key words: Inverted index,Relevance score,Counting bloom filter,Data privacy,Ranked search

[1] LI H,SUN W H,LI F H,et al.Secure and Privacy-Preserving Data Storage Service in Public Cloud[J].Journal of Computer Research and Development,2014,1(7):1397-1409.(in Chinese) 李晖,孙文海,李凤华,等.公共云存储服务数据安全及隐私保护技术综述[J].计算机研究与发展,2014,51(7):1397-1409.
[2] FENG D G,ZHANG M,ZHANG Y,et al.Study on Cloud Computing Security[J].Journal of Software,2011,22(1):71-83.((in Chinese) 冯登国,张敏,张妍,等.云计算安全研究[J].软件学报,2011,2(1):71-83.
[3] SONG D X,WAGNER D,PERRIG A.Practical Techniques for Searches on Encrypted Data[C]∥IEEE Symposium on Security &Privacy.2002:44-55.
[4] GOH E J.Secure Indexes.http://eprint.iacr.org/2003/216.
[5] DAN B,CRESCENZO G D,OSTROVSKY R,et al.Public Key Encryption with Keyword Search[M]∥Advances in Cryptology-EUROCRYPT 2004.Springer Berlin Heidelberg,2004:506-522.
[6] WANG C,CAO N,LI J,et al.Secure Ranked Keyword Search over Encrypted Cloud Data[C]∥IEEE International Conference on Distributed Computing Systems.IEEE,2010:253-262.
[7] CAO N,WANG C,LI M,et al.Privacy-Preserving Multi-Keyword Ranked Search over Encrypted Cloud Data[J].IEEE Transactions on Parallel & Distributed Systems,2014,25(1):222-233.
[8] XU Z,KANG W,LI R,et al.Efficient Multi-Keyword Ranked Query on Encrypted Data in the Cloud[C]∥IEEE International Conference on Parallel and Distributed Systems.IEEE,2012:244-251.
[9] SUN W,WANG B,CAO N,et al.Privacy-preserving multi-keyword text search in the cloud supporting similarity-based ran-king[C]∥ACM Symposium on Information,Computer and Communications Security.2013:71-82.
[10] FU Z,SUN X,XIA Z,et al.Multi-keyword ranked search supporting synonym query over encrypted data in cloud computing[C]∥IEEE International PERFORMANCE Computing and Communications Conference.IEEE,2013:1-8.
[11] CHEN C,ZHU X,SHEN P,et al.An Efficient Privacy-Preserving Ranked Keyword Search Method[J].IEEE Transactions on Parallel & Distributed Systems,2016,7(4):951-963.
[12] ZERR S,OLMEDILLA D,NEJDL W,et al.Zerber +R:top-k retrieval from a confidential index[C]∥Proceedings of the 12th International Conference on Extending Database Technology:Advances in Database Technology.ACM,2009:439-449.
[13] CUTTING D,PEDERSEN J.Optimization for dynamic inverted index maintenance[J].International Acm Sigir Conference on Research & Development in Information Retrieval.1989:405-411.
[14] ZOBEL J,MOFFAT A,RAMAMOHANARAO K.Invertedfiles versus signature files for text indexing[J].ACM Transactions on Database Systems,1998,23(4):453-490.
[15] ZOBEL J,MOFFAT A.Inverted files for text search engines[J].ACM Computing Surveys,2006,38(2):1-56.
[16] MANWAR B,MAHALLE S,CHINCHKHEDE D,et al.AVector Space Model for Information Retrieval:A Matlab A pproach[J].Indian Journal of Computer Science & Engineering,2012,3(2):222-229.
[17] WANG C,CAO N,REN K,et al.Enabling Secure and Efficient Ranked Keyword Search over Outsourced Cloud Data[J].IEEE Transactions on Parallel & Distributed Systems,2012,23(23):1467-1479.
[18] AGRAWAL R,KIERNAN J,SRIKANT R,et al.Order preserving encryption for numeric data[C]∥ACM SIGMOD International Conference on Management of Data.ACM,2004:563-574.
[19] BOLDYREVA A,CHENETTE N,LEE Y,et al.Order-Preserving Symmetric Encryption[M]∥Advances in Cryptology-EUROCRYPT 2009.Cologne,Germany,2009:224-241.
[20] LESTER N,ZOBEL J,WILLIAMS H E.In-Place versus Re-Build versus Re-Merge:Index Maintenance Strategies for Text Retrieval Systems[C]∥27th Australasian Computer Science Conference.2004:15-22.
[21] BLOOM B H.Space/time trade-offs in hash coding with allowable errors[J].Communications of the ACM,1970,13(7):422-426.
[22] BONOMI F,MITZENMACHER M,PANIGRAHY R,et al.An Improved Construction for Counting Bloom Filters[C]∥Con-ference on European Symposium.Zurich,Switzerland,2006:684-695.
[23] YONG H H,LEE P J.Public Key Encryption with Conjunctive Keyword Search and Its Extension to a Multi-user System[C]∥International Conference on Pairing-Based Cryptography.Springer-Verlag,2007:2-22.
[24] LEWKO A,OKAMOTO T,SAHAI A,et al.Fully secure functional encryption:attribute-based encryption and(hierarchical) inner product encryption[M]∥Advances in Cryptology-EUROCRYPT 2010.French Riviera,2010:62-91.
[25] BALLARD L,KAMARA S,MONROSE F.Achieving Efficient Conjunctive Keyword Searches over Encrypted Data[C]∥ International Conference on Information and Communications Security(ICICS 2005).Beijing,China,2005:414-426.
[26] WANG S,SHAN P.Security analysis of a one-way hash function based on spatio temporal chaos[J].Chinese Physics B,2011,20(9):79-85.
[27] BOLDYREVA A,CHENETTE N,LEE Y,et al.Order-Preserving Symmetric Encryption[M]∥Advances in Cryptology-EUROCRYPT 2009.Cologne,Germany,2009:224-241.
No related articles found!
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发