计算机科学 ›› 2022, Vol. 49 ›› Issue (3): 313-321.doi: 10.11896/jsjkx.201100214
高诗尧, 陈燕俐, 许玉岚
GAO Shi-yao, CHEN Yan-li, XU Yu-lan
摘要: 可搜索加密技术可在不解密数据密文的同时实现密文关键字的检索,很好地保护了数据存储方的隐私。针对目前大多数可搜索加密方案无法支持用户自定义搜索策略的问题,提出了一种安全、高效、可支持任意表达的基于属性可搜索加密方案。该方案首先基于LSSS搜索结构,支持任意合取、析取或单调布尔表达式的多关键字搜索策略,用户使用私钥为LSSS搜索策略生成陷门,云服务器通过陷门可以搜索包含满足特定关键字搜索策略的密文;其次,通过与基于属性加密方案结合,可以实现对云中加密数据的细粒度访问控制;另外,该方案通过将关键字拆分成关键字名和关键字值以及“线性拆分”技术,使得攻击者无法从密文和陷门中推测出关键字值敏感信息;最后,通过将部分解密工作转移到云服务器来降低用户的计算负担。基于DBDH、(q-2)和判定线性假设证明了所提方案的安全性,理论分析和实验结果也表明了该方案的有效性。
中图分类号:
[1]SONG D X,WAGNER D,PERRIG A.Practical tech-niques for searches on encrypted data[C]//Proceedings of 2000 IEEE Symposium on Security and Privacy.Berkeley,CA:IEEE,2000:44-55. [2]BONEH D,CRESCENZO G D,OSTROVSKY R,et al.Public key encryption with keyword search[C]//Advances in Crypto-logy-EUROCRYPT.Berlin:Springer,2004:506-522. [3]CURTMOLA R,GARAY J,KAMARA S,et al.Searchablesymmetric encryption.Improved definitions and efficient constructions[C]//Proceedings of the 2006 ACM Computer and Communication Security.New York:ACM,2006:79-88. [4]LI J,SHI Y,ZHANG Y.Searchable ciphertext-policy attribute-based encryption with revocation in cloud storage[J].International Journal of Communication Systems,2017,30(1):2933-2947. [5]MIAO Y,MA J,LIU X,et al.Attribute-Based Keyword Search over Hierarchical Data in Cloud Computing[J].IEEE Transactions on Services Computing,2017,17(99):1427-1441. [6]SWAMINATHAN A,MAO Y,SU G M,et al.Confidentiality-preserving rank-ordered search[C]//Proceedings of the 2007 ACM Workshop Storage Security and Survivability.Alexandria,VA:ACM,2007:7-12. [7]WANG C,CAO N,REN K,et al.Enabling Secure and Efficient Ranked Keyword Search over Outsourced Cloud Data[J].IEEE Transactions on Parallel & Distributed Systems,2011,23(8):1467-1479. [8]ZERR S,OLMEDILLA D,NEJDL W,et al.Zerber+R:Top-k retrieval from a confıdential index[C]//Proceedings of International Conference on Extending Database Technology.2009:439-449. [9]DAN B,WATERS B.Conjunctive,subset,and range queries on encrypted data[C]//Proceedings of 4th Theory of Cryptography Conference.Berlin,Springer,2007:535-554. [10]LEWKO A,OKAMOTO T,SAHAI A,et al.Fully secure functional encryption:Attribute-based encryption and (hierarchical) inner product encryption[C]//Proceedings of Annual International Conference on Theory and Applications of Cryptographic Technology.Berlin,Springer,2010:62-91. [11]MIAO Y,MA J,LIU X,et al.Practical Attribute-Based Multi-Keyword Search Scheme in Mobile Crowdsourcing[J].IEEE Internet of Things Journal,2018,5(4):3008-3018. [12]MIAO Y,MA J,LIU X,et al.VCKSM:Verifiable conjunctive keyword search over mobile e-health cloud in shared multi-owner settings[J].Pervasive and Mobile Computing,2017,40:205-219. [13]LAI J,ZHOU X,DENG R H,et al.Expressive search on encrypted data[C]//ACM Sigsac Symposium on Information.ACM,2013:243-251. [14]LV Z,HONG C,ZHANG M,et al.Expressive and SecureSearchable Encryption in the Public Key Setting[J].2014:364-376. [15]CUI H,WAN Z,DENG R,et al.Efficient and Expressive Keyword Search Over Encrypted Data in the Cloud[J].IEEE Tran-sactions on Dependable & Secure Computing,2018,15(3):409-422. [16]HAO J,LIU J,WANG H,et al.Efficient Attribute-based Ac-cess Control with Authorized Search in Cloud Storage[J].IEEE Access,2019,7:182772-182783. [17]SHEN C,LU Y,LI J.Expressive Public-Key Encryption withKeyword Search:Generic Construction from KP-ABE and an Efficient Scheme over Prime-Order Groups[J].IEEE Access,2020,8:93-103. [18]SAHAI A,WATERS B.Fuzzy Identity-Based Encryption[M].Advances in Cryptology-EUROCRYPT 2005.Berlin:Springer,2005:457-473. [19]DAN B,FRANKLIN M.Identity-Based Encryption from theWeil Pairing[M].Society for Industrial and Applied Mathema-tics,2003:235-252. [20]GOYAL V,PANDEY O,SAHAI A,et al.Attribute-based encryption for fine-grained access control of encrypted data[C]//Proceedings of ACM Conference on Computer and Communications Security.ACM,2006:89-98. [21]PARK D J,KIM K,LEE P J.Public Key Encryption with Conjunctive Field Keyword Search[C]//Proceedings of Information Security Applications,5th International Workshop,WISA 2004.Jeju Island,Korea,2004:73-86. [22]HAN F,QIN J,ZHAO H,et al.A general transformation from KP-ABE to searchable encryption[J].Future Generation Computer Systems,2014,30(Jan.):107-115. [23]ABDALLA M,BELLARE M,CATALANO D,et al.Searchable Encryption Revisited:Consistency Properties,Relation to Ano-nymous IBE,and Extensions[C]//Annual International Crypto-logy Conference.Berlin:Springer,2005:205-222. [24]KAUSHIK K,VARADHARAJAN V,NALLUSAMY R.Multi-user Attribute-based Searchable Encryption[C]//IEEE International Conference on Mobile Data Management.IEEE,2013:200-205. [25]XIONG A P,GAN Q X,et al.A searchable encryption of CP-ABE scheme in cloud storage[C]//Proceedings of the 10th International Computer Conference on Wavelet Active Media Technology (ICCWAMTIP’13).USA:IEEE,2013:345-349. [26]HE H,ZHANG J,LI P,et al.A lightweight secure conjunctive keyword search scheme in hybrid cloud[J].Future Generation Computer Systems,2019,93:727-736. [27]WANG S P,JIA S S,ZHANG Y L,et al.Verifiable and Multi-Keyword Searchable Attribute-Based Encryption Scheme for Cloud Storage[J].IEEE Access,2019,7:50136-50147. [28]SUN J,REN L,WANG S,et al.Multi-Keyword Searchable and Data Verifiable Attribute-Based Encryption Scheme for Cloud Storage[J].IEEE Access,2019,7:66655-66667. [29]LIU X,LU T,HE X,et al.Verifiable Attribute-Based Keyword Search Over Encrypted Cloud Data Supporting Data Deduplication[J].IEEE Access,2020,8(99):52062-52074. [30]LIU X,YANG X.Verifiable Multi-keyword Search Encryption Scheme with Anonymous Key Generation for Medical Internet of Things[J].IEEE Internet of Things Journal(Early Access),2021,8:1-13. [31]BAEK J,SAFAVI-NAINI R,SUSILO W.Public Key Encryption with Keyword Search Revisited[C]//Proceedings of the International Conference on Computational Science and Its Applications,Part I.Berlin:Springer,2008:1249-1259. [32]BEIMEL A.Secure schemes for secret sharing and key distribution[D].Haifa:Israel Institute of Technology,1996. [33]ROUSELAKIS Y,WATERS B.New Constructions and ProofMethods for Large Universe Attribute-Based Encryption[C]//ACM Sigsac Conference on Computer & Communications Security.ACM,2013:463-473. [34]BOYEN X,WATERS B.Anonymous Hierarchical Identity-Based Encryption (Without Random Oracles)[C]//Procee-dings of the 26th Annual International Conference on Advances in Cryptology.Berlin:Springer,2006:290-307. [35]SHOUP V.A proposal for an iso standard for public key en-cryption (version 2.1)[OL].http://eprint.iacr.org/2001/112. [36]CARO A D,IOVINO V.jPBC:Java pairing based cryptography[C]//2011 IEEE Symposium on Computers and Communications (ISCC).Kerkyra,2011:850-855. |
[1] | 王政, 姜春茂. 一种基于三支决策的云任务调度优化算法 Cloud Task Scheduling Algorithm Based on Three-way Decisions 计算机科学, 2021, 48(6A): 420-426. https://doi.org/10.11896/jsjkx.201000023 |
[2] | 潘瑞杰, 王高才, 黄珩逸. 云计算下基于动态用户信任度的属性访问控制 Attribute Access Control Based on Dynamic User Trust in Cloud Computing 计算机科学, 2021, 48(5): 313-319. https://doi.org/10.11896/jsjkx.200400013 |
[3] | 季琰, 戴华, 姜莹莹, 杨庚, 易训. 面向混合云的可并行多关键词Top-k密文检索技术 Parallel Multi-keyword Top-k Search Scheme over Encrypted Data in Hybrid Clouds 计算机科学, 2021, 48(5): 320-327. https://doi.org/10.11896/jsjkx.200300160 |
[4] | 陈玉平, 刘波, 林伟伟, 程慧雯. 云边协同综述 Survey of Cloud-edge Collaboration 计算机科学, 2021, 48(3): 259-268. https://doi.org/10.11896/jsjkx.201000109 |
[5] | 蒋慧敏, 蒋哲远. 企业云服务体系结构的参考模型与开发方法 Reference Model and Development Methodology for Enterprise Cloud Service Architecture 计算机科学, 2021, 48(2): 13-22. https://doi.org/10.11896/jsjkx.200300044 |
[6] | 王文娟, 杜学绘, 任志宇, 单棣斌. 基于因果知识和时空关联的云平台攻击场景重构 Reconstruction of Cloud Platform Attack Scenario Based on Causal Knowledge and Temporal- Spatial Correlation 计算机科学, 2021, 48(2): 317-323. https://doi.org/10.11896/jsjkx.191200172 |
[7] | 何亨, 蒋俊君, 冯可, 李鹏, 徐芳芳. 多云环境中基于属性加密的高效多关键词检索方案 Efficient Multi-keyword Retrieval Scheme Based on Attribute Encryption in Multi-cloud Environment 计算机科学, 2021, 48(11A): 576-584. https://doi.org/10.11896/jsjkx.201000026 |
[8] | 毛瀚宇, 聂铁铮, 申德荣, 于戈, 徐石成, 何光宇. 区块链即服务平台关键技术及发展综述 Survey on Key Techniques and Development of Blockchain as a Service Platform 计算机科学, 2021, 48(11): 4-11. https://doi.org/10.11896/jsjkx.210500159 |
[9] | 陈先来, 赵晓宇, 曾工棉, 安莹. 基于区块链的患者在线交流模型 Online Patient Communication Model Based on Blockchain 计算机科学, 2021, 48(11): 28-35. https://doi.org/10.11896/jsjkx.210400240 |
[10] | 王勤, 魏立斐, 刘纪海, 张蕾. 基于云服务器辅助的多方隐私交集计算协议 Private Set Intersection Protocols Among Multi-party with Cloud Server Aided 计算机科学, 2021, 48(10): 301-307. https://doi.org/10.11896/jsjkx.210300308 |
[11] | 张恺琪, 涂志莹, 初佃辉, 李春山. 基于排队论的服务资源可用性相关研究综述 Survey on Service Resource Availability Forecast Based on Queuing Theory 计算机科学, 2021, 48(1): 26-33. https://doi.org/10.11896/jsjkx.200900211 |
[12] | 雷阳, 姜瑛. 云计算环境下关联节点的异常判断 Anomaly Judgment of Directly Associated Nodes Under Cloud Computing Environment 计算机科学, 2021, 48(1): 295-300. https://doi.org/10.11896/jsjkx.191200186 |
[13] | 徐蕴琪, 黄荷, 金钟. 容器技术在科学计算中的应用研究 Application Research on Container Technology in Scientific Computing 计算机科学, 2021, 48(1): 319-325. https://doi.org/10.11896/jsjkx.191100111 |
[14] | 李彦, 申德荣, 聂铁铮, 寇月. 面向加密云数据的多关键字语义搜索方法 Multi-keyword Semantic Search Scheme for Encrypted Cloud Data 计算机科学, 2020, 47(9): 318-323. https://doi.org/10.11896/jsjkx.190800139 |
[15] | 马潇潇, 黄艳. 大属性可公开追踪的密文策略属性基加密方案 Publicly Traceable Accountable Ciphertext Policy Attribute Based Encryption Scheme Supporting Large Universe 计算机科学, 2020, 47(6A): 420-423. https://doi.org/10.11896/JsJkx.190700131 |
|