云环境下安全的可验证多关键词搜索加密方案

张键红; 武梦龙; 王晶; 刘沛; 姜正涛; 彭长根

doi:10.11959/j.issn.1000-436x.2021054

您当前的位置：

首页 >

文章列表页 >

云环境下安全的可验证多关键词搜索加密方案

学术论文 | 更新时间：2024-06-05

- 云环境下安全的可验证多关键词搜索加密方案
- Secure and verifiable multi-keyword searchable encryption scheme in cloud
- 通信学报 2021年42卷第4期页码：139-149
- 作者机构：
  
  1. 北方工业大学信息学院，北京 100144
  2. 贵州大学公共大数据国家重点实验室，贵州贵阳 550025
  3. 京东集团财税创新部，北京 100176
  4. 中国传媒大学计算机与网络空间安全学院，北京 100024
- 作者简介：
  
  [ "张键红（1975- ），男，河北石家庄人，博士，北方工业大学教授，主要研究方向为密码学、云安全、物联网安全。" ]
  [ "武梦龙（1972- ），男，山西太原人，博士，北方工业大学副教授，主要研究方向为无线通信、信息安全、信号处理技术等。" ]
  [ "王晶（1988- ），男，山东烟台人，京东集团财税创新部工程师，主要研究方向为计算机软件、网络安全、电子商务等。" ]
  [ "刘沛（1982- ），男，北京人，京东集团财税创新部工程师，主要研究方向为国家税收治理、区块链、税务数智化转型、财税安全管理。" ]
  [ "姜正涛（1976- ），男，山东青岛人，博士，中国传媒大学副教授，主要研究方向为密码学、信息安全、物联网安全等。" ]
  [ "彭长根（1963- ），男，贵州锦屏人，博士，贵州大学教授，主要研究方向为密码学、信息安全、物联网安全等。" ]
- 基金信息：
  
  北京市自然科学基金资助项目(4212019);北京市自然科学基金资助项目(L182039);广西密码学与信息安全重点实验室研究课题基金资助项目(GCIS201808);贵州省公共大数据重点实验室开放课题基金资助项目(2019BDKFJJ012);国家重点研发计划基金资助项目(2018YFB0803900)
- DOI：10.11959/j.issn.1000-436x.2021054
  中图分类号： TP309
- 网络出版日期：2021-04，
  
  纸质出版日期：2021-04-25
- 稿件说明：
移动端阅览
张键红, 武梦龙, 王晶, 等. 云环境下安全的可验证多关键词搜索加密方案[J]. 通信学报, 2021,42(4):139-149.

Jianhong ZHANG, Menglong WU, Jing WANG, et al. Secure and verifiable multi-keyword searchable encryption scheme in cloud[J]. Journal on communications, 2021, 42(4): 139-149.
张键红, 武梦龙, 王晶, 等. 云环境下安全的可验证多关键词搜索加密方案[J]. 通信学报, 2021,42(4):139-149. DOI： 10.11959/j.issn.1000-436x.2021054.

Jianhong ZHANG, Menglong WU, Jing WANG, et al. Secure and verifiable multi-keyword searchable encryption scheme in cloud[J]. Journal on communications, 2021, 42(4): 139-149. DOI： 10.11959/j.issn.1000-436x.2021054.

摘要

云计算的高虚拟化与高可扩展性等优势，使个人和企业愿意外包加密数据到云端服务器。然而，加密后的外包数据破坏了数据间的关联性。尽管能够利用可搜索加密（SE）进行加密数据的文件检索，但不可信云服务器可能篡改、删除外包数据或利用已有搜索陷门来获取新插入文件相关信息。此外，现有单关键词搜索由于限制条件较少，导致搜索精度差，造成带宽和计算资源的浪费。为了解决以上问题，提出一种高效的、可验证的多关键词搜索加密方案。所提方案不仅能够支持多关键词搜索，也能实现搜索模式的隐私性和文件的前向安全性。此外，还能实现外包数据的完整性验证。通过严格的安全证明，所提方案在标准模型下被证明是安全的，能够抵抗不可信云服务器的离线关键词猜测攻击（KGA）。最后，通过与最近 3 种方案进行效率和性能比较，实验结果表明所提方案在功能和效率方面具有较好的综合性能。

Abstract

Due to the advantages of cloud computing

such as virtualization and high scalability

individuals and enterprises are willing to outsource local data storage and computing to cloud servers.However

encryption breaks the linkability between the data.Although searchable encryption (SE) enables cloud servers to provide retrieval services of the encrypted data for data owners

cloud servers who are untrusted

may tamper and delete data

or learn information of the newly added encrypted files with previous trapdoors.Besides

single-keyword search inevitably incurs many unrelated results

resulting in a waste of bandwidth and computing resources.To address the problems above

an efficient and verifiable multi-keyword search encryption scheme was proposed

which could not only supported multiple-keyword search

but also realized the privacy of search pattern and forward security of the outsourced files.In the meanwhile

it also ensured the integrity check of the outsourced data.Through rigorous security verification

the proposed scheme was proved to be secure under the standard mode

and could resist offline keyword guesswork attack (KGA) on untrusted cloud servers.Finally

by comparing the efficiency and performance with the recent three searchable encryption schemes

the experimental results show that the proposed scheme has the best comprehensive performance in terms of function and efficiency among the four schemes.

关键词

Keywords

references

AMBRUST M , FOX A , JOSEPH A D , et al . Above the clouds:a berkeley view of cloud computing [R ] . California:University of California,UCB/EECS-2009-28 , 2009 .

MELL P M , GRANCE T . The NIST definition of cloud computing [R ] . National Institute of Standards and Technology , 2011 .

JULISCH K , HALL M . Security and control in the cloud [J ] . Information Security Journal:A Global Perspective , 2010 , 19 ( 6 ): 299 - 309 .

冯登国 , 张敏 , 张妍 , 等 . 云计算安全研究 [J ] . 软件学报 , 2011 , 22 ( 1 ): 71 - 83 .

FENG D G , ZHANG M , ZHANG Y , et al . Study on cloud computing security [J ] . Journal of Software , 2011 , 22 ( 1 ): 71 - 83 .

TANG Y , LEE P P C , LUI J C S , et al . Secure overlay cloud storage with access control and assured deletion [J ] . IEEE Transactions on Dependable and Secure Computing , 2012 , 9 ( 6 ): 903 - 916 .

SONG D X , WAGNER D , PERRIG A . Practical techniques for searches on encrypted data [C ] // Proceeding 2000 IEEE Symposium on Security and Privacy . Piscataway:IEEE Press , 2000 : 44 - 55 .

BONEH D , CRESCENZO G , OSTROVSKY R , et al . Public key encryption with keyword search [C ] // International Conference on the Theory and Applications of Cryptographic Techniques . Berlin:Springer , 2004 : 506 - 522 .

GOLLE P , STADDON J , WATERS B . Secure conjunctive keyword search over encrypted data [C ] // Proceedings of the 2nd International Conference on Applied Cryptography and Network Security . Berlin:Springer , 2004 : 31 - 45 .

BALLARD L , KAMARA S , MONROSE F . Achieving efficient conjunctive keyword searches over encrypted data [C ] // Proceedings of the 7th International Conference on Information and Communications Security . Berlin:Springer , 2005 : 414 - 426

RYU E K , TAKAGI T . Efficient conjunctive keyword-searchable encryption [C ] // Proceedings of 21st International Conference on Advanced Information Networking and Applications Workshops . Piscataway:IEEE Press , 2007 : 409 - 414 .

CAO N , WANG C , LI M , et al . Privacy-preserving multi-keyword ranked search over encrypted cloud data [C ] // Proceedings of IEEE INFOCOM . Piscataway:IEEE Press , 2011 : 829 - 837 .

SHACHAM H , WATERS B . Compact proofs of retrievability [J ] . Journal of Cryptology , 2013 , 26 ( 3 ): 442 - 483 .

GUO L F , LU B , LI X Y , et al . A verifiable proxy Re-encryption with keyword search without random oracle [C ] // 2013 Ninth International Conference on Computational Intelligence and Security . Piscataway:IEEE Press , 2013 : 474 - 478 .

YANG Y , MA M D . Conjunctive keyword search with designated tester and timing enabled proxy Re-encryption function for E-health clouds [J ] . IEEE Transactions on Information Forensics and Security , 2016 , 11 ( 4 ): 746 - 759 .

MIAO Y B , MA J F , LIU X M , et al . VMKDO:Verifiable multi-keyword search over encrypted cloud data for dynamic data-owner [J ] . Peer-to-Peer Networking and Applications , 2018 , 11 ( 2 ): 287 - 297 .

WANG G J , YUE F S , LIU Q . A secure self-destructing scheme for electronic data [J ] . Journal of Computer and System Sciences , 2013 , 79 ( 2 ): 279 - 290 .

GUO Y , ZHANG C , JIA X H . Verifiable and forward-secure encrypted search using blockchain techniques [C ] // IEEE International Conference on Communications . Piscataway:IEEE Press , 2020 : 1321 - 1329 .

BASERI Y , HAFID A , CHERKAOUI S . Privacy preserving fine-grained location-based access control for mobile cloud [J ] . Computers ＆ Security , 2018 , 73 : 249 - 265 .

MIAO Y B , MA J F , LIU X M , et al . Lightweight fine-grained search over encrypted data in fog computing [J ] . IEEE Transactions on Services Computing , 2019 , 12 ( 5 ): 772 - 785 .

浏览量

2216

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

云环境下协同作业的密码服务优化调度算法

M-RSF：面向Unikernel的一种多级反馈队列任务调度机制

基于强化学习的在线离线混部云环境下的调度框架

云计算中基于时间和隐私保护的可撤销可追踪的数据共享方案

公有云中身份基多源IoT终端数据PDP方案