浏览全部资源
扫码关注微信
面向云存储且支持重加密的多关键词属性基可搜索加密方案
Multi-keyword attribute-based searchable encryption scheme supporting re-encryption for cloud storage
- 通信学报 2024年45卷第9期 页码:244-257
- 作者机构:
1.北京邮电大学网络空间安全学院,北京 100876
2.北京电子科技学院网络空间安全系,北京 100071
3.中国科学技术大学网络空间安全学院,安徽 合肥 230026
- 作者简介:
[ "张克君(1972- ),男,山东临沂人,博士,北京电子科技学院教授、博士生导师,北京邮电大学、中国科学技术大学兼职博士生导师,主要研究方向为网络安全、隐私保护等。" ]
[ "王文彬(1999- ),男,青海海晏人,北京邮电大学博士生,主要研究方向为认知信息安全、密文检索等。" ]
[ "徐少飞(1999- ),男,陕西汉中人,北京电子科技学院硕士生,主要研究方向为隐私保护、可搜索加密等。" ]
[ "于新颖(1997- ),女,山东泰安人,北京邮电大学博士生,主要研究方向为网络安全、隐私保护。" ]
[ "王钧(1998- ),男,河北保定人,北京电子科技学院博士生,主要研究方向为网络主动防御、隐私保护机器学习。" ]
[ "李鹏程(1998- ),男,河北邯郸人,中国科学技术大学博士生,主要研究方向为自然语言处理、隐私保护。" ]
[ "钱榕(1970- ),男,福建福州人,博士,北京电子科技学院副教授、硕士生导师,主要研究方向为复杂网络、数据挖掘、云计算安全等。" ]
- 基金信息:中央高校基本科研业务费资金资助项目(3282023033);北京高校“高精尖”学科建设基金资助项目(20210086Z0401)
DOI:10.11959/j.issn.1000-436x.2024150
中图分类号: TP309收稿日期:2023-11-01,
修回日期:2024-02-02,
纸质出版日期:2024-09-25
- 稿件说明:
移动端阅览
张克君,王文彬,徐少飞等.面向云存储且支持重加密的多关键词属性基可搜索加密方案[J].通信学报,2024,45(09):244-257.
ZHANG Kejun,WANG Wenbin,XU Shaofei,et al.Multi-keyword attribute-based searchable encryption scheme supporting re-encryption for cloud storage[J].Journal on Communications,2024,45(09):244-257.
张克君,王文彬,徐少飞等.面向云存储且支持重加密的多关键词属性基可搜索加密方案[J].通信学报,2024,45(09):244-257. DOI: 10.11959/j.issn.1000-436x.2024150.
ZHANG Kejun,WANG Wenbin,XU Shaofei,et al.Multi-keyword attribute-based searchable encryption scheme supporting re-encryption for cloud storage[J].Journal on Communications,2024,45(09):244-257. DOI: 10.11959/j.issn.1000-436x.2024150.
摘要
针对一对多模型下共享数据细粒度访问控制、密文密钥的安全共享和更新等问题,提出了一种面向云存储且支持代理重加密的多关键词属性基可搜索加密方案。增加节点信息改进访问树结构,实现对密文数据读写权限的细粒度访问控制;对查询关键词进行属性基加密优化处理,实现陷门信息不可区分性和限制不同用户的检索能力;利用重加密方法更新密文及密钥,解决已撤销用户恶意访问隐私数据带来的系统安全问题;设计了一种基于区块链的安全性验证算法来识别第三方托管隐私数据被攻击篡改的问题。基于DBDH困难问题和DDH困难问题,推理证明了所提方案能够满足自适应关键词密文安全和陷门安全。实验结果表明,该方案在密钥生成、陷门生成、关键词索引生成和正确性验证阶段能够保证隐私数据及密钥安全,同时相比于同类方案,在时间开销方面具有更高效率。
Abstract
To address fine-grained access control
secure sharing
and encrypted key updates in a one-to-many model
a multi-keyword attribute-based searchable encryption scheme with proxy re-encryption for cloud storage was proposed. The access tree was enhanced with node information for fine-grained control over ciphertext read and write permissions. The keyword encryption process was optimized for trapdoor indistinguishability and restricted user search capabilities. Re-encryption updated ciphertext and keys
preventing malicious access by revoked users. A blockchain-based verification algorithm was designed to detect tampering of third-party data. The DBDH and DDH hard problems proved the scheme’s keyword ciphertext security and trapdoor security. Experiments show the proposed scheme secures data and keys during key generation
trapdoor
and index generation
and correctness verification. It also demonstrates higher efficiency in time overhead
ensuring privacy and key safety while maintaining high efficiency.
关键词
Keywords
references
SONG D X , WAGNER D , PERRIG A . Practical techniques for searches on encrypted data [C ] // Proceedings of the IEEE Symposium on Security and Privacy . Piscataway : IEEE Press , 2000 : 44 - 55 .
BONEH D , CRESCENZO G D , OSTROVSKY R , et al . Public key encryption with keyword search [C ] // International Conference on the Theory and Applications of Cryptographic Techniques . Berlin : Springer , 2004 : 506 - 522 .
RHEE H S , SUSILO W , KIM H J . Secure searchable public key encryption scheme against keyword guessing attacks [J ] . IEICE Electronics Express , 2009 , 6 ( 5 ): 237 - 243 .
GOLLE P , STADDON J , WATERS B . Secure conjunctive keyword search over encrypted data [C ] // Applied Cryptography and Network Security: Second International Conference . Berlin : Springer , 2004 : 31 - 45 .
LI H W , YANG Y , LUAN T H , et al . Enabling fine-grained multi-keyword search supporting classified sub-dictionaries over encrypted cloud data [J ] . IEEE Transactions on Dependable and Secure Computing , 2016 , 13 ( 3 ): 312 - 325 .
SAHAI A , WATERS B . Fuzzy identity-based encryption [C ] // Advances in Cryptology-EUROCRYPT 2005: 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques . Berlin : Springer , 2005 : 457 - 473 .
WATERS B . Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization [C ] // International Workshop on Public Key Cryptography . Berlin : Springer , 2011 : 53 - 70 .
高诗尧 , 陈燕俐 , 许玉岚 . 云环境下基于属性的多关键字可搜索加密方案 [J ] . 计算机科学 , 2022 , 49 ( 3 ): 313 - 321 .
GAO S Y , CHEN Y L , XU Y L . Expressive attribute-based searchable encryption scheme in cloud computing [J ] . Computer Science , 2022 , 49 ( 3 ): 313 - 321 .
SRAVANTHI K , CHANDRASEKHAR P . An efficient multi-user groupwise integrity CP-ABE(GI-CPABE) for homogeneous and heterogeneous cloud blockchain transactions [J ] . Journal of Electrical Systems , 2024 , 20 ( 1 ): 326 - 349 .
LI J G , ZHANG R Y , LU Y , et al . Multiauthority attribute-based encryption for assuring data deletion [J ] . IEEE Systems Journal , 2023 , 17 ( 2 ): 2029 - 2038 .
NISHIDE T , YONEYAMA K , OHTA K . Attribute-based encryption with partially hidden encryptor-specified access structures [C ] // International Conference on Applied Cryptography and Network Security . Berlin ,: Springer , 2008 : 111 - 129 .
LAI J , DENG R H , LI Y . Fully secure ciphertext-policy hiding CP-ABE [C ] // International Conference of Information Security Practice and Experience . Berlin : Springer , 2011 : 24 - 39 .
QIU S , LIU J Q , SHI Y F , et al . Hidden policy ciphertext-policy attribute-based encryption with keyword search against keyword guessing attack [J ] . Science China Information Sciences , 2016 , 60 ( 5 ): 052105 .
MENG F , CHENG L X , WANG M Q . Ciphertext-policy attribute-based encryption with hidden sensitive policy from keyword search techniques in smart city [J ] . EURASIP Journal on Wireless Communications and Networking , 2021 ( 1 ): 20 .
ZHOU Y S , PENG R D , LIU Y N , et al . TRE-DSP: a traceable and revocable CP-ABE based data sharing scheme for IoV with partially hidden policy [J ] . Digital Communications and Networks , 2024 : doi.org/10.1016/j.dcan.2024.03.005.
YU S C , WANG C , REN K , et al . Achieving secure, scalable, and fine-grained data access control in cloud computing [C ] // Proceedings of the IEEE Conference on Computer Communications . Piscataway : IEEE Press , 2010 : 1 - 9 .
WANG J , YIN X , NING J , et al . Attribute-based encryption with efficient keyword search and user revocation [C ] // International Conference of Information Security and Cryptology . Berlin : Springer , 2019 : 490 - 509 .
SULTAN N H , KAANICHE N , LAURENT M , et al . Authorized keyword search over outsourced encrypted data in cloud environment [J ] . IEEE Transactions on Cloud Computing , 2022 , 10 ( 1 ): 216 - 233 .
LUO F C , AL-KUWARI S , WANG H Y , et al . Revocable attribute-based encryption from standard lattices [J ] . Computer Standards & Interfaces , 2023 , 84 : 103698 .
DAS S , NAMASUDRA S . MACPABE: multi-authority-based CP-ABE with efficient attribute revocation for IoT-enabled healthcare infrastructure [J ] . International Journal of Network Management , 2023 , 33 ( 3 ): e2200 .
胡甜媛 , 李泽成 , 李必信 , 等 . 智能合约的合约安全和隐私安全研究综述 [J ] . 计算机学报 , 2021 , 44 ( 12 ): 2485 - 2514 .
HU T Y , LI Z C , LI B X , et al . Contractual security and privacy security of smart contract: a system mapping study [J ] . Chinese Journal of Computers , 2021 , 44 ( 12 ): 2485 - 2514 .
LI H G , TIAN H B , ZHANG F G , et al . Blockchain-based searchable symmetric encryption scheme [J ] . Computers & Electrical Engineering , 2019 , 73 : 32 - 45 .
LU Y , FENG T , LIU C Y , et al . A blockchain and CP-ABE based access control scheme with fine-grained revocation of attributes in cloud health [J ] . Computers , Materials & Continua, 2024 , 78 ( 2 ): 2787 - 2811 .
WU A X , ZHANG Y H , ZHENG X K , et al . Efficient and privacy-preserving traceable attribute-based encryption in blockchain [J ] . Annals of Telecommunications , 2019 , 74 ( 7 ): 401 - 411 .
牛淑芬 , 谢亚亚 , 杨平平 , 等 . 区块链上基于云辅助的属性基可搜索加密方案 [J ] . 计算机研究与发展 , 2021 , 58 ( 4 ): 811 - 821 .
NIU S F , XIE Y Y , YANG P P , et al . Cloud-assisted attribute-based searchable encryption scheme on blockchain [J ] . Journal of Computer Research and Development , 2021 , 58 ( 4 ): 811 - 821 .
ZHENG Q J , XU S H , ATENIESE G . VABKS: verifiable attribute-based keyword search over outsourced encrypted data [C ] // Proceedings of the IEEE Conference on Computer Communications . Piscataway : IEEE Press , 2014 : 522 - 530 .
闫玺玺 , 原笑含 , 汤永利 , 等 . 基于区块链且支持验证的属性基搜索加密方案 [J ] . 通信学报 , 2020 , 41 ( 2 ): 187 - 198 .
YAN X X , YUAN X H , TANG Y L , et al . Verifiable attribute-based searchable encryption scheme based on blockchain [J ] . Journal on Communications , 2020 , 41 ( 2 ): 187 - 198 .
HU Y Y , CHEN Y L , ZHU M H . Privacy protection attribute-based ciphertext search scheme [J ] . Application Research of Computers , 2019 , 36 ( 4 ): 1158 - 1164 .
YANG K , JIA X H , REN K , et al . DAC-MACS: effective data access control for multiauthority cloud storage systems [J ] . IEEE Transactions on Information Forensics and Security , 2013 , 8 ( 11 ): 1790 - 1801 .
XIONG S M , NI Q , WANG L M , et al . SEM-ACSIT: secure and efficient multiauthority access control for IoT cloud storage [J ] . IEEE Internet of Things Journal , 2020 , 7 ( 4 ): 2914 - 2927 .
周艺华 , 扈新宇 , 李美奇 , 等 . 云环境下基于属性策略隐藏的可搜索加密方案 [J ] . 网络与信息安全学报 , 2022 , 8 ( 2 ): 112 - 121 .
ZHOU Y H , HU X Y , LI M Q , et al . Searchable encryption scheme based on attribute policy hiding in cloud environment [J ] . Journal of Network and Information Security , 2022 , 8 ( 2 ): 112 - 121 .
LIU X , LU T , HE X , et al . Verifiable attribute-based keyword search over encrypted cloud data supporting data deduplication [J ] . IEEE Access , 2020 , 8 : 52062 - 52074 .
0
浏览量
63
下载量
0
CSCD
- 网络PDF下载
- WORD下载
- XML下载
- Meta-XML下载
- BibTeX下载
- Endnote下载
- RefMan 下载
- NoteExpress下载
- NoteFirst下载
关联资源
相关文章
相关作者
相关机构
- 技术支持由北京北大方正电子有限公司提供 京ICP备09064830号-19
京公网安备11010802024621 - 本系统建议在Chrome、 IE9+ 以上版本浏览器阅读本站内容,360浏览器请切换至极速模式
- Cookies帮助我们提供服务并提供个性化体验。使用本网站,即表示您同意我们使用Cookies
- 总访问量:128211 今日访问量:476