支持關鍵詞搜索的屬性代理重加密方案

劉振華; 周佩琳; 段淑紅

doi:10.11999/JEIT170448

支持關鍵詞搜索的屬性代理重加密方案

doi: 10.11999/JEIT170448

基金項目:

國家重點研發(fā)計劃(2017YFB0802000)，國家自然科學基金(61472470)，陜西省教育廳專項科研計劃(17JK0362)

計量
- 文章訪問數(shù): 1898
- HTML全文瀏覽量: 289
- PDF下載量: 339
- 被引次數(shù): 0
出版歷程
- 收稿日期: 2017-05-11
- 修回日期: 2017-12-13
- 刊出日期: 2018-03-19

Attribute-based Proxy Re-encryption Scheme with Keyword Search

Funds:

The National Key RD Program of China (2017YFB0802000), The National Natural Science Foundation of China (61472470), The Scientific Research Plan Project of Education Department of Shaanxi Province (17JK0362)

摘要

摘要: 屬性代理重加密機制既能實現(xiàn)數(shù)據(jù)共享又能實現(xiàn)數(shù)據(jù)轉(zhuǎn)發(fā)，但這種機制通常并不支持數(shù)據(jù)檢索功能，阻礙了屬性代理重加密的發(fā)展應用。為了解決這一問題，該文提出一個支持關鍵詞搜索的密文策略的屬性代理重加密方案。通過將密鑰分為屬性密鑰和搜索密鑰，不僅可以實現(xiàn)關鍵詞可搜索，而且實現(xiàn)了代理重加密。在驗證階段，云服務器既執(zhí)行關鍵詞驗證，又可以對原始密文和重加密密文進行部分解密，從而減輕用戶的計算負擔。通過安全性分析，該方案可以實現(xiàn)數(shù)據(jù)安全性、檢索分離、關鍵詞隱藏和抗共謀攻擊。
- 云存儲 /
- 屬性重加密 /
- 代理重加密 /
- 可搜索加密 /
- 訪問控制
Abstract: Attribute-based proxy re-encryption mechanism can not only realize data sharing but also achieve data forwarding. However, this mechanism can not support the functionality of data retrieval, which hinders the applications of attribute-based proxy re-encryption. In order to solve the issue, this paper proposes a ciphertext- policy attribute-based proxy re-encryption scheme with keyword search. By dividing a secret key into an attribute key and a search key, the new scheme can not only achieve the keyword search, but also support proxy re- encryption. In the test phase, while conducting the keywords matching algorithm, the cloud server can do partial decryption of the original ciphertext and the re-encrypted ciphertext, which can reduce the computational burden for users. The security analysis indicates that the proposed scheme can achieve data security, hidden keywords, query isolation and collusion resistance.
- Cloud storage /
- Attributed-based encryption /
- Proxy re-encryption /
- Searchable encryption /
- Access control

HTML全文

參考文獻(20)

黃海平, 杜建澎, 戴華, 等. 一種基于云存儲的多服務器多關鍵詞可搜索加密方案[J]. 電子與信息學報, 2017, 39(2): 389-396. doi: 10.11999/JEIT160338.

YANG Chaowei, HUANG Qunying, LI Zhenlong, et al. Big data and cloud computing: Innovation opportunities and challenges[J]. International Journal of Digital Earth, 2017, 10(1): 13-53. doi: 10.1080/17538947.2016.1239771.

HUANG Haiping, DU Jianpeng, DAI Hua, et al. Multi-sever multi-keyword searchable encryption scheme based on cloud storage. Journal of Electronics Information Technology, 2017, 39(2): 389-396. doi: 10.11999/JEIT160338.

王光波, 王建華. 基于屬性加密的云存儲方案研究[J]. 電子與信息學報, 2016, 38(11): 29312939. doi: 10.11999/JEIT16006 4.

WANG Guangbo and WANG Jianhua. Research on cloud storage scheme with attribute-based encryption[J]. Journal of Electronics Information Technology, 2016, 38(11): 29312939. doi: 10.11999/JEIT160064.

ATTRAPADUNG N, HANAOKA G, MATSUMOTO T, et al. Attribute based encryption with direct efficiency tradeoff[C]. Proceedings of the 14th International Conference on Applied Cryptography and Network Security, London, United Kindom, 2016: 249-266. doi: 10.1007/978-3-319-39555-5_14.

SAHAI A and WATERS B. Fuzzy identity-based encryption[C]. Proceedings of the 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, 2005: 457-473. doi: 10.1007 /11426639_27.

GOYAL V, PANDEY O, SAHAI A, et al. Attribute-based encryption for fine-grained access control of encrypted data[C]. Proceedings of the 13th ACM Conference on Computer and Communications Security, Alexandria, Virginia, USA, 2006: 89-98. doi: 10.1145/1180405.1180418.

WATERS B. Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization[C]. Proceedings of 14th International Conference on Practice and Theory in Public Key Cryptography, Taormina, Italy, 2011: 53-70. doi: 10.1007/978-3-642-19379-8_4.

GUO Shanqing, ZENG Yingpei, WEI Juan, et al. Attribute- based re-encryption scheme in the standard model[J]. Wuhan University Journal of Natural Sciences, 2008, 13(5): 621-625. doi: 10.1007/s11859-008-0522-5.

LIANG Xiaohui, CAO Zhenfu, LIN Huang, et al. Attribute based proxy re-encryption with delegating capabilities[C]. Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, Sydney, Australia, 2009: 276-286. doi: 10.1145/1533057. 1533094.

LIANG Kaitai, FANG Liming, SUSILO W, et al. A ciphertext-policy attribute-based proxy re-encryption with chosen-ciphertext security[C]. Proceedings of the 5th Intelligent Networking and Collaborative Systems (INCoS), Xian, China, 2013: 552-559. doi: 10.1109/INCoS.2013.103.

GE Chunpeng, SUSILO W, WANG Jiandong, et al. A key- policy aattribute-based proxy re-encryption without random oracles[J]. The Computer Journal, 2016, 59(7): 970-982. doi: 10.1093/comjnl/bxv100.

ZHANG Yinghui, LI Jin, CHEN Xiaofeng, et al. Anonymous attribute-based proxy re-encryption for access control in cloud computing[J]. Security and Communication Networks, 2016, 9(14): 2397-2411. doi: 10.1002/sec.1509.

SHI Yanfeng, LIU Jiqiang, HAN Zhen, et al. Attribute-based proxy re-rncryption with keyword search[J]. PloS One, 2014, 9(12): e116325(1-24). doi: 10.1371/journal.pone.0116325.

LIANG Kaitai and SUSILO W. Searchable attribute-based mechanism with efficient data sharing for secure cloud storage[J]. IEEE Transactions on Information Forensics and Security, 2015, 10(9): 1981-1992. doi: 10.1109/TIFS.2015. 2442215.

WANG Changji, LI Wentao, LI Yuan, et al. A ciphertext- policy attribute-based encryption scheme supporting keyword search function[C]. Proceedings of the 5th International Symposium on Cyberspace Safety and Security (CSS), Hunan, China, 2013: 377-386. doi: 10.1007/978-3-319- 03584-0_28.

LI Jiazhi and ZHANG Lei. Attribute-based keyword search and data access control in cloud[C]. Proceedings of the 10th International Conference on Computational Intelligence and Security, Kunming, China, 2014: 382-386. doi: 10.1109/CIS. 2014.113.

ZHENG Qingji, XU Shouhuai, and ATENIESE G. VABKS: Verifiable attribute-based keyword search over outsourced encrypted data[C]. Proceedings of the IEEE Conference on Computer Communications, Toronto, Canada, 2014: 522-530. doi: 10.1109/INFOCOM.2014.6847976.

SHAO Jun, CAO Zhenfu, LIANG Xiaohui, et al. Proxy re-encryption with keyword search[J]. Information Sciences, 2010, 180(13): 2576-2587. doi: 10.1016/j.ins.2010.03.026.

施引文獻

資源附件(0)

訪問統(tǒng)計