云存儲環(huán)境下多服務(wù)器的密鑰聚合可搜索加密方案

張玉磊; 劉祥震; 郎曉麗; 張永潔; 陳文娟; 王彩芬

doi:10.11999/JEIT180418

云存儲環(huán)境下多服務(wù)器的密鑰聚合可搜索加密方案

doi: 10.11999/JEIT180418

1.
西北師范大學(xué)計(jì)算機(jī)科學(xué)與工程學(xué)院 ??蘭州 ??730070
2.
甘肅衛(wèi)生職業(yè)學(xué)院 ??蘭州 ??730070

基金項(xiàng)目: 國家自然科學(xué)基金(61163038, 61262056, 61262057), 甘肅省高等學(xué)?？蒲许?xiàng)目(2017A-003, 2018A-207)

詳細(xì)信息

作者簡介:
張玉磊：男，1979年生，博士，副教授，研究方向?yàn)槊艽a學(xué)與信息安全

劉祥震：男，1991年生，碩士生，研究方向?yàn)槊艽a學(xué)與信息安全

郎曉麗：女，1993年生，碩士生，研究方向?yàn)槊艽a學(xué)與信息安全

張永潔：女，1978年生，碩士，副教授，研究方向?yàn)槊艽a學(xué)與信息安全

陳文娟：女，1993年生，碩士生，研究方向?yàn)槊艽a學(xué)與信息安全

通訊作者:
劉祥震　woliuxiangzhen@foxmail.com

中圖分類號: TP309
計(jì)量
- 文章訪問數(shù): 2597
- HTML全文瀏覽量: 579
- PDF下載量: 106
- 被引次數(shù): 0
出版歷程
- 收稿日期: 2018-05-03
- 修回日期: 2018-11-27
- 網(wǎng)絡(luò)出版日期: 2018-12-07
- 刊出日期: 2019-03-01

Multi-server Key Aggregation Searchable Encryption Scheme in Cloud Environment

1.
College of Computer Science and Engineering, Northwest Normal University, Lanzhou 730070, China
2.
Gansu Health Vocational College, Lanzhou 730070, China

Funds: The National Natural Science Foundation of China (61163038, 61262056, 61262057), The Higher Educational Scientific Research Foundation of Gansu Province (2017A-003, 2018A-207)

摘要

摘要:
密鑰聚合可搜索加密不僅可以通過關(guān)鍵字檢索密文，還可以減少用戶密鑰管理的代價和安全風(fēng)險(xiǎn)。該文分析了一個可驗(yàn)證的密鑰聚合可搜索加密方案，指出該方案不滿足關(guān)鍵字猜測攻擊，未經(jīng)授權(quán)的內(nèi)部用戶可以猜測其他用戶的私鑰。為了提高原方案的安全性，提出了云存儲環(huán)境下多服務(wù)器的密鑰聚合可搜索加密方案。所提方案不僅改進(jìn)了原方案的安全性問題，還增加了多服務(wù)的特性，提高了上傳和存儲的效率，更適合一對多的用戶環(huán)境。
- 密鑰聚合 /
- 可搜索加密 /
- 多服務(wù)器 /
- 關(guān)鍵字猜測
Abstract:
Key aggregation searchable encryption can not only retrieve ciphertext through keywords, but also can reduce user key management costs and security risks. This paper analyzes a verifiable key aggregation searchable encryption scheme, noting that the scheme does not satisfy keyword guessing attacks, and that unauthorized internal users can guess the private keys of other users. In order to improve the security of the original scheme, a multi-server key aggregation searchable encryption scheme is proposed in the cloud environment. The new scheme not only improves the security of the original solution, but also adds multi-service features, and improves the storage and search efficiency. Therefore, it is more suitable for a one-to-many user environment.
- Searchable encryption /
- Key aggregation /
- Multiple servers /
- Keyword guessing

HTML全文

圖 1 系統(tǒng)模型

下載: 全尺寸圖片幻燈片

表 1 基本運(yùn)算耗費(fèi)的時間(ms)

${T_{{\rm{sm}}}}$	${T_{\rm a}}$	${T_{\exp }}$	${T_{{\rm{mul}}}}$	${T_p}$
0.756	0.267	3.756	0.185	3.611

下載: 導(dǎo)出CSV

表 2 效率對比

方案	加密	陷門生成	安全性
Liu等人方案	$2{T_{{\rm{sm}}}} + 2{T_{\rm a}} + 4{T_{\exp }} + 2{T_{{\rm{mul}}}}{\rm{ + }}3{T_{\rm p}} \ge 28.273$	${T_{\rm a}} + {T_{{\rm{mul}}}} \ge 0.452$	低
本文方案	$2{T_{{\rm{sm}}}} + 2{T_{\rm a}} + 5{T_{\exp }} + 6{T_{{\rm{mul}}}} \ge 21.{\rm{936}}$	${T_{{\rm{sm}}}} + {T_{\rm a}} + 3{T_{\exp }} + 2{T_{{\rm{mul}}}} \ge 12.661$	高

下載: 導(dǎo)出CSV

參考文獻(xiàn)(15)

張鍵紅, 李鵬燕. 一種有效的云存儲數(shù)據(jù)完整性驗(yàn)證方案[J]. 信息網(wǎng)絡(luò)安全, 2017(3): 1–5. doi: 10.3969/j.issn.1671-1122.2017.03.001

ZHANG Jianhong and LI Pengyan. An efficient data integrity verification scheme for cloud storage[J]. Netinfo Security, 2017(3): 1–5. doi: 10.3969/j.issn.1671-1122.2017.03.001

陸海寧. 可隱藏搜索模式的對稱可搜索加密方案[J]. 信息網(wǎng)絡(luò)安全, 2017(1): 38–42. doi: 10.3969/j.issn.1671-1122.017.01.006

LU Haining. Searchable symmetric encryption with hidden search pattern[J]. Netinfo Security, 2017(1): 38–42. doi: 10.3969/j.issn.1671-1122.017.01.006

SONG D X, WAGNER D, and PERRIG A. Practical techniques for searches on encrypted data[C]. IEEE Symposium on Security and Privacy, Berkeley, USA, 2000: 44–55.

DAN B, CRESCENZO G D, OSTROVSKY R, et al. Public key encryption with keyword search[J]. Lecture Notes in Computer Science, 2004, 3027: 506–522. doi: 10.1007/978-3-540-24676-3_30

王尚平, 劉利軍, 張亞玲. 一個高效的基于連接關(guān)鍵詞的可搜索加密方案[J]. 電子與信息學(xué)報(bào), 2013, 35(9): 2266–2271. doi: 10.3724/SP.J.1146.2012.01036

WANG Shangping, LIU Lijun, and ZHANG Yaling. An efficient conjunctive keyword searchable encryption scheme[J]. Journal of Electronics &Information Technology, 2013, 35(9): 2266–2271. doi: 10.3724/SP.J.1146.2012.01036

CHANG Yujui and WU Jaling. Multi user searchable encryption scheme with constant size keys[C]. IEEE International Symposium on Cloud and Service Computing, Kanazawa, Japan, 2017: 98–103.

劉振華, 周佩琳, 段淑紅. 支持關(guān)鍵詞搜索的屬性代理重加密方案[J]. 電子與信息學(xué)報(bào), 2018, 40(3): 683–689. doi: 10.11999/JEIT170448

LIU Zhenhua, ZHOU Peilin, and DUAN Shuhong. Attribute based proxy reencryption scheme with keyword search[J]. Journal of Electronics &Information Technology, 2018, 40(3): 683–689. doi: 10.11999/JEIT170448

PENG Yanguo, CUI Jiangtao, PENG Changgen, et al. Certificateless public key encryption with keyword search[J]. China Communications, 2014, 11(11): 100–113. doi: 10.1109/CC.2014.7004528

WU Tsuyang, MENG Fanya, CHEN Chienming, et al. On the security of a certificateless searchable public key encryption scheme[C]. International Conference on Genetic and Evolutionary Computing, Fuzhou, China, 2016: 113–119.

MA Mimi, HE Debiao, KUMAR N, et al. Certificateless searchable public key encryption scheme for industrial internet of things[J]. IEEE Transactions on Industrial Informatics, 2017, 14(2): 759–767. doi: 10.1109/TII.2017.2703922

MA Mimi, HE Debiao, KHAN M K, et al. Certificateless searchable public key encryption scheme for mobile healthcare system[J]. Computers & Electrical Engineering, 2017, 65(5): 413–424. doi: 10.1016/j.compeleceng.2017.05.014

黃海平, 杜建澎, 戴華, 等. 一種基于云存儲的多服務(wù)器多關(guān)鍵詞可搜索加密方案[J]. 電子與信息學(xué)報(bào), 2017, 39(2): 389–396. doi: 10.11999/JEIT160338

HUANG Haiping, DU Jianpeng, DAI Hua, et al. Multi sever multi keyword searchable encryption scheme based on cloud storage[J]. Journal of Electronics &Information Technology, 2017, 39(2): 389–396. doi: 10.11999/JEIT160338

CHU C K, CHOW S S M, TZENG W G, et al. Key aggregate cryptosystem for scalable data sharing in cloud storage[J]. IEEE Transactions on Parallel and Distributed Systems, 2014, 25(2): 468–477. doi: 10.1109/TPDS.2013.112

CUI Baojiang, LIU Zheli, and WANG Lingyu. Key-Aggregate Searchable Encryption (KASE) for group data sharing via cloud storage[J]. IEEE Transactions on Computers, 2016, 65(8): 2374–2385. doi: 10.1109/TC.2015.2389959

LIU Zheli, LI Tong, LI Ping, et al. Verifiable searchable encryption with aggregate keys for data sharing system[J]. Future Generation Computer Systems, 2017, 78(2): 778–788. doi: 10.1016/j.future.2017.02.024

相關(guān)文章

施引文獻(xiàn)

資源附件(0)

訪問統(tǒng)計(jì)