CN105871543A - Attribute-based multi-keyword ciphertext retrieval method under background of multiple data owners - Google Patents

Attribute-based multi-keyword ciphertext retrieval method under background of multiple data owners Download PDF

Info

Publication number
CN105871543A
CN105871543A CN201610188151.3A CN201610188151A CN105871543A CN 105871543 A CN105871543 A CN 105871543A CN 201610188151 A CN201610188151 A CN 201610188151A CN 105871543 A CN105871543 A CN 105871543A
Authority
CN
China
Prior art keywords
represent
node
ciphertext
index
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610188151.3A
Other languages
Chinese (zh)
Other versions
CN105871543B (en
Inventor
苗银宾
马建峰
李辉
伍祈应
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xidian University
Original Assignee
Xidian University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University filed Critical Xidian University
Priority to CN201610188151.3A priority Critical patent/CN105871543B/en
Publication of CN105871543A publication Critical patent/CN105871543A/en
Application granted granted Critical
Publication of CN105871543B publication Critical patent/CN105871543B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/045Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention discloses an attribute-based multi-keyword ciphertext retrieval method under the background of multiple data owners and mainly solves a problem that the existing technology only supports single-keyword ciphertext retrieval. A technical scheme of the method comprises the following steps that a searchable encryption technology and an encryption strategy based on the ciphertext attribute are combined, and a keyword set index is established under the scene of multiple data owners according to access structures of the data owners and a keyword set of the ciphertext; a data user generates a trap door according to a query keyword set; and the data user utilizes the trap door to realize multi-keyword query of the ciphertext. According to the method, the load of local data storage and management of the data owners is relieved, and the method supports the data user to carry out multi-keyword precise query on the ciphertext and can be used for realizing fine-grained access control and safe and efficient retrieval of the ciphertext data under the cloud storage background.

Description

Multiple key cipher text retrieval method based on attribute under many data owners background
Technical field
The invention belongs to technical field of cryptology, be specifically related to data encryption, access control and searching ciphertext technology, can For realizing fine-granularity access control, the safety of ciphertext data and efficient retrieval under cloud storage background.
Background technology
Popular along with cloud computing technology, increasing enterprise customer and individual by their local datastore to " sincere Real but curiosity " cloud server is to enjoy real-time, high-quality application from configurable computer resource sharing pond And service.Therefore, data storage service becomes one of most basic service in cloud computing application, and cloud storage service decreases this The burden of ground storage management, it is to avoid expense in software and hardware facilities and personnel's maintenance, but Cloud Server cannot be rented to cloud Family confirms that it has believable storage capacity.Cloud storage brings huge facility to cloud tenant, and improve data and service can By property and reliability, but the most inevitably bring the risk that data-privacy reveals simultaneously.
In cloud storage, the most compromised for ensureing the privacy of data, encryption storage is the most original method.Cloud tenant is to bright After literary composition data encryption, upload to cloud server CSP with ciphertext form.Although data encryption system can ensure data safety, But the data of ciphertext form are while hiding Sensitive data content, data file is also made to lose the ability being retrieved. In this case, if cloud tenant requires to look up certain document in ciphertext data set, then need to download whole ciphertext data Collect and decipher, it is clear that this mode can cause great network overhead and computing cost.For an above-mentioned difficult problem, the most most popular One of solution is namely based on the encryption SE technology that can search for of keyword, and this retrieval technique permission user had by keyword Optionally retrieve data file, substantially increase recall precision.
And the safety developing into searching ciphertext technology of cloud storage proposes new requirement, evoke sending out of cipher theory Exhibition.Come from this, a kind of can realize being suggested based on encryption attribute ABE technology of fine-granularity access control.Encryption attribute agreement Encryption attribute agreement CP-ABE of Ciphertext policy and encryption attribute agreement KP-ABE of key strategy can be divided into.Define from both From the point of view of, CP-ABE agreement is substantially better than KP-ABE agreement, this is because in CP-ABE agreement, encipherer solves without specifying certain Close person is as unique deciphering person, and is dependent on one group of attribute and an access control policy, if the community set of cloud tenant The access control policy specified, then the private key decrypting ciphertext that cloud tenant can generate can be met according to property set;This agreement simultaneously There is enough flexibilities, it is possible to realize the access privilege control of cloud tenant at multi-user scene.Therefore, based on attribute search Rope encryption technology achieves the secrecy of data and shares and fine-grained access control function.
Although the existing encryption technology that can search for achieves the searching ciphertext of single keyword, but this mechanism can produce huge Big computing cost and the incoherent ciphertext of return, thus waste substantial amounts of bandwidth and calculate resource.Based on this, design is supported many The searching ciphertext technology of keyword is particularly important.On the one hand, multiple key search statement can be pin-pointed to required Document ciphertext;On the other hand good user's search experience is provided the user.And existing based on attribute can search for encryption Technology can only support single key search, the most not yet considers to there is multiple data owner's scene.More complicated in order to be applicable to Application scenarios and meet the more application demand of cloud tenant, expand to can search for by attribute encryption technology the most safely and efficiently It encipherment scheme is the key point of cryptographic algorithm design.
Summary of the invention
Present invention aims to the defect of above-mentioned prior art, propose a kind of base under many data owners background In the multiple key cipher text retrieval method of attribute, with under more complicated multiple-user retrieval application scenarios, reduce the calculating of retrieval Expense, accurately carries out multiple key searching ciphertext.
For achieving the above object, the cryptography scheme that the present invention uses includes:
(1) system initialization: third party's trusted servers TTS generates PKI pk, master key mk and conventional encryption algorithm Symmetric key Φ;
(2) private key generates: third party's trusted servers TTS is according to the property set S of data user DU, master key mk, PKI The access structure P of pk and data owner DO generates private key sk;
(3) index is set up: data owner DO symmetric key Ф encrypted document, generates ciphertext C, then according to accessing knot Structure P and set of keywords W are that index I set up by document, finally ciphertext C and index I are uploaded to Cloud Server CSP;
(4) trapdoor generates: data user DU generates trapdoor T according to key word of the inquiry collection W', and trapdoor T submits to cloud clothes Business device CSP;
(5) cipher text searching: trapdoor T and index I is mated, close for the document meeting matching condition by Cloud Server CSP Collected works RC is sent to data user DU.
Present invention have the advantage that
(1) present invention can support query on several keys under many data owners share the application scenarios of data, can be quickly Document ciphertext needed for location.
(2) ciphertext index constructed in the present invention and access structure, can alleviate the burden of local datastore management, real Existing fine-granularity access control.
(3) present invention uses the encryption attribute strategy of ciphertext on the basis of can search for encryption technology, can resist keyword Guessing attack and guarantee keyword privacy.
(4) method that the present invention provides has feasibility in actual application scenarios.
To sum up, the present invention uses the encryption attribute strategy of ciphertext on the basis of can search for encryption technology, gathers around in many data Under the person's of having scene, data user initiates query on several keys request, can be accurately positioned required ciphertext document, reduces local number According to the expense of storage management, and method can resist keyword guessing attack.
Accompanying drawing explanation
Fig. 1 is the actual scene figure of the present invention;
Fig. 2 be the present invention realize general flow chart;
Fig. 3 is the system initialization sub-process figure in the present invention;
Fig. 4 is the sub-process figure generating private key in the present invention;
Fig. 5 is to set up index in the present invention and generate the schematic diagram of ciphertext;
Fig. 6 is the schematic diagram generating trapdoor in the present invention;
Fig. 7 is the sub-process figure searching for ciphertext in the present invention.
Detailed description of the invention
With reference to Fig. 1, the present invention is as a example by individual health record PHR storage system, and this actual scene includes four entities: can Letter third party TTS, Cloud Server CSP, multiple data owner DO and data user DU.Trusted third party TTS generates PKI Pk, private key sk and symmetric key Φ;Cloud Server CSP is used for storing data ciphertext;Multiple data owner DO, such as patient It is responsible for encrypted document and creates index;Data user DU, such as doctor may search for ciphertext.
With reference to Fig. 2, the present invention is multiple key searching ciphertext based on attribute under many data owners background, and it realizes step Suddenly include the following:
Step 1, system initialization
Reference Fig. 3, being implemented as follows of this step:
(1a) third party's trusted servers TTS, is calculated PKI pk=according to overall situation common parameter Q and property set U (G1,G2,e,h1,h2, q, g, X, Y, Z), master key mk=(α, beta, gamma) and symmetric key Φ, this symmetric key Φ are by passing System symmetric encipherment algorithm is calculated;Wherein G1Being q rank addition cyclic groups, g is G1Generation unit, G2It is q factorial method cyclic group, e It is bilinear map G1×G1→G2, h1Representing will set { 0,1}*It is mapped to G1Hash function, h2Representing will set { 0,1}*Reflect It is mapped to ZqHash function, ZqBeing q rank integer items, X represents the first intermediate variable: X=gα, Y represents the second intermediate variable: Y=gβ, Z represents the 3rd intermediate variable: Z=gγ, α represents the first random number: α ∈ Zq, β represents the second random number β ∈ Zq, γ represents Three random numbers: γ ∈ Zq
(1b) PKI and symmetric key are sent to data owner and data user by third party's trusted servers TTS;
(1c) third party's trusted servers TTS this locality preserves PKI and master key.
Step 2, generates private key
With reference to Fig. 4, being accomplished by of this step
(2a) data user DU submits property set S to third party's trusted servers TTS;
(2b) data owner DO is that document D specifies access structure P, this access structure P to be a kind of tree structures, in tree Each node includes multinomial and threshold value:
(2b1) it is that root node r chooses multinomial qr(v) and threshold value krV (), wherein v is independent variable, as independent variable v=0 Time, qr(0)=r2, threshold value krScope 1≤the k of (v)r(v)≤numr, numrRepresent root node r child node number;
(2b2) it is that non-leaf nodes x chooses multinomial qx(v) and threshold value kx(v), multinomial qxV () meets following bar Part:
dx(v)=kx(v)-1,
qx(0)=qparent(x)(index(x));
Wherein dxV () represents qxThe degree of polynomial of (v), and as independent variable v=0, qx(0)=qparent(x)(index (x)), parent (x) represents the father node of node x, and index (x) represents the order of parent (x) child node, threshold value kx(v) Scope 1≤kx(v)≤numx, numxRepresent node x child node number;
(2b3) it is that leaf node chooses multinomial qy(v) and threshold value ky(v), wherein multinomial qy(v)=S, threshold value ky(v)=1;
(2c) whether third party's trusted servers TTS checking property set S meets data owner DO and refers at index setting up Fixed access structure P:
If being unsatisfactory for, then it is assumed that this data user is illegal, terminate;
If meeting, then third party's trusted servers TTS will be calculated private key: sk=(π, { λjj})j∈S
Wherein π represents the 4th intermediate variable: π=g(αγ-r)/β, λjRepresent the 5th intermediate variable:μjRepresent 6th intermediate variable:R represents the 4th random number: r ∈ Zq, rjRepresent the 5th random number: rj∈Zq, attribute j ∈ S;
(2d) the data user DU that this private key is sent to by third party's trusted servers TTS.
Step 3, sets up index
With reference to Fig. 5, being accomplished by of this step
(3a) every record d in document D is set up set of keywords W by data owner DO respectivelydWith key word index I:
Wd={ w1,...,wi,...,wm,
I={I1,...,Ii,...,Im};
Wherein wiRepresent set of keywords WdI-th keyword, i ∈ 1 ..., m}, m represent the quantity of set of keywords;IiTable Show the keyword w of correspondenceiIndex, if IiValue be not 0, represent record d contain keyword wi;Otherwise, there is not this pass in expression Key word wi
(3b) data owner DO with PKI pk to set of keywords WdIt is encrypted as:Wherein δiExpression is public Key pk cryptography key word wiAfter ciphertext, Represent the 7th intermediate variable: Represent in the middle of the 8th Variable: Represent the 9th intermediate variable:r1Represent the 6th random number: r1∈Zq, r2Represent that the 7th is random Number: r2∈Zq
(3c) data owner DO leaf node attribute in public key encryption access structure P: { δyy}y∈ln, wherein δyTable Show the tenth intermediate variable:θyRepresent the 11st intermediate variable:Att (y) represents leaf knot The property value of point, ln represents that leafy node set, y represent the leaf node in ln, qy(0) represent that leaf node multinomial is from becoming Value when measuring 0;
(3d) data owner DO uploads to Cloud Server CSP index I and document ciphertext C, wherein indexesC=EncΦ(d), wherein EncΦD record d is added by () expression symmetric key Φ Close.
Step 4, generates trapdoor
With reference to Fig. 6, being accomplished by of this step
(4a) data user DU submits key word of the inquiry collection W'={w to1',...,wj',...,wt', wherein wj' represent be Jth key word of the inquiry in key word of the inquiry collection W', j ∈ 1 ..., t}, t represent W' key word of the inquiry collection quantity;
(4b) data user DU according to key word of the inquiry collection W', private key sk and property set S calculate generate trapdoor: T=(S, T1,T2,T3,{λj',μj'}j∈S), wherein T1Represent the 13rd intermediate variable:S represents the 8th random number: s∈Zq, T2Represent the 14th intermediate variable: T2=g, T3Represent the 15th intermediate variable: T3s, λj' represent in the middle of the 16th Variable:μj' expression the 17th intermediate variable:
(4c) data user DU submits trapdoor T to Cloud Server CSP.
Step 5, cipher text searching
With reference to Fig. 7, being accomplished by of this step
(5a) data user submits to property value S and trapdoor T to Cloud Server CSP;
(5b) the most satisfied access structure P specified of the property value S of Cloud Server CSP checking data user:
If being unsatisfactory for, representing that user is illegal, terminating;
If data user property value S meets access structure P, then perform step (5c);
(5c) intermediate quantity D of root node is calculated according to recursive algorithmr
(5c1) leaf node intermediate quantity is calculated:Wherein qy(0) table Leaf node multinomial q when showing independent variable v=0yThe value of (v);
(5c2) root node intermediate quantity is calculated:If access structure P only has two-layer, now child node Intermediate quantity DxEqual to leafy node intermediate quantity Dy, can solveTerminate recurrence;Otherwise to DxCall and pass Pushing-typeContinue to solve, during until recurrence is to the father node of leaf node, can solveTerminate recurrence;Wherein operatorI table index (x), ψxRepresent x node Random child node set, | ψx|=kx(v), | ψx| represent set ψxSize, j be set ψxIn element;OperatorX' is the child node of node x, ψx'Represent the random child node set of x' node, | ψx'|=kx' (v), | ψx'| represent set ψx'Size;
(5d) according to intermediate quantity D of root noderObtain following two expression formulas:
First expression formula:
Second expression formula:
(5e) Cloud Server CSP judges whether trapdoor T and index I mates, and i.e. judges Whether set up:
If equation is unequal, then terminate;
If equation is equal, Cloud Server CSP sends inquiry ciphertext to the data user meeting matching condition.
Above description is only example of the present invention, does not constitute any limitation of the invention.Obviously for this For the professional in field, after understanding present invention and principle, all may be before without departing substantially from the principle of the invention, structure Put, carry out correction and the improvement of algorithm, but these corrections based on inventive algorithm and improvement are wanted in the right of the present invention Within seeking protection domain.

Claims (7)

1. multiple key cipher text retrieval method based on attribute under more than data owner background, including:
(1a) system initialization: third party's trusted servers TTS generates the right of PKI pk, master key mk and conventional encryption algorithm Claim key Φ;
(1b) private key generates: third party's trusted servers TTS according to the property set S of data user DU, master key mk, PKI pk with And the access structure P of data owner DO generates private key sk;
(1c) index is set up: data owner DO symmetric key Φ encrypted document, generates ciphertext C, then according to access structure P It is that index I set up by document with set of keywords W, finally ciphertext C and index I is uploaded to Cloud Server CSP;;
(1d) trapdoor generates: data user DU generates trapdoor T according to key word of the inquiry collection W', and trapdoor T is submitted to cloud service Device CSP;
(1e) cipher text searching: trapdoor T and index I is mated, the document ciphertext collection meeting matching condition by Cloud Server CSP RC is sent to data user DU.
Method the most according to claim 1, wherein in step (1a), PKI pk, master key mk are expressed as follows:
Pk=(G1,G2,e,h1,h2, q, g, X, Y, Z),
Mk=(α, β, γ);
Wherein G1Being q rank addition cyclic groups, g is G1Generation unit, G2Being q factorial method cyclic group, e is bilinear map G1×G1→ G2, h1Representing will set { 0,1}*It is mapped to G1Hash function, h2Representing will set { 0,1}*It is mapped to ZqHash function, Zq Being q rank integer items, X represents the first intermediate variable: X=gα, Y represents the second intermediate variable: Y=gβ, Z represents the 3rd intermediate variable: Z=gγ, α represents the first random number: α ∈ Zq, β represents the second random number β ∈ Zq, γ represents the 3rd random number: γ ∈ Zq
Method the most according to claim 1, the wherein foundation of access structure P and the generation of private key sk in step (1b), press Following steps are carried out:
(1b1) access structure P is a kind of tree structure, and each node in tree includes multinomial and threshold value;Select for root node r Take multinomial qr(v) and threshold value kr(v), wherein v is independent variable, as independent variable v=0, qr(0)=r2, threshold value kr(v) Scope 1≤kr(v)≤numr, numrRepresent root node r child node number;
(1b2) it is that non-leaf nodes x chooses multinomial qx(v) and threshold value kx(v), multinomial qxV () meets following condition:
dx(v)=kx(v)-1,
qx(0)=qparent(x)(index(x));
Wherein dxV () represents qxThe degree of polynomial of (v), and as independent variable v=0, qx(0)=qparent(x)(index (x)), Parent (x) represents the father node of node x, and index (x) represents the order of parent (x) child node, threshold value kxThe model of (v) Enclose 1≤kx(v)≤numx, numxRepresent node x child node number;
(1b3) it is that leaf node chooses multinomial qy(v) and threshold value ky(v), wherein multinomial qy(v)=S, threshold value ky(v) =1;
(1b4) expression formula of private key is as follows:
Sk=(π, { λjj})j∈S
Wherein π represents the 4th intermediate variable: π=g(αγ-r)/β, λjRepresent the 5th intermediate variable:μjRepresent the 6th Intermediate variable:R represents the 4th random number: r ∈ Zq, rjRepresent the 5th random number: rj∈Zq, attribute j ∈ S.
Method the most according to claim 1, wherein sets up index I and generates ciphertext C, entering as follows in step (1c) OK:
(1c1) every record d in document D is set up set of keywords W by data owner DO respectivelydWith key word index I:
Wd={ w1,...,wi,...,wm,
I={I1,...,Ii,...,Im};
Wherein wiRepresent set of keywords WdI-th keyword, i ∈ 1 ..., m}, m represent the quantity of set of keywords;IiIt is right to represent The keyword w answerediIndex, if IiValue be not 0, represent record d contain keyword wi;Otherwise, there is not this keyword in expression wi
(1c2) data owner DO with PKI pk to set of keywords WdIt is encrypted as:
Wherein δiRepresent with PKI pk cryptography key word wiAfter ciphertext, Represent the 7th intermediate variable: Represent the 8th intermediate variable: Represent the 9th intermediate variable:r1Represent the 6th random number: r1∈Zq, r2Represent the 7th random number: r2∈Zq
(1c3) in data owner DO public key encryption access structure P, leaf node attribute is:
yy}y∈ln
Wherein δyRepresent the tenth intermediate variable:θyRepresent the 11st intermediate variable:att Y () represents the property value of leafy node, ln represents leafy node set, and y represents the leaf node in ln, qy(0) leaf is represented Node multinomial independent variable takes value when 0;
(1c4) data owner DO generation index I is:
(1c5) ciphertext C of data owner DO encryption is: C=EncΦ(d), wherein EncΦ(d) expression with symmetric key Φ to note Record d is encrypted.
Method the most according to claim 1, the wherein generation of trapdoor T in step (1d), carry out as follows:
(1d1) data user DU submission key word of the inquiry collection:
W'={w1',...,wj',...,wt'};
Wherein wj' represent it is jth key word of the inquiry in key word of the inquiry collection W', j ∈ 1 ..., t}, t represent W' inquiry key Word collection quantity;
(1d2) data user DU calculates according to key word of the inquiry collection W', private key sk and property set S and generates trapdoor:
T=(S, T1,T2,T3,{λj',μj'}j∈S);
Wherein T1Represent the 13rd intermediate variable:S represents the 8th random number: s ∈ Zq, T2Represent the 14th Intermediate variable: T2=g, T3Represent the 15th intermediate variable: T3s, λj' expression the 16th intermediate variable:μj' Represent the 17th intermediate variable:j∈S。
Method the most according to claim 1, wherein mates, as follows trapdoor T and index I in step (1e) Carry out:
(1e1), after Cloud Server CSP gets data user's inquiry request, whether the property set S of checking data user meets refers to Fixed access structure P, if being unsatisfactory for, terminates inquiry;
If (1e2) data user's property set S meets access structure P, then calculate intermediate quantity D of root node according to recursive algorithmr:
(1e3) according to intermediate quantity D of root noderObtain following two expression formulas:
First expression formula:
Second expression formula:
(1e4) Cloud Server CSP judges trapdoor T=(S, T1,T2,T3,{λj',μj'}j∈S) and indexWhether mate, i.e. judgeWhether become Vertical, if equation is unequal, then terminate;If equation is equal, Cloud Server CSP sends inquiry to the data user meeting matching condition Ciphertext.
Method the most according to claim 6, the wherein centre being calculated root node by recursive algorithm described in step (1e2) Amount Dr, carry out as follows:
(1e21) leaf node intermediate quantity is calculated:Wherein qy(0) represent certainly Leaf node multinomial q during variable v=0yThe value of (v);
(1e22) root node intermediate quantity is calculated:If access structure P only has two-layer, now in child node Area of a room DxEqual to leafy node intermediate quantity Dy, can solveTerminate recurrence;Otherwise to DxCall recursion FormulaContinue to solve, during until recurrence is to the father node of leaf node, can solveTerminate recurrence;Wherein operatorI table index (x), ψxRepresent x node Random child node set, | ψx|=kx(v), | ψx| represent set ψxSize, j be set ψxIn element;OperatorX' is the child node of node x, ψx'Represent the random child node set of x' node, | ψx'|=kx' (v), | ψx'| represent set ψx'Size.
CN201610188151.3A 2016-03-29 2016-03-29 Multiple key cipher text retrieval method under more data owner's backgrounds based on attribute Active CN105871543B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610188151.3A CN105871543B (en) 2016-03-29 2016-03-29 Multiple key cipher text retrieval method under more data owner's backgrounds based on attribute

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610188151.3A CN105871543B (en) 2016-03-29 2016-03-29 Multiple key cipher text retrieval method under more data owner's backgrounds based on attribute

Publications (2)

Publication Number Publication Date
CN105871543A true CN105871543A (en) 2016-08-17
CN105871543B CN105871543B (en) 2019-02-15

Family

ID=56626398

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610188151.3A Active CN105871543B (en) 2016-03-29 2016-03-29 Multiple key cipher text retrieval method under more data owner's backgrounds based on attribute

Country Status (1)

Country Link
CN (1) CN105871543B (en)

Cited By (27)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106559422A (en) * 2016-11-10 2017-04-05 西安电子科技大学 Multidimensional ciphertext interval query method based on key agreement
CN106657059A (en) * 2016-12-21 2017-05-10 哈尔滨工业大学深圳研究生院 Database query method and system having access control function
CN107291851A (en) * 2017-06-06 2017-10-24 南京搜文信息技术有限公司 Ciphertext index building method and its querying method based on encryption attribute
CN107395568A (en) * 2017-06-21 2017-11-24 西安电子科技大学 A kind of cipher text retrieval method of more data owner's certifications
CN107958163A (en) * 2017-12-07 2018-04-24 江苏大学 Real-time dynamic data secure storage management system based on cloud platform
CN108156140A (en) * 2017-12-13 2018-06-12 西安电子科技大学 A kind of multiple key that numerical attribute is supported to compare can search for encryption method
CN108599937A (en) * 2018-04-20 2018-09-28 西安电子科技大学 A kind of public key encryption method that multiple key can search for
CN109086615A (en) * 2018-08-03 2018-12-25 上海海事大学 A kind of support multiple key search public key encryption method of anti-keyword guessing attack
CN109299804A (en) * 2018-11-19 2019-02-01 安徽师范大学 Medical appointment registration system with doctor's function of search
CN109740362A (en) * 2019-01-03 2019-05-10 中国科学院软件研究所 A kind of ciphertext index generation and search method and system based on entropy coding
CN109981736A (en) * 2019-02-22 2019-07-05 南京理工大学 A kind of dynamic public audit method for supporting user and Cloud Server to trust each other
CN110222081A (en) * 2019-06-08 2019-09-10 西安电子科技大学 Data cryptogram search method based on fine granularity sequence under multi-user environment
CN110224986A (en) * 2019-05-07 2019-09-10 电子科技大学 It is a kind of that access control method efficiently can search for based on hiding strategy CP-ABE
CN110427771A (en) * 2019-06-25 2019-11-08 西安电子科技大学 What a kind of search modes were hidden can search for encryption method, Cloud Server
CN111027084A (en) * 2019-12-09 2020-04-17 湖南大学 Fine-grained authorized keyword security query method based on attribute-based encryption
CN111177787A (en) * 2020-01-02 2020-05-19 西北工业大学 Attribute-based connection keyword searching method in multi-data owner environment
CN107948146B (en) * 2017-11-20 2020-07-17 武汉科技大学 Connection keyword retrieval method based on attribute encryption in hybrid cloud
CN111444140A (en) * 2020-03-24 2020-07-24 东南大学 CPBE-based file ciphertext fast searching method
CN111556048A (en) * 2020-04-26 2020-08-18 山东师范大学 Attribute-based secure communication method and system supporting ciphertext mode matching
CN111614470A (en) * 2020-05-27 2020-09-01 贵州大学 Verifiable multi-keyword search method based on improved Merkle-Tree authentication method
CN111930688A (en) * 2020-09-23 2020-11-13 西南石油大学 Method and device for searching secret data of multi-keyword query in cloud server
CN112100649A (en) * 2020-08-06 2020-12-18 华南理工大学 Multi-keyword searchable encryption method and system supporting Boolean access control strategy
CN112311781A (en) * 2020-10-23 2021-02-02 西安电子科技大学 Encryption method with safe forward and backward direction and recoverable keyword shielding
CN112380553A (en) * 2020-11-25 2021-02-19 华南理工大学 Multi-key searchable encryption method and system based on attribute access control structure
CN114244498A (en) * 2021-12-06 2022-03-25 国网河南省电力公司电力科学研究院 Dynamic searchable public key encryption method with forward security
CN115174568A (en) * 2022-06-23 2022-10-11 南京信息工程大学 Attribute-based ciphertext retrieval method
CN116910788A (en) * 2023-08-15 2023-10-20 广州粤建三和软件股份有限公司 Searchable encryption management method and device for service data and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103944711A (en) * 2014-02-17 2014-07-23 国家超级计算深圳中心 Cloud storage ciphertext retrieval method and system
CN104363215A (en) * 2014-11-04 2015-02-18 河海大学 Encryption method and system based on attributes
CN104780161A (en) * 2015-03-23 2015-07-15 南京邮电大学 Searchable encryption method supporting multiple users in cloud storage
CN104852801A (en) * 2015-02-13 2015-08-19 陕西师范大学 Searchable public key encryption method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103944711A (en) * 2014-02-17 2014-07-23 国家超级计算深圳中心 Cloud storage ciphertext retrieval method and system
CN104363215A (en) * 2014-11-04 2015-02-18 河海大学 Encryption method and system based on attributes
CN104852801A (en) * 2015-02-13 2015-08-19 陕西师范大学 Searchable public key encryption method
CN104780161A (en) * 2015-03-23 2015-07-15 南京邮电大学 Searchable encryption method supporting multiple users in cloud storage

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
WENHAI SUN∗†: "Protecting Your Right: Attribute-based Keyword Search with Fine-grained Owner-enforced Search Authorization in the Cloud", 《IEEE INFOCOM 2014-IEEE CONFERENCE ON COMPUTER COMMUNICATIONS》 *

Cited By (37)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106559422A (en) * 2016-11-10 2017-04-05 西安电子科技大学 Multidimensional ciphertext interval query method based on key agreement
CN106559422B (en) * 2016-11-10 2019-04-23 西安电子科技大学 Multidimensional ciphertext interval query method based on key agreement
WO2018113563A1 (en) * 2016-12-21 2018-06-28 哈尔滨工业大学深圳研究生院 Database query method and system having access control function
CN106657059A (en) * 2016-12-21 2017-05-10 哈尔滨工业大学深圳研究生院 Database query method and system having access control function
CN107291851A (en) * 2017-06-06 2017-10-24 南京搜文信息技术有限公司 Ciphertext index building method and its querying method based on encryption attribute
CN107291851B (en) * 2017-06-06 2020-11-06 南京搜文信息技术有限公司 Ciphertext index construction method based on attribute encryption and query method thereof
CN107395568A (en) * 2017-06-21 2017-11-24 西安电子科技大学 A kind of cipher text retrieval method of more data owner's certifications
CN107948146B (en) * 2017-11-20 2020-07-17 武汉科技大学 Connection keyword retrieval method based on attribute encryption in hybrid cloud
CN107958163A (en) * 2017-12-07 2018-04-24 江苏大学 Real-time dynamic data secure storage management system based on cloud platform
CN108156140A (en) * 2017-12-13 2018-06-12 西安电子科技大学 A kind of multiple key that numerical attribute is supported to compare can search for encryption method
CN108156140B (en) * 2017-12-13 2020-10-30 西安电子科技大学 Multi-keyword searchable encryption method supporting numerical value attribute comparison
CN108599937A (en) * 2018-04-20 2018-09-28 西安电子科技大学 A kind of public key encryption method that multiple key can search for
CN108599937B (en) * 2018-04-20 2020-10-09 西安电子科技大学 Multi-keyword searchable public key encryption method
CN109086615A (en) * 2018-08-03 2018-12-25 上海海事大学 A kind of support multiple key search public key encryption method of anti-keyword guessing attack
CN109299804A (en) * 2018-11-19 2019-02-01 安徽师范大学 Medical appointment registration system with doctor's function of search
CN109740362A (en) * 2019-01-03 2019-05-10 中国科学院软件研究所 A kind of ciphertext index generation and search method and system based on entropy coding
CN109981736A (en) * 2019-02-22 2019-07-05 南京理工大学 A kind of dynamic public audit method for supporting user and Cloud Server to trust each other
CN109981736B (en) * 2019-02-22 2021-09-21 南京理工大学 Dynamic public auditing method supporting mutual trust of user and cloud server
CN110224986A (en) * 2019-05-07 2019-09-10 电子科技大学 It is a kind of that access control method efficiently can search for based on hiding strategy CP-ABE
CN110222081A (en) * 2019-06-08 2019-09-10 西安电子科技大学 Data cryptogram search method based on fine granularity sequence under multi-user environment
CN110222081B (en) * 2019-06-08 2022-04-19 西安电子科技大学 Data ciphertext query method based on fine-grained sequencing in multi-user environment
CN110427771A (en) * 2019-06-25 2019-11-08 西安电子科技大学 What a kind of search modes were hidden can search for encryption method, Cloud Server
CN111027084A (en) * 2019-12-09 2020-04-17 湖南大学 Fine-grained authorized keyword security query method based on attribute-based encryption
CN111177787A (en) * 2020-01-02 2020-05-19 西北工业大学 Attribute-based connection keyword searching method in multi-data owner environment
CN111177787B (en) * 2020-01-02 2022-12-06 西北工业大学 Attribute-based connection keyword searching method in multi-data owner environment
CN111444140A (en) * 2020-03-24 2020-07-24 东南大学 CPBE-based file ciphertext fast searching method
CN111556048A (en) * 2020-04-26 2020-08-18 山东师范大学 Attribute-based secure communication method and system supporting ciphertext mode matching
CN111556048B (en) * 2020-04-26 2022-04-01 山东师范大学 Attribute-based secure communication method and system supporting ciphertext mode matching
CN111614470A (en) * 2020-05-27 2020-09-01 贵州大学 Verifiable multi-keyword search method based on improved Merkle-Tree authentication method
CN112100649A (en) * 2020-08-06 2020-12-18 华南理工大学 Multi-keyword searchable encryption method and system supporting Boolean access control strategy
CN111930688A (en) * 2020-09-23 2020-11-13 西南石油大学 Method and device for searching secret data of multi-keyword query in cloud server
CN112311781B (en) * 2020-10-23 2021-11-12 西安电子科技大学 Encryption method with safe forward and backward direction and recoverable keyword shielding
CN112311781A (en) * 2020-10-23 2021-02-02 西安电子科技大学 Encryption method with safe forward and backward direction and recoverable keyword shielding
CN112380553A (en) * 2020-11-25 2021-02-19 华南理工大学 Multi-key searchable encryption method and system based on attribute access control structure
CN114244498A (en) * 2021-12-06 2022-03-25 国网河南省电力公司电力科学研究院 Dynamic searchable public key encryption method with forward security
CN115174568A (en) * 2022-06-23 2022-10-11 南京信息工程大学 Attribute-based ciphertext retrieval method
CN116910788A (en) * 2023-08-15 2023-10-20 广州粤建三和软件股份有限公司 Searchable encryption management method and device for service data and storage medium

Also Published As

Publication number Publication date
CN105871543B (en) 2019-02-15

Similar Documents

Publication Publication Date Title
CN105871543A (en) Attribute-based multi-keyword ciphertext retrieval method under background of multiple data owners
CN107634829A (en) Encrypted electronic medical records system and encryption method can search for based on attribute
Xue et al. An attribute-based controlled collaborative access control scheme for public cloud storage
WO2016106752A1 (en) Shared data access control method, device and system
CN104883254B (en) Towards the ciphertext access control system and its access control method of cloud computing platform
WO2016197680A1 (en) Access control system for cloud storage service platform and access control method therefor
CN112765650A (en) Attribute-based searchable encryption block chain medical data sharing method
CN106559422B (en) Multidimensional ciphertext interval query method based on key agreement
CN107395568A (en) A kind of cipher text retrieval method of more data owner's certifications
CN104468615A (en) Data sharing based file access and permission change control method
CN108156138A (en) A kind of fine granularity calculated for mist can search for encryption method
CN110866135B (en) Response length hiding-based k-NN image retrieval method and system
CN108632385B (en) Time sequence-based cloud storage privacy protection method for multi-branch tree data index structure
CN111143471A (en) Ciphertext retrieval method based on block chain
CN111147508B (en) Searchable attribute-based encryption method for resisting keyword guessing attack
CN106612169A (en) Safe data sharing method in cloud environment
CN112511599A (en) Civil air defense data sharing system and method based on block chain
Kaushik et al. Multi-user attribute based searchable encryption
CN107294701A (en) The multidimensional ciphertext interval query device and querying method managed with efficient key
CN105790929B (en) Access control method in a kind of encryption environment that rule-based redundancy is eliminated
CN107360252A (en) A kind of Data Access Security method that isomery cloud domain authorizes
CN116663046A (en) Private data sharing and retrieving method, system and equipment based on blockchain
CN108632257B (en) Method and system for acquiring encrypted health record supporting hierarchical search
CN114640458B (en) Fine granularity multi-user security searchable encryption method in cloud-edge cooperative environment
CN110599376A (en) Course selection system based on attribute password

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant