CN108156138A - A kind of fine granularity calculated for mist can search for encryption method - Google Patents

A kind of fine granularity calculated for mist can search for encryption method Download PDF

Info

Publication number
CN108156138A
CN108156138A CN201711329739.7A CN201711329739A CN108156138A CN 108156138 A CN108156138 A CN 108156138A CN 201711329739 A CN201711329739 A CN 201711329739A CN 108156138 A CN108156138 A CN 108156138A
Authority
CN
China
Prior art keywords
key
represent
node
terminal user
mist
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201711329739.7A
Other languages
Chinese (zh)
Other versions
CN108156138B (en
Inventor
苗银宾
马建峰
伍祈应
王祥宇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xidian University
Original Assignee
Xidian University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University filed Critical Xidian University
Priority to CN201711329739.7A priority Critical patent/CN108156138B/en
Publication of CN108156138A publication Critical patent/CN108156138A/en
Application granted granted Critical
Publication of CN108156138B publication Critical patent/CN108156138B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/065Network architectures or network communication protocols for network security for supporting key management in a packet data network for group communications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Abstract

The invention discloses a kind of fine granularities calculated for mist can search for encryption method, using Ciphertext policy attribute encryption technology and can search for encryption technology, establish cloud and mist terminal user's architecture, and using Ciphertext policy attribute encryption technology and can search for encryption technology, mist node is allowed to share the computation burden of terminal user as agency, terminal user can be quickly generated trapdoor and decryption ciphertext, it is achieved thereby that lightweight can search for encrypting, support fine-granularity access control simultaneously, only legal data user could carry out searching ciphertext, it has broad application prospects in actual scene, realize fine-granularity access control, only legal data user could carry out searching ciphertext, it has broad prospects in actual scene.

Description

A kind of fine granularity calculated for mist can search for encryption method
Technical field
The invention belongs to field of information security technology, and in particular to the attribute encryption technology of Ciphertext policy and can search for encrypting Technology fine-grained can search for encrypting available for realizing under calculating background in mist.
Background technology
Internet of Things be it is a kind of object can be connected to the technology that internet makes it more intelligent, as networked devices are continuous Increase, the mass data of generation can be stored and be calculated by cloud computing, by terminal user from heavy plant maintenance and It is freed in data management.However, traditional cloud computing is there is the problems such as network architecture poor mobility and high time delay, this Very big challenge is brought to the development of Internet of Things.Mist calculates the edge that cloud computing is expanded to network, and mist node is as Internet of Things Net and the intermediary of cloud computing, can solve Internet of Things and cloud computing combines caused terminal node request delay, cloud service The problems such as device stores and computation burden is overweight, network transmission bandwidth pressure is excessive.Therefore, mist is calculated with before wide application Scape.
However, mist calculating new challenge is also brought to the safety of data while offering convenience, when sensitive data with When the form of plaintext is contracted out to mist node and Cloud Server, data, may departing from the direct physical control of data owner Severe security risk is brought by malicious attack.Common solution is that data are added before data are uploaded Close, further, to realize fine-grained access control, data owner wishes the terminal user's ability for only meeting condition Decrypt ciphertext, Identity based encryption technology, the attribute encryption technology of key strategy and the attribute encryption technology of Ciphertext policy It is suggested in succession.Although encryption ensure that the confidentialities of data to a certain extent, but also cause traditional plaintext retrieval technique without Method is applied in ciphertext.Can search for encryption technology proposition allows terminal user that can carry out keyword query in ciphertext, not only It ensure that the safety of data, and can quickly navigate to data user's document of interest.For this purpose, by combining Ciphertext policy Attribute encryption technology and can search for the encryption technology that can search for of Ciphertext policy of encryption technology proposition and not only realize efficiently Searching ciphertext, and support fine-grained access control.
The complexity of the calculating that can search for encryption technology of existing Ciphertext policy and storage overhead and access strategy is into just Than this brings significant limitation to the limited internet of things equipment of computing resource.By establishing cloud-mist-terminal user's system Structure, allow mist in calculating each mist node share a large amount of calculating as agency, the internet of things equipment for making resource limited can be quick Ground generates trapdoor and decryption ciphertext.Therefore, how to be designed in the case where mist calculates background and realize that the fine granularity of lightweight can search for encrypting Method becomes the critical issue for being badly in need of solving.
Invention content
In view of the deficienciess of the prior art, the present invention utilizes the attribute encryption technology of Ciphertext policy and can search for encryption skill Art, it is proposed that a kind of fine granularity calculated for mist can search for encryption method.The present invention establishes cloud-mist-terminal user's system knot Structure, and using Ciphertext policy attribute encryption technology and can search for encryption technology, allow mist node as agency share terminal user Computation burden, terminal user can be quickly generated trapdoor and decryption ciphertext, it is achieved thereby that lightweight can search for plus It is close, while support fine-granularity access control, only legal data user could carry out searching ciphertext, have in actual scene Have broad application prospects.
To achieve these goals, the technical solution adopted by the present invention is that a kind of fine granularity calculated for mist can search for Encryption method includes the following steps:
Step 1, system initialization:Key generation centre KGC generates common parameter pm and master key according to security parameter k msk;
Step 2, key generation:Key generation centre KGC generates mist node public key PK for mist nodeFN, mist node database Associated public keyWith the terminal user list UL of mandate, when new terminal user adds in terminal user list UL, key Generation center KGC is according to the identity information ID of terminal userEUWith terminal user's property setTerminal is generated to use Family public key PKEUWith end-user database associated public keyAnd it is divided into generation terminal user for terminal user and mist node Private key SKEUWith mist node private key SKFN, and by terminal user's private key SKEUTerminal user is sent to, by mist node private key SKFNIt sends Give mist node;
Step 3, encrypting stage:Data owner utilizes set of symmetric keys { sτBy plain text document collection F={ F1..., Fτ} It is encrypted to ciphertext document sets C={ C1..., Cτ, data owner establishes access control structure P, and access control structure P is sent out Mist node, mist node and terminal user are given by interaction, by set of symmetric keys { sτGeneration ciphertext key set is encryptedData owner utilizes access control structure P and set of keywords W generation indexed sets { Iτ, and by ciphertext key setIndexed set { IτAnd ciphertext document sets C={ C1..., CτCloud Server is sent to by mist node;
Step 4, trapdoor generation:When terminal user wants key word of the inquiry W', mist node verification terminal user whether In list of authorized users UL, if not existing, operation is terminated, otherwise, mist node and terminal user generate trapdoor T by interactionW', and By trapdoor TW'Cloud Server is sent to terminal user's property set S;
Step 5, cipher text searching:Cloud Server first verifies that whether terminal user's property set S meets access control structure P, If conditions are not met, terminate operation;Otherwise, Cloud Server is by trapdoor Tw'With indexed set { IτMatched, by the close of successful match Collected works C'={ CπAnd corresponding ciphertext key setIt is sent to mist node;
Step 6, ciphertext decryption:The ciphertext key set that mist node and terminal user are returned by interaction decryption To the set of symmetric keys { s of plaintextπ, according to set of symmetric keys { sπDecrypt the ciphertext collection C'={ C returnedπObtain collecting F' in plain text ={ Fπ}。
Further, in the step 1, common parameter
Master key msk=(x, y, { ti}i∈[1,n]);
Wherein G is p rank addition cyclic groups, g0,g1It is two of G different generations members, GTIt is p rank multiplicative cyclic groups, e is Bilinear map G × G → GT, H1It represents that { 0,1 } will be gathered*It is mapped to p rank integer items ZpHash function, x represent first with Machine number:x∈Zp, y the second random numbers of expression:y∈Zp, tiRepresent third random number:ti∈Zp, the value model of i ∈ [1, n] expressions i It encloses, system property collection U={ att1..., attn, attnRepresent n-th of system property.
Further, the step 2 specifically includes following steps:
The first step, key generation centre KGC generate mist node public key PK for mist nodeFN, mist node database associated public keyWith the terminal user list UL of mandate, wherein mist node public key PKFN=e (g0,g0)yr, mist node database associated public keyR represents the 4th random number, r ∈ Zp, the public random number of s expressions system, s ∈ Zp
Second step, when new terminal user adds in terminal user list UL, key generation centre KGC is according to terminal user Identity information IDEUWith terminal user's property setGenerate terminal user's public key PKEUAnd end-user listening data Library associated public keyWherein terminal user's public key PKEU=e (g0,g0)yu, end-user database associated public keyU represents the 5th random number:u∈Zp,Represent j-th of attribute of data user, j ∈ [1, m] value range of j is represented;
Third walks, and key generation centre KGC generates terminal user's private key SK for terminal userEU, mist section is generated for mist node Point private key SKFN, wherein terminal user's private key SKEU=(K0,{Kj,1}j∈[1,m], u), mist node private key SKFN=(K1,K2,K3, {Kj,2,Kj,3}j∈[1,m], r), K0Represent the first private key component:K1Represent the second private key component:K2 Represent third private key component:K3Represent the 4th private key component:ajRepresent the 6th random number, aj∈ Zp, Kj,1Represent the 5th private key component:Map ρ1It represents to map the attribute in the property set S of data user To the attribute of correspondence system property set U, i.e.,Kj,2Represent the 6th private key component:Kj,3 Represent the 7th private key component:bjRepresent the 7th random number, bj∈Zp, v the 8th random numbers of expression, v ∈ Zp
4th step, key generation centre KGC is by terminal user's private key SKEUTerminal user is sent to, by mist node private key SKFNIt is sent to mist node.
Further, the step 3 specifically includes following steps:
The first step, data owner utilize set of symmetric keys { sτBy plain text document collection F={ F1..., FτIt is encrypted to ciphertext Document sets C={ C1..., Cτ, data owner establishes access control structure P, and access control structure P is sent to some choosing Fixed mist node;
Second step, access control structure P are a kind of tree structures, and each node in tree includes multinomial and threshold value, Mist node chooses multinomial q for root node rr(v) and threshold value kr(v), wherein v is independent variable, as independent variable v=0, qr (0)=θ, θ represent the 9th random number, θ ∈ Zp, threshold value kr(v) 1≤k of ranger(v)≤numr, numrRepresent root node r Node number;
Third walks, and multinomial q is chosen for non-leaf nodes xx(v) and threshold value kx(v), multinomial qx(v) meet following item Part:
dx(v)=kx(v) -1,
qx(0)=qparent(x)(index(x));
Wherein dx(v) q is representedx(v) the degree of polynomial, and as independent variable v=0, qx(0)=qparent(x)(index (x)), parent (x) represents the father node of node x, and index (x) represents the sequence of parent (x) child node, threshold value kx (v) 1≤k of rangex(v)≤numx, numxRepresent node x child node numbers;
4th step chooses multinomial q for leaf node ll(v) and threshold value kl(v), wherein multinomial ql(v)=S, thresholding Value kl(v)=1;
5th step, mist node encrytion symmetric key sτObtain interim ciphertext ciphering key Tτ, and by interim ciphertext ciphering key TτIt sends To data owner, wherein interim ciphertext ciphering key Tτ=(CT1,CT2,{CTl}l∈L), CT1Represent the first interim ciphertext key: CT2Represent the second interim ciphertext key:CTlRepresent the interim ciphertext key of third:L Represent leaf node set;
6th step, data owner encrypt interim ciphertext ciphering key TτObtain ciphertext keyWhereinCT'1Represent the first ciphertext key:CT'2Represent that second is close Literary key:CT3Represent third ciphertext key:CCτRepresent the 4th ciphertext key: CCτ=sτ·e (g0,g0)yh, h the tenth random numbers of expression, h ∈ Zp
7th step, plain text document FτIn comprising set of keywords W, data owner is plain text document FτEstablish ciphertext index Iτ, Iτ=(I0,I1,{Il,1,Il,2}l∈L), wherein I0Represent the first index component, I0=e (g0,g0)ys, I1Represent the second index point Amount,Il,1Represent third index component,Il,2Represent the 4th index component, Il,2=(s-dl)/H1 (W), dlRepresent the 11st random number, dl∈Zp
8th step, data owner will and by ciphertext key setIndexed set { IτAnd ciphertext document sets C= {C1..., CτCloud Server is sent to by selected mist node.
Further, the step 4 specifically includes following steps:
The first step, when terminal user wants key word of the inquiry W', whether mist node verification terminal user is in authorized user In list UL, if not existing, operation is terminated, otherwise, turns second step;
Second step, mist node generation first stage trapdoor TW',1, and by first stage trapdoor TW',1It is sent to terminal user, Wherein first stage trapdoor TW',1=(T1,{Tj,1}j∈[1,m]), T1Represent the first component of first stage trapdoor,Tj,1 Represent the second component of first stage trapdoor,η represents the 12nd random number, η ∈ Zp
Third walks, and terminal user receives first stage trapdoor TW',1Generation second stage trapdoor T afterwardsW',2, and by second stage Trapdoor TW',2It is sent to mist node, wherein second stage trapdoor TW',2=(T0,T'1,{T'j,1,Tj,2}j∈[1,m]), T0Represent second First component of stage trapdoor, T0=u+ λ, T'1Represent the second component of second stage trapdoor,Represent the The third component of two-stage trapdoor,Tj,2Represent the 4th component of second stage trapdoor,λ Represent the 13rd random number, λ ∈ Zp
4th step, mist node receive second stage trapdoor TW',2Generation trapdoor T afterwardsW', and by trapdoor TW'Belong to terminal user Property collection S is sent to Cloud Server, whereinT'0Represent the first component of trapdoor, T'0=T0η+r,Represent the second component of trapdoor,Represent the third component of trapdoor,
Further, the step 5 specifically includes following steps:
The first step, whether Cloud Server verification terminal user's property set S meets access control structure P, if not satisfied, then eventually It only operates, terminates;If satisfied, turn second step;
Second step, Cloud Server are each attribute of terminal userCalculate the first intermediate variableWith the second intermediate variable
Wherein
Particularly, work as equationAnd H1(W')=H1(W) when setting up,
Wherein
Third walks, and Cloud Server matches trapdoor T according to following equationw'With indexed set { Iτ, by the ciphertext collection of successful match C' and corresponding ciphertext key setIt is sent to mist node;
Further, the step 6 specifically includes following steps:
The first step:Mist node calculates the intermediate quantity D of root node according to recursive algorithmr
If att (l) ∈ S, leaf node intermediate quantity is calculated:Dl=e (Katt(l),3,Cl)=e (g0,g0)xvql(0), wherein ql (0) leaf node multinomial q during independent variable v=0 is representedl(v) value;
Calculate root node intermediate quantity:If access structure P only has two layers, at this time among child node Measure DxEqual to leafy node intermediate quantity Dl, you can solve Dr=e (g0,g0)xvqr(0), terminate recurrence;Otherwise to DxCall recursion FormulaContinue to solve, when the father node of recurrence to leaf node, you can solve Dr=e (g0,g0)xvqr(0)=e (g0,g0)xvθ, terminate recurrence;Wherein operatorI table index (x), ψxIt represents The random child node set of x nodes, | ψx|=kx(v), | ψx| represent set ψxSize, j is set ψxIn element;OperatorX' is the child node of node x, ψx'Represent the random child node set of x' nodes, | ψx'|=kx' (v), | ψx'| represent set ψx'Size;
Second step:Mist node computation key correlative M*, and by key correlative M*, ciphertext collection C'={ CπAnd it is corresponding Ciphertext key setIt is sent to terminal user;
Third walks:Terminal user can obtain the set of symmetric keys { s of plaintext according to the following formulaπ, so as to decrypt ciphertext Collect C'={ CπObtain collecting F'={ F in plain textπ};
Compared with prior art, the present invention has technique effect beneficial below, by establishing cloud-mist-terminal user's body Architecture solves the problems, such as that existing cloud platform network architecture poor mobility and time delay are high, and the attribute for combining Ciphertext policy adds Secret skill art and encryption technology is can search for, mist node is allowed to not only solve ciphertext as the computation burden of sharing terminal user is acted on behalf of The safety of data and can accessibility contradiction, and greatly improve terminal user generate trapdoor and decrypt ciphertext efficiency, It realizes lightweight to can search for encrypting, at the same time, by making ciphertext related to access control structure, key and data are used The data user that family attribute correlation, only attribute meet access control structure could carry out searching ciphertext, realize fine-grained Access control greatly facilitates the empowerment management to data user, has broad application prospects in actual scene.
Description of the drawings
Fig. 1 is the system schematic of the present invention.
Specific embodiment
The present invention will be further described with reference to the accompanying drawings and detailed description.
As shown in Figure 1, the present invention provides a kind of fine granularities calculated for mist can search for encryption method, including following step Suddenly:
Step 1, system initialization:Key generation centre KGC generates common parameter pm and master key according to security parameter k Msk, wherein:
Common parameter
Master key msk=(x, y, { ti}i∈[1,n]);
Wherein G is p rank addition cyclic groups, g0,g1It is two of G different generations members, GTIt is p rank multiplicative cyclic groups, e is Bilinear map G × G → GT, H1It represents that { 0,1 } will be gathered*It is mapped to p rank integer items ZpHash function, x represent first with Machine number:x∈Zp, y the second random numbers of expression:y∈Zp, tiRepresent third random number:ti∈Zp, the value model of i ∈ [1, n] expressions i It encloses, system property collection U={ att1..., attn, attnRepresent n-th of system property.
Step 2, key generation:As 1. shown in Fig. 1, key generation centre KGC generates mist node public key for mist node PKFN, mist node database associated public keyWith the terminal user list UL of mandate, used when new terminal user adds in terminal During the list UL of family, key generation centre KGC is according to the identity information ID of terminal userEUWith terminal user's property setGenerate terminal user's public key PKEUWith end-user database associated public keyAnd for terminal user and Mist node is divided into generation terminal user's private key SKEUWith mist node private key SKFN, and by terminal user's private key SKEUIt is sent to terminal User, by mist node private key SKFNMist node is sent to, specifically include following steps:
The first step, key generation centre KGC generate mist node public key PK for mist nodeFN, mist node database associated public keyWith the terminal user list UL of mandate, wherein mist node public key PKFN=e (g0,g0)yr, mist node database associated public keyR represents the 4th random number, r ∈ Zp, the public random number of s expressions system, s ∈ Zp
Second step, when new terminal user adds in terminal user list UL, key generation centre KGC is according to terminal user Identity information IDEUWith terminal user's property setGenerate terminal user's public key PKEUAnd end-user listening data Library associated public keyWherein terminal user's public key PKEU=e (g0,g0)yu, end-user database associated public keyU represents the 5th random number:u∈Zp,Represent j-th of attribute of data user, j ∈ [1, m] value range of j is represented;
Third walks, and key generation centre KGC generates terminal user's private key SK for terminal userEU, mist section is generated for mist node Point private key SKFN, wherein terminal user's private key SKEU=(K0,{Kj,1}j∈[1,m], u), mist node private key SKFN=(K1,K2,K3, {Kj,2,Kj,3}j∈[1,m], r), K0Represent the first private key component:K1Represent the second private key component: K2Represent third private key component:K3Represent the 4th private key component:ajRepresent the 6th random number, aj ∈Zp, Kj,1Represent the 5th private key component:Map ρ1The attribute in the property set S of data user is reflected in expression The attribute of correspondence system property set U is mapped to, i.e.,Kj,2Represent the 6th private key component: Kj,3Represent the 7th private key component:bjRepresent the 7th random number, bj∈Zp, v the 8th random numbers of expression, v ∈ Zp
4th step, key generation centre KGC is by terminal user's private key SKEUTerminal user is sent to, by mist node private key SKFNIt is sent to mist node.
Step 3, encrypting stage:As 2. shown in Fig. 1, data owner utilizes set of symmetric keys { sτWill be literary in plain text Shelves collection F={ F1..., FτIt is encrypted to ciphertext document sets C={ C1..., Cτ, data owner establishes access control structure P, and Access control structure P is sent to mist node, mist node and terminal user by interaction, by set of symmetric keys { sτAdded It is dense into ciphertext key setData owner utilizes access control structure P and set of keywords W generation indexed sets { Iτ, And by ciphertext key setIndexed set { IτAnd ciphertext document sets C={ C1..., CτCloud service is sent to by mist node Device specifically includes following steps:
The first step, data owner utilize set of symmetric keys { sτBy plain text document collection F={ F1..., FτIt is encrypted to ciphertext Document sets C={ C1..., Cτ, data owner establishes access control structure P, and access control structure P is sent to some choosing Fixed mist node;
Second step, access control structure P are a kind of tree structures, and each node in tree includes multinomial and threshold value, Mist node chooses multinomial q for root node rr(v) and threshold value kr(v), wherein v is independent variable, as independent variable v=0, qr (0)=θ, θ represent the 9th random number, θ ∈ Zp, threshold value kr(v) 1≤k of ranger(v)≤numr, numrRepresent root node r Node number;
Third walks, and multinomial q is chosen for non-leaf nodes xx(v) and threshold value kx(v), multinomial qx(v) meet following item Part:
dx(v)=kx(v) -1,
qx(0)=qparent(x)(index(x));
Wherein dx(v) q is representedx(v) the degree of polynomial, and as independent variable v=0, qx(0)=qparent(x)(index (x)), parent (x) represents the father node of node x, and index (x) represents the sequence of parent (x) child node, threshold value kx (v) 1≤k of rangex(v)≤numx, numxRepresent node x child node numbers;
4th step chooses multinomial q for leaf node ll(v) and threshold value kl(v), wherein multinomial ql(v)=S, thresholding Value kl(v)=1;
5th step, mist node encrytion symmetric key sτObtain interim ciphertext ciphering key Tτ, and by interim ciphertext ciphering key TτIt sends To data owner, wherein interim ciphertext ciphering key Tτ=(CT1,CT2,{CTl}l∈L), CT1Represent the first interim ciphertext key: CT2Represent the second interim ciphertext key:CTlRepresent the interim ciphertext key of third:L Represent leaf node set;
6th step, data owner encrypt interim ciphertext ciphering key TτObtain ciphertext keyWhereinCT'1Represent the first ciphertext key:CT'2Represent that second is close Literary key:CT3Represent third ciphertext key:CCτRepresent the 4th ciphertext key: CCτ=sτ·e (g0,g0)yh, h the tenth random numbers of expression, h ∈ Zp
7th step, plain text document FτIn comprising set of keywords W, data owner is plain text document FτEstablish ciphertext index Iτ, Iτ=(I0,I1,{Il,1,Il,2}l∈L), wherein I0Represent the first index component, I0=e (g0,g0)ys, I1Represent the second index point Amount,Il,1Represent third index component,Il,2Represent the 4th index component, Il,2=(s-dl)/H1 (W), dlRepresent the 11st random number, dl∈Zp
8th step, data owner will and by ciphertext key setIndexed set { IτAnd ciphertext document sets C= {C1..., CτCloud Server is sent to by selected mist node.
Step 4, trapdoor generation:As 3. shown in Fig. 1, when terminal user wants key word of the inquiry W', mist node is tested Terminal user is demonstrate,proved whether in list of authorized users UL, if not existing, terminates operation, otherwise, mist node and terminal user pass through friendship Mutually generation trapdoor TW', and by trapdoor TW'Cloud Server is sent to terminal user's property set S, specifically includes following steps:
The first step, when terminal user wants key word of the inquiry W', whether mist node verification terminal user is in authorized user In list UL, if not existing, operation is terminated, otherwise, turns second step;
Second step, mist node generation first stage trapdoor TW',1, and by first stage trapdoor TW',1It is sent to terminal user, Wherein first stage trapdoor TW',1=(T1,{Tj,1}j∈[1,m]), T1Represent the first component of first stage trapdoor,Tj,1 Represent the second component of first stage trapdoor,η represents the 12nd random number, η ∈ Zp
Third walks, and terminal user receives first stage trapdoor TW',1Generation second stage trapdoor T afterwardsW',2, and by second stage Trapdoor TW',2It is sent to mist node, wherein second stage trapdoor TW',2=(T0,T'1,{T'j,1,Tj,2}j∈[1,m]), T0Represent second First component of stage trapdoor, T0=u+ λ, T'1Represent the second component of second stage trapdoor,T'j,1Represent second The third component of stage trapdoor,Tj,2Represent the 4th component of second stage trapdoor,λ tables Show the 13rd random number, λ ∈ Zp
4th step, mist node receive second stage trapdoor TW',2Generation trapdoor T afterwardsW', and by trapdoor TW'Belong to terminal user Property collection S is sent to Cloud Server, whereinT'0Represent the first component of trapdoor, T'0=T0η+r,Represent the second component of trapdoor,Represent the third component of trapdoor,
Step 5, cipher text searching:As 4. shown in Fig. 1, Cloud Server first verifies that whether terminal user's property set S is full Sufficient access control structure P, if conditions are not met, terminating operation;Otherwise, Cloud Server is by trapdoor Tw'With indexed set { IτProgress Match, by the ciphertext collection C'={ C of successful matchπAnd corresponding ciphertext key setBe sent to mist node, specifically include with Lower step:
The first step, whether Cloud Server verification terminal user's property set S meets access control structure P, if not satisfied, then eventually It only operates, terminates;If satisfied, turn second step;
Second step, Cloud Server are each attribute of terminal userCalculate the first intermediate variableWith the second intermediate variable
Wherein
Particularly, work as equationAnd H1(W')=H1(W) when setting up,
Wherein
Third walks, and Cloud Server matches trapdoor T according to following equationw'With indexed set { Iτ, by the ciphertext collection of successful match C' and corresponding ciphertext key setIt is sent to mist node;
Step 6, ciphertext decryption:As 5. shown in Fig. 1, mist node and terminal user pass through the close of interaction decryption return Literary key setObtain the set of symmetric keys { s of plaintextπ, according to set of symmetric keys { sπDecrypt the ciphertext collection C' returned ={ CπObtain collecting F'={ F in plain textπ, specifically include following steps:
The first step:Mist node calculates the intermediate quantity D of root node according to recursive algorithmr
If att (l) ∈ S, leaf node intermediate quantity is calculated:Dl=e (Katt(l),3,Cl)=e (g0,g0)xvql(0), wherein ql (0) leaf node multinomial q during independent variable v=0 is representedl(v) value;
Calculate root node intermediate quantity:If access structure P only has two layers, at this time among child node Measure DxEqual to leafy node intermediate quantity Dl, you can solve Dr=e (g0,g0)xvqr(0), terminate recurrence;Otherwise to DxCall recursion FormulaContinue to solve, when the father node of recurrence to leaf node, you can solve Dr=e (g0,g0)xvqr(0)=e (g0,g0)xvθ, terminate recurrence;Wherein operatorI table index (x), ψxIt represents The random child node set of x nodes, | ψx|=kx(v), | ψx| represent set ψxSize, j is set ψxIn element;OperatorX' is the child node of node x, ψx'Represent the random child node set of x' nodes, | ψx'|=kx' (v), | ψx'| represent set ψx'Size;
Second step:Mist node computation key correlative M*, and by key correlative M*, ciphertext collection C'={ CπAnd it is corresponding Ciphertext key setIt is sent to terminal user;
Third walks:Terminal user can obtain the set of symmetric keys { s of plaintext according to the following formulaπ, so as to decrypt ciphertext Collect C'={ CπObtain collecting F'={ F in plain textπ};
Above description is only example of the present invention, does not form any limitation of the invention.Obviously for this It, all may be before without departing substantially from the principle of the invention, structure after invention content and principle is understood for the professional in field It puts, carries out the amendment and improvement of algorithm, but these amendments and improvement based on inventive algorithm will in the right of the present invention It asks within protection domain.

Claims (7)

1. a kind of fine granularity calculated for mist can search for encryption method, which is characterized in that include the following steps:
Step 1, system initialization:Key generation centre KGC generates common parameter pm and master key msk according to security parameter k;
Step 2, key generation:Key generation centre KGC generates mist node public key PK for mist nodeFN, mist node database correlation Public keyWith the terminal user list UL of mandate, when new terminal user adds in terminal user list UL, in key generation Heart KGC is according to the identity information ID of terminal userEUWith terminal user's property setGenerate terminal user's public key PKEUWith end-user database associated public keyAnd it is divided into generation terminal user's private key SK for terminal user and mist nodeEU With mist node private key SKFN, and by terminal user's private key SKEUTerminal user is sent to, by mist node private key SKFNIt is sent to mist section Point;
Step 3, encrypting stage:Data owner utilizes set of symmetric keys { sτBy plain text document collection F={ F1,…,FτEncryption Into ciphertext document sets C={ C1,…,Cτ, data owner establishes access control structure P, and access control structure P is sent to Mist node, mist node and terminal user are by interaction, by set of symmetric keys { sτGeneration ciphertext key set is encrypted Data owner utilizes access control structure P and set of keywords W generation indexed sets { Iτ, and by ciphertext key setIndex Collect { IτAnd ciphertext document sets C={ C1,…,CτCloud Server is sent to by mist node;
Step 4, trapdoor generation:When terminal user wants key word of the inquiry W', whether mist node verification terminal user is authorizing In user list UL, if not existing, operation is terminated, otherwise, mist node and terminal user generate trapdoor T by interactionW', and by trapdoor TW'Cloud Server is sent to terminal user's property set S;
Step 5, cipher text searching:Cloud Server first verifies that whether terminal user's property set S meets access control structure P, if It is unsatisfactory for, terminates operation;Otherwise, Cloud Server is by trapdoor Tw'With indexed set { IτMatched, by the ciphertext collection of successful match C'={ CπAnd corresponding ciphertext key setIt is sent to mist node;
Step 6, ciphertext decryption:The ciphertext key set that mist node and terminal user are returned by interaction decryptionIt obtains bright Set of symmetric keys { the s of textπ, according to set of symmetric keys { sπDecrypt the ciphertext collection C'={ C returnedπObtain collecting F'=in plain text {Fπ}。
2. a kind of fine granularity calculated for mist according to claim 1 can search for encryption method, which is characterized in that described In step 1, common parameter
Master key msk=(x, y, { ti}i∈[1,n]);
Wherein G is p rank addition cyclic groups, g0,g1It is two of G different generations members, GTIt is p rank multiplicative cyclic groups, e is two-wire Property mapping G × G → GT, H1It represents that { 0,1 } will be gathered*It is mapped to p rank integer items ZpHash function, x represent the first random number:x ∈Zp, y the second random numbers of expression:y∈Zp, tiRepresent third random number:ti∈Zp, the value range of i ∈ [1, n] expressions i, system Property set U={ att1,…,attn, attnRepresent n-th of system property.
3. a kind of fine granularity calculated for mist according to claim 1 can search for encryption method, which is characterized in that described Step 2 specifically includes following steps:
The first step, key generation centre KGC generate mist node public key PK for mist nodeFN, mist node database associated public key With the terminal user list UL of mandate, wherein mist node public key PKFN=e (g0,g0)yr, mist node database associated public keyR represents the 4th random number, r ∈ Zp, the public random number of s expressions system, s ∈ Zp
Second step, when new terminal user adds in terminal user list UL, key generation centre KGC is according to the body of terminal user Part Information IDEUWith terminal user's property setGenerate terminal user's public key PKEUIt is related to end-user database Public keyWherein terminal user's public key PKEU=e (g0,g0)yu, end-user database associated public keyU represents the 5th random number:u∈Zp,Represent j-th of attribute of data user, j ∈ [1, m] value range of j is represented;
Third walks, and key generation centre KGC generates terminal user's private key SK for terminal userEU, it is private to generate mist node for mist node Key SKFN, wherein terminal user's private key SKEU=(K0,{Kj,1}j∈[1,m], u), mist node private key SKFN=(K1,K2,K3,{Kj,2, Kj,3}j∈[1,m], r), K0Represent the first private key component:K1Represent the second private key component:K2Represent the Three private key components:K3Represent the 4th private key component:ajRepresent the 6th random number, aj∈Zp, Kj,1Table Show the 5th private key component:Map ρ1It represents the attribute in the property set S of data user being mapped to corresponding system The attribute of system property set U, i.e.,Kj,2Represent the 6th private key component:Kj,3Represent the 7th private Key component:bjRepresent the 7th random number, bj∈Zp, v the 8th random numbers of expression, v ∈ Zp
4th step, key generation centre KGC is by terminal user's private key SKEUTerminal user is sent to, by mist node private key SKFNIt sends Give mist node.
4. a kind of fine granularity calculated for mist according to claim 1 can search for encryption method, which is characterized in that described Step 3 specifically includes following steps:
The first step, data owner utilize set of symmetric keys { sτBy plain text document collection F={ F1,…,FτIt is encrypted to ciphertext document Collect C={ C1,…,Cτ, data owner establishes access control structure P, and it is selected that access control structure P is sent to some Mist node;
Second step, access control structure P are a kind of tree structures, and each node in tree includes multinomial and threshold value, mist section Point chooses multinomial q for root node rr(v) and threshold value kr(v), wherein v is independent variable, as independent variable v=0, qr(0)=θ, θ represents the 9th random number, θ ∈ Zp, threshold value kr(v) 1≤k of ranger(v)≤numr, numrRepresent root node r child nodes Number;
Third walks, and multinomial q is chosen for non-leaf nodes xx(v) and threshold value kx(v), multinomial qx(v) meet the following conditions:
dx(v)=kx(v) -1,
qx(0)=qparent(x)(index(x));
Wherein dx(v) q is representedx(v) the degree of polynomial, and as independent variable v=0, qx(0)=qparent(x)(index (x)), Parent (x) represents the father node of node x, and index (x) represents the sequence of parent (x) child node, threshold value kx(v) model Enclose 1≤kx(v)≤numx, numxRepresent node x child node numbers;
4th step chooses multinomial q for leaf node ll(v) and threshold value kl(v), wherein multinomial ql(v)=S, threshold value kl (v)=1;
5th step, mist node encrytion symmetric key sτObtain interim ciphertext ciphering key Tτ, and by interim ciphertext ciphering key TτIt is sent to number According to owner, wherein interim ciphertext ciphering key Tτ=(CT1,CT2,{CTl}l∈L), CT1Represent the first interim ciphertext key:CT2Represent the second interim ciphertext key:CTlRepresent the interim ciphertext key of third:L tables Show leaf node set;
6th step, data owner encrypt interim ciphertext ciphering key TτObtain ciphertext keyWhereinCT'1Represent the first ciphertext key:CT'2Represent that second is close Literary key:CT3Represent third ciphertext key:CCτRepresent the 4th ciphertext key:CCτ=sτ·e (g0,g0)yh, h the tenth random numbers of expression, h ∈ Zp
7th step, plain text document FτIn comprising set of keywords W, data owner is plain text document FτEstablish ciphertext index Iτ, Iτ= (I0,I1,{Il,1,Il,2}l∈L), wherein I0Represent the first index component, I0=e (g0,g0)ys, I1Represent the second index component,Il,1Represent third index component,Il,2Represent the 4th index component, Il,2=(s-dl)/H1(W), dlRepresent the 11st random number, dl∈Zp
8th step, data owner will and by ciphertext key setIndexed set { IτAnd ciphertext document sets C={ C1,…,Cτ} Cloud Server is sent to by selected mist node.
5. a kind of fine granularity calculated for mist according to claim 1 can search for encryption method, which is characterized in that described Step 4 specifically includes following steps:
The first step, when terminal user wants key word of the inquiry W', whether mist node verification terminal user is in list of authorized users In UL, if not existing, operation is terminated, otherwise, turns second step;
Second step, mist node generation first stage trapdoor TW',1, and by first stage trapdoor TW',1Terminal user is sent to, wherein First stage trapdoor TW',1=(T1,{Tj,1}j∈[1,m]), T1Represent the first component of first stage trapdoor,Tj,1It represents The second component of first stage trapdoor,η represents the 12nd random number, η ∈ Zp
Third walks, and terminal user receives first stage trapdoor TW',1Generation second stage trapdoor T afterwardsW',2, and by second stage trapdoor TW',2It is sent to mist node, wherein second stage trapdoor TW',2=(T0,T'1,{T'j,1,Tj,2}j∈[1,m]), T0Represent second stage First component of trapdoor, T0=u+ λ, T'1Represent the second component of second stage trapdoor, T'1=T1 λ, T'j,1Represent second stage The third component of trapdoor,Tj,2Represent the 4th component of second stage trapdoor,λ represents the 13 random numbers, λ ∈ Zp
4th step, mist node receive second stage trapdoor TW',2Generation trapdoor T afterwardsW', and by trapdoor TW' and terminal user's property set S is sent to Cloud Server, whereinT'0Represent the first component of trapdoor, T'0= T0η+r,Represent the second component of trapdoor,T'j,2Represent the third component of trapdoor,
6. a kind of fine granularity calculated for mist according to claim 1 can search for encryption method, which is characterized in that described Step 5 specifically includes following steps:
The first step, whether Cloud Server verification terminal user's property set S meets access control structure P, if not satisfied, then terminating behaviour Make, terminate;If satisfied, turn second step;
Second step, Cloud Server are each attribute of terminal userCalculate the first intermediate variableWith Second intermediate variable
Wherein
Particularly, work as equationAnd H1(W')=H1(W) when setting up,
Wherein
Third walks, and Cloud Server matches trapdoor T according to following equationw'With indexed set { Iτ, by the ciphertext collection C' of successful match and Corresponding ciphertext key setIt is sent to mist node;
7. a kind of fine granularity calculated for mist according to claim 1 can search for encryption method, which is characterized in that described Step 6 specifically includes following steps:
The first step:Mist node calculates the intermediate quantity D of root node according to recursive algorithmr
If att (l) ∈ S, leaf node intermediate quantity is calculated:Wherein ql(0) it represents Leaf node multinomial q during independent variable v=0l(v) value;
Calculate root node intermediate quantity:If access structure P only has two layers, at this time child node intermediate quantity DxDeng In leafy node intermediate quantity Dl, you can it solvesTerminate recurrence;Otherwise to DxCall stepping typeContinue to solve, when the father node of recurrence to leaf node, you can solveTerminate recurrence;Wherein operatorI table index (x), ψx Represent the random child node set of x nodes, | ψx|=kx(v), | ψx| represent set ψxSize, j is set ψxIn element;It calculates SonX' is the child node of node x, ψx'Represent the random child node set of x' nodes, | ψx'|= kx'(v), | ψx'| represent set ψx'Size;
Second step:Mist node computation key correlative M*, and by key correlative M*, ciphertext collection C'={ CπAnd corresponding ciphertext Key setIt is sent to terminal user;
Third walks:Terminal user can obtain the set of symmetric keys { s of plaintext according to the following formulaπ, so as to decrypt ciphertext collection C'= {CπObtain collecting F'={ F in plain textπ};
CN201711329739.7A 2017-12-13 2017-12-13 Fine-grained searchable encryption method for fog calculation Active CN108156138B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711329739.7A CN108156138B (en) 2017-12-13 2017-12-13 Fine-grained searchable encryption method for fog calculation

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711329739.7A CN108156138B (en) 2017-12-13 2017-12-13 Fine-grained searchable encryption method for fog calculation

Publications (2)

Publication Number Publication Date
CN108156138A true CN108156138A (en) 2018-06-12
CN108156138B CN108156138B (en) 2020-10-27

Family

ID=62466711

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711329739.7A Active CN108156138B (en) 2017-12-13 2017-12-13 Fine-grained searchable encryption method for fog calculation

Country Status (1)

Country Link
CN (1) CN108156138B (en)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109639425A (en) * 2018-11-07 2019-04-16 华中科技大学 What a kind of side calculated lightweight under environment can search for public key encryption method
CN110138538A (en) * 2019-05-09 2019-08-16 南京邮电大学 The smart grid security and secret protection data aggregation method calculated based on mist
CN110300104A (en) * 2019-06-21 2019-10-01 山东超越数控电子股份有限公司 User right control and transfer method and system under a kind of edge cloud scene
CN110602086A (en) * 2019-09-10 2019-12-20 北京工业大学 Repealable and outsourced multi-authorization center attribute-based encryption method in fog computing
CN110933026A (en) * 2019-10-22 2020-03-27 东北大学 Lightweight privacy protection equivalent query method
CN111190925A (en) * 2019-10-30 2020-05-22 重庆邮电大学 Multi-dimensional query method, system and storage medium for edge calculation
CN111930688A (en) * 2020-09-23 2020-11-13 西南石油大学 Method and device for searching secret data of multi-keyword query in cloud server
CN112311781A (en) * 2020-10-23 2021-02-02 西安电子科技大学 Encryption method with safe forward and backward direction and recoverable keyword shielding
WO2021190453A1 (en) * 2020-03-23 2021-09-30 齐鲁工业大学 Lightweight attribute-based signcryption method for cloud and fog-assisted internet of things
WO2021190452A1 (en) * 2020-03-23 2021-09-30 齐鲁工业大学 Lightweight attribute-based signcryption method for cloud and fog-assisted internet of things
CN114826703A (en) * 2022-04-11 2022-07-29 江苏大学 Block chain-based data search fine-grained access control method and system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106357395A (en) * 2016-09-13 2017-01-25 深圳大学 Outsourcing access control method and system aiming at fog computing
CN106850652A (en) * 2017-02-21 2017-06-13 重庆邮电大学 One kind arbitration can search for encryption method
US20170235736A1 (en) * 2008-10-29 2017-08-17 Ashwin Swaminathan System and method for confidentiality-preserving rank-ordered search
CN107395568A (en) * 2017-06-21 2017-11-24 西安电子科技大学 A kind of cipher text retrieval method of more data owner's certifications

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170235736A1 (en) * 2008-10-29 2017-08-17 Ashwin Swaminathan System and method for confidentiality-preserving rank-ordered search
CN106357395A (en) * 2016-09-13 2017-01-25 深圳大学 Outsourcing access control method and system aiming at fog computing
CN106850652A (en) * 2017-02-21 2017-06-13 重庆邮电大学 One kind arbitration can search for encryption method
CN107395568A (en) * 2017-06-21 2017-11-24 西安电子科技大学 A kind of cipher text retrieval method of more data owner's certifications

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
KOSCHUCH M ET AL: "Fogging the cloud—Implementing and evaluating searchable encryption schemes in practice", 《IEEE》 *
李昊星 等: "支持多关键字的可搜索公钥加密方案", 《西安电子科技大学学报(自然科学版)》 *

Cited By (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109639425A (en) * 2018-11-07 2019-04-16 华中科技大学 What a kind of side calculated lightweight under environment can search for public key encryption method
CN110138538A (en) * 2019-05-09 2019-08-16 南京邮电大学 The smart grid security and secret protection data aggregation method calculated based on mist
CN110138538B (en) * 2019-05-09 2022-06-21 南京邮电大学 Smart grid security and privacy protection data aggregation method based on fog calculation
CN110300104A (en) * 2019-06-21 2019-10-01 山东超越数控电子股份有限公司 User right control and transfer method and system under a kind of edge cloud scene
CN110602086A (en) * 2019-09-10 2019-12-20 北京工业大学 Repealable and outsourced multi-authorization center attribute-based encryption method in fog computing
CN110602086B (en) * 2019-09-10 2021-10-26 北京工业大学 Repealable and outsourced multi-authorization center attribute-based encryption method in fog computing
CN110933026B (en) * 2019-10-22 2021-06-04 东北大学 Lightweight privacy protection equivalent query method
CN110933026A (en) * 2019-10-22 2020-03-27 东北大学 Lightweight privacy protection equivalent query method
CN111190925A (en) * 2019-10-30 2020-05-22 重庆邮电大学 Multi-dimensional query method, system and storage medium for edge calculation
CN111190925B (en) * 2019-10-30 2023-07-21 重庆邮电大学 Multi-dimensional query method, system and storage medium for edge computing
WO2021190453A1 (en) * 2020-03-23 2021-09-30 齐鲁工业大学 Lightweight attribute-based signcryption method for cloud and fog-assisted internet of things
WO2021190452A1 (en) * 2020-03-23 2021-09-30 齐鲁工业大学 Lightweight attribute-based signcryption method for cloud and fog-assisted internet of things
CN111930688A (en) * 2020-09-23 2020-11-13 西南石油大学 Method and device for searching secret data of multi-keyword query in cloud server
CN112311781A (en) * 2020-10-23 2021-02-02 西安电子科技大学 Encryption method with safe forward and backward direction and recoverable keyword shielding
CN112311781B (en) * 2020-10-23 2021-11-12 西安电子科技大学 Encryption method with safe forward and backward direction and recoverable keyword shielding
CN114826703A (en) * 2022-04-11 2022-07-29 江苏大学 Block chain-based data search fine-grained access control method and system
CN114826703B (en) * 2022-04-11 2024-04-05 江苏大学 Block chain-based data search fine granularity access control method and system

Also Published As

Publication number Publication date
CN108156138B (en) 2020-10-27

Similar Documents

Publication Publication Date Title
CN108156138A (en) A kind of fine granularity calculated for mist can search for encryption method
CN106127075B (en) Encryption method can search for based on secret protection under a kind of cloud storage environment
CN105871543B (en) Multiple key cipher text retrieval method under more data owner's backgrounds based on attribute
CN105320896B (en) A kind of cloud storage encryption and its cipher text retrieval method and system
CN107634829A (en) Encrypted electronic medical records system and encryption method can search for based on attribute
CN107480163A (en) The efficient ciphertext image search method of secret protection is supported under a kind of cloud environment
CN108156140A (en) A kind of multiple key that numerical attribute is supported to compare can search for encryption method
CN111143471B (en) Ciphertext retrieval method based on blockchain
CN112765650A (en) Attribute-based searchable encryption block chain medical data sharing method
CN108092766B (en) Ciphertext search authority verification method and system
CN104765848A (en) Symmetrical searchable encryption method for supporting result high-efficiency sequencing in hybrid cloud storage
CN108062485A (en) A kind of fuzzy keyword searching method of multi-service oriented device multi-user
CN112365945B (en) Electronic medical record fine granularity access control and ciphertext searchable method based on blockchain
CN104023051A (en) Multi-user multi-keyword searchable encryption method in cloud storage
CN105049196A (en) Searchable encryption method of multiple keywords at specified location in cloud storage
CN107547530A (en) On-line/off-line keyword search methodology and its cloud computing application system based on attribute under mobile cloud environment
CN114826703B (en) Block chain-based data search fine granularity access control method and system
CN114048448A (en) Block chain based dynamic searchable encryption method and device
CN108390760B (en) End-to-end public key keyword searchable encryption method in cloud data transmission
CN108021677A (en) The control method of cloud computing distributed search engine
CN114943090A (en) Large-scale face library hidden query method based on homomorphic encryption
CN112332979A (en) Ciphertext searching method, system and equipment in cloud computing environment
CN105897419B (en) A kind of multi-user's dynamic keyword word can search for encryption method
CN113468440A (en) Anonymous query method for protecting location privacy based on SF-blind filtering protocol
CN107294701A (en) The multidimensional ciphertext interval query device and querying method managed with efficient key

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant