CN108156138B - Fine-grained searchable encryption method for fog calculation - Google Patents
Fine-grained searchable encryption method for fog calculation Download PDFInfo
- Publication number
- CN108156138B CN108156138B CN201711329739.7A CN201711329739A CN108156138B CN 108156138 B CN108156138 B CN 108156138B CN 201711329739 A CN201711329739 A CN 201711329739A CN 108156138 B CN108156138 B CN 108156138B
- Authority
- CN
- China
- Prior art keywords
- key
- node
- terminal user
- ciphertext
- fog
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/065—Network architectures or network communication protocols for network security for supporting key management in a packet data network for group communications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses a fine-grained searchable encryption method for fog computing, which is characterized in that a cloud-fog-terminal user system structure is established by utilizing an attribute encryption technology and a searchable encryption technology of a ciphertext strategy, a fog node is used as an agent to share the computing burden of a terminal user by utilizing the attribute encryption technology and the searchable encryption technology of the ciphertext strategy, and the terminal user can quickly generate a trapdoor and decrypt a ciphertext, so that the light-weight searchable encryption is realized, fine-grained access control is supported, only legal data users can perform ciphertext retrieval, the fine-grained searchable encryption method has wide application prospect in an actual scene, fine-grained access control is realized, only legal data users can perform ciphertext retrieval, and the fine-grained encryption method has wide prospect in the actual scene.
Description
Technical Field
The invention belongs to the technical field of information security, and particularly relates to an attribute encryption technology and a searchable encryption technology of a ciphertext strategy, which can be used for realizing searchable encryption of fine granularity in the background of fog calculation.
Background
The internet of things is a technology capable of connecting objects to the internet to enable the objects to be more intelligent, and with the continuous increase of networking equipment, mass data generated can be stored and calculated through cloud computing, and terminal users are released from heavy equipment maintenance and data management. However, the traditional cloud computing has the problems of poor mobility, high time delay and the like of a network architecture, which brings great challenges to the development of the internet of things. Cloud computing is expanded to the edge of a network by the aid of fog computing, and the fog nodes serve as intermediaries of the Internet of things and the cloud computing, so that the problems of terminal node request delay, excessive cloud server storage and computing burden, excessive network transmission bandwidth pressure and the like caused by combination of the Internet of things and the cloud computing can be solved. Therefore, the fog calculation has wide application prospect.
However, the fog computing brings convenience and new challenges to data security, and when sensitive data is outsourced to the fog node and the cloud server in a clear text form, the data is out of direct physical control of a data owner, and may suffer from a malicious attack and a serious potential safety hazard. The general solution is to encrypt data before uploading the data, and further, in order to implement fine-grained access control, a data owner wants only an end user satisfying conditions to decrypt a ciphertext, and an identity-based encryption technique, an attribute encryption technique of a key policy, and an attribute encryption technique of a ciphertext policy are proposed in succession. Although the confidentiality of data is guaranteed to a certain extent by encryption, the traditional plaintext retrieval technology cannot be applied to ciphertext. The searchable encryption technology enables the terminal user to perform keyword query on the ciphertext, so that not only is the data security ensured, but also the document which the data user is interested in can be quickly located. Therefore, by combining the attribute encryption technology of the ciphertext strategy and the searchable encryption technology of the ciphertext strategy, not only is efficient ciphertext retrieval realized, but also fine-grained access control is supported.
The calculation and storage cost of the searchable encryption technology of the existing ciphertext strategy is in direct proportion to the complexity of the access strategy, which brings great limitation to the internet of things equipment with limited calculation resources. By establishing a cloud-fog-terminal user system structure, each fog node in fog computing is used as an agent to share a large amount of computing, and the equipment of the Internet of things with limited resources can quickly generate trapdoors and decryption texts. Therefore, how to design and realize a lightweight fine-grained searchable encryption method in the background of fog calculation becomes a critical problem to be solved urgently.
Disclosure of Invention
Aiming at the defects in the prior art, the invention provides a fine-grained searchable encryption method for fog calculation by utilizing the attribute encryption technology and the searchable encryption technology of a ciphertext strategy. The cloud-fog-terminal user system structure is established, the attribute encryption technology and the searchable encryption technology of the ciphertext strategy are utilized, the fog node is used as an agent to share the calculation burden of a terminal user, the terminal user can quickly generate a trapdoor and decrypt a ciphertext, the lightweight searchable encryption is realized, fine-grained access control is supported, only legal data users can perform ciphertext retrieval, and the cloud-fog-terminal user system structure has wide application prospects in practical scenes.
In order to achieve the above object, the present invention adopts a technical solution that a fine-grained searchable encryption method for fog calculation includes the steps of:
step one, system initialization: the key generation center KGC generates a public parameter pm and a master key msk according to the security parameter k;
step two, generating a key: secret key generation center KGC generates fog node public key PK for fog nodeFNFog node database correlation public keyAnd an authorized terminal user list UL, when a new terminal user joins the terminal user list UL, the key generation center KGC generates a key according to the identity information ID of the terminal userEUAnd end user attribute setGenerating an end-user public key PKEUPublic key associated with end user databaseAnd dividing the terminal user and the fog node into the generation of the terminal user private key SKEUAnd mist node private key SKFNAnd private key SK of terminal userEUSending to the terminal user, and sending the private key SK of the fog node to the terminal userFNSending the data to a fog node;
step three, an encryption stage: data owner utilizing symmetric key set sτThe plaintext document set F is changed to F1,…,FτEncrypting into a ciphertext document set C ═ C1,…,CτAnd fourthly, the data owner establishes an access control structure P and sends the access control structure P to the fog node, and the fog node is communicated with the end userOver-interaction, set the symmetric key sτCarry out encryption to generate a cipher key setThe data owner generates an index set { I } using an access control structure P and a key set WτAnd cipher text key setIndex set { IτC and ciphertext document set C ═ C1,…,CτSending the data to a cloud server through a fog node;
step four, generating a trap door: when the terminal user wants to inquire the keyword W', the fog node verifies whether the terminal user is in the authorized user list UL, if not, the operation is terminated, otherwise, the fog node and the terminal user generate the trapdoor T through interactionW'And will sink into the door TW'Sending the attribute set S of the terminal user to a cloud server;
step five, ciphertext search: the cloud server firstly verifies whether the terminal user attribute set S meets the access control structure P, and if not, the operation is terminated; otherwise, the cloud server will trap the door Tw'And index set { IτMatching is carried out, and the ciphertext set C' successfully matched is set as { C }π} and corresponding ciphertext key setsSending the data to a fog node;
step six, ciphertext decryption: ciphertext key set returned by mist node and terminal user through interactive decryptionObtaining a symmetric key set s of plaintextπAccording to a symmetric key set sπThe returned cipher text set C ═ C is decryptedπGet the plaintext F' ═ Fπ}。
Master key msk ═ (x, y, { t)i}i∈[1,n]);
Wherein G is a p-order addition cycle group, G0,g1Are two different generators of G, GTIs a cyclic group of p factorial method, e is a bilinear map G → GT,H1Indicates that the set {0,1} is to be aggregated*Mapping to p-order integer Ring ZpX represents a first random number: x is formed as ZpAnd y represents a second random number: y is equal to Zp,tiRepresents a third random number: t is ti∈Zp,i∈[1,n]The value range of i is represented, and the system attribute set U is { att }1,…,attn},attnRepresenting the nth system attribute.
Further, the second step specifically includes the following steps:
firstly, a secret key generation center KGC generates a fog node public key PK for a fog nodeFNMist node database correlation public keyAnd an authorized end user list UL, wherein the fog node public key PKFN=e(g0,g0)yrMist node database correlation public keyr represents a fourth random number, r ∈ ZpS represents a random number common to the system, s ∈ Zp;
Secondly, when a new terminal user joins the terminal user list UL, the key generation center KGC generates a key according to the identity information ID of the terminal userEUAnd end user attribute setGenerating an end-user public key PKEUPublic key associated with end user databaseWherein the end-user public key PKEU=e(g0,g0)yuEnd user database related public keyu represents a fifth random number: u is as large as Zp,J-th attribute representing data user, j ∈ [1, m ∈ >]Representing the value range of j;
thirdly, a secret key generation center KGC generates a terminal user private key SK for the terminal userEUGenerating a private key SK for the fog nodeFNWherein the end-user private key SKEU=(K0,{Kj,1}j∈[1,m]U), mist node private key SKFN=(K1,K2,K3,{Kj,2,Kj,3}j∈[1,m],r),K0Representing the first private key component:K1representing the second private key component:K2represents the third private key component:K3represents the fourth private key component:ajrepresents a sixth random number, aj∈Zp,Kj,1Represents the fifth private key component:mapping rho1Representing the mapping of attributes in the data user' S attribute set S to attributes of the corresponding system attribute set U, i.e.Kj,2Represents the sixth private key component:Kj,3represents the seventh private key component:bjdenotes a seventh random number, bj∈ZpV represents an eighth random number, v ∈ Zp;
Fourthly, the secret key generation center KGC uses the secret key SK of the terminal userEUSending to the terminal user, and sending the private key SK of the fog node to the terminal userFNAnd sending the data to the fog node.
Further, the third step specifically includes the following steps:
first, the data owner utilizes a symmetric key set sτThe plaintext document set F is changed to F1,…,FτEncrypting into a ciphertext document set C ═ C1,…,CτA data owner establishes an access control structure P and sends the access control structure P to a selected fog node;
in the second step, the access control structure P is a tree structure, each node in the tree includes a polynomial and a threshold, and the fog node selects a polynomial q for the root node rr(v) And a threshold value kr(v) Where v is an argument, q is the argument when v is 0r(0) θ represents a ninth random number, θ ∈ ZpThreshold value kr(v) In the range of 1. ltoreq. kr(v)≤numr,numrRepresenting the number of child nodes of the root node r;
thirdly, selecting a polynomial q for a non-leaf node xx(v) And a threshold value kx(v) Polynomial qx(v) The following conditions are satisfied:
dx(v)=kx(v)-1,
qx(0)=qparent(x)(index(x));
wherein d isx(v) Denotes qx(v) And q when the argument v is 0x(0)=qparent(x)(index (x)), parent (x) indicates the parent node of node x, index (x) indicates the order of parent (x) child nodes, and a threshold value kx(v) In the range of 1. ltoreq. kx(v)≤numx,numxRepresenting the number of the child nodes of the node x;
the fourth step, selecting a polynomial q for the leaf node ll(v) And a threshold value kl(v) Wherein the polynomial ql(v) Threshold value k ═ Sl(v)=1;
Fifthly, the fog node encrypts a symmetric key sτObtain a temporary ciphertext key CTτAnd the temporary cipher text key CT is usedτSent to the data owner with the temporary cipher text key CTτ=(CT1,CT2,{CTl}l∈L),CT1Representing the first temporary ciphertext key:CT2representing the second temporary ciphertext key:CTlrepresenting the third temporary ciphertext key:l represents a set of leaf child nodes;
sixthly, the data owner encrypts the temporary ciphertext key CTτObtaining a ciphertext keyWhereinCT'1Representing the first ciphertext key:CT'2represents the second ciphertext key:CT3representing the third ciphertext key:CCτrepresenting the fourth ciphertext key: CC (challenge collapsar)τ=sτ·e(g0,g0)yhH represents a tenth random number, h ∈ Zp;
Seventh step, plaintext document FτThe data owner is a plaintext document FτEstablishing a ciphertext index Iτ,Iτ=(I0,I1,{Il,1,Il,2}l∈L) In which I0Denotes a first index component, I0=e(g0,g0)ys,I1A second index component is represented that is,Il,1a third index component is represented that is,Il,2denotes the fourth index component, Il,2=(s-dl)/H1(W), dlDenotes an eleventh random number, dl∈Zp;
Eighth step, the data owner combines the cipher key setIndex set { IτC and ciphertext document set C ═ C1,…,CτAnd sending the data to the cloud server through the selected fog node.
Further, the fourth step specifically includes the following steps:
step one, when a terminal user wants to inquire a keyword W', a fog node verifies whether the terminal user is in an authorized user list UL, if not, the operation is terminated, otherwise, the operation is switched to the step two;
second, the fog node generates a first-stage trapdoor TW',1And the first stage trapdoor T is connectedW',1To be sent to the end-user,wherein the first stage trap door TW',1=(T1,{Tj,1}j∈[1,m]),T1Representing a first component of the first stage trapdoor,Tj,1representing a second component of the first stage trapdoor,eta represents a twelfth random number, eta belongs to Zp;
Third, the end user receives the first stage trapdoor TW',1Post-generation second stage trapdoor TW',2And the second stage is trapped in the door TW',2Sent to the fog node, wherein the second stage trapdoor TW',2=(T0,T'1,{T'j,1,Tj,2}j∈[1,m]),T0Representing a first component, T, of the second-stage trapdoor0=u+λ,T'1Representing a second component of the second stage trapdoor,a third component representing a second stage trapdoor,Tj,2a fourth component representing the second stage trapdoor,λ represents a thirteenth random number, λ ∈ Zp;
Fourthly, the fog node receives the trapdoor T of the second stageW',2Post-forming trapdoor TW'And will trap the door TW'And sending the terminal user attribute set S to a cloud server, whereinT'0Representing a first component, T ', of the trapdoor'0=T0η+r,A second component of the trapdoor is represented,a third component of the trapdoor is represented,
further, the step five specifically includes the following steps:
firstly, the cloud server verifies whether the terminal user attribute set S meets the access control structure P, if not, the operation is terminated, and the operation is finished; if yes, turning to the second step;
second, the cloud server is the end user's per attributeCalculating a first intermediate variableAnd a second intermediate variable
Thirdly, the cloud server matches the trapdoor T according to the following equationw'And index set { IτThe successfully matched ciphertext set C' and the corresponding ciphertext key setSending the data to a fog node;
further, the sixth step specifically includes the following steps:
the first step is as follows: the fog node calculates the intermediate quantity D of the root node according to a recursion algorithmr;
If att (l) ε S, the leaf node intermediate quantities are calculated: dl=e(Katt(l),3,Cl)=e(g0,g0)xvql(0)Wherein q isl(0) A leaf node polynomial q when the argument v is 0l(v) A value of (d);
calculating intermediate quantity of root nodes:if the access structure P has only two layers, the intermediate quantity D of the child node is obtainedxEqual to the leaf node intermediate quantity DlThen D can be solvedr=e(g0,g0)xvqr(0)Terminating the recursion; otherwise to DxCall push-throughThe solution is continued until recursion reaches the father node of the leaf node, and D can be solvedr=e(g0,g0)xvqr(0)=e(g0,g0)xvθTerminating the recursion; wherein the operatori table index (x), psixSet of random children representing x nodes, | ψx|=kx(v),|ψxThe | representation set ψxJ is the set ψxThe elements of (1); operatorx' is a sub-node of node x, psix'Set of random children nodes representing x' nodes, | ψx'|=kx'(v),|ψx'The | representation set ψx'The size of (d);
the second step is that: the fog node calculates a key correlation quantity M and sets a secret text C ═ Cπ} and corresponding ciphertext key setsSending the data to a terminal user;
the third step: the end user can obtain a symmetric key set s of a plaintext according to the following formulaπAnd thus, the dense text set C ═ C is decryptedπGet the plaintext F' ═ Fπ};
Compared with the prior art, the invention has the following beneficial technical effects that the problems of poor mobility and high time delay of the network architecture of the existing cloud platform are solved by establishing a cloud-fog-terminal user system structure, the computing burden of the terminal user is shared by a fog node as an agent by combining the attribute encryption technology of a ciphertext strategy and the searchable encryption technology, the contradiction between the security and the retrievability of ciphertext data is solved, the efficiency of generating a trap and decrypting a ciphertext by the terminal user is greatly improved, the lightweight searchable encryption is realized, meanwhile, by correlating the ciphertext with an access control structure and the attribute of a key and a data user, only the data user with the attribute satisfying the access control structure can carry out ciphertext retrieval, the fine-grained access control is realized, and the authorization management of the data user is greatly facilitated, has wide application prospect in actual scenes.
Drawings
FIG. 1 is a schematic diagram of the system of the present invention.
Detailed Description
The invention is further described with reference to the following figures and detailed description.
As shown in fig. 1, the present invention provides a fine-grained searchable encryption method for fog computing, comprising the steps of:
step one, system initialization: and the key generation center KGC generates a public parameter pm and a master key msk according to the security parameter k, wherein:
Master key msk ═ (x, y, { t)i}i∈[1,n]);
Wherein G is a p-order addition cycle group, G0,g1Are two different generators of G, GTIs a cyclic group of p factorial method, e is a bilinear map G → GT,H1Indicates that the set {0,1} is to be aggregated*Mapping to p-order integer Ring ZpX represents a first random number: x is formed as ZpAnd y represents a second random number: y is equal to Zp,tiRepresents a third random number: t is ti∈Zp,i∈[1,n]The value range of i is represented, and the system attribute set U is { att }1,…,attn},attnRepresenting the nth system attribute.
Step two, generating a key: as shown in FIG. 1, the key generation center KGC generates a fog node public key PK for the fog nodeFNMist node database correlation public keyAnd an authorized terminal user list UL, when a new terminal user joins the terminal user list UL, the key generation center KGC generates a key according to the identity information ID of the terminal userEUAnd end user attribute setGenerating an end-user public key PKEUPublic key associated with end user databaseAnd dividing the terminal user and the fog node into the generation of the terminal user private key SKEUAnd mist node private key SKFNAnd private key SK of terminal userEUSending to the terminal user, and sending the private key SK of the fog node to the terminal userFNSending the data to the fog node, and specifically comprising the following steps:
firstly, a secret key generation center KGC generates a fog node public key PK for a fog nodeFNMist node database correlation public keyAnd an authorized end user list UL, wherein the fog node public key PKFN=e(g0,g0)yrMist node database correlation public keyr represents a fourth random number, r ∈ ZpS represents a random number common to the system, s ∈ Zp;
Secondly, when a new terminal user joins the terminal user list UL, the key generation center KGC generates a key according to the identity information ID of the terminal userEUAnd end user attribute setGenerating an end-user public key PKEUPublic key associated with end user databaseWherein the end-user public key PKEU=e(g0,g0)yuEnd user database related public keyu represents the numberFive random numbers: u is as large as Zp,J-th attribute representing data user, j ∈ [1, m ∈ >]Representing the value range of j;
thirdly, a secret key generation center KGC generates a terminal user private key SK for the terminal userEUGenerating a mist node private key SK for the mist nodeFNWherein the end-user private key SKEU=(K0,{Kj,1}j∈[1,m]U), mist node private key SKFN=(K1,K2,K3,{Kj,2,Kj,3}j∈[1,m],r),K0Representing the first private key component:K1representing the second private key component:K2represents the third private key component:K3represents the fourth private key component:ajrepresents a sixth random number, aj∈Zp,Kj,1Represents the fifth private key component:mapping rho1Representing the mapping of attributes in the data user' S attribute set S to attributes of the corresponding system attribute set U, i.e.Kj,2Represents the sixth private key component:Kj,3denotes the seventhPrivate key component:bjdenotes a seventh random number, bj∈ZpV represents an eighth random number, v ∈ Zp;
Fourthly, the secret key generation center KGC uses the secret key SK of the terminal userEUSending to the terminal user, and sending the private key SK of the fog node to the terminal userFNAnd sending the data to the fog node.
Step three, an encryption stage: as shown in FIG. 1, the data owner utilizes a symmetric key set sτThe plaintext document set F is changed to F1,…,FτEncrypting into a ciphertext document set C ═ C1,…,CτAnd fourthly, the data owner establishes an access control structure P and sends the access control structure P to the fog node, and the fog node interacts with the terminal user to obtain the symmetric key set { s }τCarry out encryption to generate a cipher key setThe data owner generates an index set { I } using an access control structure P and a key set WτAnd cipher text key setIndex set { IτC and ciphertext document set C ═ C1,…,CτSending the data to a cloud server through a fog node, specifically comprising the following steps:
first, the data owner utilizes a symmetric key set sτThe plaintext document set F is changed to F1,…,FτEncrypting into a ciphertext document set C ═ C1,…,CτA data owner establishes an access control structure P and sends the access control structure P to a selected fog node;
in the second step, the access control structure P is a tree structure, each node in the tree includes a polynomial and a threshold, and the fog node selects a polynomial q for the root node rr(v) And a threshold value kr(v) Where v is an argument, when the argument v is 0,qr(0) θ represents a ninth random number, θ ∈ ZpThreshold value kr(v) In the range of 1. ltoreq. kr(v)≤numr,numrRepresenting the number of child nodes of the root node r;
thirdly, selecting a polynomial q for a non-leaf node xx(v) And a threshold value kx(v) Polynomial qx(v) The following conditions are satisfied:
dx(v)=kx(v)-1,
qx(0)=qparent(x)(index(x));
wherein d isx(v) Denotes qx(v) And q when the argument v is 0x(0)=qparent(x)(index (x)), parent (x) indicates the parent node of node x, index (x) indicates the order of parent (x) child nodes, and a threshold value kx(v) In the range of 1. ltoreq. kx(v)≤numx,numxRepresenting the number of the child nodes of the node x;
the fourth step, selecting a polynomial q for the leaf node ll(v) And a threshold value kl(v) Wherein the polynomial ql(v) Threshold value k ═ Sl(v)=1;
Fifthly, the fog node encrypts a symmetric key sτObtain a temporary ciphertext key CTτAnd the temporary cipher text key CT is usedτSent to the data owner with the temporary cipher text key CTτ=(CT1,CT2,{CTl}l∈L),CT1Representing the first temporary ciphertext key:CT2representing the second temporary ciphertext key:CTlrepresenting the third temporary ciphertext key:l represents a set of leaf child nodes;
sixth, data possessionPerson encrypts temporary cipher text key CTτObtaining a ciphertext keyWhereinCT'1Representing the first ciphertext key:CT'2represents the second ciphertext key:CT3representing the third ciphertext key:CCτrepresenting the fourth ciphertext key: CC (challenge collapsar)τ=sτ·e(g0,g0)yhH represents a tenth random number, h ∈ Zp;
Seventh step, plaintext document FτThe data owner is a plaintext document FτEstablishing a ciphertext index Iτ,Iτ=(I0,I1,{Il,1,Il,2}l∈L) In which I0Denotes a first index component, I0=e(g0,g0)ys,I1A second index component is represented that is,Il,1a third index component is represented that is,Il,2denotes the fourth index component, Il,2=(s-dl)/H1(W), dlDenotes an eleventh random number, dl∈Zp;
Eighth step, the data owner combines the cipher key setIndex set { IτC and ciphertext document set C ═ C1,…,CτAnd sending the data to the cloud server through the selected fog node.
Step four, generating a trap door: as shown in fig. 1 c, when the end user wants to query the keyword W', the fog node verifies whether the end user is in the authorized user list UL, and if not, the operation is terminated, otherwise, the fog node and the end user generate the trapdoor T through interactionW'And will trap the door TW'And sending the terminal user attribute set S to a cloud server, and specifically comprising the following steps:
step one, when a terminal user wants to inquire a keyword W', a fog node verifies whether the terminal user is in an authorized user list UL, if not, the operation is terminated, otherwise, the operation is switched to the step two;
second, the fog node generates a first-stage trapdoor TW',1And the first stage trapdoor T is connectedW',1Sent to the end user, wherein the first stage trapdoor TW',1=(T1,{Tj,1}j∈[1,m]),T1Representing a first component of the first stage trapdoor,Tj,1representing a second component of the first stage trapdoor,eta represents a twelfth random number, eta belongs to Zp;
Third, the end user receives the first stage trapdoor TW',1Post-generation second stage trapdoor TW',2And the second stage is trapped in the door TW',2Sent to the fog node, wherein the second stage trapdoor TW',2=(T0,T'1,{T'j,1,Tj,2}j∈[1,m]),T0Representing a first component, T, of the second-stage trapdoor0=u+λ,T'1Representing a second component of the second stage trapdoor,T'j,1a third component representing a second stage trapdoor,Tj,2a fourth component representing the second stage trapdoor,λ represents a thirteenth random number, λ ∈ Zp;
Fourthly, the fog node receives the trapdoor T of the second stageW',2Post-forming trapdoor TW'And will trap the door TW'And sending the terminal user attribute set S to a cloud server, whereinT'0Representing a first component, T ', of the trapdoor'0=T0η+r,A second component of the trapdoor is represented,a third component of the trapdoor is represented,
step five, ciphertext search: as shown in the ((r) of fig. 1), the cloud server first verifies whether the end user attribute set S satisfies the access control structure P, and if not, terminates the operation; otherwise, the cloud server will trap the door Tw'And index set { IτMatching is carried out, and the ciphertext set C' successfully matched is set as { C }π} and corresponding ciphertext key setsSending the data to the fog node, specifically comprising the following steps:
firstly, the cloud server verifies whether the terminal user attribute set S meets the access control structure P, if not, the operation is terminated, and the operation is finished; if yes, turning to the second step;
second, the cloud server is the end user's per attributeCalculating a first intermediate variableAnd a second intermediate variable
Thirdly, the cloud server matches the trapdoor T according to the following equationw'And index set { IτThe successfully matched ciphertext set C' and the corresponding ciphertext key setSending the data to a fog node;
step six, ciphertext decryption: as indicated by the fifth in figure 1And the fog node and the terminal user decrypt the returned cipher key set through interactionObtaining a symmetric key set s of plaintextπAccording to a symmetric key set sπThe returned cipher text set C ═ C is decryptedπGet the plaintext F ═ F } ═ FπThe method specifically comprises the following steps:
the first step is as follows: the fog node calculates the intermediate quantity D of the root node according to a recursion algorithmr;
If att (l) ε S, the leaf node intermediate quantities are calculated: dl=e(Katt(l),3,Cl)=e(g0,g0)xvql(0)Wherein q isl(0) A leaf node polynomial q when the argument v is 0l(v) A value of (d);
calculating intermediate quantity of root nodes:if the access structure P has only two layers, the intermediate quantity D of the child node is obtainedxEqual to the leaf node intermediate quantity DlThen D can be solvedr=e(g0,g0)xvqr(0)Terminating the recursion; otherwise to DxCall push-throughThe solution is continued until recursion reaches the father node of the leaf node, and D can be solvedr=e(g0,g0)xvqr(0)=e(g0,g0)xvθTerminating the recursion; wherein the operatori table index (x), psixSet of random children representing x nodes, | ψx|=kx(v),|ψxThe | representation set ψxJ is the set ψxThe elements of (1); operatorx' is a sub-node of node x, psix'Set of random children nodes representing x' nodes, | ψx'|=kx'(v),|ψx'The | representation set ψx'The size of (d);
the second step is that: the fog node calculates a key correlation quantity M and sets a secret text C ═ Cπ} and corresponding ciphertext key setsSending the data to a terminal user;
the third step: the end user can obtain a symmetric key set s of a plaintext according to the following formulaπAnd thus, the dense text set C ═ C is decryptedπGet the plaintext F' ═ Fπ};
The above description is only one specific example of the present invention and should not be construed as limiting the invention in any way. It will be apparent to those skilled in the art that, after understanding the present disclosure and principles, algorithmic modifications and improvements may be made without departing from the principles and structures of the invention, and such modifications and improvements based on the inventive algorithms are intended to be within the scope of the claims.
Claims (7)
1. A fine-grained searchable encryption method for fog computing, comprising the steps of:
step one, system initialization: the key generation center KGC generates a public parameter pm and a master key msk according to the security parameter k;
step two, generating a key: secret key generation center KGC generates fog node public key PK for fog nodeFNMist node database correlation public keyAnd an authorized terminal user list UL, when a new terminal user joins the terminal user list UL, the key generation center KGC generates a key according to the identity information ID of the terminal userEUAnd end user attribute setGenerating an end-user public key PKEUPublic key associated with end user databaseAnd dividing the terminal user and the fog node into the generation of the terminal user private key SKEUAnd mist node private key SKFNAnd private key SK of terminal userEUSending to the terminal user, and sending the private key SK of the fog node to the terminal userFNSending the data to a fog node;
step three, an encryption stage: data owner utilizing symmetric key set sτThe plaintext document set F is changed to F1,…,FτEncrypting into a ciphertext document set C ═ C1,…,CτAnd fourthly, the data owner establishes an access control structure P and sends the access control structure P to the fog node, and the fog node interacts with the terminal user to obtain the symmetric key set { s }τCarry out encryption to generate a cipher key setThe data owner generates an index set { I } using an access control structure P and a key set WτAnd cipher text key setIndex set { IτC and ciphertext document set C ═ C1,…,CτSending the data to a cloud server through a fog node;
step four, generating a trap door: when the terminal user wants to inquire the keyword W', the fog node verifies whether the terminal user is in the authorized user list UL, if not, the operation is terminated, otherwise, the fog node and the terminal user interact with each otherGenerating trapdoors TW′And will trap the door TW′Sending the attribute set S of the terminal user to a cloud server;
step five, ciphertext search: the cloud server firstly verifies whether the terminal user attribute set S meets the access control structure P, and if not, the operation is terminated; otherwise, the cloud server will trap the door Tw′And index set { IτMatching is carried out, and the ciphertext set C' successfully matched is set as { C }π} and corresponding ciphertext key setsSending the data to a fog node;
2. The fine-grained searchable encryption method for fog calculation as recited in claim 1, wherein in step one, common parameters
Master key msk ═ (x, y, { t)i}i∈[1,n]);
Wherein G is a p-order addition cycle group, G0,g1Are two different generators of G, GTIs a cyclic group of p factorial method, e is a bilinear map GXG → GT,H1Indicates that the set {0,1} is to be aggregated*Mapping to p-order integer Ring ZpX represents a first random number: x is formed as ZpAnd y represents a second random number: y is equal to Zp,tiRepresents a third random number: t is ti∈Zp,i∈[1,n]The value range of i is represented, and the system attribute set U is equal to{att1,…,attn},attnRepresenting the nth system attribute.
3. The fine-grained searchable encryption method for fog calculation according to claim 2, wherein said second step specifically comprises the steps of:
firstly, a secret key generation center KGC generates a fog node public key PK for a fog nodeFNMist node database correlation public keyAnd an authorized end user list UL, wherein the fog node public key PKFN=e(g0,g0)yrMist node database correlation public key r represents a fourth random number, r ∈ ZpS represents a random number common to the system, s ∈ Zp;
Secondly, when a new terminal user joins the terminal user list UL, the key generation center KGC generates a key according to the identity information ID of the terminal userEUAnd end user attribute setGenerating an end-user public key PKEUPublic key associated with end user databaseWherein the end-user public key PKEU=e(g0,g0)yuEnd user database related public key u represents a fifth random number: u is as large as Zp,J-th attribute representing data user, j ∈ [1, m ∈ >]Representing the value range of j;
thirdly, a secret key generation center KGC generates a terminal user private key SK for the terminal userEUGenerating a mist node private key SK for the mist nodeFNWherein the end-user private key SKEU=(K0,{Kj,1}j∈[1,m]U), mist node private key SKFN=(K1,K2,K3,{Kj,2,Kj,3}j∈[1,m],r),K0Representing the first private key component:K1representing the second private key component: K2represents the third private key component:K3represents the fourth private key component:ajrepresents a sixth random number, aj∈Zp,Kj,1Represents the fifth private key component:mapping rho1Indicating the mapping of attributes in the data user' S attribute set S to attributes of the corresponding system attribute set U, i.e.Kj,2Represents the sixth private key component:Kj,3represents the seventh private key component:bjdenotes a seventh random number, bj∈ZpV represents an eighth random number, v ∈ Zp;
Fourthly, the secret key generation center KGC uses the secret key SK of the terminal userEUSending to the terminal user, and sending the private key SK of the fog node to the terminal userFNAnd sending the data to the fog node.
4. The fine-grained searchable encryption method for fog calculation according to claim 3, wherein said step three specifically comprises the steps of:
first, the data owner utilizes a symmetric key set sτThe plaintext document set F is changed to F1,…,FτEncrypting into a ciphertext document set C ═ C1,…,CτA data owner establishes an access control structure P and sends the access control structure P to a selected fog node;
secondly, the access control structure P is a tree structure, each node in the tree comprises a polynomial and a threshold value, and the fog node selects a polynomial q for the root node rr(v) And a threshold value kr(v) Where v is an argument, q is the argument when v is 0r(0) θ represents a ninth random number, θ ∈ ZpThreshold value kr(v) In the range of 1. ltoreq. kr(v)≤numr,numrRepresenting the number of r child nodes of the root node;
thirdly, selecting a polynomial q for a non-leaf node xx(v) And a threshold value kx(v) Polynomial qx(v) The following conditions are satisfied:
dx(v)=kx(v)-1,
wherein d isx(v) Denotes qx(v) And when the argument v is 0,parent (x) indicates the parent of node x, index (x) indicates the order of parent (x) children, and threshold kx(v) In the range of 1. ltoreq. kx(v)≤numx,numxRepresenting the number of the child nodes of the node x;
the fourth step, selecting a polynomial q for the leaf node ll(v) And a threshold value kl(v) Wherein the polynomial ql(v) Threshold value k ═ Sl(v)=1;
Fifthly, the fog node encrypts a symmetric key sτObtain a temporary ciphertext key CTτAnd the temporary cipher text key CT is usedτSent to the data owner, where the temporary cipher text key CTτ=(CT1,CT2,{CTl}l∈L),CT1Representing the first temporary ciphertext key:CT2representing the second temporary ciphertext key:CTlrepresenting the third temporary ciphertext key:l represents a set of leaf nodes;
sixthly, the data owner encrypts the temporary ciphertext key CTτObtaining a ciphertext keyWherein CT′1Representing the first ciphertext key:CT′2representing the second ciphertext key:CT3representing the third ciphertext key:CCτrepresenting the fourth ciphertext key: CC (challenge collapsar)τ=sτ·e(g0,g0)yhH represents a tenth random number, h ∈ Zp;
Seventh step, plaintext document FτThe data owner is a plaintext document FτEstablishing a ciphertext index Iτ,Iτ=(I0,I1,{Il,1,Il,2}l∈L) In which I0Denotes a first index component, I0=e(g0,g0)ys,I1A second index component is represented that is,Il,1a third index component is represented that is,Il,2denotes the fourth index component, Il,2=(s-dl)/H1(W),dlDenotes an eleventh random number, dl∈Zp;
5. The fine-grained searchable encryption method for fog calculation according to claim 4, wherein said step four specifically comprises the steps of:
step one, when a terminal user wants to inquire a keyword W', a fog node verifies whether the terminal user is in an authorized user list UL, if not, the operation is terminated, otherwise, the operation is switched to the step two;
second, the fog node generates a first-stage trapdoor TW′,1And the first stage trapdoor T is connectedW′,1Sent to the end user, wherein the first stage trapdoor TW′,1=(T1,{Tj,1}j∈[1,m]),T1Representing a first component of the first stage trapdoor,Tj,1representing a second component of the first stage trapdoor,eta represents a twelfth random number, eta belongs to Zp;
Third, the end user receives the first stage trapdoor TW′,1Post-generation second stage trapdoor TW′,2And the second stage is trapped in the door TW′,2Sent to the fog node, wherein the second stage trapdoor TW′,2=(T0,T′1,{T′j,1,Tj,2}j∈[1,m]),T0Representing a first component, T, of the second-stage trapdoor0=u+λ,T′1Representing a second component of the second stage trapdoor,T′j,1a third component representing a second stage trapdoor,Tj,2a fourth component representing the second stage trapdoor,λ represents a thirteenth random number, λ ∈ Zp;
Fourthly, the fog node receives the trapdoor T of the second stageW′,2Post-forming trapdoor TW′And will trap the door TW′And sending the terminal user attribute set S to the cloud server, whereinT′0Representing a first component, T ', of the trapdoor'0=T0η+r,A second component of the trapdoor is represented,T′j,2a third component of the trapdoor is represented,
6. the fine-grained searchable encryption method for fog calculation according to claim 5, wherein said step five specifically comprises the steps of:
firstly, the cloud server verifies whether the terminal user attribute set S meets the access control structure P, if not, the operation is terminated, and the operation is finished; if yes, turning to the second step;
second, the cloud server is the end user's per attributeCalculating a first intermediate variableAnd a second intermediate variable
Thirdly, the cloud server matches the trapdoor T according to the following equationw′And index set { IτThe successfully matched ciphertext set C' and the corresponding ciphertext key setSending the data to a fog node;
7. the fine-grained searchable encryption method for fog calculation according to claim 4, wherein said step six specifically comprises the steps of:
the first step is as follows: the fog node calculates the intermediate quantity D of the root node according to a recursion algorithmr;
If att (l) ε S, the leaf node intermediate quantities are calculated:wherein q isl(0) A leaf node polynomial q when the argument v is 0l(v) A value of (d); calculating intermediate quantity of root nodes:if the access structure P has only two layers, the intermediate quantity D of the child node is obtainedxEqual to the leaf node intermediate quantity DlCan solve out Terminating the recursion; otherwise to DxCall push-throughThe solution is continued until the parent node of the leaf node is recurred, and the solution can be obtainedTerminating the recursion; wherein the operatori table index (x), psixSet of random children representing x nodes, | ψx|=kx(v),|ψxThe | representation set ψxJ is the set ψxThe elements of (1); operatorx' is a sub-node of node x, psix′Set of random children nodes representing x' nodes, | ψx′|=kx′(v),|ψx′The | representation set ψx′The size of (d);
the second step is that: the fog node calculates a key correlation quantity M and sets a secret text C ═ CπAnd the phasesCorresponding cipher text key setSending the data to a terminal user;
the third step: the end user can obtain a symmetric key set s of a plaintext according to the following formulaπAnd thus, the dense text set C ═ C is decryptedπGet the plaintext F' ═ Fπ};
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711329739.7A CN108156138B (en) | 2017-12-13 | 2017-12-13 | Fine-grained searchable encryption method for fog calculation |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711329739.7A CN108156138B (en) | 2017-12-13 | 2017-12-13 | Fine-grained searchable encryption method for fog calculation |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108156138A CN108156138A (en) | 2018-06-12 |
CN108156138B true CN108156138B (en) | 2020-10-27 |
Family
ID=62466711
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711329739.7A Active CN108156138B (en) | 2017-12-13 | 2017-12-13 | Fine-grained searchable encryption method for fog calculation |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108156138B (en) |
Families Citing this family (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109639425B (en) * | 2018-11-07 | 2020-05-19 | 华中科技大学 | Lightweight searchable public key encryption method and storage medium in side computing environment |
CN110138538B (en) * | 2019-05-09 | 2022-06-21 | 南京邮电大学 | Smart grid security and privacy protection data aggregation method based on fog calculation |
CN110300104B (en) * | 2019-06-21 | 2021-10-22 | 山东超越数控电子股份有限公司 | User authority control and transfer method and system under edge cloud scene |
CN110602086B (en) * | 2019-09-10 | 2021-10-26 | 北京工业大学 | Repealable and outsourced multi-authorization center attribute-based encryption method in fog computing |
CN110933026B (en) * | 2019-10-22 | 2021-06-04 | 东北大学 | Lightweight privacy protection equivalent query method |
CN111190925B (en) * | 2019-10-30 | 2023-07-21 | 重庆邮电大学 | Multi-dimensional query method, system and storage medium for edge computing |
CN111447192B (en) * | 2020-03-23 | 2022-05-10 | 齐鲁工业大学 | Lightweight attribute base signcryption method for cloud and mist assisted Internet of things |
CN111431898B (en) * | 2020-03-23 | 2022-06-07 | 齐鲁工业大学 | Multi-attribute mechanism attribute-based encryption method with search function for cloud-assisted Internet of things |
CN111930688B (en) * | 2020-09-23 | 2021-01-08 | 西南石油大学 | Method and device for searching secret data of multi-keyword query in cloud server |
CN112311781B (en) * | 2020-10-23 | 2021-11-12 | 西安电子科技大学 | Encryption method with safe forward and backward direction and recoverable keyword shielding |
CN114826703B (en) * | 2022-04-11 | 2024-04-05 | 江苏大学 | Block chain-based data search fine granularity access control method and system |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106357395A (en) * | 2016-09-13 | 2017-01-25 | 深圳大学 | Outsourcing access control method and system aiming at fog computing |
CN106850652A (en) * | 2017-02-21 | 2017-06-13 | 重庆邮电大学 | One kind arbitration can search for encryption method |
CN107395568A (en) * | 2017-06-21 | 2017-11-24 | 西安电子科技大学 | A kind of cipher text retrieval method of more data owner's certifications |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100146299A1 (en) * | 2008-10-29 | 2010-06-10 | Ashwin Swaminathan | System and method for confidentiality-preserving rank-ordered search |
-
2017
- 2017-12-13 CN CN201711329739.7A patent/CN108156138B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106357395A (en) * | 2016-09-13 | 2017-01-25 | 深圳大学 | Outsourcing access control method and system aiming at fog computing |
CN106850652A (en) * | 2017-02-21 | 2017-06-13 | 重庆邮电大学 | One kind arbitration can search for encryption method |
CN107395568A (en) * | 2017-06-21 | 2017-11-24 | 西安电子科技大学 | A kind of cipher text retrieval method of more data owner's certifications |
Non-Patent Citations (2)
Title |
---|
Fogging the cloud—Implementing and evaluating searchable encryption schemes in practice;Koschuch M et al;《IEEE》;20150702;第1365-1368页 * |
支持多关键字的可搜索公钥加密方案;李昊星 等;《西安电子科技大学学报(自然科学版)》;20151106;第20-25页 * |
Also Published As
Publication number | Publication date |
---|---|
CN108156138A (en) | 2018-06-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108156138B (en) | Fine-grained searchable encryption method for fog calculation | |
CN108156140B (en) | Multi-keyword searchable encryption method supporting numerical value attribute comparison | |
Luo et al. | Hierarchical multi-authority and attribute-based encryption friend discovery scheme in mobile social networks | |
CN108599937B (en) | Multi-keyword searchable public key encryption method | |
CN106375346B (en) | Data guard method based on condition broadcast agent re-encryption under a kind of cloud environment | |
CN111143471B (en) | Ciphertext retrieval method based on blockchain | |
CN105323061B (en) | It is a kind of can keyword search outsourcing key generate and decryption attribute based system and decryption method | |
CN103944711B (en) | Cloud storage ciphertext retrieval method and system | |
CN107276766B (en) | Multi-authorization attribute encryption and decryption method | |
CN109361644B (en) | Fuzzy attribute based encryption method supporting rapid search and decryption | |
CN110022309B (en) | Safe and efficient data sharing method in mobile cloud computing system | |
CN111431898B (en) | Multi-attribute mechanism attribute-based encryption method with search function for cloud-assisted Internet of things | |
CN114826703A (en) | Block chain-based data search fine-grained access control method and system | |
CN106506474A (en) | A kind of efficient traceable data sharing method based on mobile cloud environment | |
Kaushik et al. | Multi-user attribute based searchable encryption | |
CN113794561A (en) | Public key searchable encryption method and system | |
Liu et al. | Secure and efficient multi-authority attribute-based encryption scheme from lattices | |
CN113489591A (en) | Traceable comparison attribute encryption method based on multiple authorization centers | |
CN109740383B (en) | Privacy protection control method for fog computing-oriented medical system | |
CN106301776A (en) | Many authorization center outsourcing attribute base encryption method of a kind of keyword search and system | |
CN113468440A (en) | Anonymous query method for protecting location privacy based on SF-blind filtering protocol | |
CN109412809B (en) | SDN information access control method based on authenticatable hierarchical attribute encryption | |
CN112804052A (en) | User identity encryption method based on composite order group | |
CN104144057A (en) | CP-ABE method for generating security decryption secret key | |
CN108632257B (en) | Method and system for acquiring encrypted health record supporting hierarchical search |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |