CN111786790A - Privacy protection identity-based encryption method and system with keyword search function - Google Patents

Privacy protection identity-based encryption method and system with keyword search function Download PDF

Info

Publication number
CN111786790A
CN111786790A CN202010517953.0A CN202010517953A CN111786790A CN 111786790 A CN111786790 A CN 111786790A CN 202010517953 A CN202010517953 A CN 202010517953A CN 111786790 A CN111786790 A CN 111786790A
Authority
CN
China
Prior art keywords
keyword
identity
private key
ciphertext
trapdoor
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010517953.0A
Other languages
Chinese (zh)
Inventor
陆阳
魏晶
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hohai University HHU
Original Assignee
Hohai University HHU
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hohai University HHU filed Critical Hohai University HHU
Priority to CN202010517953.0A priority Critical patent/CN111786790A/en
Publication of CN111786790A publication Critical patent/CN111786790A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • H04L9/3073Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
    • H04L9/3033Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters details relating to pseudo-prime or prime number generation, e.g. primality test
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Algebra (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses an identity-based encryption method with a function of privacy protection and keyword search. The invention also discloses an identity-based encryption system with the function of privacy protection and with the function of keyword search, which comprises a system parameter generation module, a key generation module, a keyword ciphertext generation module, a keyword trapdoor generation module and a test module. The technical scheme of the invention provides a ciphertext search function with privacy protection, can effectively resist keyword guessing attack aiming at the existing identity encryption method with keyword search, and achieves the purpose of protecting the privacy of users.

Description

Privacy protection identity-based encryption method and system with keyword search function
Technical Field
The invention relates to the technical field of data encryption in information security, in particular to an identity-based encryption method and system with keyword search for privacy protection.
Background
The encryption technology with keyword search allows a user to search whether a data ciphertext contains specific keywords and simultaneously does not reveal related plaintext and keyword information, and an effective and safe solution is provided for solving the problem of ciphertext retrieval. The new encryption system is divided into two types of symmetric encryption with keyword search and asymmetric encryption with keyword search (namely public key encryption with keyword search). Symmetric encryption with keyword search uses the same key to generate keyword ciphertext and trapdoor, has the advantage of high efficiency, but has the problem of key distribution. The public key encryption with the keyword search uses different keys to generate a keyword ciphertext and a trapdoor, namely the public key is used for generating the keyword ciphertext and the private key is used for generating the keyword trapdoor, so that the problem of key distribution is solved. The first public key encryption method with keyword search was proposed by Boneh et al in 2003, and this method allowed users to authorize untrusted storage servers to test the received ciphertext to verify that it contains certain keywords. Specifically, the working principle of the public key encryption method with keyword search is as follows: firstly, a sender generates a keyword ciphertext related to the data ciphertext by using the keyword and a public key of a receiver, and then transmits the keyword ciphertext and the data ciphertext to a storage server; when a receiver wants to retrieve a data ciphertext containing a specific keyword from a storage server, a trapdoor of the keyword is generated by using a private key of the receiver and is transmitted to the storage server; after receiving the key word trap, the storage server performs matching test on the ciphertext of the receiver and then returns all matched ciphertexts to the receiver; and finally, the receiver decrypts the received ciphertext to obtain the required data information. In the above process, the server does not need to decrypt the data ciphertext and does not know any information of the keyword searched by the receiver.
The realization of the public key encryption method with keyword search is based on the traditional public key cryptosystem, so that the problem of complex certificate management exists. To overcome this problem, Abdalla et al in 2008 combined public key encryption with keyword search with an identity-based cryptosystem, and first proposed an identity-based encryption method with keyword search. Unlike the public key encryption method with keyword search, the identity-based encryption method with keyword search uses the user's identity as the public key, and naturally solves the problem of binding the user's public key with the user's identity, thereby avoiding a series of problems caused by certificate management. However, existing identity-based encryption methods with keyword search directly use the recipient's identity encryption key to generate a key ciphertext, and are therefore vulnerable to key guessing attacks. Once an attacker intercepts a keyword trapdoor of a certain receiver, all possible keywords can be guessed, the guessed keywords are encrypted by using the identity of the receiver to generate a ciphertext, then a test algorithm is executed to verify the correctness of the guess, and finally, the keyword information in the keyword trapdoor is revealed, so that the leakage of the privacy information of a user is caused. In summary, the existing identity-based encryption method with keyword search has the problem of keyword guessing attack.
Disclosure of Invention
The identity-based encryption method with the function of privacy protection provided by the invention not only overcomes the problem of keyword guessing attack and provides a ciphertext search function with privacy protection, but also benefits from the excellent characteristics of an identity-based cryptosystem and does not have the problem of complex certificate management.
The invention adopts the following technical scheme for solving the technical problems:
the identity-based encryption method with the function of privacy protection and keyword search provided by the invention comprises the following steps:
a, according to the security parameters, a private key generation center generates public parameters and a main private key of a system;
b, according to the public parameters of the system, the master private key and the identity of the entity, a private key generation center generates a private key of the entity, and the entity comprises a storage server, a sender and a receiver;
step C, generating a keyword cipher text by the sender according to the public parameters of the system, the identity of the storage server, the identity of the receiver, the private key of the sender and the keywords;
step D, according to the public parameters of the system, the identity of the sender, the private key of the receiver and the keywords, the receiver generates a keyword trapdoor;
and E, testing whether the keyword ciphertext is matched with the keyword trapdoor or not by the storage server according to the public parameters of the system, the private key of the storage server, the keyword ciphertext and the keyword trapdoor, namely whether the keyword in the ciphertext is the same as the keyword in the trapdoor or not.
As a further optimization scheme of the identity-based encryption method with the function of privacy protection and keyword search, the detailed steps of the step A are as follows:
step A.1, the private key generation center generates a private key according to the security parameter ∈ Z+Determining a large prime number q of one bit, and generating an addition cyclic group G and a multiplication cyclic group G of order qTAnd defines a bilinear pair e: G × G → GTBilinear pair e G × G → GTAre Cartesian products G × G to GTG × G → GTThe index function z is e (u, v), where u, v ∈ G are arguments, z ∈ GTIs a dependent variable, Z+Is a positive integer set, and e (u, v) is a bilinear pairing function value of u and v;
step A.2, selecting a generator P from the group G and randomly selecting an integer
Figure BDA0002530829380000021
Wherein the set
Figure BDA0002530829380000022
Calculating the master public key Ppub=sP;
Step A.3, defining two hash functions H1:{0,1}*→ G and
Figure BDA0002530829380000023
wherein H1Is {0,1}*Hash function to group G, {0,1}*Is a set of binary strings of indeterminate length; h2Is a group GTTo
Figure BDA0002530829380000024
The hash function of (1);
step A.4, generating a public parameter Params ═ q, G of the systemT,e,P,Ppub,H1,H2And the master private key msk ═ s.
As a further optimization scheme of the identity-based encryption method with the function of privacy protection and keyword search, the detailed steps of the step B are as follows:
according to the public parameter Params, the master private key msk ═ s of the system and the identity ID of the entity, the private key generation center generates the private key sk of the entityID=sH1(ID),H1(ID) as a hash function H1The hash value of the output identity ID; representing the identity and private key of a storage server as ID, respectivelySer
Figure BDA0002530829380000031
The identity of the sender and the private key are denoted as ID, respectivelyS
Figure BDA0002530829380000032
The identity and private key of the recipient are respectively denoted as IDR
Figure BDA0002530829380000033
As a further optimization scheme of the identity-based encryption method with the function of privacy protection and keyword search, the detailed steps of the step C are as follows:
step C.1, according to the public parameter Params of the system and the identity ID of the storage serverSerThe sender randomly selects an integer
Figure BDA0002530829380000034
Calculating the first part of the keyword cipher text a ═ e (t)1H1(IDSer),Ppub) In which H is1(IDSer) As a hash function H1Exported identity IDSerThe hash value of (1);
step C.2, the sender ID according to the receiverRAnd its own private key
Figure BDA0002530829380000035
And a keyword w, randomly selecting an integer
Figure BDA0002530829380000036
Calculating the second part B ═ t of the keyword cipher text1H2(w, α), wherein
Figure BDA0002530829380000037
Shared secret value, H, between sender and receiver generated for sender2(w, α) is a hash function H2Hash values of output w and α, H1(IDR) As a hash function H1Exported identity IDRThen adds the keyword ciphertext (a, B) to the data ciphertext and sends the data ciphertext to the storage server IDSer
As a further optimization scheme of the identity-based encryption method with the function of privacy protection and keyword search, the detailed steps of the step D are as follows:
step D.1, the receiver randomly selects an integer
Figure BDA0002530829380000038
Calculating a first portion T of a keyword trapdoor1=t2P;
D.2, according to the public parameter Params of the system and the identity information ID of the senderSPrivate key of the recipient
Figure BDA0002530829380000039
And a keyword w', the receiver computing a second part T of the keyword trapdoor2=t2H2(w ', α'), wherein
Figure BDA00025308293800000310
Shared secret value between sender and receiver, H, generated for the receiver2(w ', α') is a hash function H2Hash values of output w 'and α', H1(IDS) As a hash function H1Exported identity IDSThen the key trapdoor T ═ T (T)1,T2) And sending the data to a storage server.
As a further optimization scheme of the identity-based encryption method with the function of privacy protection and keyword search, the detailed steps of the step E are as follows:
according to the public parameter Params of the system, the private key of the storage server
Figure BDA00025308293800000311
Keyword ciphertext (a, B) and keyword trapdoor T (T)1,T2) Storage server verification equation
Figure BDA0002530829380000041
Whether the result is true or not; if the equality is established, the keyword ciphertext is matched with the keyword trapdoor, and the data ciphertext passing the test is sent to a receiver; otherwise, the test fails.
The identity-based encryption method further optimizing scheme with the function of privacy protection and keyword search comprises a system parameter generation module, a key generation module, a keyword ciphertext generation module, a keyword trapdoor generation module and a test module;
the system parameter generation module is used for generating a public parameter and a main private key of the system according to the input security parameter;
the key generation module is used for generating a private key of the entity according to the public parameter of the system, the master private key and the identity information of the entity;
the keyword ciphertext generating module is used for generating a keyword ciphertext according to the public parameter of the system, the identity of the storage server, the identity of the receiver, the private key of the sender and the keyword;
the keyword trapdoor generation module is used for generating a keyword trapdoor according to the public parameters of the system, the identity information of the sender, the private key of the receiver and the keywords;
and the test module is used for testing whether the keywords in the ciphertext are matched with the keywords in the trapdoor or not according to the public parameters of the system, the private key of the storage server, the keyword ciphertext and the keyword trapdoor.
Compared with the prior art, the invention adopting the technical scheme has the following technical effects:
(1) because the method provided by the invention is based on the identity cryptosystem and takes the identity of the unique identification entity as the public key, the problem of heavy certificate management in the public key encryption method with keyword search based on the traditional public key cryptosystem is solved;
(2) according to the method, the public key of the storage server is embedded in the keyword ciphertext, and only the storage server can use the private key to execute the matching test of the keyword ciphertext and the keyword trapdoor, so that a user can publicly send the keyword trapdoor to the storage server without a safety channel;
(3) according to the method, the private key of the sender is embedded into the keyword ciphertext, so that an attacker cannot generate the ciphertext of the guessed keyword, and further cannot launch effective guessing attack on the keyword in the keyword trapdoor, therefore, the leakage of search information of a user is avoided, and the privacy of the user is effectively protected.
Drawings
FIG. 1 is a flow chart of a privacy preserving identity-based encryption method with keyword search according to the present invention.
Fig. 2 is a flow diagram of operations performed by a cryptographic system in accordance with the present invention.
FIG. 3 is a schematic diagram of a privacy preserving identity-based encryption system with keyword search according to the present invention.
Detailed Description
The technical scheme of the invention is further explained in detail by combining the attached drawings:
the invention aims to solve the problem of keyword guessing attack in the existing identity-based encryption method with keyword search, and provides a novel identity-based encryption method and system with keyword search, which can provide privacy protection.
The privacy-preserving identity-based encryption method with keyword search can be realized by utilizing bilinear pairings, and the basic knowledge of the bilinear pairings is firstly briefly introduced below.
Let G and GTAre two cyclic groups of order q, where q is a large prime number, the generation of group GThe element is P. Hypothesis group G1And G2The discrete logarithm problem of (1) is difficult. If defined in groups G and GTOne mapping of (e) G × G → GTThe mapping is said to be a valid bilinear pair satisfying the following three properties, wherein bilinear pair e: G × G → GTIs Cartesian product G × G to group GTG × G → GTStands for the function z ═ e (u, v) where u, v ∈ G are arguments, z ∈ GTIs a dependent variable, Z+For a set of positive integers, e (u, v) is the bilinear pairing function value of u and v.
The bilinear correspondence satisfies the following three properties:
(1) bilinear: for arbitrary
Figure BDA0002530829380000051
And u, v ∈ G, satisfying e (au, bv) ═ e (u, v)ab
(2) Non-degeneracy, the existence of u, v ∈ G, satisfies
Figure BDA0002530829380000052
(3) Calculability: for any u, v ∈ G, e (u, v) can be calculated by an efficient algorithm.
Wherein, the concept of cyclic group is that if G is a group, if there is an element P ∈ G, G is { kP | k ∈ Z } (or G is { P ═ P }kI k ∈ Z), G is called an addition (or multiplication) round, P is the generator of G, if the order of the generator P is q (i.e., q is the smallest positive integer that makes the power of P equal to the unit cell of the group G), G is called a q-order round.
Figure BDA0002530829380000053
Wherein ZqRefers to the remaining class of integer modulus q, i.e. Zq={0,1,...,q-1}。
Based on the above description of bilinear pairings, the identity-based encryption method with keyword search for privacy protection proposed by the present invention is further described below with reference to the accompanying drawings and implementation examples, but is not limited to the present invention.
The entities involved in the method of the invention are as follows:
(1) the private key generation center: a trusted third party responsible for generating public parameters and master private keys of the system and private keys of all entities;
(2) a storage server: the data receiving system is responsible for storing the data ciphertext of the user in the system, retrieving the data ciphertext after receiving the trapdoor of the data receiver and sending the data ciphertext meeting the requirement to the data receiver;
(4) the sender: the sending entity of the cryptograph is responsible for encrypting the data to be sent into the cryptograph, then encrypting the key words into key word cryptograph, and sending the key word cryptograph and the key word cryptograph to the storage server;
(5) the receiver: and the receiving entity of the ciphertext authorizes the storage server to retrieve the ciphertext by sending the keyword trapdoor to the storage server.
With reference to fig. 1 and 2, the steps of the method of the invention are described in detail as follows:
step A, generating public parameters and a master private key of a system; the method comprises the following specific steps:
step 1, according to the safety parameter ∈ Z+Determining a large prime number q of one bit, and generating a q-order addition cycle group G and a multiplication cycle group G by a private key generation centerTAnd defines a bilinear pair e: G × G → GT
Step 2: selecting a generator P from the group G and randomly selecting an integer
Figure BDA0002530829380000061
Wherein the set
Figure BDA0002530829380000062
Calculating the master public key Ppub=sP;
Step 3, two hash functions H are defined1:{0,1}*→ G and
Figure BDA0002530829380000063
wherein H1Is {0,1}*Hash function to group G, {0,1}*Is a set of binary strings of indeterminate length; h2Is a group GTTo
Figure BDA0002530829380000064
The hash function of (1);
according to the execution results of the step 1, the step 2 and the step 3, the private key generation center sets the public parameter Params of the system to { q, G ═ qT,e,P,Ppub,H1,H2Public, secret master key msk ═ s.
B, generating a private key of the entity according to the public parameter of the system, the master private key and the identity information of the entity; the method comprises the following specific steps:
and 4, for the identity ID of the entity, calculating the private key sk of the entity by the private key generation center according to the public parameter Params and the master private key msk ═ s of the systemID=sH1(ID),H1(ID) as a hash function H1A hash value of the output identity ID.
Step C, generating a keyword cipher text according to the public parameters of the system, the identity of the storage server, the identity of the receiver, the private key of the sender and the keywords; the method comprises the following specific steps:
step 5, according to the public parameter Params of the system and the identity ID of the storage serverSerID of the recipientRAnd a private key
Figure BDA0002530829380000065
And a keyword w, the sender selecting a random element
Figure BDA0002530829380000066
Calculating and generating keyword ciphertext (a, B) ═ e (t)1H1(IDSer),Ppub),t1H2(w, α)), wherein
Figure BDA0002530829380000067
cipher (a, B) means that the keyword ciphertext cipher is composed of two parts, a and B, and H1(IDSer) As a hash function H1Exported identity IDSerThe hash value of (1); h1(IDR) As a hash function H1Of the outputIdentity IDRHash value of H2(w, α) is a hash function H2The output w and the hash value of α.
Step D, generating a keyword trapdoor according to the public parameters of the system, the identity of the sender, the private key of the receiver and the keywords; the method comprises the following specific steps:
step 6, according to the public parameter Params of the system and the identity information ID of the senderSPrivate key of the recipient
Figure BDA0002530829380000068
And a keyword w', the recipient randomly selecting an element
Figure BDA0002530829380000069
Calculating and generating a keyword trapdoor T ═ T (T)1,T2)=(t2P,t2H2(w ', α')), wherein
Figure BDA0002530829380000071
T=(T1,T2) Indicating that the keyword trapdoor T is composed of1And T2Formed of two parts, H2(w ', α') is a hash function H2Hash values of output w 'and α', H1(IDS) As a hash function H1Exported identity IDSThe hash value of (1).
Step E, testing whether the keywords in the ciphertext are matched with the keywords in the trapdoor or not according to the public parameters of the system, the private key of the storage server, the keyword ciphertext and the keyword trapdoor; the method comprises the following specific steps:
step 7, according to the public parameter Params of the system and the private key of the storage server
Figure BDA0002530829380000072
Keyword ciphertext (a, B) and keyword trapdoor T (T)1,T2) Storage server verification equation
Figure BDA0002530829380000073
Whether or not this is true. If it is notIf the equality is established, the keyword ciphertext is matched with the keyword trapdoor, and the data ciphertext passing the test is sent to a receiver; otherwise, the test fails.
Referring to fig. 3, the present invention further provides a privacy-preserving identity-based encryption system with keyword search, the system comprising: the system comprises a system parameter generation module, a key generation module, a keyword ciphertext generation module, a keyword trapdoor generation module and a test module;
the system parameter generation module is used for generating public parameters and a main private key of the system according to the input security parameters;
the key generation module is used for generating a private key of the entity according to the public parameter of the system, the master private key and the identity information of the entity;
the keyword ciphertext generating module is used for generating a keyword ciphertext according to the public parameter of the system, the identity of the storage server, the identity of the receiver, the private key of the sender and the keyword;
the keyword trapdoor generation module is used for generating a keyword trapdoor according to public parameters of a system, identity information of a sender, a private key of a receiver and keywords;
the testing module is used for testing whether the keywords in the ciphertext are matched with the keywords in the trapdoor or not according to the public parameters of the system, the private key of the storage server, the keyword ciphertext and the keyword trapdoor.
It will be understood by those skilled in the art that, unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. It will be further understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the prior art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein.
The above description is only for the specific embodiment of the present invention, but the scope of the present invention is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present invention are included in the scope of the present invention.

Claims (7)

1. An identity-based encryption method with keyword search for privacy protection is characterized by comprising the following steps:
a, according to the security parameters, a private key generation center generates public parameters and a main private key of a system;
b, according to the public parameters of the system, the master private key and the identity of the entity, a private key generation center generates a private key of the entity, and the entity comprises a storage server, a sender and a receiver;
step C, generating a keyword cipher text by the sender according to the public parameters of the system, the identity of the storage server, the identity of the receiver, the private key of the sender and the keywords;
step D, according to the public parameters of the system, the identity of the sender, the private key of the receiver and the keywords, the receiver generates a keyword trapdoor;
and E, testing whether the keyword ciphertext is matched with the keyword trapdoor or not by the storage server according to the public parameters of the system, the private key of the storage server, the keyword ciphertext and the keyword trapdoor, namely whether the keyword in the ciphertext is the same as the keyword in the trapdoor or not.
2. The identity-based encryption method with keyword search for privacy protection according to claim 1, wherein the detailed steps of step a are as follows:
step A.1, the private key generation center generates a private key according to the security parameter ∈ Z+Determining a large prime number q of one bit, and generating an addition cyclic group G and a multiplication cyclic group G of order qTAnd defines a bilinear pair e: G × G → GTBilinear pair e G × G → GTAre Cartesian products G × G to GTG × G → GTThe index function z is e (u, v), where u, v ∈ G are arguments, z ∈ GTIs a dependent variable, Z+Is a positive integer set, and e (u, v) is a bilinear pairing function value of u and v;
step A.2, Slave groupG is selected a generator P and randomly selected an integer
Figure FDA0002530829370000011
Wherein the set
Figure FDA0002530829370000012
Calculating the master public key Ppub=sP;
Step A.3, defining two hash functions H1:{0,1}*→ G and
Figure FDA0002530829370000013
wherein H1Is {0,1}*Hash function to group G, {0,1}*Is a set of binary strings of indeterminate length; h2Is a group GTTo
Figure FDA0002530829370000014
The hash function of (1);
step A.4, generating a public parameter Params ═ q, G of the systemT,e,P,Ppub,H1,H2And the master private key msk ═ s.
3. The identity-based encryption method with keyword search for privacy protection according to claim 2, wherein the detailed steps of step B are as follows:
according to the public parameter Params, the master private key msk ═ s of the system and the identity ID of the entity, the private key generation center generates the private key sk of the entityID=sH1(ID),H1(ID) as a hash function H1The hash value of the output identity ID; representing the identity and private key of a storage server as ID, respectivelySer
Figure FDA0002530829370000015
The identity of the sender and the private key are denoted as ID, respectivelyS
Figure FDA0002530829370000016
The identity and private key of the recipient are respectively denoted as IDR
Figure FDA0002530829370000017
4. The identity-based encryption method with keyword search for privacy protection as claimed in claim 3, wherein the detailed steps of step C are as follows:
step C.1, according to the public parameter Params of the system and the identity ID of the storage serverSerThe sender randomly selects an integer
Figure FDA0002530829370000021
Calculating the first part of the keyword cipher text a ═ e (t)1H1(IDSer),Ppub) In which H is1(IDSer) As a hash function H1Exported identity IDSerThe hash value of (1);
step C.2, the sender ID according to the receiverRAnd its own private key
Figure FDA0002530829370000022
And a keyword w, randomly selecting an integer
Figure FDA0002530829370000023
Calculating the second part B ═ t of the keyword cipher text1H2(w, α), wherein
Figure FDA0002530829370000024
Shared secret value, H, between sender and receiver generated for sender2(w, α) is a hash function H2Hash values of output w and α, H1(IDR) As a hash function H1Exported identity IDRThen adds the keyword ciphertext (a, B) to the data ciphertext and sends the data ciphertext to the storage server IDSer
5. The identity-based encryption method with keyword search for privacy protection according to claim 4, wherein the detailed steps of step D are as follows:
step D.1, the receiver randomly selects an integer
Figure FDA0002530829370000025
Calculating a first portion T of a keyword trapdoor1=t2P;
D.2, according to the public parameter Params of the system and the identity information ID of the senderSPrivate key of the recipient
Figure FDA0002530829370000026
And a keyword w', the receiver computing a second part T of the keyword trapdoor2=t2H2(w ', α'), wherein
Figure FDA0002530829370000027
Shared secret value between sender and receiver, H, generated for the receiver2(w ', α') is a hash function H2Hash values of output w 'and α', H1(IDS) As a hash function H1Exported identity IDSThen the key trapdoor T ═ T (T)1,T2) And sending the data to a storage server.
6. A privacy preserving identity-based encryption method with keyword search as claimed in claim 5, characterized in that said step E comprises the following detailed steps:
according to the public parameter Params of the system, the private key of the storage server
Figure FDA0002530829370000028
Keyword ciphertext (a, B) and keyword trapdoor T (T)1,T2) Storage server verification equation
Figure FDA0002530829370000029
Whether the result is true or not; if the equality is established, the keyword ciphertext is matched with the keyword trapdoor, and the data ciphertext passing the test is sent to a receiver; otherwise, the test fails.
7. The system for privacy protection based identity encryption method with keyword search according to claim 1, comprising a system parameter generation module, a key generation module, a keyword ciphertext generation module, a keyword trapdoor generation module and a test module;
the system parameter generation module is used for generating a public parameter and a main private key of the system according to the input security parameter;
the key generation module is used for generating a private key of the entity according to the public parameter of the system, the master private key and the identity information of the entity;
the keyword ciphertext generating module is used for generating a keyword ciphertext according to the public parameter of the system, the identity of the storage server, the identity of the receiver, the private key of the sender and the keyword;
the keyword trapdoor generation module is used for generating a keyword trapdoor according to the public parameters of the system, the identity information of the sender, the private key of the receiver and the keywords;
and the test module is used for testing whether the keywords in the ciphertext are matched with the keywords in the trapdoor or not according to the public parameters of the system, the private key of the storage server, the keyword ciphertext and the keyword trapdoor.
CN202010517953.0A 2020-06-09 2020-06-09 Privacy protection identity-based encryption method and system with keyword search function Pending CN111786790A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010517953.0A CN111786790A (en) 2020-06-09 2020-06-09 Privacy protection identity-based encryption method and system with keyword search function

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010517953.0A CN111786790A (en) 2020-06-09 2020-06-09 Privacy protection identity-based encryption method and system with keyword search function

Publications (1)

Publication Number Publication Date
CN111786790A true CN111786790A (en) 2020-10-16

Family

ID=72753917

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010517953.0A Pending CN111786790A (en) 2020-06-09 2020-06-09 Privacy protection identity-based encryption method and system with keyword search function

Country Status (1)

Country Link
CN (1) CN111786790A (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112804052A (en) * 2020-12-14 2021-05-14 重庆电子工程职业学院 User identity encryption method based on composite order group
CN113032816A (en) * 2021-05-21 2021-06-25 神威超算(北京)科技有限公司 Encrypted file searching method, device and computer readable medium
CN114142996A (en) * 2021-11-18 2022-03-04 贵州大学 Searchable encryption method based on SM9 cryptographic algorithm
CN114338025A (en) * 2021-06-23 2022-04-12 河南科技大学 Ciphertext equivalence testing method in cloud environment
CN115021934A (en) * 2022-05-31 2022-09-06 福建师范大学 Authentication searchable encryption system and method based on BB signature
CN115333845A (en) * 2022-08-19 2022-11-11 南京理工大学 Private data verification method based on subsets

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102882687A (en) * 2012-10-19 2013-01-16 杭州尚思科技有限公司 Intelligent household safe access method and system based on searchable cipher text
CN110602064A (en) * 2019-08-29 2019-12-20 河海大学 Identity-based encryption method and system supporting multi-keyword search

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102882687A (en) * 2012-10-19 2013-01-16 杭州尚思科技有限公司 Intelligent household safe access method and system based on searchable cipher text
CN110602064A (en) * 2019-08-29 2019-12-20 河海大学 Identity-based encryption method and system supporting multi-keyword search

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
魏晶 等: "安全的指定发送者的基于身份的可搜索加密方案", 《计算机应用与软件》 *

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112804052A (en) * 2020-12-14 2021-05-14 重庆电子工程职业学院 User identity encryption method based on composite order group
CN113032816A (en) * 2021-05-21 2021-06-25 神威超算(北京)科技有限公司 Encrypted file searching method, device and computer readable medium
CN114338025A (en) * 2021-06-23 2022-04-12 河南科技大学 Ciphertext equivalence testing method in cloud environment
CN114142996A (en) * 2021-11-18 2022-03-04 贵州大学 Searchable encryption method based on SM9 cryptographic algorithm
CN114142996B (en) * 2021-11-18 2023-09-05 贵州大学 Searchable encryption method based on SM9 cryptographic algorithm
CN115021934A (en) * 2022-05-31 2022-09-06 福建师范大学 Authentication searchable encryption system and method based on BB signature
CN115333845A (en) * 2022-08-19 2022-11-11 南京理工大学 Private data verification method based on subsets
CN115333845B (en) * 2022-08-19 2024-04-12 南京理工大学 Privacy data verification method based on subset

Similar Documents

Publication Publication Date Title
Seo et al. An efficient certificateless encryption for secure data sharing in public clouds
CN111786790A (en) Privacy protection identity-based encryption method and system with keyword search function
Hsu et al. A Study of Public Key Encryption with Keyword Search.
Hu et al. An Enhanced Searchable Public Key Encryption Scheme with a Designated Tester and Its Extensions.
CN109086615A (en) A kind of support multiple key search public key encryption method of anti-keyword guessing attack
CN112152803B (en) Identity-based encryption method with searchable multi-receiver ciphertext
CN110602064A (en) Identity-based encryption method and system supporting multi-keyword search
CN107154845A (en) A kind of BGN types ciphertext decryption outsourcing scheme based on attribute
Mahesh et al. Design of new security algorithm: Using hybrid Cryptography architecture
Zhang et al. An improved anonymous multi‐receiver identity‐based encryption scheme
Chatterjee et al. Cryptography in cloud computing: a basic approach to ensure security in cloud
Luo et al. Practical data transmission scheme for wireless sensor networks in heterogeneous IoT environment
Savu Signcryption scheme based on schnorr digital signature
Liu et al. Designated-ciphertext searchable encryption
Du et al. A Lightweight blockchain-based public-key authenticated encryption with multi-keyword search for cloud computing
Rezaeibagha et al. Secure and privacy-preserved data collection for IoT wireless sensors
Hwang et al. An ElGamal-like secure channel free public key encryption with keyword search scheme
Raghunandan et al. Key generation and security analysis of text cryptography using cubic power of Pell's equation
Fan et al. Multireceiver predicate encryption for online social networks
Choudhary et al. A comparative analysis of cryptographic keys and security
Liao et al. Cryptanalysis of an identity-based encryption scheme with equality test and improvement
Zhan et al. Improved proxy re-encryption with delegatable verifiability
Zhu et al. A secure data sharing scheme with designated server
KR20120069387A (en) A method for searching keyword based on public key
Tomida et al. Keyword searchable encryption with access control from a certain identity-based encryption

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20201016