CN114138823A - Encrypted file retrieval method and system - Google Patents

Encrypted file retrieval method and system Download PDF

Info

Publication number
CN114138823A
CN114138823A CN202111338667.9A CN202111338667A CN114138823A CN 114138823 A CN114138823 A CN 114138823A CN 202111338667 A CN202111338667 A CN 202111338667A CN 114138823 A CN114138823 A CN 114138823A
Authority
CN
China
Prior art keywords
file
server
key
retrieval
encryption
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111338667.9A
Other languages
Chinese (zh)
Inventor
张文明
袁秀阳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shandong Yunhai Guochuang Cloud Computing Equipment Industry Innovation Center Co Ltd
Original Assignee
Shandong Yunhai Guochuang Cloud Computing Equipment Industry Innovation Center Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shandong Yunhai Guochuang Cloud Computing Equipment Industry Innovation Center Co Ltd filed Critical Shandong Yunhai Guochuang Cloud Computing Equipment Industry Innovation Center Co Ltd
Priority to CN202111338667.9A priority Critical patent/CN114138823A/en
Publication of CN114138823A publication Critical patent/CN114138823A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2453Query optimisation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/22Indexing; Data structures therefor; Storage structures
    • G06F16/2228Indexing structures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Software Systems (AREA)
  • Computational Linguistics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides an encrypted file retrieval method and system, wherein the method comprises the following steps: the key generation center generates corresponding private key-public key pairs according to a preset key generation algorithm based on the identity information of the file requester, the file sender and the server respectively; the file sender generates an encryption index based on a private key of the file sender, a public key of the server and the keyword, and uploads the encryption index and a corresponding encryption file to the server; the file requester generates a retrieval trapdoor based on a private key of the file requester, a public key of a file sender, a public key of a server and a keyword to be retrieved, and uploads the retrieval trapdoor to the server; and the server verifies the encryption index based on the retrieval trapdoor according to a preset verification algorithm, responds to the verification passing, acquires the encryption file corresponding to the encryption index and returns the encryption file to the file requester. The invention improves the safety of the encryption retrieval process by fusing the identity information of the file sender, the file receiver and the appointed server in the encryption retrieval process.

Description

Encrypted file retrieval method and system
Technical Field
The invention relates to the field of computer data retrieval and the field of information security, in particular to an encrypted file retrieval method and an encrypted file retrieval system.
Background
How to realize efficient retrieval of ciphertext in a cloud computing environment and protect the data security of a user is a challenging and urgent problem. The encryptable search solves this problem, not only can it achieve efficient ciphertext retrieval, but also does not reveal privacy information of the encrypted data. Therefore, the research on the ciphertext retrieval algorithm has a considerable application prospect.
The security performance of the existing encrypted file retrieval system is low, so the invention aims to provide a safer encrypted file retrieval method, which can effectively resist keyword guessing and improve the security of the encrypted file retrieval system.
Disclosure of Invention
In order to effectively resist keyword guessing, the safety of the encrypted file retrieval system is greatly improved; in one aspect of the present invention, an encrypted file retrieval method is provided, which is applied to a system in which a file requester specifies a server to obtain an encrypted file uploaded by a file sender, and includes: the key generation center respectively acquires the identity information of the file requester, the file sender and the server, and respectively generates corresponding private key-public key pairs according to a preset key generation algorithm based on the corresponding identity information; a file sender generates an encryption index corresponding to a keyword based on a private key of the file sender, a public key of the server and the keyword, and uploads the encryption index and an encryption file corresponding to the keyword to the server; a file requester generates a retrieval trapdoor based on a private key of the file requester, a public key of the file sender, a public key of the server and a keyword to be retrieved, and uploads the retrieval trapdoor to the server; and the server verifies the encryption index based on the retrieval trapdoor according to a preset verification algorithm, responds to the verification passing, acquires an encryption file corresponding to the encryption index and returns the encryption file to the file requester.
In one or more embodiments, the key generation center generates, based on the corresponding identity information, corresponding private key-public key pairs according to a preset key generation algorithm, respectively, including: generation algorithm k based on first public keyx=H1(X),X∈[IDA,IDB,IDS]Respectively obtaining the public key of the file sender, the public key of the file requester and the public key of the server, wherein H1(X) is a first hash function, IDAIdentity information, ID, of the sender of said documentBIs identity information, ID, of the file requestersIdentity information for the server; generating algorithm sk based on second private keyx=sH1(X),X∈[IDA,IDB,IDS]And respectively obtaining a private key of the file sender, a private key of the file requester and a private key of the server, wherein s is a master key managed by the key generation center.
In one or more embodiments, the generating, by the file sender, an encryption index corresponding to a keyword based on a private key of the file sender, a public key of the server, and the keyword includes: based on algorithm alpha1=e(skA,H1(IDs) Generating a first cryptographic operator, wherein e (x) is a double mapping function, skAIs the private key of the sender of the file, H1(IDs) Is the public key of the corresponding server; based on an algorithm q1=H2(ω,α1) Encrypting the key, wherein alpha1For the first encryption operator, H2(x) Is a second hash function, ω is the keyword; based on the first index algorithm C1=r·q1Generating a first encryption index corresponding to the keyword; based on a second indexing algorithm C2=e(rH1(IDs),q1·Ppub) Generating a second encryption index corresponding to the keyword; wherein r is a random number,
Figure BDA0003351524140000021
Figure BDA0003351524140000022
set of prime numbers being positive integers, PpubSp, p is the generator of a certain cyclic group of the double mapping function, and s is the master key.
In one or more embodiments, uploading, by the file sender, the encrypted index and the encrypted file corresponding to the keyword to the server includes: and the file sender packs the encryption index and the encryption file corresponding to the keyword to generate a message and uploads the message to the server.
In one or more embodiments, the encrypted file retrieval method further includes: the server analyzes the received message and obtains an encryption index and an encryption file in the message; and storing the encryption index and the encryption file which belong to one message in an associated manner.
In one or more embodiments, the file requestor generates a retrieval trapdoor based on its own private key, the public key of the file sender, the public key of the server, and a keyword to be retrieved, including: determining a keyword omega' required to be retrieved; based on algorithm alpha2=e(skB,H1(IDA) Generating a second cryptographic operator, wherein e (x) is a double mapping function, skBIs the private key of the file requestor, H1(IDs) Is the public key of the corresponding server; based on an algorithm q2=H2(ω’,α2) Encrypting the keyword omega; trapdoor algorithm T based on first retrieval1Generating a first retrieval trapdoor according to tp; trapdoor algorithm T based on second retrieval2=q2p=H2(ω’,α2) p generating a second retrieval trapdoor; trapdoor algorithm T based on third retrieval3=e((t+q2)Ppub,H1(IDs) Generate a third search trapdoor; wherein, t is a random number,
Figure BDA0003351524140000031
Figure BDA0003351524140000032
is a prime number set of positive integers, e (x) is a double mapping function, H2(x) As a second hash function, PpubSp, p is the generator of a certain cyclic group of the double mapping function, and s is the master key.
In one or more embodiments, the server verifies the encryption index based on the retrieval trapdoor according to a preset verification algorithm, including: according to a preset verification algorithm C2·T3=e(C1+T1+T2,sks) Based on the first search trapdoor T1The second search trapdoor T2And the third search trapdoor T3Verifying the first encryption index C1And said second encryption index C2(ii) a The verification passes in response to the equation for the verification algorithm being established.
In one or more embodiments, the encrypted file retrieval method further includes initializing system parameters of the key generation center, the system parameters including: the method comprises the steps of configuring one or more pre-configured double mapping functions, a loop cluster of the one or more double mapping functions, a generator of the loop cluster, one or more hash functions and a prime number set of positive integers.
In one or more embodiments, the encrypted file retrieval method further includes: periodically or randomly extracting prime numbers from the prime number set of the positive integers as a master key of the key generation center.
The beneficial effects of the invention include: the method comprises the steps of obtaining an encrypted file uploaded by a file sender by a file requester appointed server in a limited file retrieval mode, generating an encryption index and a retrieval trapdoor by fusing identity information of the file sender, a file receiver and the appointed server, and verifying the encryption index based on the retrieval trapdoor according to a corresponding verification algorithm to obtain the encrypted file corresponding to the encryption index, so that the capability of resisting keyword guessing in the encrypted file retrieval process is enhanced, and the security of the encrypted file retrieval process is improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other embodiments can be obtained by using the drawings without creative efforts.
FIG. 1 is a flowchart of the operation of the encrypted document retrieval method of the present invention;
FIG. 2 is a schematic diagram of the encrypted document retrieval system according to the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the following embodiments of the present invention are described in further detail with reference to the accompanying drawings.
It should be noted that all expressions using "first" and "second" in the embodiments of the present invention are used for distinguishing two entities with the same name but different names or different parameters, and it should be noted that "first" and "second" are merely for convenience of description and should not be construed as limitations of the embodiments of the present invention, and they are not described in any more detail in the following embodiments.
Fig. 1 is a flowchart of the operation of the encrypted file retrieval method of the present invention. The work flow of the file retrieval method is suitable for a system for obtaining the encrypted file uploaded by the file sender by the file requester specified server. As shown in fig. 1, the work flow of the encrypted file retrieval method of the present invention includes: step S1, the key generation center respectively obtains the identity information of the file request party, the file sending party and the server, and respectively generates corresponding private key-public key pairs according to a preset key generation algorithm based on the corresponding identity information; step S2, the file sender generates an encryption index corresponding to the keyword based on the private key of the file sender, the public key of the server and the keyword, and uploads the encryption index and the encryption file corresponding to the keyword to the server; step S3, the file requester generates a retrieval trapdoor based on a private key of the file requester, a public key of a file sender, a public key of a server and a keyword to be retrieved, and uploads the retrieval trapdoor to the server; and step S4, the server verifies the encryption index based on the retrieval trapdoor according to a preset verification algorithm, responds to the verification passing, acquires the encryption file corresponding to the encryption index and returns the encryption file to the file requester.
It should be further noted that the encrypted file retrieval method of the present invention is not only applicable to a system in which a server specified by a file requester obtains an encrypted file uploaded by a file sender, but also applicable to other file retrieval systems in which the identity information of a target file uploader and the identity information of a server passed by the target file uploader can be obtained before a file retrieval request is generated. The invention aims to combine the identity information of a file sender, a file requester and an appointed server to enable the file sender, the file requester and the appointed server to run through all processes of encrypted file retrieval, so that in any process of encrypted file retrieval, when any identity information of the file sender, the file requester and the appointed server is inconsistent, the encrypted file retrieval cannot be normally completed, thereby achieving the effect of protecting the encrypted file, strengthening the capability of resisting keyword guessing in the encrypted file retrieval process and further improving the safety of the encrypted file retrieval process.
In order to further illustrate the method of the present invention, the steps of the present invention will be described in more detail with reference to specific examples.
The key generation center initializes the system parameters and the master key
In one embodiment, before executing the steps of the method of the present invention, the key generation center needs to be initialized, and the initialization is to pre-configure one or more double mapping functions, a circular cluster of the one or more double mapping functions, a generator of the circular cluster, one or more hash functions, and a prime number set of positive integers, so as to facilitate invocation in the encrypted file retrieval process. Wherein, an optional initialization scheme comprises:
1) setting G in a Key Generation center (PKG)1And G2Two cyclic groups, set bilinear map e: g1×G1→G2Setting prime number set of positive integer
Figure BDA0003351524140000051
Setting an order q, wherein the order q is a prime number selected from the set of prime numbers, setting G1The generator p of (2);
2) key generation center random selection
Figure BDA0003351524140000052
Calculating PpubSp, s is the system master key;
3) the key generation center selects a one-item hash function: h1:{0,1}*→G1
Figure BDA0003351524140000053
Figure BDA0003351524140000054
4) Forming a system parameter Params ═ G1,G2,e,q,p,Ppub,H1,H2}。
Key generation center generates keys
In one embodiment, the key generation center respectively generates corresponding public key-private key pairs in combination with the identity information of the file sender, the file requester and the specified cloud server, so that the public key-private key pairs are combined with the identity information of the file sender, the file requester and the specified cloud server in the subsequent encryption process, the encryption index forming process and the retrieval trapdoor generating process by using the public key and/or the private key. Optionally, the generating, by the key generation center, a corresponding private key-public key pair according to a preset key generation algorithm based on the corresponding identity information includes: generation algorithm k based on first public keyx=H1(X),X∈[IDA,IDB,IDs]Respectively obtaining a public key kA of a file sender and a public key k of a file requesterBAnd the public key k of the serversWherein H is1(X) is a first hash function, IDAIdentity information, ID, for the sender of the documentBAs file requestersIdentity information, ID ofsIdentity information for the server; generating algorithm sk based on second private keyx=sH1(X),X∈[IDA,IDB,IDs]Respectively obtaining private keys sk of file sendersAPrivate key sk of file requesterBAnd the private key sk of the serversWhere s is a master key managed by the key generation center. It can be understood that the first public key generation algorithm and the second private key generation algorithm are essentially a hash algorithm, and the generation of the secret key is realized by selecting one hash algorithm from the system parameters of the secret key generation center, for example, in the previous embodiment, two hash algorithms are preset in the system parameters of the secret key generation center, and one of the two hash algorithms can be used as the first public key generation algorithm and the other one can be used as the second private key generation algorithm.
After the key generation center generates the public key-private key pairs based on the identity information of the three parties, the corresponding private keys need to be returned to the corresponding device terminals (the file sender, the file requester and the server) and the public keys of the other two parties are returned, so that the three parties respectively keep the private keys including the private keys and the public keys of the other two parties.
File sender encrypts keywords and generates encrypted index
In one embodiment, the file sender needs to encrypt the key word in combination with its own private key and the public key of the corresponding server, and generate the corresponding encryption index. Optionally, the file sender generates an encryption index corresponding to the keyword based on a private key of the file sender, a public key of the server, and the keyword, where the encryption index includes: based on algorithm alpha1=e(skA,H1(IDs) Generating a first cryptographic operator, wherein e (x) is a double mapping function, skAIs the private key of the sender of the file, H1(IDs) Is the public key of the corresponding server; based on an algorithm q1=H2(ω,α1) Encrypting the key, wherein alpha1As a first encryption operator, H2(x) Is a second hash function, ω is a keyword; based on the first index algorithm C1=r·q1Generating a first encryption index corresponding to the keyword; based on a second indexing algorithm C2=e(rH1(IDs),q1·Ppub) Generating a second encryption index corresponding to the keyword; wherein r is a random number,
Figure BDA0003351524140000061
Figure BDA0003351524140000062
set of prime numbers being positive integers, PpubSp, p is the generator of a certain cyclic group of the dual mapping function, and s is the master key.
Before encrypting the keywords and generating the encryption index based on the encrypted keywords in the above embodiment, the file sender needs to extract the keywords from the file to be uploaded and encrypt the file; after the file sender generates the encryption index, the encryption index and the encrypted file corresponding to the same key need to be uploaded to the corresponding server.
In an embodiment, in order to establish an index relationship between an encryption index and an encrypted file in a corresponding server, optionally, on one hand, a file sender is required to package the encryption index and the encrypted file corresponding to the keyword to generate a message, and upload the message to the corresponding server; on the other hand, the corresponding server is needed to analyze the received message and obtain the encryption index and the encryption file in the message; and the encryption indexes and the encryption files belonging to the same message are stored in an associated manner, so that the index relationship between the encryption indexes and the encryption files is established.
File requestor generated search trapdoor
In one embodiment, the file requestor needs to combine its own private key, the public key of the file sender, and the public key of the corresponding server. Optionally, the file requestor generates the retrieval trapdoor based on a private key of the file requestor, a public key of the file sender, a public key of the server, and a keyword to be retrieved, including: determining a keyword omega' required to be retrieved; based on algorithm alpha2=e(skB,H1(IDA) Generating a second cryptographic operator, wherein e (x) is a double mapping function, skBIs the private key of the file requestor, H1(IDs) Is the public key of the corresponding server; based on an algorithm q2=H2(ω’,α2) Encrypting the keyword omega'; trapdoor algorithm T based on first retrieval1Generating a first retrieval trapdoor according to tp; trapdoor algorithm T based on second retrieval2=q2p=H2(ω’,α2) p generating a second retrieval trapdoor; trapdoor algorithm T based on third retrieval3=e((t+q2)Ppub,H1(IDs) Generate a third search trapdoor; wherein, t is a random number,
Figure BDA0003351524140000071
Figure BDA0003351524140000072
is a prime number set of positive integers, e (x) is a double mapping function, H2(x) As a second hash function, PpubSp, p is the generator of a certain cyclic group of the dual mapping function, and s is the master key. The corresponding server specification is a server specified by the file requesting party and used for acquiring the encrypted file transmitted and uploaded by the file.
Server for retrieval verification
In a further embodiment, the first encryption index is obtained as described above. On the basis of the second encryption index, the first retrieval trapdoor, the second retrieval trapdoor and the third retrieval trapdoor, the server verifies the encryption index based on the retrieval trapdoor according to a preset verification algorithm, and the method comprises the following steps of:
according to a preset verification algorithm C2·T3=e(C1+T1+T2,sks) Trapdoor T based on first retrieval1Second search trapdoor T2And a third search trapdoor T3Verifying a first encryption index C1And a second encryption index C2(ii) a The verification passes in response to the equation for the verification algorithm being established. The derivation process of the verification algorithm is as follows:
C2·T3=e(rH1(IDs),q1·Ppub)e((t+q2)Ppub,H1(IDs))
=e(rH1(IDs),q1·sp)e((t+q2)sp,H1(IDs))
=e(rpq1+(t+q2)p,sH1(IDs))
=e(rpq1+tp+q2p,sH1(IDs))
=e(C1+T1+T2,sks)。
it can be seen from the foregoing embodiments that the encrypted file retrieval method of the present invention combines the identity information of the file sender, the file requester and the specified server, so as to run through the respective encrypted file retrieval processes, and further, in any encrypted file retrieval process, when any identity information of the three is inconsistent, the encrypted file retrieval cannot be normally completed, thereby achieving the effect of protecting the encrypted file, and enhancing the ability of resisting keyword guessing in the encrypted file retrieval process, and further improving the security of the encrypted file retrieval process.
In another aspect of the invention, an encrypted document retrieval system is presented. FIG. 2 is a schematic diagram of the encrypted document retrieval system according to the present invention. As shown in fig. 2, the encrypted-file retrieval system of the present invention includes: the system comprises a file sender, a file requester, a server and a key generation center, wherein the encrypted file retrieval system is configured in such a way that the file requester acquires an encrypted file uploaded by the file sender through an appointed server in a retrieval process, and the key generation center is further configured to acquire identity information of the file requester, the file sender and the server respectively and generate corresponding private key-public key pairs according to a preset key generation algorithm based on the corresponding identity information; the file sender is configured to generate an encryption index corresponding to the keyword based on a private key of the file sender, a public key of the server and the keyword, and upload the encryption index and an encryption file corresponding to the keyword to the server; the file requester is configured for generating a retrieval trapdoor based on a private key of the file requester, a public key of a file sender, a public key of the server and a keyword to be retrieved, and uploading the retrieval trapdoor to the server; the server is configured to verify the encryption index based on the retrieval trapdoor according to a preset verification algorithm, respond to the verification passing, obtain the encryption file corresponding to the encryption index and return the encryption file to the file requesting party.
The encrypted file retrieval system aims to combine the identity information of a file sender, a file requester and an appointed server to enable the identity information to run through all processes of encrypted file retrieval, further enable any one of the identity information of the file sender, the file requester and the appointed server to be inconsistent in any one process of encrypted file retrieval, and further enable the encrypted file retrieval to be incapable of being completed normally, so that the encrypted file is protected, the capability of resisting keyword guessing in the encrypted file retrieval process is enhanced, and the security of the encrypted file retrieval process is improved.
To further illustrate the encrypted document retrieval system of the present invention, it will be described in more detail below in conjunction with a specific encrypted document retrieval process.
The key generation center initializes the system parameters and the master key
In one embodiment, before the encrypted file retrieval system of the present invention is enabled, the key generation center needs to be initialized, and the initialization aims to pre-configure one or more double mapping functions, a circular cluster of the one or more double mapping functions, a generator of the circular cluster, one or more hash functions and a prime number set of positive integers, so as to facilitate the invocation in the encrypted file retrieval process. Wherein, an optional initialization scheme comprises:
1) setting G in a Key Generation center (PKG)1And G2Two cyclic groups, set bilinear map e: g1×G1→G2Setting prime number set of positive integer
Figure BDA0003351524140000091
Setting an order q, wherein the order q is a prime number selected from the set of prime numbers, setting G1The generator p of (2);
2) key generation center random selection
Figure BDA0003351524140000092
Calculating PpubSp, s is the system master key;
3) the key generation center selects a one-item hash function: h1:{0,1}*→G1
Figure BDA0003351524140000093
Figure BDA0003351524140000094
4) Forming a system parameter Params ═ G1,G2,e,q,p,Ppub,H1,H2}。
Key generation center generates keys
In one embodiment, the key generation center respectively generates corresponding public key-private key pairs in combination with the identity information of the file sender, the file requester and the specified cloud server, so that the public key-private key pairs are combined with the identity information of the file sender, the file requester and the specified cloud server in the subsequent encryption process, the encryption index forming process and the retrieval trapdoor generating process by using the public key and/or the private key. Optionally, the generating, by the key generation center, a corresponding private key-public key pair according to a preset key generation algorithm based on the corresponding identity information includes: generation algorithm k based on first public keyx=H1(X),X∈[IDA,IDB,IDs]Respectively obtaining a public key kA of a file sender and a public key k of a file requesterBAnd the public key k of the serversWherein H is1(X) is a first hash function, IDAIdentity information, ID, for the sender of the documentBIs identity information, ID, of the file requestersIdentity information for the server; generating algorithm sk based on second private keyx=sH1(X),X∈[IDA,IDB,IDs]Respectively obtaining private keys sk of file sendersAPrivate key sk of file requesterBAnd the private key sk of the serverSWhere s is a master key managed by the key generation center. It can be understood that the first public key generation algorithm and the second private key generation algorithm are essentially a hash algorithm, and the generation of the secret key is realized by selecting one hash algorithm from the system parameters of the secret key generation center, for example, in the previous embodiment, two hash algorithms are preset in the system parameters of the secret key generation center, and one of the two hash algorithms can be used as the first public key generation algorithm and the other one can be used as the second private key generation algorithm.
After the key generation center generates the public key-private key pairs based on the identity information of the three parties, the corresponding private keys need to be returned to the corresponding device terminals (the file sender, the file requester and the server) and the public keys of the other two parties are returned, so that the three parties respectively keep the private keys including the private keys and the public keys of the other two parties.
File sender encrypts keywords and generates encrypted index
In one embodiment, the file sender needs to encrypt the key word in combination with its own private key and the public key of the corresponding server, and generate the corresponding encryption index. Optionally, the file sender generates an encryption index corresponding to the keyword based on a private key of the file sender, a public key of the server, and the keyword, where the encryption index includes: based on algorithm alpha1=e(skA,H1(IDs) Generating a first cryptographic operator, wherein e (x) is a double mapping function, skAIs the private key of the sender of the file, H1(IDs) Is the public key of the corresponding server; based on an algorithm q1=H2(ω,α1) Encrypting the key, wherein alpha1As a first encryption operator, H2(x) Is a second hash function, ω is a keyword; based on the first index algorithm C1=r·q1Generating a first encryption index corresponding to the keyword; based on a second indexing algorithm C2=e(rH1(IDs),q1·Ppub) Raw materialA second encryption index corresponding to the key; wherein r is a random number,
Figure BDA0003351524140000101
Figure BDA0003351524140000102
set of prime numbers being positive integers, PpubSp, p is the generator of a certain cyclic group of the dual mapping function, and s is the master key.
Before encrypting the keywords and generating the encryption index based on the encrypted keywords in the above embodiment, the file sender needs to extract the keywords from the file to be uploaded and encrypt the file; after the file sender generates the encryption index, the encryption index and the encrypted file corresponding to the same key need to be uploaded to the corresponding server.
In an embodiment, in order to establish an index relationship between an encryption index and an encrypted file in a corresponding server, optionally, on one hand, a file sender is required to package the encryption index and the encrypted file corresponding to the keyword to generate a message, and upload the message to the corresponding server; on the other hand, the corresponding server is needed to analyze the received message and obtain the encryption index and the encryption file in the message; and the encryption indexes and the encryption files belonging to the same message are stored in an associated manner, so that the index relationship between the encryption indexes and the encryption files is established.
File requestor generated search trapdoor
In one embodiment, the file requestor needs to combine its own private key, the public key of the file sender, and the public key of the corresponding server. Optionally, the file requestor generates the retrieval trapdoor based on a private key of the file requestor, a public key of the file sender, a public key of the server, and a keyword to be retrieved, including: determining a keyword omega' required to be retrieved; based on algorithm alpha2=e(skB,H1(IDA) Generating a second cryptographic operator, wherein e (x) is a double mapping function, skBIs the private key of the file requestor, H1(IDs) Is the public key of the corresponding server; based on an algorithm q2=H2(ω’,α2) Encrypting the keyword omega; trapdoor algorithm T based on first retrieval1Generating a first retrieval trapdoor according to tp; trapdoor algorithm T based on second retrieval2=q2p=H2(ω’,α2) p generating a second retrieval trapdoor; trapdoor algorithm T based on third retrieval3=e((t+q2)Ppub,H1(IDs) Generate a third search trapdoor; wherein, t is a random number,
Figure BDA0003351524140000111
Figure BDA0003351524140000112
is a prime number set of positive integers, e (x) is a double mapping function, H2(x) As a second hash function, PpubSp, p is the generator of a certain cyclic group of the dual mapping function, and s is the master key. The corresponding server specification is a server specified by the file requesting party and used for acquiring the encrypted file transmitted and uploaded by the file.
Server for retrieval verification
In a further embodiment, the first encryption index is obtained as described above. On the basis of the second encryption index, the first retrieval trapdoor, the second retrieval trapdoor and the third retrieval trapdoor, the server verifies the encryption index based on the retrieval trapdoor according to a preset verification algorithm, and the method comprises the following steps of:
according to a preset verification algorithm C2·T3=e(C1+T1+T2,sks) Trapdoor T based on first retrieval1Second search trapdoor T2And a third search trapdoor T3Verifying a first encryption index C1And a second encryption index C2(ii) a The verification passes in response to the equation for the verification algorithm being established. The derivation process of the verification algorithm is as follows:
C2·T3=e(rH1(IDs),q1·Ppub)e((t+q2)Ppub,H1(IDs))
=e(rH1(IDs),q1·sp)e((t+q2)sp,H1(IDs))
=e(rpq1+(t+q2)p,sH1(IDs))
=e(rpq1+tp+q2p,sH1(IDs))
=e(C1+T1+T2,sks)。
it can be seen from the foregoing embodiments that the encrypted file retrieval system of the present invention combines the identity information of the file sender, the file requester and the specified server, so as to run through the encrypted file retrieval processes, and further, in any encrypted file retrieval process, when any identity information of the three is inconsistent, the encrypted file retrieval cannot be completed normally, thereby achieving the effect of protecting the encrypted file, enhancing the ability of resisting keyword guessing in the encrypted file retrieval process, and further improving the security of the encrypted file retrieval process.
The foregoing is an exemplary embodiment of the present disclosure, but it should be noted that various changes and modifications could be made herein without departing from the scope of the present disclosure as defined by the appended claims. The functions, steps and/or actions of the method claims in accordance with the disclosed embodiments described herein need not be performed in any particular order. Furthermore, although elements of the disclosed embodiments of the invention may be described or claimed in the singular, the plural is contemplated unless limitation to the singular is explicitly stated.
It should be understood that, as used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context clearly supports the exception. It should also be understood that "and/or" as used herein is meant to include any and all possible combinations of one or more of the associated listed items.
The numbers of the embodiments disclosed in the embodiments of the present invention are merely for description, and do not represent the merits of the embodiments.
Those of ordinary skill in the art will understand that: the discussion of any embodiment above is meant to be exemplary only, and is not intended to intimate that the scope of the disclosure, including the claims, of embodiments of the invention is limited to these examples; within the idea of an embodiment of the invention, also technical features in the above embodiment or in different embodiments may be combined and there are many other variations of the different aspects of the embodiments of the invention as described above, which are not provided in detail for the sake of brevity. Therefore, any omissions, modifications, substitutions, improvements, and the like that may be made without departing from the spirit and principles of the embodiments of the present invention are intended to be included within the scope of the embodiments of the present invention.

Claims (10)

1. An encrypted file retrieval method, which is applied to a system in which a file requester specifies a server to obtain an encrypted file uploaded by a file sender, the method comprising:
the key generation center respectively acquires the identity information of the file requester, the file sender and the server, and respectively generates corresponding private key-public key pairs according to a preset key generation algorithm based on the corresponding identity information;
a file sender generates an encryption index corresponding to a keyword based on a private key of the file sender, a public key of the server and the keyword, and uploads the encryption index and an encryption file corresponding to the keyword to the server;
a file requester generates a retrieval trapdoor based on a private key of the file requester, a public key of the file sender, a public key of the server and a keyword to be retrieved, and uploads the retrieval trapdoor to the server;
and the server verifies the encryption index based on the retrieval trapdoor according to a preset verification algorithm, responds to the verification passing, acquires an encryption file corresponding to the encryption index and returns the encryption file to the file requester.
2. The encrypted file retrieval method according to claim 1, wherein the key generation center generates corresponding private key-public key pairs based on the corresponding identity information according to a preset key generation algorithm, respectively, including:
generation algorithm k based on first public keyx=H1(X),X∈[IDA,IDB,IDS]Respectively obtaining the public key of the file sender, the public key of the file requester and the public key of the server, wherein H1(X) is a first hash function, IDAIdentity information, ID, of the sender of said documentBIs identity information, ID, of the file requesterSIdentity information for the server;
generating algorithm sk based on second private keyx=sH1(X),X∈[IDA,IDB,IDS]And respectively obtaining a private key of the file sender, a private key of the file requester and a private key of the server, wherein s is a master key managed by the key generation center.
3. The encrypted-file retrieving method according to claim 2, wherein the file sender generates an encryption index corresponding to the key based on its own private key, the public key of the server, and the key, including:
based on algorithm alpha1=e(skA,H1(IDs) Generating a first cryptographic operator, wherein e (x) is a double mapping function, skAIs the private key of the sender of the file, H1(IDs) Is the public key of the corresponding server;
based on an algorithm q1=H2(ω,α1) Encrypting the key, wherein alpha1For the first encryption operator, H2(x) Is a second hash function, ω is the keyword;
based on the first index algorithm C1=r·q1Generating a first encryption index corresponding to the keyword;
based on a second indexing algorithm C2=e(rH1(IDs),q1·Ppub) Generating a second encryption index corresponding to the keyword;
wherein r is a random number,
Figure FDA0003351524130000021
set of prime numbers being positive integers, PpubSp, p is the generator of a certain cyclic group of the double mapping function, and s is the master key.
4. The encrypted-file retrieving method according to claim 1, wherein the uploading of the encrypted index and the encrypted file corresponding to the key to the server by the file sender comprises:
and the file sender packs the encryption index and the encryption file corresponding to the keyword to generate a message and uploads the message to the server.
5. The encrypted-file retrieving method according to claim 4, further comprising:
the server analyzes the received message and obtains an encryption index and an encryption file in the message;
and storing the encryption index and the encryption file which belong to one message in an associated manner.
6. The encrypted file retrieval method of claim 3, wherein the file requestor generates a retrieval trapdoor based on its own private key, the public key of the file sender, the public key of the server, and a key to be retrieved, comprising:
determining a keyword omega' required to be retrieved;
based on algorithm alpha2=e(skB,H1(IDA) Generating a second cryptographic operator, wherein e (x) is a double mapping function, skBIs the private key of the file requestor, H1(IDs) Is the public key of the corresponding server;
based on an algorithm q2=H2(ω’,α2) Adding the keyword omegaSecret;
trapdoor algorithm T based on first retrieval1Generating a first retrieval trapdoor according to tp;
trapdoor algorithm T based on second retrieval2=q2p=H2(ω’,α2) p generating a second retrieval trapdoor;
trapdoor algorithm T based on third retrieval3=e((t+q2)Ppub,H1(IDs) Generate a third search trapdoor;
wherein, t is a random number,
Figure FDA0003351524130000031
is a prime number set of positive integers, e (x) is a double mapping function, H2(x) As a second hash function, PpubSp, p is the generator of a certain cyclic group of the double mapping function, and s is the master key.
7. The encrypted file retrieval method of claim 6, wherein the server verifies the encrypted index based on the retrieval trapdoor according to a preset verification algorithm, comprising:
according to a preset verification algorithm C2·T3=e(C1+T1+T2,sks) Based on the first search trapdoor T1The second search trapdoor T2And the third search trapdoor T3Verifying the first encryption index C1And said second encryption index C2
The verification passes in response to the equation for the verification algorithm being established.
8. The encrypted file retrieval method of claim 2, further comprising initializing system parameters of the key generation center, the system parameters comprising:
the method comprises the steps of configuring one or more pre-configured double mapping functions, a loop cluster of the one or more double mapping functions, a generator of the loop cluster, one or more hash functions and a prime number set of positive integers.
9. The encrypted-file retrieving method according to claim 8, further comprising:
periodically or randomly extracting prime numbers from the prime number set of the positive integers as a master key of the key generation center.
10. An encrypted document retrieval system, comprising: the encrypted file retrieval system is configured in such a way that in the retrieval process, the file requester obtains the encrypted file uploaded by the file sender through a designated server, and further the encrypted file is obtained by the file requester
The key generation center is configured to acquire identity information of the file requester, the file sender and the server, and generate corresponding private key-public key pairs according to a preset key generation algorithm based on the corresponding identity information;
the file sender is configured to generate an encryption index corresponding to the keyword based on a private key of the file sender, a public key of the server and the keyword, and upload the encryption index and an encryption file corresponding to the keyword to the server;
the file requester is configured to generate a retrieval trapdoor based on a private key of the file requester, a public key of the file sender, a public key of the server and a keyword to be retrieved, and upload the retrieval trapdoor to the server;
and the server is configured to verify the encryption index based on the retrieval trapdoor according to a preset verification algorithm, respond to verification passing, acquire an encryption file corresponding to the encryption index and return the encryption file to the file requester.
CN202111338667.9A 2021-11-12 2021-11-12 Encrypted file retrieval method and system Pending CN114138823A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111338667.9A CN114138823A (en) 2021-11-12 2021-11-12 Encrypted file retrieval method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111338667.9A CN114138823A (en) 2021-11-12 2021-11-12 Encrypted file retrieval method and system

Publications (1)

Publication Number Publication Date
CN114138823A true CN114138823A (en) 2022-03-04

Family

ID=80393911

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111338667.9A Pending CN114138823A (en) 2021-11-12 2021-11-12 Encrypted file retrieval method and system

Country Status (1)

Country Link
CN (1) CN114138823A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115333845A (en) * 2022-08-19 2022-11-11 南京理工大学 Private data verification method based on subsets

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115333845A (en) * 2022-08-19 2022-11-11 南京理工大学 Private data verification method based on subsets
CN115333845B (en) * 2022-08-19 2024-04-12 南京理工大学 Privacy data verification method based on subset

Similar Documents

Publication Publication Date Title
CN111835500B (en) Searchable encryption data secure sharing method based on homomorphic encryption and block chain
Li et al. Full verifiability for outsourced decryption in attribute based encryption
WO2021208690A1 (en) Method and apparatus for data encryption and decryption, device, and storage medium
CN110213042B (en) Cloud data deduplication method based on certificate-free proxy re-encryption
Seo et al. An efficient certificateless encryption for secure data sharing in public clouds
Jiang et al. Dynamic encrypted data sharing scheme based on conditional proxy broadcast re-encryption for cloud storage
Liu et al. One-tag checker: Message-locked integrity auditing on encrypted cloud deduplication storage
Shao et al. Fine-grained data sharing in cloud computing for mobile devices
Liu et al. A Survey of Public Auditing for Shared Data Storage with User Revocation in Cloud Computing.
CN110120939B (en) Encryption method and system capable of repudiation authentication based on heterogeneous system
CN113037484B (en) Data transmission method, device, terminal, server and storage medium
WO2014114080A1 (en) Method and system for data encryption protection
Wei et al. Enabling (end-to-end) encrypted cloud emails with practical forward secrecy
CN107086912B (en) Ciphertext conversion method, decryption method and system in heterogeneous storage system
CN113411323B (en) Medical record data access control system and method based on attribute encryption
JPWO2014185450A1 (en) Verification system, node, verification method and program
Qin et al. Simultaneous authentication and secrecy in identity-based data upload to cloud
CN114142996B (en) Searchable encryption method based on SM9 cryptographic algorithm
Sandhia et al. Secure sharing of data in cloud using MA-CPABE with elliptic curve cryptography
CN113259317B (en) Cloud storage data deduplication method based on identity agent unencrypted
CN114138823A (en) Encrypted file retrieval method and system
Suveetha et al. Ensuring confidentiality of cloud data using homomorphic encryption
Abo-Alian et al. Auditing-as-a-service for cloud storage
CN114362912A (en) Identification password generation method based on distributed key center, electronic device and medium
CN112398637A (en) Equality test method based on certificate-free bookmark password

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination