CN115622702A - Public key authentication searchable encryption method without bilinear pairing operation - Google Patents

Public key authentication searchable encryption method without bilinear pairing operation Download PDF

Info

Publication number
CN115622702A
CN115622702A CN202211231003.7A CN202211231003A CN115622702A CN 115622702 A CN115622702 A CN 115622702A CN 202211231003 A CN202211231003 A CN 202211231003A CN 115622702 A CN115622702 A CN 115622702A
Authority
CN
China
Prior art keywords
keyword
receiver
ciphertext
public key
sender
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211231003.7A
Other languages
Chinese (zh)
Inventor
周晓彤
林超
宁建廷
蒲浪
陈泌文
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Fujian Normal University
Original Assignee
Fujian Normal University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fujian Normal University filed Critical Fujian Normal University
Priority to CN202211231003.7A priority Critical patent/CN115622702A/en
Publication of CN115622702A publication Critical patent/CN115622702A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/002Countermeasures against attacks on cryptographic mechanisms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • General Physics & Mathematics (AREA)
  • Algebra (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention provides a public key authentication searchable encryption method without bilinear pairwise operation, and relates to four entities, namely a system administrator, a sender, a receiver and a cloud end; firstly, a system administrator calls an initialization Setup algorithm to determine system parameters and shares the system parameters to other entities; the sender and the receiver respectively call S-KGen and R-KGen to generate a public key and a private key; then, the sender calls the PEKS to generate a keyword ciphertext, and the keyword ciphertext and a corresponding data ciphertext are uploaded to the cloud; then, the receiver can call the TraDo to generate a keyword trapdoor and initiate a data retrieval request to the cloud; and finally, the cloud calls Test to search a keyword ciphertext matched with the keyword trapdoor in the database, and then returns the corresponding data ciphertext to the receiver. The method has the characteristics of high safety, low calculation overhead, low communication cost and the like.

Description

Public key authentication searchable encryption method without bilinear pairing operation
Technical Field
The invention relates to the technical field of information security, in particular to a public key authentication searchable encryption method without bilinear pairwise operation or a public key authentication searchable encryption method based on an elliptic curve addition group.
Background
Searchable Encryption (SE) is a special public key Encryption technology, can provide two functions of data privacy protection and confidential retrieval, and is widely applied to scenes such as cloud computing, internet of things, medical treatment and the like. The method can search and encrypt, effectively solves the problem of complex operation of firstly downloading the ciphertext data and then decrypting and retrieving by the user, fully utilizes huge calculation power/storage resources of the cloud server, and saves a large amount of local calculation overhead, storage space and network communication cost for the user.
However, cloud servers tend to be honest but curious and have limited keyword space, resulting in traditional searchable encryption schemes that are not resistant to internal keyword guessing attacks. The cloud server can traverse the keyword space to generate a keyword ciphertext, and the keyword ciphertext is matched with the keyword trapdoor requested by the user, so that the keyword information retrieved by the user is guessed.
In order to resist internal keyword guessing attack, domestic and foreign scholars propose public key authentication searchable encryption, but most of the existing schemes need expensive bilinear pairwise operation, and few schemes without bilinear pairwise operation have the problems of non-collusion strong hypothesis dependence of double servers, high communication cost and the like.
Disclosure of Invention
Aiming at the defects and shortcomings of the prior art, the invention designs a safer and more efficient public key authentication searchable encryption scheme based on the elliptic curve addition group, which can resist the internal keyword guessing attack, and avoid high-time-consuming bilinear pairing operation in a single-server environment, thereby effectively improving the calculation efficiency and simultaneously reducing the communication complexity.
The invention aims to design a safe and efficient public key authentication searchable encryption scheme based on an elliptic curve addition group, aims to solve the current situation that the conventional public key authentication searchable encryption scheme relates to high calculation overhead, effectively reduces calculation overhead and communication cost on the premise of ensuring the resistance to internal keyword guessing attack, and meets the development requirements of safe, efficient and confidential retrieval.
The system comprises four entities, namely a system administrator, a sender, a receiver and a cloud, and is realized by the following technical scheme:
firstly, a system administrator calls an initialization Setup algorithm to determine system parameters and shares the system parameters to other entities; the sender and the receiver respectively call S-KGen and R-KGen to generate a public key and a private key; then, the sender calls the PEKS to generate a ciphertext of the keyword, and the keyword ciphertext and a corresponding data ciphertext are uploaded to the cloud; then, the receiver can call the TraDo to generate a keyword trapdoor and initiate a data retrieval request to the cloud; and finally, the cloud calls Test to search a keyword ciphertext matched with the keyword trapdoor in the database, and then returns the corresponding data ciphertext to the receiver.
Because the elliptic curve addition cyclic group adopted by the method has higher operation efficiency and lower communication/storage cost, only less time-consuming point multiplication operation is needed in the generation process of the keyword ciphertext and the trapdoor, thereby ensuring that the method has the characteristics of high safety, low calculation cost, low communication cost and the like.
The technical scheme is as follows:
a public key authentication searchable encryption method without bilinear pairing operation is characterized in that: the method comprises the following steps of relating to four entities of a system administrator, a sender, a receiver and a cloud end; firstly, a system administrator calls an initialization Setup algorithm to determine system parameters and shares the system parameters to other entities; the sender and the receiver respectively call S-KGen and R-KGen to generate a public key and a private key; then, the sender calls the PEKS to generate a ciphertext of the keyword, and the keyword ciphertext and a corresponding data ciphertext are uploaded to the cloud; then, the receiver can call the TraDo to generate a keyword trapdoor and initiate a data retrieval request to the cloud; and finally, the cloud calls Test to search a keyword ciphertext matched with the keyword trapdoor in the database, and then returns the corresponding data ciphertext to the receiver.
Further, it specifically includes the following 6 algorithm steps:
step S1: initializing Setup: inputting a safety parameter lambda, randomly selecting a large prime number q, and determining a nonsingular elliptic curve E: y 2 =x 3 + ax + b (mod q), where, a,
Figure BDA0003881479070000021
selecting prime n-order cyclic group from all points E including infinity points
Figure BDA0003881479070000022
And a generator
Figure BDA0003881479070000023
Random selection
Figure BDA0003881479070000024
And calculate G 1 = α G; selecting secure hash functions
Figure BDA0003881479070000025
Outputting system parameters
Figure BDA0003881479070000026
Step S2: the sender key generates S-KGen: inputting system parameter pp, and randomly selecting
Figure BDA0003881479070000027
Calculating P s =d s G, outputting the private key sk of the sender s =d s Public key pk s =P s
And step S3: receiver key generation R-KGen: inputting system parameters pp, randomly selecting a first-order polynomial p (x) = c 0 x (mod n) where
Figure BDA0003881479070000028
Outputting the private key sk of the receiver r = p (x), public key pk r =D 0 In which D is 0 =c 0 G;
And step S4: generating PEKS from the keyword ciphertext: inputting system parameter pp and sender private key sk s =d s Receiver public key pk r =D 0 And a keyword w; random selection
Figure BDA0003881479070000031
Calculating out
Figure BDA0003881479070000032
C 1 = rG and C 2 =rh w D 0 (ii) a Ciphertext ct of output keyword w w =(C 1 ,C 2 );
Step S5: keyword trapdoor generation TraDo: inputting the system parameter pp and the receiver private key sk r = p (x), sender public key pk s =P s And a keyword w; calculating h w =H(w||c 0 P s ),p w =p(h w ) (ii) a Output keyword trapdoor t w =p w
Step S6: and (4) testing Test: inputting system parameter pp, keyword trapdoor t of receiver w And keyword ciphertext ct w Calculating C' 2 =p w C 1 (ii) a If C 2 =C' 2 And outputting 1 to indicate that the keyword ciphertext and the trapdoor are successfully matched, otherwise outputting 0.
Considering that most of the existing public key authentication searchable encryption schemes resisting internal keyword guessing attack relate to expensive bilinear pairwise operation, and few schemes without bilinear pairwise operation depend on the problems of unreasonable assumption of double servers or poor performance, so that the development requirements of safe, efficient and confidential retrieval are difficult to meet.
The invention and the optimized scheme thereof design a new public key authentication searchable encryption scheme based on the elliptic curve addition cyclic group, not only can meet the security of resisting internal key word guessing attack (IKGA) in a single-server scene, but also avoid high-time-consuming bilinear pairing operation. Compared with the conventional public key authentication searchable encryption scheme resisting internal keyword guessing attack, the method has the advantages of lower calculation overhead and communication cost and capability of better meeting the actual application requirements.
Drawings
The invention is described in further detail below with reference to the following figures and detailed description:
FIG. 1 is a schematic flow chart of an embodiment of the present invention.
Detailed Description
In order to make the features and advantages of the present invention comprehensible, embodiments accompanied with figures are described in detail as follows:
1. symbol and definition
q: a large prime number.
k: the order of the polynomial.
F q : a finite field containing q elements.
a,b:F q The elements of (1), which define F q One elliptic curve E above.
E(F q ):F q The set of all rational points of the upper elliptic curve E, including the point of infinity O.
#E(F q ):E(F q ) The number of points, called elliptic curve E (F) q ) The order of (a).
O: a particular point on the elliptic curve is called the infinity point or the null point.
Figure BDA0003881479070000041
A cyclic group containing all points of the elliptic curve E and points at infinity.
G: group of
Figure BDA0003881479070000042
The generator of (2).
n: order of generator G (n is # E (F) q ) Prime factor of).
Figure BDA0003881479070000043
Secure cryptographic keyA hash function.
Figure BDA0003881479070000044
A set of elements of the set {1, 2., n } that are co-prime with the element n.
p (x): a first order polynomial as the private key of the receiving party.
D 0 : the public key of the recipient.
d s : the sender's private key.
P s : the sender's public key.
2. SM 2-based public key searchable encryption scheme
As shown in fig. 1, the solution of the embodiment includes four entities, namely, a system administrator, a sender, a receiver, and a cloud. Firstly, a system administrator calls an initialization Setup algorithm to determine a system parameter pp, and shares the system parameter pp to other entities; the sender and the receiver respectively call S-KGen and R-KGen to generate a public key (pk) s ,sk s ) And (pk) r ,sk r ). Then, the sender calls PEKS to generate keyword ciphertext ct w The keyword ciphertext ct w And uploading the corresponding data ciphertext Edata to the cloud. Next, the receiver may invoke Trando to generate the keyword trapdoor t w And sending a data retrieval request to the cloud. Finally, the cloud calls Test to search the database and search the database with the keyword trapdoor t w Matching keyword ciphertext ct w And then returning the corresponding data cipher text Edata to the receiving party.
Specifically, the SM2-PAEKS scheme provided by the embodiment of the present invention mainly includes six parts, namely, system establishment (Setup), sender key generation (S-KGen), receiver key generation (S-KGen), keyword ciphertext generation (PEKS), keyword trapdoor generation (TraDo), and Test (Test). The method comprises the following specific steps:
algorithm 1. Initialization (Setup): inputting a safety parameter lambda by an algorithm, randomly selecting a large prime number q, and determining a nonsingular elliptic curve E: y 2 =x 3 + ax + b (modq) (where, a,
Figure BDA0003881479070000045
) Selecting prime n-order cyclic group from all points (including infinity points) of E
Figure BDA0003881479070000046
And a generator
Figure BDA0003881479070000047
Random selection
Figure BDA0003881479070000048
And calculate G 1 (= α G). Selecting secure hash functions
Figure BDA0003881479070000049
Algorithm output system parameter pp =
Figure BDA0003881479070000051
See the detailed description (1. Notation and definition) for specific parameter notation definitions.
Algorithm 2. Sender key generation (S-KGen): inputting system parameter pp by algorithm, and randomly selecting
Figure BDA0003881479070000052
Calculating P s =d s G, outputting a private key sk of the sender by an algorithm s =d s Public key pk s =P s
Algorithm 3. Receiver key generation (R-KGen): inputting system parameters pp by algorithm, and randomly selecting a first-order polynomial p (x) = c 0 x (mod n) where
Figure BDA0003881479070000056
Algorithm output receiver private key sk r = p (x), public key pk r =D 0 In which D is 0 =c 0 G。
Algorithm 4. Keyword ciphertext generation (PEKS): inputting system parameter pp and sender private key sk by algorithm s =d s Receiver public key pk r =D 0 And a keyword w. Random selection
Figure BDA0003881479070000057
Computing
Figure BDA0003881479070000053
Figure BDA0003881479070000054
C 1 = rG and C 2 =rh w D 0 . Ciphertext ct of algorithm output keyword w w =(C 1 ,C 2 )。
Algorithm 5. Keyword trapdoor generation (TraDo): inputting system parameter pp and receiving party private key sk by algorithm r = p (x), sender public key pk s =P s And a keyword w. Computing
Figure BDA0003881479070000055
Algorithm output keyword trapdoor t w =p w
Algorithm 6. Test: algorithm input system parameter pp, keyword trapdoor t of receiver w And keyword ciphertext ct w Calculating C' 2 =p w C 1 . If C 2 =C' 2 And if so, outputting 1 by the algorithm to indicate that the keyword ciphertext and the trapdoor are successfully matched, and otherwise, outputting 0.
The present invention is not limited to the above preferred embodiments, and any other various public key identification searchable encryption methods without bilinear pairings can be obtained according to the teachings of the present invention.

Claims (2)

1. A public key authentication searchable encryption method without bilinear pairwise operation is characterized in that: the method comprises the following steps of relating to four entities of a system administrator, a sender, a receiver and a cloud end; firstly, a system administrator calls an initialization Setup algorithm to determine system parameters and shares the system parameters to other entities; the sender and the receiver respectively call S-KGen and R-KGen to generate a public key and a private key; then, the sender calls the PEKS to generate a ciphertext of the keyword, and the keyword ciphertext and a corresponding data ciphertext are uploaded to the cloud; then, the receiver can call the TraDo to generate a keyword trapdoor and initiate a data retrieval request to the cloud; and finally, the cloud calls Test to search a keyword ciphertext matched with the keyword trapdoor in the database, and then returns the corresponding data ciphertext to the receiver.
2. The public key authentication searchable encryption method without bilinear pairings as recited in claim 1, wherein:
the method specifically comprises the following 6 algorithm steps:
step S1: initializing Setup: inputting a safety parameter lambda, randomly selecting a large prime number q, and determining a nonsingular elliptic curve E: y 2 =x 3 + ax + b (mod q), where,
Figure FDA0003881479060000011
selecting prime m-order cyclic group from all points E including infinite points
Figure FDA0003881479060000012
And a generator
Figure FDA0003881479060000013
Random selection
Figure FDA0003881479060000014
And calculate G 1 = α G; selecting secure hash functions
Figure FDA0003881479060000015
Outputting system parameters
Figure FDA0003881479060000016
Step S2: the sender key generates S-KGen: inputting system parameter pp, and randomly selecting
Figure FDA0003881479060000017
Calculating P s =d s G, output transmissionPrivate key sk of party s =d s Public key pk s =P s
And step S3: the key generation of the receiver is R-KGen: inputting system parameter pp, randomly selecting first-order polynomial p (x) = c 0 x (mod n) where
Figure FDA0003881479060000018
Outputting the private key sk of the receiver r = p (x), public key pk r =D 0 In which D is 0 =c 0 G;
And step S4: keyword ciphertext generation PEKS: inputting system parameter pp and sender private key sk s =d s Receiver public key pk r =D 0 And a keyword w; random selection
Figure FDA0003881479060000019
Calculating out
Figure FDA00038814790600000110
C 1 = rG and C 2 =rh w D 0 (ii) a Ciphertext ct of output keyword w w =(C 1 ,C 2 );
Step S5: keyword trapdoor generation TraDo: inputting the system parameter pp and the receiver private key sk r = p (x), sender public key pk s =P s And a keyword w; computing
Figure FDA00038814790600000111
p w =p(h w ) (ii) a Output keyword trapdoor t w =p w
Step S6: and (5) testing Test: inputting system parameter pp, keyword trapdoor t of receiver w And a keyword ciphertext cy w Calculating C' 2 =p w C 1 (ii) a If C 2 =C' 2 And outputting 1 to indicate that the keyword ciphertext and the trapdoor are successfully matched, otherwise outputting 0.
CN202211231003.7A 2022-10-10 2022-10-10 Public key authentication searchable encryption method without bilinear pairing operation Pending CN115622702A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211231003.7A CN115622702A (en) 2022-10-10 2022-10-10 Public key authentication searchable encryption method without bilinear pairing operation

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211231003.7A CN115622702A (en) 2022-10-10 2022-10-10 Public key authentication searchable encryption method without bilinear pairing operation

Publications (1)

Publication Number Publication Date
CN115622702A true CN115622702A (en) 2023-01-17

Family

ID=84859724

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211231003.7A Pending CN115622702A (en) 2022-10-10 2022-10-10 Public key authentication searchable encryption method without bilinear pairing operation

Country Status (1)

Country Link
CN (1) CN115622702A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116367157A (en) * 2023-06-01 2023-06-30 深圳市北测检测技术有限公司 Security authentication method and device based on 5G communication network
CN117270955A (en) * 2023-11-17 2023-12-22 福建天创信息科技有限公司 Unified management system of equipment based on websocket

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116367157A (en) * 2023-06-01 2023-06-30 深圳市北测检测技术有限公司 Security authentication method and device based on 5G communication network
CN116367157B (en) * 2023-06-01 2023-08-01 深圳市北测检测技术有限公司 Security authentication method and device based on 5G communication network
CN117270955A (en) * 2023-11-17 2023-12-22 福建天创信息科技有限公司 Unified management system of equipment based on websocket

Similar Documents

Publication Publication Date Title
CN108111301B (en) Method and system for realizing SSH protocol based on post-quantum key exchange
Wang et al. Efficient verifiable fuzzy keyword search over encrypted data in cloud computing
CN111294352B (en) Data security authentication method between cloud and edge node
KR101493212B1 (en) Method and system for id-based encryption and decryption
CN115622702A (en) Public key authentication searchable encryption method without bilinear pairing operation
Zhao et al. A New Trapdoor-indistinguishable Public Key Encryption with Keyword Search.
Liu et al. Offline/online attribute‐based encryption with verifiable outsourced decryption
CN114124371A (en) Certificateless public key searchable encryption method meeting MTP (Multi-time programmable) security
Xu et al. Provably secure three-party password authenticated key exchange protocol based on ring learning with error
CN114338025A (en) Ciphertext equivalence testing method in cloud environment
Zhao et al. Verifiable outsourced ciphertext-policy attribute-based encryption for mobile cloud computing
CN112560075B (en) Lightweight searchable encryption method and device based on elliptic curve
Du et al. A Lightweight blockchain-based public-key authenticated encryption with multi-keyword search for cloud computing
CN106230840A (en) A kind of command identifying method of high security
Phimphinith et al. An enhanced mutual authentication scheme based on ECDH for IoT devices using ESP8266
CN114900301A (en) Public key searchable encryption method meeting MCI (Multi-core identity) security and specifying server
Celi et al. Distefano: Decentralized infrastructure for sharing trusted encrypted facts and nothing more
CN113810416B (en) Public key searchable encryption method based on SM2 public key encryption algorithm
Klugah-Brown et al. A signcryption scheme from certificateless to identity-based environment for wsns into iot
CN111310210B (en) Double-authentication symmetric searchable encryption method based on password and secret signcryption
CN114928440A (en) SM 9-based authentication searchable encryption method and system
Cheng et al. Cryptanalysis and improvement of a certificateless encryption scheme in the standard model
Ling et al. An Improved Anonymous Password Authentication Scheme Using Nonce and Bilinear Pairings.
Abbdal et al. Secure third party auditor for ensuring data integrity in cloud storage
Cao et al. Cryptanalysis of two password authenticated key exchange protocols based on RSA

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination