CN115622702A - Public key authentication searchable encryption method without bilinear pairing operation - Google Patents
Public key authentication searchable encryption method without bilinear pairing operation Download PDFInfo
- Publication number
- CN115622702A CN115622702A CN202211231003.7A CN202211231003A CN115622702A CN 115622702 A CN115622702 A CN 115622702A CN 202211231003 A CN202211231003 A CN 202211231003A CN 115622702 A CN115622702 A CN 115622702A
- Authority
- CN
- China
- Prior art keywords
- keyword
- receiver
- ciphertext
- public key
- sender
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3066—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/002—Countermeasures against attacks on cryptographic mechanisms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Mathematical Optimization (AREA)
- Mathematical Physics (AREA)
- Pure & Applied Mathematics (AREA)
- Physics & Mathematics (AREA)
- Mathematical Analysis (AREA)
- General Physics & Mathematics (AREA)
- Algebra (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a public key authentication searchable encryption method without bilinear pairwise operation, and relates to four entities, namely a system administrator, a sender, a receiver and a cloud end; firstly, a system administrator calls an initialization Setup algorithm to determine system parameters and shares the system parameters to other entities; the sender and the receiver respectively call S-KGen and R-KGen to generate a public key and a private key; then, the sender calls the PEKS to generate a keyword ciphertext, and the keyword ciphertext and a corresponding data ciphertext are uploaded to the cloud; then, the receiver can call the TraDo to generate a keyword trapdoor and initiate a data retrieval request to the cloud; and finally, the cloud calls Test to search a keyword ciphertext matched with the keyword trapdoor in the database, and then returns the corresponding data ciphertext to the receiver. The method has the characteristics of high safety, low calculation overhead, low communication cost and the like.
Description
Technical Field
The invention relates to the technical field of information security, in particular to a public key authentication searchable encryption method without bilinear pairwise operation or a public key authentication searchable encryption method based on an elliptic curve addition group.
Background
Searchable Encryption (SE) is a special public key Encryption technology, can provide two functions of data privacy protection and confidential retrieval, and is widely applied to scenes such as cloud computing, internet of things, medical treatment and the like. The method can search and encrypt, effectively solves the problem of complex operation of firstly downloading the ciphertext data and then decrypting and retrieving by the user, fully utilizes huge calculation power/storage resources of the cloud server, and saves a large amount of local calculation overhead, storage space and network communication cost for the user.
However, cloud servers tend to be honest but curious and have limited keyword space, resulting in traditional searchable encryption schemes that are not resistant to internal keyword guessing attacks. The cloud server can traverse the keyword space to generate a keyword ciphertext, and the keyword ciphertext is matched with the keyword trapdoor requested by the user, so that the keyword information retrieved by the user is guessed.
In order to resist internal keyword guessing attack, domestic and foreign scholars propose public key authentication searchable encryption, but most of the existing schemes need expensive bilinear pairwise operation, and few schemes without bilinear pairwise operation have the problems of non-collusion strong hypothesis dependence of double servers, high communication cost and the like.
Disclosure of Invention
Aiming at the defects and shortcomings of the prior art, the invention designs a safer and more efficient public key authentication searchable encryption scheme based on the elliptic curve addition group, which can resist the internal keyword guessing attack, and avoid high-time-consuming bilinear pairing operation in a single-server environment, thereby effectively improving the calculation efficiency and simultaneously reducing the communication complexity.
The invention aims to design a safe and efficient public key authentication searchable encryption scheme based on an elliptic curve addition group, aims to solve the current situation that the conventional public key authentication searchable encryption scheme relates to high calculation overhead, effectively reduces calculation overhead and communication cost on the premise of ensuring the resistance to internal keyword guessing attack, and meets the development requirements of safe, efficient and confidential retrieval.
The system comprises four entities, namely a system administrator, a sender, a receiver and a cloud, and is realized by the following technical scheme:
firstly, a system administrator calls an initialization Setup algorithm to determine system parameters and shares the system parameters to other entities; the sender and the receiver respectively call S-KGen and R-KGen to generate a public key and a private key; then, the sender calls the PEKS to generate a ciphertext of the keyword, and the keyword ciphertext and a corresponding data ciphertext are uploaded to the cloud; then, the receiver can call the TraDo to generate a keyword trapdoor and initiate a data retrieval request to the cloud; and finally, the cloud calls Test to search a keyword ciphertext matched with the keyword trapdoor in the database, and then returns the corresponding data ciphertext to the receiver.
Because the elliptic curve addition cyclic group adopted by the method has higher operation efficiency and lower communication/storage cost, only less time-consuming point multiplication operation is needed in the generation process of the keyword ciphertext and the trapdoor, thereby ensuring that the method has the characteristics of high safety, low calculation cost, low communication cost and the like.
The technical scheme is as follows:
a public key authentication searchable encryption method without bilinear pairing operation is characterized in that: the method comprises the following steps of relating to four entities of a system administrator, a sender, a receiver and a cloud end; firstly, a system administrator calls an initialization Setup algorithm to determine system parameters and shares the system parameters to other entities; the sender and the receiver respectively call S-KGen and R-KGen to generate a public key and a private key; then, the sender calls the PEKS to generate a ciphertext of the keyword, and the keyword ciphertext and a corresponding data ciphertext are uploaded to the cloud; then, the receiver can call the TraDo to generate a keyword trapdoor and initiate a data retrieval request to the cloud; and finally, the cloud calls Test to search a keyword ciphertext matched with the keyword trapdoor in the database, and then returns the corresponding data ciphertext to the receiver.
Further, it specifically includes the following 6 algorithm steps:
step S1: initializing Setup: inputting a safety parameter lambda, randomly selecting a large prime number q, and determining a nonsingular elliptic curve E: y 2 =x 3 + ax + b (mod q), where, a,selecting prime n-order cyclic group from all points E including infinity pointsAnd a generatorRandom selectionAnd calculate G 1 = α G; selecting secure hash functionsOutputting system parameters
Step S2: the sender key generates S-KGen: inputting system parameter pp, and randomly selectingCalculating P s =d s G, outputting the private key sk of the sender s =d s Public key pk s =P s ;
And step S3: receiver key generation R-KGen: inputting system parameters pp, randomly selecting a first-order polynomial p (x) = c 0 x (mod n) whereOutputting the private key sk of the receiver r = p (x), public key pk r =D 0 In which D is 0 =c 0 G;
And step S4: generating PEKS from the keyword ciphertext: inputting system parameter pp and sender private key sk s =d s Receiver public key pk r =D 0 And a keyword w; random selectionCalculating outC 1 = rG and C 2 =rh w D 0 (ii) a Ciphertext ct of output keyword w w =(C 1 ,C 2 );
Step S5: keyword trapdoor generation TraDo: inputting the system parameter pp and the receiver private key sk r = p (x), sender public key pk s =P s And a keyword w; calculating h w =H(w||c 0 P s ),p w =p(h w ) (ii) a Output keyword trapdoor t w =p w ;
Step S6: and (4) testing Test: inputting system parameter pp, keyword trapdoor t of receiver w And keyword ciphertext ct w Calculating C' 2 =p w C 1 (ii) a If C 2 =C' 2 And outputting 1 to indicate that the keyword ciphertext and the trapdoor are successfully matched, otherwise outputting 0.
Considering that most of the existing public key authentication searchable encryption schemes resisting internal keyword guessing attack relate to expensive bilinear pairwise operation, and few schemes without bilinear pairwise operation depend on the problems of unreasonable assumption of double servers or poor performance, so that the development requirements of safe, efficient and confidential retrieval are difficult to meet.
The invention and the optimized scheme thereof design a new public key authentication searchable encryption scheme based on the elliptic curve addition cyclic group, not only can meet the security of resisting internal key word guessing attack (IKGA) in a single-server scene, but also avoid high-time-consuming bilinear pairing operation. Compared with the conventional public key authentication searchable encryption scheme resisting internal keyword guessing attack, the method has the advantages of lower calculation overhead and communication cost and capability of better meeting the actual application requirements.
Drawings
The invention is described in further detail below with reference to the following figures and detailed description:
FIG. 1 is a schematic flow chart of an embodiment of the present invention.
Detailed Description
In order to make the features and advantages of the present invention comprehensible, embodiments accompanied with figures are described in detail as follows:
1. symbol and definition
q: a large prime number.
k: the order of the polynomial.
F q : a finite field containing q elements.
a,b:F q The elements of (1), which define F q One elliptic curve E above.
E(F q ):F q The set of all rational points of the upper elliptic curve E, including the point of infinity O.
#E(F q ):E(F q ) The number of points, called elliptic curve E (F) q ) The order of (a).
O: a particular point on the elliptic curve is called the infinity point or the null point.
n: order of generator G (n is # E (F) q ) Prime factor of).
p (x): a first order polynomial as the private key of the receiving party.
D 0 : the public key of the recipient.
d s : the sender's private key.
P s : the sender's public key.
2. SM 2-based public key searchable encryption scheme
As shown in fig. 1, the solution of the embodiment includes four entities, namely, a system administrator, a sender, a receiver, and a cloud. Firstly, a system administrator calls an initialization Setup algorithm to determine a system parameter pp, and shares the system parameter pp to other entities; the sender and the receiver respectively call S-KGen and R-KGen to generate a public key (pk) s ,sk s ) And (pk) r ,sk r ). Then, the sender calls PEKS to generate keyword ciphertext ct w The keyword ciphertext ct w And uploading the corresponding data ciphertext Edata to the cloud. Next, the receiver may invoke Trando to generate the keyword trapdoor t w And sending a data retrieval request to the cloud. Finally, the cloud calls Test to search the database and search the database with the keyword trapdoor t w Matching keyword ciphertext ct w And then returning the corresponding data cipher text Edata to the receiving party.
Specifically, the SM2-PAEKS scheme provided by the embodiment of the present invention mainly includes six parts, namely, system establishment (Setup), sender key generation (S-KGen), receiver key generation (S-KGen), keyword ciphertext generation (PEKS), keyword trapdoor generation (TraDo), and Test (Test). The method comprises the following specific steps:
Algorithm 2. Sender key generation (S-KGen): inputting system parameter pp by algorithm, and randomly selectingCalculating P s =d s G, outputting a private key sk of the sender by an algorithm s =d s Public key pk s =P s 。
Algorithm 3. Receiver key generation (R-KGen): inputting system parameters pp by algorithm, and randomly selecting a first-order polynomial p (x) = c 0 x (mod n) whereAlgorithm output receiver private key sk r = p (x), public key pk r =D 0 In which D is 0 =c 0 G。
Algorithm 4. Keyword ciphertext generation (PEKS): inputting system parameter pp and sender private key sk by algorithm s =d s Receiver public key pk r =D 0 And a keyword w. Random selectionComputing C 1 = rG and C 2 =rh w D 0 . Ciphertext ct of algorithm output keyword w w =(C 1 ,C 2 )。
Algorithm 5. Keyword trapdoor generation (TraDo): inputting system parameter pp and receiving party private key sk by algorithm r = p (x), sender public key pk s =P s And a keyword w. ComputingAlgorithm output keyword trapdoor t w =p w 。
Algorithm 6. Test: algorithm input system parameter pp, keyword trapdoor t of receiver w And keyword ciphertext ct w Calculating C' 2 =p w C 1 . If C 2 =C' 2 And if so, outputting 1 by the algorithm to indicate that the keyword ciphertext and the trapdoor are successfully matched, and otherwise, outputting 0.
The present invention is not limited to the above preferred embodiments, and any other various public key identification searchable encryption methods without bilinear pairings can be obtained according to the teachings of the present invention.
Claims (2)
1. A public key authentication searchable encryption method without bilinear pairwise operation is characterized in that: the method comprises the following steps of relating to four entities of a system administrator, a sender, a receiver and a cloud end; firstly, a system administrator calls an initialization Setup algorithm to determine system parameters and shares the system parameters to other entities; the sender and the receiver respectively call S-KGen and R-KGen to generate a public key and a private key; then, the sender calls the PEKS to generate a ciphertext of the keyword, and the keyword ciphertext and a corresponding data ciphertext are uploaded to the cloud; then, the receiver can call the TraDo to generate a keyword trapdoor and initiate a data retrieval request to the cloud; and finally, the cloud calls Test to search a keyword ciphertext matched with the keyword trapdoor in the database, and then returns the corresponding data ciphertext to the receiver.
2. The public key authentication searchable encryption method without bilinear pairings as recited in claim 1, wherein:
the method specifically comprises the following 6 algorithm steps:
step S1: initializing Setup: inputting a safety parameter lambda, randomly selecting a large prime number q, and determining a nonsingular elliptic curve E: y 2 =x 3 + ax + b (mod q), where,selecting prime m-order cyclic group from all points E including infinite pointsAnd a generatorRandom selectionAnd calculate G 1 = α G; selecting secure hash functionsOutputting system parameters
Step S2: the sender key generates S-KGen: inputting system parameter pp, and randomly selectingCalculating P s =d s G, output transmissionPrivate key sk of party s =d s Public key pk s =P s ;
And step S3: the key generation of the receiver is R-KGen: inputting system parameter pp, randomly selecting first-order polynomial p (x) = c 0 x (mod n) whereOutputting the private key sk of the receiver r = p (x), public key pk r =D 0 In which D is 0 =c 0 G;
And step S4: keyword ciphertext generation PEKS: inputting system parameter pp and sender private key sk s =d s Receiver public key pk r =D 0 And a keyword w; random selectionCalculating outC 1 = rG and C 2 =rh w D 0 (ii) a Ciphertext ct of output keyword w w =(C 1 ,C 2 );
Step S5: keyword trapdoor generation TraDo: inputting the system parameter pp and the receiver private key sk r = p (x), sender public key pk s =P s And a keyword w; computingp w =p(h w ) (ii) a Output keyword trapdoor t w =p w ;
Step S6: and (5) testing Test: inputting system parameter pp, keyword trapdoor t of receiver w And a keyword ciphertext cy w Calculating C' 2 =p w C 1 (ii) a If C 2 =C' 2 And outputting 1 to indicate that the keyword ciphertext and the trapdoor are successfully matched, otherwise outputting 0.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211231003.7A CN115622702A (en) | 2022-10-10 | 2022-10-10 | Public key authentication searchable encryption method without bilinear pairing operation |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211231003.7A CN115622702A (en) | 2022-10-10 | 2022-10-10 | Public key authentication searchable encryption method without bilinear pairing operation |
Publications (1)
Publication Number | Publication Date |
---|---|
CN115622702A true CN115622702A (en) | 2023-01-17 |
Family
ID=84859724
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202211231003.7A Pending CN115622702A (en) | 2022-10-10 | 2022-10-10 | Public key authentication searchable encryption method without bilinear pairing operation |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115622702A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116367157A (en) * | 2023-06-01 | 2023-06-30 | 深圳市北测检测技术有限公司 | Security authentication method and device based on 5G communication network |
CN117270955A (en) * | 2023-11-17 | 2023-12-22 | 福建天创信息科技有限公司 | Unified management system of equipment based on websocket |
-
2022
- 2022-10-10 CN CN202211231003.7A patent/CN115622702A/en active Pending
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116367157A (en) * | 2023-06-01 | 2023-06-30 | 深圳市北测检测技术有限公司 | Security authentication method and device based on 5G communication network |
CN116367157B (en) * | 2023-06-01 | 2023-08-01 | 深圳市北测检测技术有限公司 | Security authentication method and device based on 5G communication network |
CN117270955A (en) * | 2023-11-17 | 2023-12-22 | 福建天创信息科技有限公司 | Unified management system of equipment based on websocket |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108111301B (en) | Method and system for realizing SSH protocol based on post-quantum key exchange | |
Wang et al. | Efficient verifiable fuzzy keyword search over encrypted data in cloud computing | |
CN111294352B (en) | Data security authentication method between cloud and edge node | |
KR101493212B1 (en) | Method and system for id-based encryption and decryption | |
CN115622702A (en) | Public key authentication searchable encryption method without bilinear pairing operation | |
Zhao et al. | A New Trapdoor-indistinguishable Public Key Encryption with Keyword Search. | |
Liu et al. | Offline/online attribute‐based encryption with verifiable outsourced decryption | |
CN114124371A (en) | Certificateless public key searchable encryption method meeting MTP (Multi-time programmable) security | |
Xu et al. | Provably secure three-party password authenticated key exchange protocol based on ring learning with error | |
CN114338025A (en) | Ciphertext equivalence testing method in cloud environment | |
Zhao et al. | Verifiable outsourced ciphertext-policy attribute-based encryption for mobile cloud computing | |
CN112560075B (en) | Lightweight searchable encryption method and device based on elliptic curve | |
Du et al. | A Lightweight blockchain-based public-key authenticated encryption with multi-keyword search for cloud computing | |
CN106230840A (en) | A kind of command identifying method of high security | |
Phimphinith et al. | An enhanced mutual authentication scheme based on ECDH for IoT devices using ESP8266 | |
CN114900301A (en) | Public key searchable encryption method meeting MCI (Multi-core identity) security and specifying server | |
Celi et al. | Distefano: Decentralized infrastructure for sharing trusted encrypted facts and nothing more | |
CN113810416B (en) | Public key searchable encryption method based on SM2 public key encryption algorithm | |
Klugah-Brown et al. | A signcryption scheme from certificateless to identity-based environment for wsns into iot | |
CN111310210B (en) | Double-authentication symmetric searchable encryption method based on password and secret signcryption | |
CN114928440A (en) | SM 9-based authentication searchable encryption method and system | |
Cheng et al. | Cryptanalysis and improvement of a certificateless encryption scheme in the standard model | |
Ling et al. | An Improved Anonymous Password Authentication Scheme Using Nonce and Bilinear Pairings. | |
Abbdal et al. | Secure third party auditor for ensuring data integrity in cloud storage | |
Cao et al. | Cryptanalysis of two password authenticated key exchange protocols based on RSA |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |