CN117375835A - Multi-user multi-keyword searchable encryption system and method based on polynomials - Google Patents
Multi-user multi-keyword searchable encryption system and method based on polynomials Download PDFInfo
- Publication number
- CN117375835A CN117375835A CN202311328028.3A CN202311328028A CN117375835A CN 117375835 A CN117375835 A CN 117375835A CN 202311328028 A CN202311328028 A CN 202311328028A CN 117375835 A CN117375835 A CN 117375835A
- Authority
- CN
- China
- Prior art keywords
- key
- data
- file
- user
- keyword
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 43
- 238000013475 authorization Methods 0.000 claims abstract description 33
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 26
- 238000010845 search algorithm Methods 0.000 claims abstract description 8
- 230000006870 function Effects 0.000 claims description 19
- 241000135164 Timea Species 0.000 claims description 3
- 238000004064 recycling Methods 0.000 claims description 3
- 125000004122 cyclic group Chemical group 0.000 claims description 2
- 238000013507 mapping Methods 0.000 claims description 2
- 230000005540 biological transmission Effects 0.000 abstract description 3
- 238000010586 diagram Methods 0.000 description 9
- 238000004590 computer program Methods 0.000 description 7
- 238000012545 processing Methods 0.000 description 4
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3006—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
- H04L9/3026—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters details relating to polynomials generation, e.g. generation of irreducible polynomials
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
Landscapes
- Engineering & Computer Science (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Mathematical Analysis (AREA)
- Pure & Applied Mathematics (AREA)
- Mathematical Physics (AREA)
- Mathematical Optimization (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Algebra (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a multi-user multi-keyword searchable encryption system and method based on polynomials, wherein the system comprises a data owner, a data user group and a cloud server; the data owner is a data owner, encrypts and uploads the data to the cloud server, encrypts and uploads the index of the data to the cloud server by adopting an encryption algorithm, and authorizes the data user; the data user group consists of a plurality of data users, each data user has own unique identification, and the data users use respective authorization keys to generate search trapdoors for the pre-search keywords by using trapdoor generation algorithm and send the search trapdoors to the cloud server for searching; the cloud server is responsible for storing the encrypted data sent by the data owner and searching the encrypted data for the data user using a search algorithm. The system structure of the data owner, the cloud server and the data user is adopted, so that safe, reliable and efficient information transmission is realized.
Description
Technical Field
The invention relates to a multi-user multi-keyword searchable encryption system and method based on polynomials, belonging to the technical field of data encryption.
Background
The rapid development of cloud computing makes cloud storage a primary data storage way that reduces the local storage management overhead of users. However, in practice, the cloud server is semi-trusted, and when the data owner uploads data to the cloud server, the data will face security issues such as access or theft of the cloud server, malicious users and attackers. In this regard, the data owner may encrypt the data file and store the encrypted data file to the cloud server, but when the user wants to query specific data in the file from the cloud server, the user may face a problem of how to quickly and effectively retrieve ciphertext data on the cloud server. The searchable encryption (Searchable Encryption, SE) technique solves the above problems well.
Searchable encryption is an encryption technique that protects the privacy of data, allowing users to perform search operations in an encrypted dataset while protecting the privacy of the data. Unlike traditional encryption methods, searchable encryption techniques can guarantee confidentiality, integrity, and availability of data, and at the same time make the search and query process of data unreadable to people other than the data owner, providing a more sophisticated solution for privacy protection of data. But searchable encryption techniques also face challenges such as problems with functionality, security, and efficiency.
In the searchable encryption, in order to achieve the purpose of searching for ciphertext, some information, such as which searches involve the search mode of the same keyword and which files are returned for the searches, is often revealed to the cloud server. Searchable encryption is an encryption search in a cloud environment, assuming that the cloud server is semi-honest, i.e., it will normally calculate and return results, but some malicious activity may cause the cloud server to leak stored information. Ideally, a scheme is used that does not reveal any information to the adversary, but can only be constructed using ORAM, homomorphic encryption, or multi-party computing, but this scheme incurs significant bandwidth costs and computational overhead. Thus, the SE scheme inevitably reveals some information, and if the revealed information is abused, the SE security is destroyed in a different form. Forward security can ensure that any information of a newly inserted file cannot be inferred at the cloud server using existing search trapdoors.
The multi-user searchable encryption scheme can enable a plurality of users to search and access the cloud documents, improves the utilization efficiency of data, and meets the requirement of user data sharing. The asymmetric searchable encryption public and private keys are mutually separated, so that the searchable encryption problem in a multi-user environment can be solved, but the traditional asymmetric searchable encryption scheme is limited to point-to-point data sharing, has high communication and calculation cost, and limits popularization and practical application. Moreover, the symmetric searchable encryption has small computing cost and high speed, but because the same secret key is used for encryption and decryption, the secret key is easy to leak when the secret key is distributed in an unsafe channel, and the data sharing among multiple users cannot be conveniently carried out.
Disclosure of Invention
The invention aims to overcome the defects in the prior art and provide a multi-user multi-keyword searchable encryption method with forward security, which can control the search of keywords and the access of files by a data user in a fine granularity.
In order to achieve the above purpose, the invention is realized by adopting the following technical scheme:
in a first aspect, the present invention provides a polynomial-based multi-user multi-keyword searchable encryption system comprising a data owner, a data user group, and a cloud server:
the data owner is a data owner, encrypts and uploads the data to the cloud server, encrypts and uploads the index of the data to the cloud server by adopting an encryption algorithm, and authorizes the data user;
the data user group consists of a plurality of data users, each data user has own unique identification id, and the data users use respective authorization keys to generate search trapdoors for the pre-search keywords by using a trapdoor generation algorithm and send the search trapdoors to the cloud server for searching;
the cloud server is responsible for storing the encrypted data sent by the data owner and searching the encrypted data for the data user using a search algorithm.
In a second aspect, the present invention provides a multi-user multi-key searchable encryption method with forward security, based on the system of the first aspect, comprising the steps of:
step 1, initializing: generating a set of keys for the public parameters and the data owners;
step 2, encryption stage: the data owner encrypts plaintext data by using an encryption algorithm and generates a ciphertext index, encrypts the index by using the encryption algorithm and sends the index to the cloud server;
step 3, authorization phase: the data owner uses the identity id of the data user, generates an authorization key for each data user through an authorization algorithm, and sends the authorization key to the corresponding data user;
step 4, generating trapdoor stages: the data user uses the authorization key and the key to be searched to generate a search trapdoor;
step 5, ciphertext searching stage: the cloud server searches ciphertext of the data owner through a search algorithm by using the received search trapdoor, and returns a result to the data user;
step 6, decryption: the data user decrypts the ciphertext to obtain plaintext data.
Further, in step 1, the initialization phase: generating a key set of a public parameter and a data owner, comprising the steps of:
s1.1, generating a public parameter Para;
setup (λ) → { Para }: inputting a security parameter lambda and outputting a common parameter Para including a secure hash function (H 0 ,H 1 ,H 2 ,H 3 ,H 4 ) And pseudo-random functions F and F 1 :H 0 :{0,1} * →{0,1} λ ,H 1 :{0,1} * →{0,1} λ ,H 2 :{0,1} * →{0,1} 1+logN+2λ ,H 3 :{0,1} * →{0,1} λ ,H 4 :{0,1} * →{0,1} 2λ ,F:{0,1} λ ×{0,1} λ →{0,1} λ ,F 1 :{0,1} λ ×{0,1} λ ×{0,1} λ →{0,1} λ ;
S1.2, generating a key set of a data owner;
KeyGen (λ) → { γ }: the data owner generates a set y of keys using the security parameter λ, comprising:
K←{0,1} λ ,K S ←{0,1} λ ,K F ←{0,1} λ ,K A ←{0,1} λ ,K E ←{0,1} λ ,
wherein the key K is used for encrypting data plaintext and decrypting ciphertext, and the key K is used for encrypting data plaintext and decrypting ciphertext S Encryption key S for generating key w w Then generating file node state * Key K E For generating file node key * The key KF is used to identify the user j Generating access right authentication key Au for specified file j Key K A For user id j Generating a pair key w i Is a search authority authentication key of (a)
Step S1.3, the data owner initializes a common buffer shared with all data usersFor storing each keyword w i File block number +.>For each keyword w i Create a private buffer->
i e [0, n-1], n represents the number of keywords, m represents the number of files owned by the keywords, and is used for storing the state of each index file Ind, all the flags in the initial state are=0, if the flag=0 indicates that the file is not added or deleted under the keywords, and if fag =1 indicates that the file is added, if updating is needed, the file needs to be deleted and then added, wherein the buffer is a local buffer for storing a small amount of data.
Further, in the step 2, the encryption stage: the data owner encrypts plaintext data by using an encryption algorithm and generates a ciphertext index, encrypts the index by using the encryption algorithm, and sends the index to a cloud server, and the method comprises the following steps:
step S2.1, encrypting the plaintext M by the data owner to generate ciphertext C m :Enc(M,K)→{C m };
S2.2, uploading the ciphertext to a cloud server by a data owner, storing and generating a file index Ind by the cloud server, and sending the file index Ind to the data owner;
step S2.3, data owner versus keyword w i Encrypting and updating corresponding index files Ind and operations Op to store to a cloud server, wherein i is E [0, n-1],t∈[0,m-1],
Inputting public parameter Para, data owner key gamma, key word w i The file set Ind and the corresponding operation set Op, and also a public Buffer and a private BufferAnd outputting the index ciphertext C.
Further, in step S2.3, the data owner requests the keyword w i The corresponding index file Ind and operation Op are encrypted and updated and stored in the cloud server, and the method comprises the following steps:
step S2.3.1 the data owner passes the key K s Calculating the keyword w i Is a key to encrypt (a) a key to encrypt (b) Then fetch w from the buffer i Corresponding update counter->
Each file node is composed of And polynomial f for file access rights authentication f (x) Constructing;
if it isThen it represents w i No file is yet in the chain structure of (c) this time +.>File node state≡null, node key fact null; if->Then it represents w i File nodes are already in the chain structure of the file list, at the moment, the state and the key of the starting node are taken out, and the state and the key respectively represent the latest nodes on the current file list;
step S2.3.2, ind for each file t ,t∈[0,m-1]M is a keyword w i The number of files under the method, creating file nodes, and judging firstWhether or not to equal 0, if->Then the file ind is represented t Not added, op t = 'add', generate state of the node +.>And node key->state * And key * Representing the newly added node, and then using both to generate a nodeLet->Representing a document ind t Has been added;
step S2.3.3 if ind is to be updated t File node, andthen the op is required to be executed first t = 'del', step S2.3.2 generates +.> Let->Re-executing opt= 'add', generating +.> Order theThis situation arises when an ind needs to be updated t Corresponding to the condition of the file;
step S2.3.4, if a certain file block needs to be deleted, thenLet op t = 'del', generateLet->Representing the file ind under the key word t Deleted;
step S2.3.5 creation for each newly added File nodeD-th order polynomial function f for root set f (x)=z d x d +z d-1 x d-1 +…+z 1 x+z 0 Used for authenticating the access rights of the file, A f ←F(K F ,id j ) D is the access to ind t Id of the number of users of (a) j To have access to ind j Wherein f is f (x ') =0 (x'. Epsilon. Root set);
step S2.3.6, ciphertext pair (block, f f (x) Into the map C), a counter cnt wi Self-increment count, if file node is also added, make state be ≡state * And key≡key * The state and the secret key of the last node of the pre-added node are respectively represented, so that the pre-added node is linked to the node, and each file node is updated and uploaded in a recycling mode;
step S2.3.7 when key word w i After all files below are updated, a head node is recalculatedWherein state and key represent the state and key of the file node linked by the head node respectively,
and then create for the nodeK-th order polynomial function f for root set w (x)=z k x k +z k-1 x k-1 +…+z 1 x+z 0 A is used for carrying out the search authority authentication of keywords w ←F(K A ,w i ) K is the right to access w i Id of the number of users of (a) j To have access to w i Wherein f is w (x ')=key, x' ∈root set;
step S2.3.8, head node ciphertext (block, f w (x) Storing in the map C and updating the counter of the key wi in the buffer to
C[state * ]=(block,f w (x))
And S2.3.9, repeating the steps 2.3.1-2.3.8, and continuously updating the file node corresponding to the next keyword by the updating operation.
Further, in step 3, the authorization phase: the data owner uses the identity id of the data user, generates an authorization key for each data user through an authorization algorithm, and sends the authorization key to the corresponding data user, and the method comprises the following steps:
step S3.1, user id is used according to the data j Keyword w of authorized query i For which the data owner generates an authorization key and sends it to the data consumer together with the decryption key K via a secure channel,
inputting public parameters Para, and data userIdentity id j And keyword set w [ n ]]The data owner uses his own keyset y (K, K) S ,K E ,K F ,K A ) For each keyword w i Generating a corresponding encryption key->Generating pairs w for data users i Is a search authority authentication key->Wherein-> Access right authentication key Au for file j ←H 0 (A f //id j ) Wherein A is f ←F(K F ,id j );
Further, in step 4, a trapdoor stage is generated: the data user generates a search trapdoor using the authorization key and the keyword to be searched, comprising the steps of:
step S4.1, the data user first finds w in the public buffer i Corresponding update counterIf not, the keyword is not updated, and the search can be stopped;
step S4.2, if the update counter corresponding to w is not empty, taking the update counterAnd w i Corresponding encryption key->Generating w i Is->
Step S4.3, using the data user for each keyword w i Authority authentication key of (a)Generating a corresponding keyword authentication identifier +.>
Then use its access authentication key Au to the file j Generating a corresponding file authentication identifier:
finally searching trapdoors:
further, in step 5, the ciphertext search phase: the cloud server searches ciphertext of the data owner through a search algorithm by using the received search trapdoor and returns a result to the data user, and the method comprises the following steps:
step S5.1, data user id j Sending the search trapdoor to a cloud server, wherein the cloud server uses the trapdoor T w Can locate the keyword w i Head node, using state * Obtaining correspondence (block, f) from ciphertext map w (x) Using polynomial f) w (x′ j ) Obtaining key of head node * ←f w (x′ j ):
Is a polynomial f w (x) Is a root set of (c);
step S5.2, use key * State of state * Acquiring a state ciphertext pair of a first file node
Step S5.3, judging the correctness of the file state ciphertext (key), judging whether the ciphertext mapping C has the corresponding key value pair, if C is state]=null, then state is incorrect, i.e. key * Is wrong, so the user does not have a search keyword w i Ending the keyword search and continuing traversing;
step S5.4, if C state]Not null, then represent key * Is correct, the data user has a pair w i Is set at this timeAs a set of all search results, +.>As a set of deleted files, S+.S-D is made to return a result when the round of search is performed;
step S5.5, the data user has the searching authority to the keyword, and then the keyword w is searched i The files of (1) are circularly searched to enable state * ←state,key * ←key;
Step S5.6, after traversing all keyword nodes corresponding to the search completion portal, returning a final Result set result+.S 0 +S 1 +...+S n-1 。
Further, in step S5.5, the data user has the right to search for the keyword, and then the keyword w is searched for i Is subjected to a cyclic traversal search of the files of (a),comprising the following steps:
step S5.5.1, when state * If not, the file node information (block, f) is calculated f (x))←C[state * ]And can acquire the information of the file and the state and key of the next node:
step S5.5.2 if f f (x ") =0, then the data user has the right to access the file, put the file into the corresponding set, i.e. into the S set if op= 'add', put it into the D set if op= 'del').
Is a polynomial f f (x) Is a root set of (1);
step S5.5.3, if f (x') is not equal to 0, it indicates that the data user does not have access to the file, and the state is set to be equal to or higher than the state of the file * ←state,key * The search of the next file node is entered by the key;
step S5.5.4, when state * When=null, it indicates that the node is the keyword w i The last file node under the file node returns the keyword w after authority authentication is carried out, the corresponding set of the file is added is obtained i And a corresponding result set S.
Further, in step 6, the decryption stage: the data user decrypts the ciphertext to obtain plaintext data, which comprises the following steps:
step S6.1, the data user obtains corresponding ciphertext C from the cloud server according to the file index Ind m ;
Step S6.2, the data user decrypts the ciphertext by using the key K to obtain the needed plaintext M,
Dec(C m ,K)→{M}。
compared with the prior art, the invention has the beneficial effects that:
1. according to the invention, through the system structures of the data owner, the cloud server and the data user, the data owner is responsible for encrypting the data, the index of the data is encrypted by adopting an encryption algorithm and is also uploaded to the server, the cloud server is in a semi-honest state, and the cloud server is responsible for storing and executing the search ciphertext, so that the information transmission is safe, reliable and efficient.
2. The invention ensures the safety of the plaintext under the condition that the trapdoor is intercepted by utilizing the symmetric encryption, realizes the function similar to the version number by utilizing the self-defined file counter, and ensures the data information inserted after the cloud server cannot be estimated according to the existing searching trapdoor, thereby realizing the forward safety.
3. The invention adopts a polynomial to carry out authority authentication to construct a multi-user multi-keyword searchable encryption method with forward security. The encrypted data adopts an implicit chain type storage structure, and the version control function is realized in a mode of a file counter, so that the data updated later can not be obtained by searching by using the original trapdoor, and the forward safety of the method is ensured.
4. In a multi-user environment, the method uses a polynomial to verify the keyword searching authority and the file accessing authority, when the cloud server receives a searching trapdoor, the keyword node corresponding to the trapdoor is traversed, before searching a file node linked list corresponding to the keyword, whether the keyword searching authority exists is verified, and the file accessing authority verification is performed before accessing the file node. The invention can complete fine granularity access control in a multi-user environment, meets corresponding safety characteristics, and can not obtain plaintext information even if an attacker has no secret key under the condition that a trapdoor is intercepted.
Drawings
Fig. 1 is a system model diagram in the present invention.
Fig. 2 is a diagram of a file storage structure in the present invention.
FIG. 3 is a flow chart of file upload update in the present invention.
Fig. 4 is a flow chart of file search in the present invention.
Fig. 5 is a flow chart of the method of the present invention.
Fig. 6 is a flowchart of an index encryption update of the present invention.
Fig. 7 is a ciphertext search flow chart of the present invention.
Detailed Description
The invention is further described below with reference to the accompanying drawings. The following examples are only for more clearly illustrating the technical aspects of the present invention, and are not intended to limit the scope of the present invention.
Embodiment one:
the embodiment provides a multi-user multi-keyword searchable encryption system based on a polynomial, as shown in fig. 1, which is a system model of the present invention, and includes a data owner, a data user group and a cloud server:
the data owner is a data owner, encrypts and uploads the data to the cloud server, encrypts and uploads the index of the data to the cloud server by adopting an encryption algorithm, and authorizes the data user;
the data user group consists of a plurality of data users, each data user has own unique identification id, and the data users use respective authorization keys to generate search trapdoors for the pre-search keywords by using a trapdoor generation algorithm and send the search trapdoors to the cloud server for searching;
the cloud server is responsible for storing the encrypted data sent by the data owner and searching the encrypted data for the data user using a search algorithm.
In this embodiment, through the system structures of the data owner, the cloud server and the data user, the data owner is responsible for encrypting data, the index of the data is encrypted by adopting an encryption algorithm and also uploaded to the server, the cloud server is semi-honest, and the cloud server is responsible for storing and executing the search ciphertext, so that the information transmission is safe, reliable and efficient.
Embodiment two:
the embodiment provides a multi-user multi-keyword searchable encryption method with forward security, as shown in fig. 1, which is a system model of the present invention, and mainly includes six steps: the method comprises an initialization stage, an encryption stage, an authorization stage, a trapdoor generation stage, a ciphertext search stage and a decryption stage, wherein the data are provided with file indexes returned by the cloud server after being encrypted and uploaded to the cloud server, the data owners upload index ciphertexts to the cloud server through the method, the data users are authorized to generate trapdoor uploading cloud servers, the cloud server searches and returns results, and finally the data users decrypt the ciphertexts to obtain the required plaintext files.
As shown in FIG. 2, the file storage structure diagram in the present invention uses implicit chain storage for the file nodes under each key, and each file node has a node state and a node key of the next file node, which can point to the next file node. The chain storage of each key has a head node, and all key head nodes also adopt chain storage. And in the searching stage, traversing the keyword head nodes corresponding to the trapdoors uploaded by the data user and the file nodes under each keyword, and finally returning all the file data authorized by the data user by the data owner.
The method specifically comprises the following steps:
step 1, initializing: generating a set of keys for the public parameters and the data owners;
s1.1, generating a public parameter Para;
setup (λ) → { Para }: inputting a security parameter lambda and outputting a common parameter Para including a secure hash function (H 0 ,H 1 ,H 2 ,H 3 ,H 4 ) And pseudo-random functions F and F 1 :H 0 :{0,1} * →{0,1} λ ,H 1 :{0,1} * →{0,1} λ ,H 2 :{0,1} * →{0,1} 1+logN+2λ ,H 3 :{0,1} * →{0,1} λ ,H 4 :{0,1} * →{0,1} 2λ ,F:{0,1} λ ×{0,1} λ →{0,1} λ ,F 1 :{0,1} λ ×{0,1} λ ×{0,1} λ →{0,1} λ ;
S1.2, generating a key set of a data owner;
KeyGen (λ) → { γ }: the data owner generates a key set γ using a security parameter λ, comprising: k++0, 1} λ ,K S ←{0,1} λ ,K F ←{0,1} λ ,K A ←{0,1} λ ,K E ←{0,1} λ Wherein the key K is used for encrypting data plaintext and decrypting ciphertext, and the key K is used for encrypting data plaintext and decrypting ciphertext S Encryption key S for generating key w w Then generating file node state * Key K E For generating file node key * The key KF is used to identify the user j Generating access right authentication key Au for specified file j Key K A For user id j Generating a pair key w i Is a search authority authentication key of (a)
Step S1.3, the data owner initializes a common buffer shared with all data usersFor storing each keyword w i File block number +.>For each keyword w i Create a private buffer->(i∈[0,n-1]N represents the number of keywords and m represents the number of files owned by the keywords) for storing eachThe state of the index file Ind, all the flags=0 in the initial state, if the flag=0, it indicates that the file is not added or deleted under the key, and if the flag=1, it indicates that the file is added, if it needs to be updated, it needs to be deleted and then added (wherein the buffer is a local buffer for storing a small amount of data);
step 2, encryption stage: as shown in fig. 3, the file uploading and updating flow chart, the data owner encrypts the plaintext data by using an encryption algorithm and generates a ciphertext index, and then encrypts the index by using the encryption algorithm in the method and sends the index to the cloud server;
step S2.1, encrypting the plaintext M by the data owner to generate ciphertext C m :Enc(M,K)→{C m };
S2.2, uploading the ciphertext to a cloud server by a data owner, storing and generating a file index Ind by the cloud server, and sending the file index Ind to the data owner;
step S2.3, data owner versus keyword w i The corresponding index file Ind and operation Op are encrypted and updated and stored to the cloud server (where i E [0, n-1)],t∈[0,m-1]),
Inputting public parameter Para, data owner key gamma, key word w i The file set Ind and the corresponding operation set Op, and also a public Buffer and a private BufferOutputting an index ciphertext C;
step S2.3.1 the data owner passes the key K s Calculating the keyword w i Is a key to encrypt (a) a key to encrypt (b) Then fetch w from the buffer i Corresponding toUpdate counter->(per file node is defined byAnd polynomial f for file access rights authentication f (x) Constitutive) if->Then it represents w i No file is yet in the chain structure of (c) this time +.>File node state≡null, node key fact null; if->Then it represents w i File nodes are already in the chain structure of (a) and a key of a starting node are fetched at the moment (the state and the key respectively represent the latest nodes on the current file chain table);
step S2.3.2, ind for each file t (t∈[0,m-1]M is a keyword w i Number of files below) creates file nodes, first judgesWhether or not to equal 0, if->Then the file ind is represented t Not added, op t = 'add', generate state of the node +.>And node key->state * And key * Representing the newly added node, and then using both to pair the nodePoint generationLet->Representing a document ind t Has been added;
step S2.3.3 if ind is to be updated t File node, andthen the op is required to be executed first t = 'del', step S2.3.2 generates +.> Let->Re-executing op t = 'add', generate +.> Order the(this situation arises when an update ind is required t Case of corresponding file);
step S2.3.4, if a certain file block needs to be deleted, thenLet op t = 'del', generateLet->Representing the file ind under the key word t Deleted;
step S2.3.5 creation for each newly added File nodeD-th order polynomial function f for root set f (x)=z d x d +z d-1 x d-1 +…+z 1 x+z 0 Used for authenticating the access rights of the file, A f ←F(K F ,id j ) D is the access to ind t Id of the number of users of (a) j To have access to ind j Wherein f is f (x ') =0 (x'. Epsilon. Root set);
step S2.3.6, ciphertext pair (block, f f (x) Storing in map C, counterSelf-increment count, if file node is also added, make state be ≡state * And key≡key * The state and the secret key of the last node of the pre-added node are respectively represented, so that the pre-added node is linked to the node, and each file node is updated and uploaded in a recycling mode;
step S2.3.7 when key word w i After all files below are updated, a head node is recalculatedWherein state and key represent the state and key of the file node linked by the head node, respectively, +.> Then create a new +.>K-th order multiple for root setPolynomial function f w (x)=z k x k +z k-1 x k-1 +…+z 1 x+z 0 A is used for carrying out the search authority authentication of keywords w ←F(K A ,w i ) K is the right to access w i Id of the number of users of (a) j To have access to w i Wherein f is w (x ')=key (x' ∈root set);
step S2.3.8, head node ciphertext (block, f w (x) Storing the key w in the buffer into the map C i The counter is updated to
C[state * ]=(block,f w (x))
S2.3.9, repeating the updating operation to continuously update the file node corresponding to the next keyword;
step 3, authorization phase: the data owner uses the identity id of the data user, generates an authorization key for each data user through an authorization algorithm, and sends the authorization key to the corresponding data user;
step S3.1, user id is used according to the data j Keyword w of authorized query i For which the data owner generates an authorization key and sends it to the data consumer together with the decryption key K via a secure channel,
input public parameter Para, data user identity id j And keyword set w [ n ]]The data owner uses its own keyset γ (K, K) S ,K E ,K F ,K A ) For each keyword w i Generating a corresponding encryption key->Generating pairs w for data users i Is a search authority authentication key of (a)Wherein-> Access right authentication key Au for file j ←H 0 (A f //id j ) Wherein A is f ←F(K F ,id j );
Step 4, generating trapdoor stages: data user generates search trapdoor using authorization key and keyword to be searched
Step S4.1, the data user first finds w in the public buffer i Corresponding update counterIf not, the keyword is not updated, and the search can be stopped;
step S4.2, if the update counter corresponding to w is not empty, taking the update counterAnd w i Corresponding encryption key->Generating w i Is->
Step S4.3, using the data user for each keyword w i Authority authentication key of (a)Generating a corresponding keyword authentication identifier +.>Then use its access authentication key Au to the file j Generating a corresponding document authentication identifier j->Finally search trapdoor->
Step 5, ciphertext searching stage: as shown in the file searching flow chart of fig. 4, the cloud server searches ciphertext of the data owner through a searching algorithm by using the received searching trapdoor, and returns a result to the data user;
step S5.1, data user id j Sending the search trapdoor to a cloud server, wherein the cloud server uses the trapdoor T w Can locate the keyword w i Head node, using state * Obtaining correspondence (block, f) from ciphertext map w (x) Using polynomial f) w (x′ j ) Obtaining key of head node * ←f w (x′ j ):
Is a polynomial f w (x) Is a root set of (c);
step S5.2, use key * State of state * Acquiring a state ciphertext pair of a first file node
Step S5.3, judging the correctness of the file state ciphertext (key), i.e. judging whether there is a corresponding key value pair in the ciphertext map C, if C is state]=null, then state is incorrect, i.e. key * Is wrong, so the user does not have a search keyword w i Ending the keyword search and continuing traversing;
step S5.4, if C state]Not null, then represent key * Is correct, i.e. the data user has a pair w i Is set at this timeAs a set of all search results, +.>As a set of deleted files, S+.S-D is made to return a result when the round of search is performed;
step S5.5, the data user has the searching authority to the keyword, and then the keyword w is searched i The files of (1) are circularly searched to enable state * ←state,key * ←key;
Step S5.5.1, when state * If not, the file node information (block, f) is calculated f (x))←C[state * ]And can acquire the information of the file and the state and key of the next node
Step (a)S5.5.2 if f f (x ") =0, then the data user has the right to access the file, put the file into the corresponding set, i.e. into the S set if op= 'add', put it into the D set if op= 'del').
Is a polynomial f f (x) Is a root set of (c);
step S5.5.3, if f (x ") -0, it indicates that the data user does not have access to the file, and the state is set to * ←state,key * The search of the next file node is entered by the key;
step S5.5.4, when state * When=null, it indicates that the node is the keyword w i The last file node under the file node returns the keyword w after authority authentication is carried out, the corresponding set of the file is added is obtained i A corresponding result set S;
step S5.6, after traversing all keyword nodes corresponding to the search completion portal, returning a final Result set result+.S 0 +S 1 +...+S n-1 ;
Step 6, decryption: decrypting the ciphertext by a data user to obtain plaintext data;
step S6.1, the data user obtains corresponding ciphertext C from the cloud server according to the file index Ind m ;
Step S6.2, the data user decrypts the ciphertext by using the key K to obtain the needed plaintext M,
Dec(C m ,K)→{M}。
the invention ensures the safety of the plaintext under the condition that the trapdoor is intercepted by utilizing the symmetric encryption, realizes the function similar to the version number by utilizing the self-defined file counter, and ensures the data information inserted after the cloud server cannot be estimated according to the existing searching trapdoor, thereby realizing the forward safety.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The foregoing is merely a preferred embodiment of the present invention, and it should be noted that modifications and variations could be made by those skilled in the art without departing from the technical principles of the present invention, and such modifications and variations should also be regarded as being within the scope of the invention.
Claims (10)
1. A multi-user multi-keyword searchable encryption system based on polynomials, comprising a data owner, a data user group, and a cloud server:
the data owner is a data owner, encrypts and uploads the data to the cloud server, encrypts and uploads the index of the data to the cloud server by adopting an encryption algorithm, and authorizes the data user;
the data user group consists of a plurality of data users, each data user has own unique identification id, and the data users use respective authorization keys to generate search trapdoors for the pre-search keywords by using a trapdoor generation algorithm and send the search trapdoors to the cloud server for searching;
the cloud server is responsible for storing the encrypted data sent by the data owner and searching the encrypted data for the data user using a search algorithm.
2. A multi-user multi-keyword searchable encryption method based on a polynomial, characterized in that it comprises the following steps based on the system of claim 1:
step 1, initializing: generating a set of keys for the public parameters and the data owners;
step 2, encryption stage: the data owner encrypts plaintext data by using an encryption algorithm and generates a ciphertext index, encrypts the index by using the encryption algorithm and sends the index to the cloud server;
step 3, authorization phase: the data owner uses the identity id of the data user, generates an authorization key for each data user through an authorization algorithm, and sends the authorization key to the corresponding data user;
step 4, generating trapdoor stages: the data user uses the authorization key and the key to be searched to generate a search trapdoor;
step 5, ciphertext searching stage: the cloud server searches ciphertext of the data owner through a search algorithm by using the received search trapdoor, and returns a result to the data user;
step 6, decryption: the data user decrypts the ciphertext to obtain plaintext data.
3. The polynomial-based multi-user multi-key searchable encryption method according to claim 2, wherein in step 1, the initialization phase: generating a key set of a public parameter and a data owner, comprising the steps of:
s1.1, generating a public parameter Para;
setup (λ) → { Para }: inputting a security parameter lambda and outputting a common parameter Para including a secure hash function (H 0 ,H 1 ,H 2 ,H 3 ,H 4 ) And pseudo-random functions F and F 1 :H 0 :{0,1} * →{0,1} λ ,H 1 :{0,1} * →{0,1} λ ,H 2 :{0,1} * →{0,1} 1+logn+2λ ,H 3 :{0,1} * →{0,1} λ ,H 4 :{0,1} * →{0,1} 2λ ,F:{0,1} λ ×{0,1} λ →{0,1} λ ,F 1 :{0,1} λ ×{0,1} λ ×{0,1} λ →{0,1} λ ;
S1.2, generating a key set of a data owner;
KeyGen (λ) → { γ }: the data owner generates a key set γ using a security parameter λ, comprising:
K←{0,1} λ ,K S ←{0,1} λ ,K F ←{0,1} λ ,K A ←{0,1} λ ,K E ←{0,1} λ ,
wherein the key K is used for encrypting data plaintext and decrypting ciphertext, and the key K is used for encrypting data plaintext and decrypting ciphertext S For generating keysEncryption key S for word w w Then generating file node state * Key K E For generating file node key * Key K F For user id j Generating access right authentication key Au for specified file j Key K A For user id j Generating a pair key w i Is a search authority authentication key of (a)
Step S1.3, the data owner initializes a common buffer shared with all data usersFor storing each keyword w i File block number +.>For each keyword w i Create a private buffer->
i e [0, n-1], n represents the number of keywords, m represents the number of files owned by the keywords, and is used for storing the state of each index file Ind, all the flags=0 in the initial state, if the flag=0, the file is not added or deleted yet under the keywords, and if the flag=1, the file is added, if the update is needed, the file needs to be deleted and then added, wherein the buffer is a local buffer for storing a small amount of data.
4. The polynomial-based multi-user multi-key searchable encryption method according to claim 2, wherein in step 2, the encryption stage: the data owner encrypts plaintext data by using an encryption algorithm and generates a ciphertext index, encrypts the index by using the encryption algorithm, and sends the index to a cloud server, and the method comprises the following steps:
step S2.1, encrypting the plaintext M by the data owner to generate ciphertext C m :Enc(M,K)→{C m };
S2.2, uploading the ciphertext to a cloud server by a data owner, storing and generating a file index Ind by the cloud server, and sending the file index Ind to the data owner;
step S2.3, data owner versus keyword w i Encrypting and updating corresponding index files Ind and operations Op to store to a cloud server, wherein i is E [0, n-1],t∈[0,m-1],
Inputting public parameter Para, data owner key gamma, key word w i The file set Ind and the corresponding operation set Op, and also a public Buffer and a private BufferAnd outputting the index ciphertext C.
5. The polynomial-based multi-user multi-keyword searchable encryption method according to claim 4, wherein in step S2.3, the data owner pairs the keyword w i The corresponding index file Ind and operation Op are encrypted and updated and stored in the cloud server, and the method comprises the following steps:
step S2.3.1 the data owner passes the key K s Calculating the keyword w i Is a key to encrypt (a) a key to encrypt (b) Then fetch w from the buffer i Corresponding update counter->
Each file node is composed of And polynomial f for file access rights authentication f (x) Constructing;
if it isThen it represents w i No file is yet in the chain structure of (c) this time +.>File node state≡null, node key fact null; if->Then it represents w i File nodes are already in the chain structure of the file list, at the moment, the state and the key of the starting node are taken out, and the state and the key respectively represent the latest nodes on the current file list;
step S2.3.2, ind for each file t ,t∈[0,m-1]M is a keyword w i The number of files under the method, creating file nodes, and judging firstWhether or not to equal 0, if->Then the file ind is represented t Not added, op t = 'add', generate state of the node +.>And node key->state * And key * Representing the newly added node, and then using both to generate a nodeLet->Representing a document ind t Has been added;
step S2.3.3 if ind is to be updated t File node, andthen the op is required to be executed first t = 'del', step S2.3.2 generates +.> Let->Re-executing op t = 'add', generate +.> Order theThis situation arises when an ind needs to be updated t Corresponding to the condition of the file;
step S2.3.4, if a certain file block needs to be deleted, thenLet op t = 'del', generateLet->Representing the file ind under the key word t Deleted;
step S2.3.5 creation for each newly added File nodeD-th order polynomial function f for root set f (x)=z d x d +z d-1 x d-1 +…+z 1 x+z 0 Used for authenticating the access rights of the file, A f ←F(K F ,id j ) D is the access to ind t Id of the number of users of (a) j To have access to ind j Wherein f is f (x ") =0 (x" ∈root set);
step S2.3.6, ciphertext pair (block, f f (x) Storing in map C, counterSelf-increment count, if file node is also added, make state be ≡state * And key≡key * The state and the secret key of the last node of the pre-added node are respectively represented, so that the pre-added node is linked to the node, and each file node is updated and uploaded in a recycling mode;
step S2.3.7 when key word w i After all files below are updated, a head node is recalculatedWherein state and key represent the state and key of the file node linked by the head node, respectively, +.>Then create a new +.>K-th order polynomial function f for root set w (x)=z k x k +z k-1 x k-1 +…+z 1 x+z 0 A is used for carrying out the search authority authentication of keywords w ←F(K A ,w i ) K is the right to access w i Id of the number of users of (a) j To have access to w i Wherein f is w (x ')=key, x' ∈root set;
step S2.3.8, head node ciphertext (block, f w (x) Storing the key w in the buffer into the map C i The counter is updated to
C[state * ]=(block,f w (x))
And S2.3.9, repeating the steps 2.3.1-2.3.8, and continuously updating the file node corresponding to the next keyword by the updating operation.
6. The polynomial based multi-user multi-key searchable encryption method according to claim 2, wherein in step 3, the authorization phase: the data owner uses the identity id of the data user, generates an authorization key for each data user through an authorization algorithm, and sends the authorization key to the corresponding data user, and the method comprises the following steps:
step S3.1, user id is used according to the data j Keyword w of authorized query i For which the data owner generates an authorization key and sends it to the data consumer together with the decryption key K via a secure channel,input public parameter Para, data user identity id j And keyword set w [ n ]]The data owner uses its own keyset γ (K, K) S ,K E ,K F ,K A ) For each keyword w i Generating a corresponding encryption key->Generating pairs w for data users i Is a search authority authentication key of (a)Wherein-> Access right authentication key Au for file j ←H 0 (A f ∥id j ) Wherein A is f ←F(K F ,id j )。
7. The polynomial-based multi-user multi-keyword searchable encryption method according to claim 2, wherein in step 4, a trapdoor phase is generated: the data user generates a search trapdoor using the authorization key and the keyword to be searched, comprising the steps of:
step S4.1, the data user first finds w in the public buffer i Corresponding update counterIf not, the keyword is not updated, and the search can be stopped;
step S4.2, if the update counter corresponding to w is not empty, taking the update counterAnd w i Corresponding encryption keyGenerating w i Is->
Step S4.3, using the data user for each keyword w i Authority authentication key of (a)Generating a corresponding keyword authentication identifier +.>
Then use its access authentication key Au to the file j Generating a corresponding file authentication identifier:
finally searching trapdoors:
8. the polynomial-based multi-user multi-keyword searchable encryption method according to claim 2, wherein in step 5, the ciphertext search phase: the cloud server searches ciphertext of the data owner through a search algorithm by using the received search trapdoor and returns a result to the data user, and the method comprises the following steps:
step S5.1, data user id j Sending the search trapdoor to a cloud server, wherein the cloud server uses the trapdoor T w Can locate the keyword w i Head node, using state * Obtaining correspondence (block, f) from ciphertext map w (x) Using polynomial f) w (x' j ) Obtaining key of head node * ←f w (x' j ):
(Is a polynomial f w (x) Is a root set of (c);
step S5.2, use key * State of state * Acquiring a state ciphertext pair of a first file node
Step S5.3, judging the correctness of the file state ciphertext (key), judging whether the ciphertext mapping C has the corresponding key value pair, if C is state]=null, then state is incorrect, i.e. key * Is wrong, so the user does not have a search keyword w i Ending the keyword search and continuing traversing;
step S5.4, if C state]Not null, then represent key * Is correct, the data user has a pair w i Is set at this timeAs a set of all search results, +.>As the set of deleted files, let S+.S-D return as the round of searchReturning a result;
step S5.5, the data user has the searching authority to the keyword, and then the keyword w is searched i The files of (1) are circularly searched to enable state * ←state,key * ←key;
Step S5.6, after traversing all keyword nodes corresponding to the search completion portal, returning a final Result set result+.S 0 +S 1 +...+S n-1 。
9. The polynomial-based multi-user multi-keyword searchable encryption method according to claim 8, wherein in step S5.5, the data user has the search authority for the keyword, and then the keyword w is searched for i A cyclic traversal search of a file of (a), comprising:
step S5.5.1, when state * If not, the file node information (block, f) is calculated f (x))←C[state * ]And can acquire the information of the file and the state and key of the next node:
step S5.5.2 if f f (x ") =0, it indicates that the data user has permission to access the file, and put the file into the corresponding set, i.e., into the S set if op= 'add', and into the D set if op= 'del').
Is a polynomial f f (x) Root of (2)A collection;
step S5.5.3, if f (x ") -0, it indicates that the data user does not have access to the file, and the state is set to * ←state,key * The search of the next file node is entered by the key;
step S5.5.4, when state * When=null, it indicates that the node is the keyword w i The last file node under the file node returns the keyword w after authority authentication is carried out, the corresponding set of the file is added is obtained i And a corresponding result set S.
10. The polynomial based multi-user multi-key searchable encryption method according to claim 2, wherein in step 6, the decryption phase: the data user decrypts the ciphertext to obtain plaintext data, which comprises the following steps:
step S6.1, the data user obtains corresponding ciphertext C from the cloud server according to the file index Ind m ;
Step S6.2, the data user decrypts the ciphertext by using the key K to obtain the needed plaintext M,
Dec(C m ,K)→{M}。
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311328028.3A CN117375835A (en) | 2023-10-13 | 2023-10-13 | Multi-user multi-keyword searchable encryption system and method based on polynomials |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311328028.3A CN117375835A (en) | 2023-10-13 | 2023-10-13 | Multi-user multi-keyword searchable encryption system and method based on polynomials |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117375835A true CN117375835A (en) | 2024-01-09 |
Family
ID=89392304
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311328028.3A Pending CN117375835A (en) | 2023-10-13 | 2023-10-13 | Multi-user multi-keyword searchable encryption system and method based on polynomials |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117375835A (en) |
-
2023
- 2023-10-13 CN CN202311328028.3A patent/CN117375835A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9977918B2 (en) | Method and system for verifiable searchable symmetric encryption | |
| CN112019591B (en) | Cloud data sharing method based on block chain | |
| CN110334526B (en) | Forward security searchable encryption storage system and method supporting verification | |
| US9112699B1 (en) | System, processing device, computer program and method, to tranparently encrypt and store data objects such that owners of the data object and permitted viewers are able to view decrypted data objects after entering user selected passwords | |
| Li et al. | Secure deduplication storage systems supporting keyword search | |
| WO2018122287A1 (en) | Method and system for search pattern oblivious dynamic symmetric searchable encryption | |
| Li et al. | Towards privacy-preserving storage and retrieval in multiple clouds | |
| CN108062485A (en) | A kind of fuzzy keyword searching method of multi-service oriented device multi-user | |
| KR20150052131A (en) | Secure private database querying with content hiding bloom filters | |
| CN112989375B (en) | Hierarchical optimization encryption lossless privacy protection method | |
| CN112800445B (en) | Boolean query method for forward and backward security and verifiability of ciphertext data | |
| CN114048448A (en) | Block chain based dynamic searchable encryption method and device | |
| CN104052740A (en) | Verifiable and searchable encryption method based on dictionary in cloud storage | |
| CN112532650A (en) | Block chain-based multi-backup safe deletion method and system | |
| CN115225409A (en) | Cloud data safety deduplication method based on multi-backup joint verification | |
| CN107294701B (en) | Multidimensional ciphertext interval query device and method with efficient key management | |
| US8862893B2 (en) | Techniques for performing symmetric cryptography | |
| US11157631B1 (en) | System and method for securely indexing, storing, and retrieving data within a computer network | |
| Yan et al. | Secure and efficient big data deduplication in fog computing | |
| CN114430321B (en) | DFA self-adaptive security-based black box traceable key attribute encryption method and device | |
| CN115865461A (en) | Method and system for distributing data in high-performance computing cluster | |
| CN113904823B (en) | Attribute-based searchable encryption method and system for constant-level authorization computation complexity | |
| CN115913725A (en) | Forward security dynamic searchable encryption method and system based on XOR encryption chain | |
| CN114640458A (en) | Fine-grained multi-user secure searchable encryption method in cloud-edge collaborative environment | |
| CN117375835A (en) | Multi-user multi-keyword searchable encryption system and method based on polynomials |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |