The encryption method that can search for of the nominative testing person of identity-based in cloud storage
Technical field
The invention belongs to field of information security technology, and in particular to the nominative testing person of identity-based in a kind of cloud storage
The encryption method that can search for.
Background technology
Cloud computing is capable of providing various advanced calculate that cost is relatively low, expansible and takes as a kind of new computation model
Business, in order to save storage and manage the cost of data, data can be outsourced to cloud storage service device by enterprises and individuals.Cloud storage
The data that service provides have an advantages such as availability and reliability, but its also there are one it is apparent the shortcomings that, i.e., data do not exist
Under the management and control of user, then how to safeguard that the confidentiality and integrity of data becomes and asked for what user urgently paid close attention to
Topic.
What although cloud storage service provider (Cloud Storage Service Provider, CSSP) was believed by enterprise can
By property, availability, fault-tolerance etc., but people are uncertain about CSSP not by the data of trustship for other purposes;Similarly for
For personal user, they wish that the data of oneself can only be accessed by oneself or the people specified and cannot be accessed by CSSP.This will
Problem of both causing:On the one hand, from the point of view of user, they, which can not find, allows their believable CSSP completely to store
With their data of management;On the other hand it from the point of view of CSSP, will be lost in the case where not solving the above problems big
The client of amount.Therefore, the popularization and use that the confidentiality of data and integrality will hinder cloud storage.
In view of above practical problem, data must be encrypted before CSSP is transferred to by user oneself in cloud storage, and
And can only be also decrypted by user oneself, the danger of user data leakage will be mitigated in this way.But this will introduce one it is new
Problem, as user needs the document for including some keyword, then whether user can be quickly obtains data that they want simultaneously
Ensure confidentiality of the data to CSSP
Invention content
The object of the present invention is to provide the encryption method that can search for of the nominative testing person of identity-based in cloud storage a kind of,
Solve the data that malice cloud storage service device in the prior art can reveal user's search in search process is performed
The problem of.
The technical solution adopted in the present invention is the encryption side that can search for of the nominative testing person of identity-based in cloud storage
Method is specifically implemented according to the following steps:
Step 1, systematic parameter initialization;
The generation of step 2, privacy key;
The generation of step 3, Data receiver's private key;
Keyword is encrypted in step 4, data owner;
The generation of step 5, trapdoor;
Step 6, test.
The features of the present invention also characterized in that
Step 1 is specifically implemented according to the following steps:
Step (1.1), given security parameter k, public key generator PKG firstly generate bilinear map e:G1×G1→G2,
Middle G1Be rank be Big prime q>2kAddition cyclic group, G2Be rank be Big prime q>2kMultiplicative cyclic group, public key generator PKG
Randomly choose master keyHereAnd calculate Ppub=s-1P∈G1As system public key, wherein P
It is G1Generation member;
Step (1.2), PKG select 3 hash functions:
H1:{0,1}n→G1,
H2:G2→{0,1}n,
Wherein, n is the length of keyword, and note keyword space is W={ 0,1 }n, system common parameter PP is { q, G1,G2,
e,P,Ppub,n,H1,H2,H3, main private key msk=s-1。
Step 2 is specially:
The identity ID of given serverS∈{0,1}n, PKG utilize main private key msk=s-1, the private key sk of calculation serverS=
s-1H1(IDS)。
Step 3 is specially:
The identity ID of given recipientR∈{0,1}n, PKG utilize main private key msk=s-1, calculate the private key of Data receiver
skR=s-1H1(IDR)。
Step 4 is specifically implemented according to the following steps:
Step (4.1), given IDS、IDR, w ∈ W={ 0,1 }n, data owner's random selection r1∈Zp, and calculate ciphertext C
=(C1,C2,C3) be respectively:
C1=r1P,
C2=H2[e(H1(IDR), r1Ppub)]+H2[e(H1(IDS),r1Ppub)],
Step (4.2), data owner are by the encrypted ciphertext C=(C of keyword w1,C2,C3) and include corresponding keyword
Encrypted file be uploaded to cloud storage service device.
Step 5 is specifically implemented according to the following steps:
Step (5.1), given IDS、skRWith keyword w ∈ W={ 0,1 }n, recipient's random selection r2∈ZpAnd it calculates:
T1=r2P,
T2=H3{H2[e(r2H1(IDS),Ppub)],
Step (5.2), document receivers are by Tw=T1Server is sent to, and oneself retains T2、T3。
Step 6 is specifically implemented according to the following steps:
Step (6.1), server by utilizing the private key sk of its ownSCalculate H3(H2(e(sks,T1))), and this result is sent
To Data receiver;
Step (6.2), Data receiver test equation T2=H3(H2(e(sks,T1))) whether true, if so, data connect
Receipts person is by T3Cloud storage service device is sent to, subsequent cloud storage service device is directed to ciphertext C=(C1,C2,C3), judge following public affairs
Whether formula is true:
C3=H3{H2[e(skS,C1)]+H2[e(skS,T1)]+T3-C2,
If set up, illustrate that ciphertext is consistent with trapdoor matching, the encryption file corresponding to ciphertext C is sent to data receiver
Person;Otherwise, continue the test of next ciphertext, until terminating to the test of all ciphertexts.
The invention has the advantages that in cloud storage the nominative testing person of identity-based the encryption method that can search for, number
The keyword extracted from document can be encrypted, and and phase using the identity of server and Data receiver according to owner
Document is answered to be collectively stored on cloud storage service device, wherein document is using another encryption method, when Data receiver thinks
When searching for the document about some keyword, trapdoor is generated, and the partial information in this trapdoor is sent using the keyword
To cloud storage service device to confirm whether the server is to authorize, and then attacking for malice cloud storage service device can be resisted
It hits.
Specific embodiment
The present invention is described in detail With reference to embodiment.
The encryption method that can search for of the nominative testing person of identity-based in cloud storage of the present invention, specifically according to following steps
Implement:
Step 1, systematic parameter initialization:
It is specifically implemented according to the following steps:
Step (1.1), given security parameter k, public key generator PKG firstly generate bilinear map e:G1×G1→G2,
Middle G1Be rank be Big prime q>2kAddition cyclic group, G2Be rank be Big prime q>2kMultiplicative cyclic group, public key generator PKG
Randomly choose master keyHereAnd calculate Ppub=s-1P∈G1As system public key, wherein P
It is G1Generation member;
Step (1.2), PKG select 3 hash functions:
H1:{0,1}n→G1,
H2:G2→{0,1}n,
Wherein, n is the length of keyword, and note keyword space is W={ 0,1 }n, system common parameter PP is { q, G1,G2,
e,P,Ppub,n,H1,H2,H3, main private key msk=s-1。
The generation of step 2, privacy key:
The identity ID of given serverS∈{0,1}n, PKG utilize main private key msk=s-1, the private key sk of calculation serverS=
s-1H1(IDS)。
The generation of step 3, Data receiver's private key:
The identity ID of given recipientR∈{0,1}n, PKG utilize main private key msk=s-1, calculate the private key of Data receiver
skR=s-1H1(IDR)。
Keyword is encrypted in step 4, data owner:
Specifically implement according to the following steps:
Step (4.1), given IDS、IDR, w ∈ W={ 0,1 }n, data owner's random selection r1∈Zp, and calculate ciphertext C
=(C1,C2,C3) be respectively:
C1=r1P,
C2=H2[e(H1(IDR), r1Ppub)]+H2[e(H1(IDS),r1Ppub)],
Step (4.2), data owner are by the encrypted ciphertext C=(C of keyword w1,C2,C3) and include corresponding keyword
Encrypted file be uploaded to cloud storage service device.
The generation of step 5, trapdoor:
Specifically implement according to the following steps:
Step (5.1), given IDS、skRWith keyword w ∈ W={ 0,1 }n, recipient's random selection r2∈ZpAnd it calculates:
T1=r2P,
T2=H3{H2[e(r2H1(IDS),Ppub)],
Step (5.2), document receivers are by Tw=T1Server is sent to, and oneself retains T2、T3。
Step 6, test:
Specifically implement according to the following steps:
Step (6.1), server by utilizing the private key sk of its ownSCalculate H3(H2(e(sks,T1))), and this result is sent
To Data receiver;
Step (6.2), Data receiver test equation T2=H3(H2(e(sks,T1))) whether true.If so, data connect
Receipts person is by T3Cloud storage service device is sent to, subsequent cloud storage service device is directed to ciphertext C=(C1,C2,C3), judge following public affairs
Whether formula is true:
C3=H3{H2[e(skS,C1)]+H2[e(skS,T1)]+T3-C2,
If set up, illustrate that ciphertext is consistent with trapdoor matching, the encryption file corresponding to ciphertext C is sent to data receiver
Otherwise person, continues the test of next ciphertext, until terminating to the test of all ciphertexts.
The safety of the encryption method that can search for of the nominative testing person of identity-based in lower surface analysis cloud storage of the present invention:
It proves:The relevant nature mapped using Bilinear map:
So there is C3=H3(H2(e(skS,C1))+H2(e(skS,T1))+T3-C2) set up.Illustrate the ciphertext and trapdoor matching
Unanimously.
Summary to the content of present invention:
The encryption method that can search for of the nominative testing person of identity-based in cloud storage, can be on encrypted data acquisition system
Scan for inquiring, specific method is, is first file set generation index set, reuse can search for encryption to these index into
Row encryption will meet following property to hide index content, and encrypt:1) token of a keyword (indexing) is given, it can
To obtain the pointer of the All Files comprising the keyword;2) without token, the content of index is hiding;3) only there is phase
The user for closing key could generate token;4) retrieving is other than exposing which file-sharing some keyword, Bu Huibao
Reveal the specifying information of any relevant document and keyword.Can search for encrypted central role is provided for cloud storage service:When
User oneself controls its data;Second is that the security property of data can be verified by Cryptography Principles rather than by law, object
Equipment is managed to determine safety.
In cloud storage service, after user can use the encipherment scheme that can search for data encryption, it is outsourced to cloud storage
Server can search for encipherment scheme and allow users to selectively access its ciphertext data, while also ensure that user searches for
The confidentiality of data, the nominative testing person of identity-based can search for encipherment scheme because its during search have it is higher
Confidentiality, and have important application value in cloud storage service.The present invention is first using data owner and Data receiver
The mode that encrypted data are stored and retrieved on specified cloud storage service device afterwards so that only authorize cloud storage
Server can utilize the trapdoor search encrypted document of keyword, and cloud storage service device is not aware that the key of user search
Word, it is ensured that the data information privacy of user is communicating and calculating cost, that is, searches for trapdoor size, keyword encryption and search
The overall efficiency of speed etc. be improved.