CN105049196A - Searchable encryption method of multiple keywords at specified location in cloud storage - Google Patents

Abstract

The invention discloses a searchable encryption method of multiple keywords at the specified location in cloud storage. The method is implemented specifically according to the following steps: Step 1, system parameter initialization; Step 2, user adding; Step 3, file encryption and security index generation by a file owner; Step 4, index re-encryption by a server; Step 5, generation of keyword search token by a user; Step 6, search of ciphertext keywords by a cloud storage server; Step 7, decryption of ciphertexts by the user; and Step 8, user revocation. By the method, the problem that keyword search cannot be realized after cloud storage data encryption in the prior art is solved.

Description

The encryption method that during cloud stores, multiple keywords of assigned address can be searched for

Technical field

The invention belongs to field of information security technology, the encryption method that the multiple keywords being specifically related to assigned address in the storage of a kind of cloud can be searched for.

Background technology

Cloud computing, as a kind of new computation model, can provide the calculation services of lower, the extendible various advanced person of cost, and in order to save the cost of storage and management data, data can be outsourced to cloud storage server by enterprises and individuals.The data that cloud stores service provides have the advantage such as availability and reliability, but it also has a shortcoming clearly, namely data are not under the management of user and controlling, and so how the confidentiality and integrity of service data just becomes the problem that user urgently pays close attention to.

Although the reliability, availability, fault-tolerance etc. of cloud storage service provider (CloudStorageServiceProvider, CSSP) are believed by enterprise, the data of trustship are not used for other objects by the people CSSP that is uncertain about; Same for personal user, they wish that the data of oneself can only be accessed by oneself or the people specified and can not be accessed by CSSP.This will cause the problem of two aspects: on the one hand, from the angle of user, and they cannot find and allow they complete believable CSSP carry out their data of store and management; On the other hand from the angle of CSSP, a large amount of clients will be lost when not solving the problem.Therefore, the popularization that cloud will be hindered to store of the confidentiality of data and integrality and use.

In view of above practical problem, during cloud stores, data before being transferred to CSSP, must being encrypted by user oneself, and also can only be decrypted by user oneself, will alleviate the danger that user data leaks like this.Do their data of wanting of the acquisition that so user can be very fast also ensure the confidentiality of data to CSSP but this is by problem new for introducing one, as user needs the document comprising certain keyword?

Summary of the invention

The encryption method that the multiple keywords that the object of this invention is to provide assigned address in the storage of a kind of cloud can be searched for, can not realize the problem of keyword retrieval after solving the cloud storage data encryption existed in prior art.

The technical solution adopted in the present invention is, the encryption method that during cloud stores, multiple keywords of assigned address can be searched for, and specifically implements according to following steps:

Step 1, system parameters initialization;

Step 2, interpolation user;

Step 3, file owner generate file encryption and Security Index;

Step 4, server are to index re-encryption;

Step 5, user are about the generation of keyword search token;

Step 6, cloud storage server are about the search of ciphertext keyword;

Step 7, user are about the deciphering of ciphertext;

Step 8, cancel user.

Feature of the present invention is also,

Step 1 is specifically implemented according to following steps:

Step (1.1), input security parameter k by file encryption person Ent, export the multiplication loop group G that two rank are prime number q ₁and G ₂, g ₁for G ₁generator, g ₂for G ₂generator;

Step (1.2), selection bilinear map

Step (1.3), the random x of selection equably ∈ Z _qas the master key of file encryption person Ent, be designated as ${\mathrm{msk}}_{Ent}=x\∈Z_q^{*},$ Wherein $Z_q^{*}=\{1,2,...,q-1\},$ Be designated as msk _ent=x, calculates h=g ₁ ^x;

Step (1.4), selection two pseudo-random function with and select two random seed s ', s " ∈ arbitrarily _r{ 0,1} ^k;

Step (1.5), selection symmetric encipherment algorithm SKE={SKE.Gen (1 ^k), SKE.ENC (.), SKE.DE (.) }, select an encryption key ek ← SKE.Gen (1 equably at random ^k);

The open system parameters of step (1.6), file encryption person Ent is $param=(G_1,G_2,\hat{e},g_1,g_2,q,f^{\′},f^{\′\′},h,SKE),$ Secrecy system private key is msk _ent=x, random seed s ', s " ∈ _r{ 0,1} ^kand file encryption key ek.

Step 2 is specifically implemented according to following steps:

The master key k of step (2.1), input system user administrator UM _uM=x and user identity u _iD∈ U, exports user u _iDkey and auxiliary key $({\mathrm{sk}}_{u_{ID}},{\mathrm{ComK}}_{u_{ID}})=({g_1}^{x_{u_{ID}}}{\∈}_R{Z}_q^{*},{g_2}^{k_{UM}/x_{u_{ID}}})=({g_1}^{x_{u_{ID}}},{g_2}^{x/x_{u_{ID}}}),$ Here ${\mathrm{ComK}}_{u_{ID}}={g_2}^{x/x_{u_{ID}}},$ ${\mathrm{sk}}_{u_{ID}}={g_1}^{x_{u_{ID}}};$

Step (2.2), general send to user u safely _iD, user u _iDmaintain secrecy

Step (2.3), general send to Serv safely, Serv adds in its user list U-ComK

Step 3 is specifically implemented according to following steps:

Step (3.1), input user key encryption key ek, random seed s ', document D _iand lists of keywords stochastic choice r _i∈ _rz _q;

Step (3.2), calculating with $\∀w_{i,j}\∈W_i,$ Calculate ${\mathrm{\σ}}_{i,j}=f^{\′}(s^{\′},w_{i,j})\∈Z_q^{*},{\mathrm{\ω}}_{i,j}={\left({\mathrm{sk}}_{u_{ID}}\right)}^{r_i{\mathrm{\σ}}_{i,j}},$ 1≤j≤i _m, order $I_i^{*}=(h^{r_i},{\mathrm{ComK}}_{u_{ID}}^{r_i},{\mathrm{\ω}}_{i,1},...,{\mathrm{\ω}}_{i,i_m}),$ Note $C_i^{*}=\left({\mathrm{Enc}}_{ek}\right(D_i),I_i^{*}),$ Will send to Cloud Server Serv.

Step 4 is specifically implemented according to following steps:

It is right that step (4.1), server S erv perform in index I _i ^*re-encryption, input user identity u _iDwith to receive serv is according to u _iDsearch in U-ComK if nothing, then return, otherwise recalculate in I _i ^*obtain index:

$\begin{array}{c}{I}_i=(h^{r_i},{{\mathrm{ComK}}_{u_{ID}}}^{r_i},e({\mathrm{\ω}}_{i,1},{\mathrm{ComK}}_{u_{ID}}),...,e({\mathrm{\ω}}_{i,m},{\mathrm{ComK}}_{u_{ID}}\left)\right)\\ =(h^{r_i},{{\mathrm{ComK}}_{u_{ID}}}^{r_i},e{\left(g_1,g_2\right)}^{r_i{\mathrm{\σ}}_{i,1}x},...,e{\left(g_1,g_2\right)}^{r_i{\mathrm{\σ}}_{i,m}x})\\ =(h^{r_i},{{\mathrm{ComK}}_{u_{ID}}}^{r_i},e{\left(h,g_2\right)}^{r_i{\mathrm{\σ}}_{i,1}},...,e{\left(h,g_2\right)}^{r_i{\mathrm{\σ}}_{i,m}})\\ =(h^{r_i},{{\mathrm{ComK}}_{u_{ID}}}^{r_i},I_{i1},...,I_{im})\end{array},$

Step (4.2), by C _i=(Enc _ek(D _i), I _i) be stored on Serv.

Step 5 is specifically implemented according to following steps:

Step (5.1), user u _iDperform and be used for generating the search token connecting keyword, input s ', s " and the keyword position 1≤l that will retrieve ₁..., l _dthe keyword w ' of≤m and correspondence ₁..., w ' _d, d is the keyword number of user search, Stochastic choice random number calculate according to the following formula:

$T_1={{\mathrm{sk}}_{u_{ID}}}^{(t_1+f^{\′\′}(s^{\′\′},t_2\left){\mathrm{\Σ}}_{j=1}^d{f}^{\′}\right(s^{\′},w_j^{\′}\left)\right)}={g_1}^{(t_1+f^{\′\′}(s^{\′\′},t_2\left){\mathrm{\Σ}}_{j=1}^d{f}^{\′}\right(s^{\′},w_j^{\′}\left)\right)x_{u_{ID}}},$

$T_2={g_2}^{t_1},$

T ₃＝f″(s″,t ₂)；

Step (5.2), token T=(u will be searched for _iD, T ₁, T ₂, T ₃, l ₁..., l _d) send to cloud to store server S erv.

Step 6 is specifically implemented according to following steps:

Step (6.1), cloud storage server S erv performs for searching for encrypted document, inputted search token T=(u _iD, T ₁, T ₂, T ₃, l ₁..., l _d) and ciphertext C _i=(Enc _ek(D _i), I _i), Serv is first according to u _iDsearch in U-ComK if nothing, then return, otherwise Serv initialization empty set Ω;

Step (6.2), to C _i, 1≤i≤n, judge whether set up as inferior:

$e(T_1,{{\mathrm{ComK}}_{u_{ID}}}^{r_i})/e(h^{r_i},T_2)={\left({\Π}_{j=1}^d{I}_{{\mathrm{il}}_j}\right)}^{T_3}$

If set up, then Ω=Ω ∪ { C _i, finally Search Results Ω is sent to user u _iD, otherwise this ciphertext and crucial word mismatch, continue the next keyword index I of search _i+1, finally Search Results Ω is sent to user u _iD.

Step 7 is specially:

User u _iDinput symmetric key ek and the Ω received is right calculate D _i=Dec _ek(E _i).

Step 8 is specially:

User management mechanism UM inputs user identity u _iD, UM sends to cloud storage server S erv and cancels user u _iDorder, Serv executable operations namely cloud storage server CSS deletes user u _iDregistration project .

The invention has the beneficial effects as follows, the encryption method that during cloud stores, multiple keywords of assigned address can be searched for, data user can by after the data encryption of oneself, be stored in cloud storage server, when needing, can by keyword retrieval Token Retrieval to the encrypt data needed, then download decryption.Meanwhile, cloud storage server does not also know the keyword of user search, guarantees the data message privacy of user.By compared with existing scheme, the inventive method is at communication and calculation cost, namely search for trapdoor size, the overall efficiency of the aspect such as speed of keyword encryption and search is improved, the present invention is simultaneously applicable multi-user environment, refer to and can increase and cancel user, user increases can pass through algorithm Enroll (k _uM, u _iD) realize, cancelling of user can by algorithm RevokeUser (u _iD) realize.

Embodiment

Below in conjunction with embodiment, the present invention is described in detail.

The encryption method that during cloud of the present invention stores, multiple keywords of assigned address can be searched for, specifically implement according to following steps:

Step 1, system parameters initialization:

Specifically implement according to following steps:

Step (1.1), input security parameter k by file encryption person Ent, export the multiplication loop group G that two rank are prime number q ₁and G ₂, g ₁for G ₁generator, g ₂for G ₂generator;

Step (1.2), selection bilinear map

Step (1.3), the random x of selection equably ∈ Z _qas the master key of file encryption person Ent, be designated as ${\mathrm{msk}}_{Ent}=x\∈Z_q^{*},$ Wherein $Z_q^{*}=\{1,2,...,q-1\},$ Be designated as msk _ent=x, calculates h=g ₁ ^x;

Step (1.4), selection two pseudo-random function with and select two random seed s ', s " ∈ arbitrarily _r{ 0,1} ^k;

Step (1.5), selection symmetric encipherment algorithm SKE={SKE.Gen (1 ^k), SKE.ENC (.), SKE.DE (.) }, select an encryption key ek ← SKE.Gen (1 equably at random ^k);

The open system parameters of step (1.6), file encryption person Ent is $param=(G_1,G_2,\hat{e},g_1,g_2,q,f^{\′},f^{\′\′},h,SKE),$ Secrecy system private key is msk _ent=x, random seed s ', s " ∈ _r{ 0,1} ^kand file encryption key ek.

Step 2, interpolation user:

Specifically implement according to following steps:

The master key k of step (2.1), input system user administrator UM _uM=x and user identity u _iD∈ U, exports user u _iDkey and auxiliary key $({\mathrm{sk}}_{u_{ID}},{\mathrm{ComK}}_{u_{ID}})=({g_1}^{x_{u_{ID}}}{\∈}_R{Z}_q^{*},{g_2}^{k_{UM}/x_{u_{ID}}})=({g_1}^{x_{u_{ID}}},{g_2}^{x/x_{u_{ID}}}),$ Here ${\mathrm{ComK}}_{u_{ID}}={g_2}^{x/x_{u_{ID}}},$ ${\mathrm{sk}}_{u_{ID}}={g_1}^{x_{u_{ID}}};$

Step (2.2), general send to user u safely _iD, user u _iDmaintain secrecy

Step (2.3), general send to Serv safely, Serv adds in its user list U-ComK

Step 3, file owner generate file encryption and Security Index:

Specifically implement according to following steps:

Step (3.1), input user key encryption key ek, random seed s ', document D _iand lists of keywords stochastic choice r _i∈ _rz _q;

Step (3.2), calculating with $\∀w_{i,j}\∈W_i,$ Calculate ${\mathrm{\σ}}_{i,j}=f^{\′}(s^{\′},w_{i,j})\∈Z_q^{*},{\mathrm{\ω}}_{i,j}={\left({\mathrm{sk}}_{u_{ID}}\right)}^{r_i{\mathrm{\σ}}_{i,j}},$ 1≤j≤i _m, order $I_i^{*}=(h^{r_i},{\mathrm{ComK}}_{u_{ID}}^{r_i},{\mathrm{\ω}}_{i,1},...,{\mathrm{\ω}}_{i,i_m}),$ Note $C_i^{*}=\left({\mathrm{Enc}}_{ek}\right(D_i),I_i^{*}),$ Will send to Cloud Server Serv;

Step 4, server are to index re-encryption:

Specifically implement according to following steps:

It is right that step (4.1), server S erv perform in index I _i ^*re-encryption, input user identity u _iDwith to receive serv is according to u _iDsearch in U-ComK if nothing, then return, otherwise recalculate in I _i ^*obtain index:

$\begin{array}{c}{I}_i=(h^{r_i},{{\mathrm{ComK}}_{u_{ID}}}^{r_i},e({\mathrm{\ω}}_{i,1},{\mathrm{ComK}}_{u_{ID}}),...,e({\mathrm{\ω}}_{i,m},{\mathrm{ComK}}_{u_{ID}}\left)\right)\\ =(h^{r_i},{{\mathrm{ComK}}_{u_{ID}}}^{r_i},e{\left(g_1,g_2\right)}^{r_i{\mathrm{\σ}}_{i,1}x},...,e{\left(g_1,g_2\right)}^{r_i{\mathrm{\σ}}_{i,m}x})\\ =(h^{r_i},{{\mathrm{ComK}}_{u_{ID}}}^{r_i},e{\left(h,g_2\right)}^{r_i{\mathrm{\σ}}_{i,1}},...,e{\left(h,g_2\right)}^{r_i{\mathrm{\σ}}_{i,m}})\\ =(h^{r_i},{{\mathrm{ComK}}_{u_{ID}}}^{r_i},I_{i1},...,I_{im})\end{array},$

Step (4.2), by C _i=(Enc _ek(D _i), I _i) be stored on Serv;

Step 5, user are about the generation of keyword search token:

Specifically implement according to following steps:

Step (5.1), user u _iDperform and be used for generating the search token connecting keyword, input s ', s " and the keyword position 1≤l that will retrieve ₁..., l _dthe keyword w ' of≤m and correspondence ₁..., w ' _d, d is the keyword number of user search, Stochastic choice random number calculate according to the following formula:

$\begin{array}{c}{T}_1={{\mathrm{sk}}_{u_{ID}}}^{(t_1+f^{\′\′}(s^{\′\′},t_2\left){\mathrm{\Σ}}_{j=1}^d{f}^{\′}\right(s^{\′},w_j^{\′}\left)\right)}={g_1}^{(t_1+f^{\′\′}(s^{\′\′},t_2\left){\mathrm{\Σ}}_{j=1}^d{f}^{\′}\right(s^{\′},w_j^{\′}\left)\right)x_{u_{ID}}},\\ T_2={g_2}^{t_1},\\ T_3=f^{\′\′}(s^{\′\′},t_2);\end{array}$

Step (5.2), token T=(u will be searched for _iD, T ₁, T ₂, T ₃, l ₁..., l _d) send to cloud to store server S erv;

Step 6, cloud storage server are about the search of ciphertext keyword:

Specifically implement according to following steps:

Step (6.1), cloud storage server S erv performs for searching for encrypted document, inputted search token T=(u _iD, T ₁, T ₂, T ₃, l ₁..., l _d) and ciphertext C _i=(Enc _ek(D _i), I _i), Serv is first according to u _iDsearch in U-ComK if nothing, then return, otherwise Serv initialization empty set Ω;

Step (6.2), to C _i, 1≤i≤n, judge whether set up as inferior:

$e(T_1,{{\mathrm{ComK}}_{u_{ID}}}^{r_i})/e(h^{r_i},T_2)={\left({\Π}_{j=1}^d{I}_{{\mathrm{il}}_j}\right)}^{T_3}$

If set up, then Ω=Ω ∪ { C _i, finally Search Results Ω is sent to user u _iD, otherwise this ciphertext and crucial word mismatch, continue the next keyword index I of search _i+1, finally Search Results Ω is sent to user u _iD;

Step 7, user are about the deciphering of ciphertext:

Be specially:

User u _iDinput symmetric key ek and the Ω received is right calculate D _i=Dec _ek(E _i);

Step 8, cancel user:

Be specially:

User management mechanism UM inputs user identity u _iD, UM sends to cloud storage server S erv and cancels user u _iDorder, Serv executable operations namely cloud storage server CSS deletes user u _iDregistration project .

In storing cloud of the present invention below, the fail safe of the encryption method that multiple keywords of assigned address can be searched for is analyzed:

Prove: if all data all generate according to describing in the inventive method, and if wherein 1≤i≤m, 1≤j≤d, then have:

$\begin{array}{c}{\left({\mathrm{\Π}}_{j=1}^d{I}_{{\mathrm{il}}_j}\right)}^{T_3}={\left({\mathrm{\Π}}_{j=1}^{d}e{\left(h,g_2\right)}^{r_i{\mathrm{\σ}}_{i,l_j}}\right)}^{T_3}={\left({\mathrm{\Π}}_{j=1}^{d}e{\left(h,g_2\right)}^{r_i{\mathrm{\σ}}_{i,l_j}}\right)}^{T_3}=e{(h,g_2)}^{f^{\′\′}(s^{\′\′},t_2){\mathrm{\Σ}}_{j=1}^d{r}_i{f}^{\′}(s^{\′},w_j^{\′})},\\ e(T_1,{{\mathrm{ComK}}_{u_{ID}}}^{r_i})/e(h^{r_i},T_2)=e({g_1}^{(t_1+f^{\′\′}(s^{\′\′},t_2\left){\mathrm{\Σ}}_{j=1}^d{f}^{\′}\right(s^{\′},w_j^{\′}\left)\right)x_{u_{ID}}},{g_2}^{(x/x_{u_{ID}})r_i})/e({g_1}^{{\mathrm{xr}}_i},{g_2}^{t_1})\\ =e(h^{\left(f^{\′\′}\right(s^{\′\′},t_2\left){\mathrm{\Σ}}_{j=1}^d{r}_i{f}^{\′}\right(s^{\′},w_j^{\′}\left)\right)},g_2)\end{array}$

Therefore $e(T_1,{{\mathrm{ComK}}_{u_{ID}}}^{r_i})/e(h^{r_i},T_2)={\left({\Π}_{j=1}^d{I}_{{\mathrm{il}}_j}\right)}^{T_3}.$

Card is finished

To summary of the present invention:

The encryption method that during cloud of the present invention stores, multiple keywords of assigned address can be searched for, can in the enterprising line search inquiry of the data acquisition system of encryption, concrete grammar is, it is first the set of file set generating indexes, re-using can search for encrypt is encrypted with hiding index content to these indexes, and encryption will meet following character: the 1) token of a given keyword (i.e. index), can obtain the pointer of the All Files comprising this keyword; 2) do not have token, the content of index is hiding; 3) user only with association key could generate token; 4) retrieving is except exposing certain keyword of which file-sharing, can not expose the specifying information of any relevant document and keyword.The central role can searching for encryption is for cloud stores service provides: one is that user oneself controls its data; Two is that the security property of data can be verified by Cryptography Principles, instead of determines fail safe by law, physical equipment.

The encryption method that during cloud of the present invention stores, multiple keywords of assigned address can be searched for, in cloud stores service, user can use the encipherment scheme that can search for after data encryption, is outsourced to cloud storage server.Can search for encipherment scheme makes user can selectively access its encrypt data, the confidentiality of user search data can also be guaranteed, based on the encipherment scheme searched for connecting keyword (i.e. the boolean combination of multiple keyword) because its higher search precision has important using value in safe storage is served simultaneously.The present invention adopts authorized user and storage server successively to propose a kind of encryption method of searching for multiple keyword to the mode of keyword encryption, makes authorized user can utilize the trapdoor search encrypted document of connection keyword.By compared with existing scheme, the scheme of proposition, at communication and calculation cost, namely searches for the speed of trapdoor size, keyword encryption and search, etc. the overall efficiency of aspect be improved.In addition, the scheme of proposition supports multi-user, namely can increase dynamically and cancel user, make user directly can carry out data sharing on storage server.

Claims (9)

1. the encryption method that in cloud storage, multiple keywords of assigned address can be searched for, is characterized in that, specifically implement according to following steps:

Step 1, system parameters initialization;

Step 2, interpolation user;

Step 3, file owner generate file encryption and Security Index;

Step 4, server are to index re-encryption;

Step 5, user are about the generation of keyword search token;

Step 6, cloud storage server are about the search of ciphertext keyword;

Step 7, user are about the deciphering of ciphertext;

Step 8, cancel user.

2. the encryption method that in cloud storage according to claim 1, multiple keywords of assigned address can be searched for, it is characterized in that, described step 1 is specifically implemented according to following steps:

Step (1.1), input security parameter k by file encryption person Ent, export the multiplication loop group G that two rank are prime number q ₁and G ₂, g ₁for G ₁generator, g ₂for G ₂generator;

Step (1.2), selection bilinear map

Step (1.3), the random x of selection equably ∈ Z _qas the master key of file encryption person Ent, be designated as ${\mathrm{msk}}_{Ent}=x\∈Z_q^{*},$ Wherein $Z_q^{*}=\{1,2,...,q-1\},$ Be designated as msk _ent=x, calculates

Step (1.4), selection two pseudo-random function with and select two random seed s ', s " ∈ arbitrarily _r{ 0,1} ^k;

Step (1.5), selection symmetric encipherment algorithm SKE={SKE.Gen (1 ^k), SKE.ENC (.), SKE.DE (.) }, select an encryption key ek ← SKE.Gen (1 equably at random ^k);

The open system parameters of step (1.6), file encryption person Ent is $param=(G_1,G_2,\hat{e},g_1,g_2,q,f^{\′},f^{\′\′},h,SKE),$ Secrecy system private key is msk _ent=x, random seed and file encryption key ek.

3. the encryption method that in cloud storage according to claim 1, multiple keywords of assigned address can be searched for, it is characterized in that, described step 2 is specifically implemented according to following steps:

The master key k of step (2.1), input system user administrator UM _uM=x and user identity u _iD∈ U, exports user u _iDkey and auxiliary key $({\mathrm{sk}}_{u_{ID}},{\mathrm{ComK}}_{u_{ID}})=({g_1}^{x_{u_{ID}}}{\∈}_R{Z}_q^{*},{g_2}^{k_{UM}/x_{u_{ID}}})=({g_1}^{x_{u_{ID}}},{g_2}^{x/x_{u_{ID}}}),$ Here ${\mathrm{ComK}}_{u_{ID}}={g_2}^{x/x_{u_{ID}}},$ ${\mathrm{sk}}_{u_{ID}}={g_1}^{x_{u_{ID}}};$

Step (2.2), general send to user u safely _iD, user u _iDmaintain secrecy

Step (2.3), general send to Serv safely, Serv adds in its user list U-ComK

4. the encryption method that in cloud storage according to claim 1, multiple keywords of assigned address can be searched for, it is characterized in that, described step 3 is specifically implemented according to following steps:

Step (3.1), input user key encryption key ek, random seed s ', document D _iand lists of keywords $W_i=(w_{i,1},...,w_{i,i_m}),1\≤i\≤n,$ Stochastic choice r _i∈ _rz _q;

Step (3.2), calculating with calculate ${\mathrm{\σ}}_{i,j}=f^{\′}\left(s^{\′},w_{i,j}\right)\∈Z_q^{*},{\mathrm{\ω}}_{i,j}={\left({\mathrm{sk}}_{u_{ID}}\right)}^{r_i{\mathrm{\σ}}_{i,j}},$ 1≤j≤i _m, order $I_i^{*}=(h^{r_i},{\mathrm{ComK}}_{u_{ID}}^{r_i},{\mathrm{\ω}}_{i,1},...,{\mathrm{\ω}}_{i,i_m}),$ Note $C_i^{*}=\left({\mathrm{Enc}}_{ek}\right(D_i),I_i^{*}),$ Will send to Cloud Server Serv.

5. the encryption method that in cloud storage according to claim 1, multiple keywords of assigned address can be searched for, it is characterized in that, described step 4 is specifically implemented according to following steps:

It is right that step (4.1), server S erv perform in index re-encryption, input user identity u _iDwith to receive serv is according to u _iDsearch in U-ComK if nothing, then return, otherwise recalculate in obtain index:

$\begin{array}{c}{I}_i=\left(h^{r_i},{{\mathrm{ComK}}_{u_{ID}}}^{r_i},e\left({\mathrm{\ω}}_{i,1},{\mathrm{ComK}}_{u_{ID}}\right),...,e\left({\mathrm{\ω}}_{i,m},{\mathrm{ComK}}_{u_{ID}}\right)\right)\\ =\left(h^{r_i},{{\mathrm{ComK}}_{u_{ID}}}^{r_i},e{\left(g_1,g_2\right)}^{r_i{\mathrm{\σ}}_{i,1}x},...,e{\left(g_1,g_2\right)}^{r_i{\mathrm{\σ}}_{i,m}x}\right)\\ =\left(h^{r_i},{{\mathrm{ComK}}_{u_{ID}}}^{r_i},e{\left(h,g_2\right)}^{r_i{\mathrm{\σ}}_{i,1}},...,e{\left(h,g_2\right)}^{r_i{\mathrm{\σ}}_{i,m}}\right)\\ =\left(h^{r_i},{{\mathrm{ComK}}_{u_{ID}}}^{r_i},I_{i1},...,I_{im}\right)\end{array},$

Step (4.2), by C _i=(Enc _ek(D _i), I _i) be stored on Serv.

6. the encryption method that in cloud storage according to claim 1, multiple keywords of assigned address can be searched for, it is characterized in that, described step 5 is specifically implemented according to following steps:

Step (5.1), user u _iDperform and be used for generating the search token connecting keyword, input s ', s " and the keyword position 1≤l that will retrieve ₁..., l _dthe keyword w ' of≤m and correspondence ₁..., w ' _d, d is the keyword number of user search, Stochastic choice random number calculate according to the following formula:

$T_1={{\mathrm{sk}}_{u_{ID}}}^{\left(t_1+f^{\′\′}\left(s^{\′\′},t_2\right){\Σ}_{j=1}^d{f}^{\′}\left(s^{\′},w_j^{\′}\right)\right)}={g_1}^{\left(t_1+f^{\′\′}\left(s^{\′\′},t_2\right){\Σ}_{j=1}^d{f}^{\′}\left(s^{\′},w_j^{\′}\right)\right)x_{u_{ID}}},$

$T_2={g_2}^{t_1},$

T ₃＝f″(s″,t ₂)；

Step (5.2), token T=(u will be searched for _iD, T ₁, T ₂, T ₃, l ₁..., l _d) send to cloud to store server S erv.

7. the encryption method that in cloud storage according to claim 1, multiple keywords of assigned address can be searched for, it is characterized in that, described step 6 is specifically implemented according to following steps:

Step (6.1), cloud storage server S erv performs for searching for encrypted document, inputted search token T=(u _iD, T ₁, T ₂, T ₃, l ₁..., l _d) and ciphertext C _i=(Enc _ek(D _i), I _i), Serv is first according to u _iDsearch in U-ComK if nothing, then return, otherwise Serv initialization empty set Ω;

Step (6.2), to C _i, 1≤i≤n, judge whether set up as inferior:

$e(T_1,{{\mathrm{ComK}}_{u_{ID}}}^{r_i})/e(h^{r_i},T_2)={\left({\Π}_{j=1}^d{I}_{{\mathrm{il}}_j}\right)}^{T_3}$

If set up, then Ω=Ω ∪ { C _i, finally Search Results Ω is sent to user u _iD, otherwise this ciphertext and crucial word mismatch, continue the next keyword index I of search _i+1, finally Search Results Ω is sent to user u _iD.

8. the encryption method that in cloud storage according to claim 1, multiple keywords of assigned address can be searched for, it is characterized in that, described step 7 is specially:

User u _iDinput symmetric key ek and the Ω received is right calculate D _i=Dec _ek(E _i).

9. the encryption method that in cloud storage according to claim 1, multiple keywords of assigned address can be searched for, it is characterized in that, described step 8 is specially:

User management mechanism UM inputs user identity u _iD, UM sends to cloud storage server S erv and cancels user u _iDorder, Serv executable operations $U-ComK=U-ComK\backslash \left\{(u_{ID},{\mathrm{comk}}_{u_{ID}})\right\},$ Namely cloud storage server CSS deletes user u _iDregistration project .