CN106534092A - Message-based and key-dependent privacy data encryption method - Google Patents
Message-based and key-dependent privacy data encryption method Download PDFInfo
- Publication number
- CN106534092A CN106534092A CN201610948549.2A CN201610948549A CN106534092A CN 106534092 A CN106534092 A CN 106534092A CN 201610948549 A CN201610948549 A CN 201610948549A CN 106534092 A CN106534092 A CN 106534092A
- Authority
- CN
- China
- Prior art keywords
- user
- key
- pseudo
- cloud server
- text file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/062—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a message-based and key-dependent privacy data encryption method. The method mainly solves the problems of key-related attacks and key exposure accidents due to the neglected consideration of the correlation between plaintexts and keys and the E-mail-based distribution of group public keys in the prior art. The method comprises the flowing steps: 1, initializing system parameters by an authorization center; 2, verifying the identity of a user at the authorization center; 3, distributing a key to the user who passes the identity authorization; 4, obtaining a cipher text through processing a plaintext file based on the obtained key by the user; 5, uploading the cipher text to a cloud server by the user; 6, during usage, requiring to download the cipher text from the cloud server by the user, obtaining and decrypting the cipher text after the cloud sever passes the request of the user. According to the technical scheme of the invention, the security encryption of a block-chain wallet file is realized through the message-based and key-dependent encryption method in the single-user mode, so that the key exposure is avoided. The occurrence of key-related attacks is reduced, and the safety of the wallet file is improved.
Description
Technical field
The invention belongs to technical field of data processing, more particularly to a kind of privacy data encryption method, can be used for block
To the encryption of wallet file, backup and the process of Cloud Server is uploaded in chain.
Background technology
Block chain is the Distributed sharing account book of a decentration on network or data base, by highly redundant
Mode is building high safety.Someone is referred to as " machine of trust ", namely in the case of no central authority, it is right
Mutual cooperation is created and is trusted.Block chain technology is applied to the field that all shortages are trusted, thus its range of application can be increasingly
Extensively.In following block chain, with the increase of customer transaction amount, substantial amounts of public private key pair needs user to produce and store.And
These keys are typically formed and stored in a file or simple data base by user, can be referred to as wallet.Wallet
It is the simple set of multiple addresses and decruption key.It is the unique conditional using bit coin to possess private key, therefore private key must be protected
It is close and must be backed up, backup is uploaded to into Cloud Server, in case unexpected lose.Therefore, the encryption safe problem to wallet
Just seem increasingly important.After user succeeds in registration to authorization center, authorization center distributes symmetric key when encrypting to user.
As key management leak or safe sex consciousness be not strong, user is possible to directly make for the symmetric key for encrypting wallet
Make a living into the initial private key of public private key pair used by transaction.If now encrypting wallet, the plaintext and key in wallet has dependence to act on,
Traditional security definitions are not enough to safeguard the safety of the program.Subsequently, after ciphertext backup is uploaded to Cloud Server, if using
Family because local file lose the problems such as, needs are when being downloaded to certain file from Cloud Server, in order to not leak individual privacy
Information and cleartext information, user may need to download all of ciphertext from Cloud Server, could obtain after local decryption
The file wanted to oneself.In this case user needs to carry out substantial amounts of decryption oprerations, reduces user job efficiency, and damages
Consume a large amount of computing resources and storage resource.
Patent " the shared side of a kind of cloud storage data safety for having permission time control that Wuhan University Of Technology applies at which
Method " (publication number:105072180A, application number:201510475566.4, the applying date:On 08 06th, 2015) in disclose one
Plant the cloud storage data safety sharing method for having permission time control.In the method, after data owner creates group, automatically
A pair of secret keys is generated with public key encryption algorithm, during data owner's shared file, using Symmetric Cryptography to file encryption, then
With the private key of sharing group being treated to symmetric key encryption, and file cipher text and key ciphertext are sent to into high in the clouds, the group
The all users for treating sharing group are issued in public key E-mail address, if user has access rights, can obtain public key, solve ciphertext
Part.The method exist weak point be:The patent is not accounted in the private key encryption symmetric key with sharing group first
The safety problem of " in plain text may be related to key ", may produce related-key attacked;Secondly, data owner in the patent
When group's public key Email is issued group user, the safety problem of Email is not accounted for, once Email quilt
Malice is intercepted, and will leak key.
The content of the invention
Present invention aims to above-mentioned existing deficiency, proposes a kind of privacy number for depending on key based on message
According to encryption method, to avoid key exposure, the safety of wallet file is improved.
The technical scheme is that, complete the authentication procedures to user by authorization center first, then user obtains
The key of symmetric cryptography is obtained, and depends on key KDM symmetric encryption schemes generation ciphertext to be encrypted to plaintext using message, to support
Anti- related-key attacked, at the same time, generates index using can search for encrypting to plaintext, to carry out can search for ciphertext, its
Realize that step includes as follows:
(1) initialize:
(1a) authorization center determines the first security parameter λ, the second security parameter k, the 3rd security parameter γ, keyword number
Parameter τ and Bernoulli Jacob distribution parameter θ=2-λ, the message-length l of definition plaintext matrix, dimension N, block length m, respectively
L=l (λ), N=N (λ), m=m (λ);
(1b) generator matrix that authorization center defines error correcting code is G=Gm×l, arrange solution error correcting code number be d=(θ+
σ) m, conciliates error correcting code number d according to generator matrix G and chooses one group of binary linear error correcting code D, wherein, Gm×lRepresent and generate
Matrix is m × l ranks, σ be (0, the 1) fixed value chosen on interval;
(1c) for any Bit String K ∈ { 0,1 }γ, authorization center definition PKX () is { 0,1 }τPseudorandom on interval is put
Family of functions is changed, F is definedKX it is { 0,1 } that () is domain of definitionτ, codomain be { 0,1 }γThe first pseudo-random function race, define GKX () is
The second pseudo-random function race that domain of definition is [1, n], codomain is { 0,1 };
(1d) authorization center discloses error correcting code D, generator matrix G, pseudo-random permutation family of functions PK(x), the first pseudorandom letter
Number race FK(x), the second pseudo-random function race GK(x) and common parameter { l, m, N, θ };
(2) identity registration:
(2a) personally identifiable information is submitted to authorization center by user;
(2b) authorization center audits whether the identity information that the user submits to is true, if truly, execution step (3) is no
Then, refusal registration;
(3) key distribution:
(3a) authorization center defines finite fieldChoose matrixAs user encryption plaintext
Symmetric key, wherein,It is integer item, 2 is prime number;
(3b) key k of the authorization center for needed for user generates message authentication code HMAC operationsmac;
(3c) authorization center by safe lane by message S | | kmac| | γ | | τ } it is sent to user;
Wherein, S is the symmetric key of user encryption plaintext, and γ is the 3rd security parameter, and τ is the parameter of keyword number, |
| represent cascade symbol;
(3d) user is by symmetric key S, message authentication code HMAC key kmac, the 3rd security parameter γ and keyword number
Parameter τ secret preserve;
(4) process clear text file:
(4a) user encryption clear text file εjWhen, piecemeal is carried out to its plaintext matrix, defining each plaintext matrix block isWherein, 1≤j≤n, n are clear text file sum;
(4b) user encrypts each plaintext matrix block M according to symmetric key S, obtains corresponding ciphertext matrix block W:
W=(A, C),
Wherein, A be fromIn the coefficient matrix that randomly selects, C=A S+E+G M, S are symmetric keys, and G is error correction
The generator matrix of code D, E is from Berθ m×NIn the noise matrix that randomly selects, BerθRepresent that the Bernoulli Jacob on { 0,1 } is distributed, 1
Probability is θ, and 0 probability is 1- θ;
(4c) by clear text file εjAll of ciphertext matrix block W cascades up, and obtains clear text file εjCorresponding ciphertext
File ψj;
(4d) user is according to message authentication code HMAC key kmacWith cryptograph files ψjCalculate cryptograph files ψjMessage authentication
Label Tj:
Tj=HMAC (kmac,ψj),
Wherein, HMAC () represents message authentication tag generating algorithm;
(4e) user uniformly chooses the first secret value s ∈ { 0,1 } at randomγ, the second secret value r ∈ { 0,1 }γ, generate one
Recordable 2τIndividual keyword (i, wi) index dictionary, will index dictionary and two secret values s, r are secret preserves;
Wherein, i is label, i ∈ [1,2τ], wiFor keyword, wi∈{0,1}*, * represents random length;
(4f) user generates clear text file εjIndex bit string Ij;
(5) data are uploaded:
(5a) channel of the user by safety, by authentication code key kmacIt is sent to Cloud Server, and by message { Ij|
|ψj||TjCloud Server is uploaded to, wherein, 1≤j≤n, n are clear text file sum, | | represent cascade symbol;
(5b) Cloud Server carries out integrity verification, the result v according to the following formula to each cryptograph filesjRepresent:
vj=Verify (kmac,ψj,Tj),
Wherein, 1≤j≤n, n are that clear text file is total, and Verify () represents the verification algorithm of message authentication code HMAC;
If vj=1, show ψjIt is not tampered with upload procedure, then the cloud server message, and by index character string
IjIt is saved in index character set of strings I, while returning " ψ to userjUpload successfully " notice;
If vj=0, show ψjIt is tampered in upload procedure, then Cloud Server rejects the message, and returns to user
“ψjThe notice of upload mistake ";
(5c) user determines whether to upload successfully according to the content of announcement for receiving:
If user receives " ψjUpload successfully " notice, show ψjIt has been successfully uploaded to Cloud Server;
If user receives " ψjUpload mistake " notice, then return to step (5a);
(6) download ciphertext and decrypt:
(6a) user generates the keyword w that need to be downloaded in fileμTrapdoorAnd it is uploaded to Cloud Server;
(6b) Cloud Server is according to trapdoorFile index bit set of strings I to having stored carries out matching retrieval, if
The match is successful, and Cloud Server returns corresponding ciphertext ψ to user, continues step (6c);If it fails to match, Cloud Server is to use
Family returns the notice of " retrieval failure ";
(6c) user's decrypting ciphertext ψ obtains corresponding clear text file ε.
The present invention compared with prior art, with advantages below:
First, the present invention is it is contemplated that the plaintext situation related to key, depends on key KDM symmetrical using message
Encipherment scheme is encrypted to plaintext, when there is key management leak, can resist related-key attacked, improves wallet text
The safety of part.
Second, the present invention is due to being encrypted to file using single user, being uploaded and being downloaded, so avoiding and other use
The Key Exposure problem existed during the shared key of family.
Description of the drawings
Fig. 1 is the flowchart of the present invention;
Fig. 2 is the schematic diagram of process clear text file in the present invention;
Fig. 3 is the schematic diagram of download decrypting ciphertext in the present invention.
Specific embodiment
The present invention will be further described below in conjunction with the accompanying drawings.
With reference to Fig. 1, the present invention's comprises the following steps that.
Step 1, initialization.
Authorization center determines the first security parameter λ, the second security parameter k, the 3rd security parameter γ, the ginseng of keyword number
Amount τ and parameter θ=2 of Bernoulli Jacob's distribution-λ;The message-length l of definition plaintext matrix, dimension N, respectively block length m, l=l
(λ), N=N (λ), m=m (λ);It is G=G that authorization center defines the generator matrix of error correcting codem×l, arrange solution error correcting code number be
D=(θ+σ) m, conciliates error correcting code number d according to generator matrix G and chooses one group of binary linear error correcting code D, wherein, Gm×lTable
Show generator matrix for m × l ranks, σ be (0, the 1) fixed value chosen on interval;
For any Bit String K ∈ { 0,1 }γ, authorization center definition PKX () is { 0,1 }τPseudo-random permutation letter on interval
Number race, defines FKX it is { 0,1 } that () is domain of definitionτ, codomain be { 0,1 }γThe first pseudo-random function race, define GKX () is definition
The second pseudo-random function race that domain is [1, n], codomain is { 0,1 };
Authorization center discloses error correcting code D, generator matrix G, pseudo-random permutation family of functions PK(x), the first pseudo-random function race FK
(x), the second pseudo-random function race GK(x) and common parameter { l, m, N, θ }.
Step 2, identity registration.
Personally identifiable information is submitted to authorization center by user, and whether authorization center audits identity information that the user submits to
Truly, if truly, execution step (3), otherwise, refusal registration.
Step 3, key distribution.
(3a) authorization center defines finite fieldChoose matrixAs user encryption plaintext
Symmetric key, wherein,It is integer item, 2 is prime number;
(3b) key schedule HMAC-KeyGen (1 of the authorization center using message authentication codek) message is generated for user
Key k needed for authentication code HMAC operationsmac:
kmac=HMAC-KeyGen (1k),
Wherein, k is the second security parameter that authorization center is chosen;
(3c) authorization center by safe lane by message S | | kmac| | γ | | τ } it is sent to user;
(3d) user is by symmetric key S, the key k of message authentication code HMACmac, the 3rd security parameter γ and keyword
Several parameter τ is secret to be preserved.
Step 4, processes clear text file.
It is n, each clear text file ε that setting user needs the clear text file sum of encryptionjRepresent, 1≤j≤n,
With reference to Fig. 2, user processes clear text file εjThe step of it is as follows:
(4a) user is to clear text file εjIn plaintext matrix carry out piecemeal, defining each plaintext matrix block isEach plaintext matrix block M is encrypted according to symmetric key S, is obtained corresponding ciphertext matrix block W=(A, C), will in plain text
File εjAll of ciphertext matrix block W cascades up, and obtains clear text file εjCorresponding cryptograph files ψj;
Wherein, A be fromIn the coefficient matrix that randomly selects, C=A S+E+G M, S are symmetric keys, and G is error correction
The generator matrix of code D, E is from Berθ m×NIn the noise matrix that randomly selects, BerθRepresent that the Bernoulli Jacob on { 0,1 } is distributed, 1
Probability is θ, and 0 probability is 1- θ;
(4b) user is according to message authentication code HMAC key kmacWith cryptograph files ψj, cryptograph files ψ is calculated using following formulaj's
Message authentication tag Tj:
Tj=HMAC (kmac,ψj);
(4c) user is clear text file ε as followsjGenerate index bit string Ij:
(4c1) user uniformly chooses the first secret value s ∈ { 0,1 } at randomγ, the second secret value r ∈ { 0,1 }γ, generate one
Recordable 2τIndividual keyword (i, wi) index dictionary, wherein, i is label, i ∈ [1,2τ], wiFor keyword, wi∈{0,1}*, *
Random length is represented, will index dictionary and two secret value s, r secret preservations;
(4c2) user chooses pseudo-random permutation family of functions P according to the first secret value sKPseudo-random permutation function P in (x)s
X (), chooses the first pseudo-random function race F according to the second secret value rKFunction F in (x)r(x);
(4c3) user calculates subscript value ri=Fr(i), i ∈ [1,2τ], according to riValue choose the second pseudo-random function race GK
Function G in (x)ri(x);
(4c4) user is according to εjIn whether include keyword wi, it is clear text file εjGenerate one 2τLong bits of original string
Ij′:
If clear text file εjComprising keyword wi, then put bits of original string Ij' PsI () position is 1, i.e. Ij′[Ps(i)]=
1;
If clear text file εjNot comprising keyword wi, then put bits of original string Ij' PsI () position is 0, i.e. Ij′[Ps(i)]
=0;
The all values of traversal i, obtain bits of original string Ij′;
(4c5) user is by bits of original string IjValue function value G of ' i-th bitriJ () carries out xor operation, i.e.,Obtain index bit string IjI-th bit value, travel through i all values, obtain index bit string Ij。
Step 5, data are uploaded.
(5a) channel of the user by safety, by authentication code key kmacIt is sent to Cloud Server, and by message { Ij|
|ψj||TjCloud Server is uploaded to, wherein, 1≤j≤n, n are clear text file sum, | | represent cascade symbol;
(5b) Cloud Server has been carried out to each cryptograph files using verification algorithm Verify () of message authentication code HMAC
Integrity verification, the result vjRepresent, i.e. vj=Verify (kmac,ψj,Tj), wherein, 1≤j≤n, n are that clear text file is total
Number;
If vj=1, show ψjIt is not tampered with upload procedure, then the cloud server message, and by index character string
IjIt is saved in index character set of strings I, while returning " ψ to userjUpload successfully " notice;
If vj=0, show ψjIt is tampered in upload procedure, then Cloud Server rejects the message, and returns to user
“ψjThe notice of upload mistake ";
(5c) user determines whether to upload successfully according to the content of announcement for receiving:
If user receives " ψjUpload successfully " notice, show ψjIt has been successfully uploaded to Cloud Server;
If user receives " ψjUpload mistake " notice, then return to step (5a).
Step 6, downloads ciphertext and decrypts.
With reference to Fig. 3, this step is implemented as follows:
(6a) user generates the keyword w that need to be downloaded in fileμTrapdoorAnd it is uploaded to Cloud Server:
(6a1) user is found and keyword w from index dictionaryμCorresponding label μ;
(6a2) user chooses pseudo-random permutation family of functions P according to the first secret value sKPseudo-random permutation function P in (x)s
X (), chooses the first pseudo-random function race F according to the second secret value rKFunction F in (x)r(x);
(6a3) user calculates displacement label p=P according to label μs(μ);
(6a4) user calculates index functions value f=F according to displacement label pr(p);
(6a5) with displacement label p and index functions value f, constitute trapdoor
(6b) Cloud Server is according to trapdoorFile index bit set of strings I to having stored carries out matching retrieval:
(6b1) Cloud Server is by index bit string IjMiddle displacement corresponding place value function values G of label pfJ () carries out XOR
Operation, i.e.,Obtain bits of original string Ij' middle displacement corresponding the place values of label p, wherein, p is trapdoorIn displacement label, f is trapdoorIn index functions value, GfX () is from the second pseudo-random function race G according to the value of fK
The pseudo-random function chosen in (x), Ij' [p] represents bits of original string Ij' middle displacement corresponding the place values of label p, Ij[p] represents rope
Draw Bit String IjThe middle displacement corresponding place values of label p,Represent xor operation;
(6b2) Cloud Server travels through all values of j, if there is j ∈ [1, n] so that bits of original string Ij' middle displacement label
The corresponding place values of p are 1, i.e. Ij' [p]=1, then the match is successful, and Cloud Server returns corresponding ciphertext ψ to user, continues step
(6c);If not existing, it fails to match, and Cloud Server returns the notice of " retrieval failure " to user;
(6c) user's decrypting ciphertext ψ obtains corresponding clear text file ε:
(6c1) user is according to each ciphertext matrix block W=(A, C) in symmetric key S and cryptograph files ψ, in calculating
Between matrix Q:
Q=C-A S;
(6c2) user calls error correcting code D to decode every string of intermediary matrix Q, obtains corresponding plaintext matrix block
M;
(6c3) all of plaintext matrix block M is cascaded up by user, obtains corresponding clear text file ε.
Above description is only example of the present invention, does not constitute any limitation of the invention, it is clear that for this
For the professional in field, after present invention and principle has been understood, all may be without departing substantially from the principle of the invention, structure
In the case of, various amendments and the change in form and details is carried out, but these amendments and change based on inventive concept are still
Within the claims of the present invention.
Claims (6)
1. the privacy data encryption method of key is depended on based on message, is comprised the steps:
(1) initialize:
(1a) authorization center determines the first security parameter λ, the second security parameter k, the 3rd security parameter γ, the ginseng of keyword number
Amount τ and parameter θ=2 of Bernoulli Jacob's distribution-λ, the message-length l of definition plaintext matrix, dimension N, respectively block length m, l=l
(λ), N=N (λ), m=m (λ);
(1b) generator matrix that authorization center defines error correcting code is G=Gm×l, the number for arranging solution error correcting code is d=(θ+σ) m,
Error correcting code number d is conciliate according to generator matrix G and chooses one group of binary linear error correcting code D, wherein, Gm×lExpression generator matrix is m
× l ranks, σ be (0, the 1) fixed value chosen on interval;
(1c) for any Bit String K ∈ { 0,1 }γ, authorization center definition PKX () is { 0,1 }τPseudo-random permutation letter on interval
Number race, defines FKX it is { 0,1 } that () is domain of definitionτ, codomain be { 0,1 }γThe first pseudo-random function race, define GKX () is definition
The second pseudo-random function race that domain is [1, n], codomain is { 0,1 };
(1d) authorization center discloses error correcting code D, generator matrix G, pseudo-random permutation family of functions PK(x), the first pseudo-random function race FK
(x), the second pseudo-random function race GK(x) and common parameter { l, m, N, θ };
(2) identity registration:
(2a) personally identifiable information is submitted to authorization center by user;
(2b) authorization center audits whether the identity information that the user submits to is true, if truly, execution step (3) otherwise, is refused
Register absolutely;
(3) key distribution:
(3a) authorization center defines finite fieldChoose matrixAs the symmetrical of user encryption plaintext
Key, wherein,It is integer item, 2 is prime number;
(3b) key k of the authorization center for needed for user generates message authentication code HMAC operationsmac;
(3c) authorization center by safe lane by message S | | kmac| | γ | | τ } it is sent to user;
Wherein, S is the symmetric key of user encryption plaintext, and γ is the 3rd security parameter, and τ is the parameter of keyword number, | | table
Show cascade symbol;
(3d) user is by symmetric key S, message authentication code HMAC key kmac, the 3rd security parameter γ and keyword number ginseng
Amount τ is secret to be preserved;
(4) process clear text file:
(4a) user encryption clear text file εjWhen, piecemeal is carried out to its plaintext matrix, defining each plaintext matrix block isWherein, 1≤j≤n, n are clear text file sum;
(4b) user encrypts each plaintext matrix block M according to symmetric key S, obtains corresponding ciphertext matrix block W:
W=(A, C),
Wherein, A be fromIn the coefficient matrix that randomly selects, C=A S+E+G M, S are symmetric keys, and G is error correcting code D
Generator matrix, E is from Berθ m×NIn the noise matrix that randomly selects, BerθRepresent { 0,1 } on Bernoulli Jacob distribution, 1 it is general
Rate is θ, and 0 probability is 1- θ;
(4c) by clear text file εjAll of ciphertext matrix block W cascades up, and obtains clear text file εjCorresponding cryptograph files
ψj;
(4d) user is according to message authentication code HMAC key kmacWith cryptograph files ψjCalculate cryptograph files ψjMessage authentication tag
Tj:
Tj=HMAC (kmac,ψj),
Wherein, HMAC () represents message authentication tag generating algorithm;
(4e) user uniformly chooses the first secret value s ∈ { 0,1 } at randomγ, the second secret value r ∈ { 0,1 }γ, generating one can remember
Record 2τIndividual keyword (i, wi) index dictionary, will index dictionary and two secret values s, r are secret preserves;
Wherein, i is label, i ∈ [1,2τ], wiFor keyword, wi∈{0,1}*, * represents random length;
(4f) user generates clear text file εjIndex bit string Ij;
(5) data are uploaded:
(5a) channel of the user by safety, by authentication code key kmacIt is sent to Cloud Server, and by message { Ij||ψj||
TjCloud Server is uploaded to, wherein, 1≤j≤n, n are clear text file sum, | | represent cascade symbol;
(5b) Cloud Server carries out integrity verification, the result v according to the following formula to each cryptograph filesjRepresent:
vj=Verify (kmac,ψj,Tj),
Wherein, 1≤j≤n, n are that clear text file is total, and Verify () represents the verification algorithm of message authentication code HMAC;
If vj=1, show ψjIt is not tampered with upload procedure, then the cloud server message, and by index character string IjProtect
It is stored in index character set of strings I, while returning " ψ to userjUpload successfully " notice;
If vj=0, show ψjIt is tampered in upload procedure, then Cloud Server rejects the message, and returns " ψ to userj
The notice of upload mistake ";
(5c) user determines whether to upload successfully according to the content of announcement for receiving:
If user receives " ψjUpload successfully " notice, show ψjIt has been successfully uploaded to Cloud Server;
If user receives " ψjUpload mistake " notice, then return to step (5a);
(6) download ciphertext and decrypt:
(6a) user generates the keyword w that need to be downloaded in fileμTrapdoorAnd it is uploaded to Cloud Server;
(6b) Cloud Server is according to trapdoorFile index bit set of strings I to having stored carries out matching retrieval, if matching into
Work(, Cloud Server return corresponding ciphertext ψ to user, continue step (6c);If it fails to match, Cloud Server is returned to user
The notice of " retrieval failure ";
(6c) user's decrypting ciphertext ψ obtains corresponding clear text file ε.
2. method according to claim 1, it is characterised in that authorization center is that user generates message authentication in step (3b)
Key k needed for code HMAC operationsmac, calculate according to the following formula:
kmac=HMAC-KeyGen (1k),
Wherein, k be authorization center choose the second security parameter, HMAC-KeyGen (1k) represent that the key of message authentication code is generated
Algorithm, kmacIt is the authentication code key for generating.
3. method according to claim 1, it is characterised in that user generates clear text file ε in step (4f)jIndex word
Symbol string Ij, carry out as follows:
(4f1) user chooses pseudo-random permutation family of functions P according to the first secret value sKPseudo-random permutation function P in (x)s(x),
First pseudo-random function race F is chosen according to the second secret value rKFunction F in (x)r(x);
(4f2) calculate subscript value ri=Fr(i), i ∈ [1,2τ], according to riValue choose the second pseudo-random function race GKIn (x)
Function
(4f3) user is according to εjIn whether include keyword wi, it is clear text file εjGenerate one 2τLong bits of original string I 'j:
If clear text file εjComprising keyword wi, then put bits of original string I 'jPsI () position is 1, i.e. I 'j[Ps(i)]=1;
If clear text file εjNot comprising keyword wi, then put bits of original string I 'jPsI () position is 0, i.e. I 'j[Ps(i)]=0;
The all values of traversal i, obtain bits of original string Ij′;
(4f4) user is by bits of original string IjThe value function value of ' i-th bitXor operation is carried out, i.e.,Obtain index bit string IjI-th bit value, i ∈ [1,2τ],Represent xor operation;
The all values of traversal i, obtain index bit string Ij。
4. method according to claim 1, it is characterised in that user generates the key that need to be downloaded in file in step (6a)
Word wμTrapdoorCarry out as follows:
(6a1) user is found and keyword w from index dictionaryμCorresponding label μ;
(6a2) user chooses pseudo-random permutation family of functions P according to the first secret value sKPseudo-random permutation function P in (x)s(x),
First pseudo-random function race F is chosen according to the second secret value rKFunction F in (x)r(x);
(6a3) user calculates displacement label p=P according to label μs(μ);
(6a4) user calculates index functions value f=F according to displacement label pr(p);
(6a5) with displacement label p and index functions value f, constitute trapdoor
5. method according to claim 1, it is characterised in that Cloud Server is according to trapdoor in step (6b)To depositing
File index bit set of strings I of storage carries out matching retrieval, carries out as follows:
(6b1) Cloud Server is by index bit string IjMiddle displacement corresponding place value function values G of label pfJ () carries out xor operation,
I.e.Obtain bits of original string I 'jThe middle displacement corresponding place values of label p, wherein, p is trapdoorIn
Displacement label, f is trapdoorIn index functions value, GfX () is from the second pseudo-random function race G according to the value of fKIn (x)
The pseudo-random function of selection, I 'j[p] represents bits of original string I 'jThe middle displacement corresponding place values of label p, Ij[p] represents index ratio
Special string IjThe middle displacement corresponding place values of label p,Represent xor operation;
(6b2) Cloud Server travels through all values of j, if there is j ∈ [1, n] so that bits of original string I 'jMiddle displacement label p correspondences
Place value be 1, i.e. I 'j[p]=1, then the match is successful;If not existing, it fails to match.
6. method according to claim 1, it is characterised in that it is right that the user's decrypting ciphertext ψ described in step (6c) is obtained
Clear text file ε answered, is carried out as follows:
(6c1) user calculates middle square according to each ciphertext matrix block W=(A, C) in symmetric key S and cryptograph files ψ
Battle array Q:
Q=C-A S;
(6c2) user calls error correcting code D to decode every string of intermediary matrix Q, obtains corresponding plaintext matrix block M;
(6c3) all of plaintext matrix block M is cascaded up by user, obtains corresponding clear text file ε.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610948549.2A CN106534092B (en) | 2016-11-02 | 2016-11-02 | The privacy data encryption method of key is depended on based on message |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610948549.2A CN106534092B (en) | 2016-11-02 | 2016-11-02 | The privacy data encryption method of key is depended on based on message |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106534092A true CN106534092A (en) | 2017-03-22 |
CN106534092B CN106534092B (en) | 2019-07-02 |
Family
ID=58292868
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610948549.2A Active CN106534092B (en) | 2016-11-02 | 2016-11-02 | The privacy data encryption method of key is depended on based on message |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106534092B (en) |
Cited By (22)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107301544A (en) * | 2017-06-26 | 2017-10-27 | 北京泛融科技有限公司 | A kind of safe Wallet System of block chain |
CN107395349A (en) * | 2017-08-16 | 2017-11-24 | 深圳国微技术有限公司 | A kind of block chain network cryptographic key distribution method based on self-certified public key system |
CN107634989A (en) * | 2017-08-25 | 2018-01-26 | 中积有限公司 | A kind of cloud wallet construction method and server |
TWI622949B (en) * | 2017-05-26 | 2018-05-01 | 富邦金融控股股份有限公司 | Know your customer (kyc) data marking dispute relief system with multiple secret key and method thereof |
CN108011885A (en) * | 2017-12-07 | 2018-05-08 | 北京科技大学 | A kind of E-mail encryption method and system based on group cipher system |
CN108846297A (en) * | 2018-07-16 | 2018-11-20 | 佛山伊苏巨森科技有限公司 | A method of distributing and retrieve data in the block chain network with peer node |
CN109104270A (en) * | 2018-09-21 | 2018-12-28 | 华南理工大学 | A kind of insincere cloud center resources sharing method based on Hill operation and chaos |
CN109104392A (en) * | 2017-06-21 | 2018-12-28 | 杨树桃 | A kind of safe Wallet System of block chain |
CN109361663A (en) * | 2018-10-10 | 2019-02-19 | 中航信托股份有限公司 | A kind of correlation technique, system and relevant apparatus accessing encryption data |
CN109586894A (en) * | 2018-11-16 | 2019-04-05 | 重庆邮电大学 | The encryption method of data in OPC UA edge calculations is realized based on pseudo-random permutation |
CN109951453A (en) * | 2019-02-26 | 2019-06-28 | 符安文 | A kind of safe encryption method based on block chain |
CN110012007A (en) * | 2019-04-02 | 2019-07-12 | 国网新疆电力有限公司电力科学研究院 | Annular shuttle dispatching method and scheduling system based on position data encryption |
WO2019136959A1 (en) * | 2018-01-12 | 2019-07-18 | 深圳壹账通智能科技有限公司 | Data processing method and device, computer device and storage medium |
CN110138749A (en) * | 2019-04-23 | 2019-08-16 | 华为技术有限公司 | Data security protection method and related equipment |
CN110232080A (en) * | 2019-05-23 | 2019-09-13 | 智慧谷(厦门)物联科技有限公司 | A kind of method for quickly retrieving based on block chain |
CN110610105A (en) * | 2019-09-25 | 2019-12-24 | 郑州轻工业学院 | Secret sharing-based authentication method for three-dimensional model file in cloud environment |
CN111600948A (en) * | 2020-05-14 | 2020-08-28 | 北京安御道合科技有限公司 | Cloud platform application and data security processing method, system, storage medium and program based on identification password |
WO2020233624A1 (en) * | 2019-05-20 | 2020-11-26 | 创新先进技术有限公司 | Receipt storage method and node employing transaction type in combination with event function type |
CN112134939A (en) * | 2020-09-16 | 2020-12-25 | 许永宾 | Block city cloud platform based on smart city |
CN112311781A (en) * | 2020-10-23 | 2021-02-02 | 西安电子科技大学 | Encryption method with safe forward and backward direction and recoverable keyword shielding |
CN114884700A (en) * | 2022-04-18 | 2022-08-09 | 华中科技大学 | Searchable public key encryption batch processing method and system for resisting keyword guessing attack |
CN115996120A (en) * | 2023-03-22 | 2023-04-21 | 江西经济管理干部学院 | Computer data encryption and decryption method and system based on mobile storage device |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104320262A (en) * | 2014-11-05 | 2015-01-28 | 中国科学院合肥物质科学研究院 | User public key address binding, searching and verifying method and system based on crypto currency open account book technology |
CN104618366A (en) * | 2015-01-27 | 2015-05-13 | 西安电子科技大学 | System and method for security management of Internet archives based on attributes |
CN104836790A (en) * | 2015-03-30 | 2015-08-12 | 西安电子科技大学 | Linked storage fine-grained access control model based on attribute encryption and timestamp |
-
2016
- 2016-11-02 CN CN201610948549.2A patent/CN106534092B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104320262A (en) * | 2014-11-05 | 2015-01-28 | 中国科学院合肥物质科学研究院 | User public key address binding, searching and verifying method and system based on crypto currency open account book technology |
CN104618366A (en) * | 2015-01-27 | 2015-05-13 | 西安电子科技大学 | System and method for security management of Internet archives based on attributes |
CN104836790A (en) * | 2015-03-30 | 2015-08-12 | 西安电子科技大学 | Linked storage fine-grained access control model based on attribute encryption and timestamp |
Cited By (30)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
TWI622949B (en) * | 2017-05-26 | 2018-05-01 | 富邦金融控股股份有限公司 | Know your customer (kyc) data marking dispute relief system with multiple secret key and method thereof |
CN108965228B (en) * | 2017-05-26 | 2020-08-28 | 富邦金融控股股份有限公司 | Dispute relief system with KYC data mark of multiple keys and method thereof |
CN108965228A (en) * | 2017-05-26 | 2018-12-07 | 富邦金融控股股份有限公司 | Dispute relief system with KYC data mark of multiple keys and method thereof |
CN109104392A (en) * | 2017-06-21 | 2018-12-28 | 杨树桃 | A kind of safe Wallet System of block chain |
CN107301544A (en) * | 2017-06-26 | 2017-10-27 | 北京泛融科技有限公司 | A kind of safe Wallet System of block chain |
CN107395349A (en) * | 2017-08-16 | 2017-11-24 | 深圳国微技术有限公司 | A kind of block chain network cryptographic key distribution method based on self-certified public key system |
CN107634989A (en) * | 2017-08-25 | 2018-01-26 | 中积有限公司 | A kind of cloud wallet construction method and server |
CN108011885A (en) * | 2017-12-07 | 2018-05-08 | 北京科技大学 | A kind of E-mail encryption method and system based on group cipher system |
CN108011885B (en) * | 2017-12-07 | 2020-12-15 | 北京科技大学 | E-mail encryption method and system based on group cryptosystem |
WO2019136959A1 (en) * | 2018-01-12 | 2019-07-18 | 深圳壹账通智能科技有限公司 | Data processing method and device, computer device and storage medium |
CN108846297A (en) * | 2018-07-16 | 2018-11-20 | 佛山伊苏巨森科技有限公司 | A method of distributing and retrieve data in the block chain network with peer node |
CN109104270A (en) * | 2018-09-21 | 2018-12-28 | 华南理工大学 | A kind of insincere cloud center resources sharing method based on Hill operation and chaos |
CN109361663A (en) * | 2018-10-10 | 2019-02-19 | 中航信托股份有限公司 | A kind of correlation technique, system and relevant apparatus accessing encryption data |
CN109361663B (en) * | 2018-10-10 | 2021-05-28 | 中航信托股份有限公司 | Method, system and device for accessing encrypted data |
CN109586894A (en) * | 2018-11-16 | 2019-04-05 | 重庆邮电大学 | The encryption method of data in OPC UA edge calculations is realized based on pseudo-random permutation |
CN109951453A (en) * | 2019-02-26 | 2019-06-28 | 符安文 | A kind of safe encryption method based on block chain |
CN110012007A (en) * | 2019-04-02 | 2019-07-12 | 国网新疆电力有限公司电力科学研究院 | Annular shuttle dispatching method and scheduling system based on position data encryption |
CN110012007B (en) * | 2019-04-02 | 2021-02-26 | 国网新疆电力有限公司营销服务中心(资金集约中心、计量中心) | Annular shuttle vehicle scheduling method and system based on position data encryption |
CN110138749A (en) * | 2019-04-23 | 2019-08-16 | 华为技术有限公司 | Data security protection method and related equipment |
WO2020233624A1 (en) * | 2019-05-20 | 2020-11-26 | 创新先进技术有限公司 | Receipt storage method and node employing transaction type in combination with event function type |
CN110232080A (en) * | 2019-05-23 | 2019-09-13 | 智慧谷(厦门)物联科技有限公司 | A kind of method for quickly retrieving based on block chain |
CN110610105A (en) * | 2019-09-25 | 2019-12-24 | 郑州轻工业学院 | Secret sharing-based authentication method for three-dimensional model file in cloud environment |
CN111600948A (en) * | 2020-05-14 | 2020-08-28 | 北京安御道合科技有限公司 | Cloud platform application and data security processing method, system, storage medium and program based on identification password |
CN112134939A (en) * | 2020-09-16 | 2020-12-25 | 许永宾 | Block city cloud platform based on smart city |
CN112311781A (en) * | 2020-10-23 | 2021-02-02 | 西安电子科技大学 | Encryption method with safe forward and backward direction and recoverable keyword shielding |
CN112311781B (en) * | 2020-10-23 | 2021-11-12 | 西安电子科技大学 | Encryption method with safe forward and backward direction and recoverable keyword shielding |
CN114884700A (en) * | 2022-04-18 | 2022-08-09 | 华中科技大学 | Searchable public key encryption batch processing method and system for resisting keyword guessing attack |
CN114884700B (en) * | 2022-04-18 | 2023-04-28 | 华中科技大学 | Searchable public key encryption batch processing method and system for resisting key guessing attack |
CN115996120A (en) * | 2023-03-22 | 2023-04-21 | 江西经济管理干部学院 | Computer data encryption and decryption method and system based on mobile storage device |
CN115996120B (en) * | 2023-03-22 | 2023-09-29 | 江西经济管理干部学院 | Computer data encryption and decryption method and system based on mobile storage device |
Also Published As
Publication number | Publication date |
---|---|
CN106534092B (en) | 2019-07-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106534092B (en) | The privacy data encryption method of key is depended on based on message | |
US5418854A (en) | Method and apparatus for protecting the confidentiality of passwords in a distributed data processing system | |
JP4774492B2 (en) | Authentication system and remote distributed storage system | |
US6959394B1 (en) | Splitting knowledge of a password | |
CN108768951B (en) | Data encryption and retrieval method for protecting file privacy in cloud environment | |
US20170244687A1 (en) | Techniques for confidential delivery of random data over a network | |
US20060195402A1 (en) | Secure data transmission using undiscoverable or black data | |
US20080123843A1 (en) | Method for binding a security element to a mobile device | |
CN101359991A (en) | Public key cipher system private key escrowing system based on identification | |
CN107920052B (en) | Encryption method and intelligent device | |
EP3395004B1 (en) | A method for encrypting data and a method for decrypting data | |
US20050033963A1 (en) | Method and system for authentication, data communication, storage and retrieval in a distributed key cryptography system | |
US7315950B1 (en) | Method of securely sharing information over public networks using untrusted service providers and tightly controlling client accessibility | |
EP3292654B1 (en) | A security approach for storing credentials for offline use and copy-protected vault content in devices | |
MacKenzie et al. | Delegation of cryptographic servers for capture-resilient devices | |
Chidambaram et al. | Enhancing the security of customer data in cloud environments using a novel digital fingerprinting technique | |
CN110943841A (en) | Password authentication using white-box encryption | |
US20150205970A1 (en) | Data encryption using an external arguments encryption algorithm | |
Jones et al. | Information Security: A Coordinated Strategy to Guarantee Data Security in Cloud Computing | |
US8195959B2 (en) | Encrypting a credential store with a lockbox | |
CA2553081A1 (en) | A method for binding a security element to a mobile device | |
JPH08335208A (en) | Method and system for proxy authorization | |
Veeraragavan et al. | Enhanced encryption algorithm (EEA) for protecting users' credentials in public cloud | |
CN114430321B (en) | DFA self-adaptive security-based black box traceable key attribute encryption method and device | |
Jabbar et al. | Design and implementation of hybrid EC-RSA security algorithm based on TPA for cloud storage |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |