CN106534092A - Message-based and key-dependent privacy data encryption method - Google Patents

Message-based and key-dependent privacy data encryption method Download PDF

Info

Publication number
CN106534092A
CN106534092A CN201610948549.2A CN201610948549A CN106534092A CN 106534092 A CN106534092 A CN 106534092A CN 201610948549 A CN201610948549 A CN 201610948549A CN 106534092 A CN106534092 A CN 106534092A
Authority
CN
China
Prior art keywords
user
key
pseudo
cloud server
text file
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610948549.2A
Other languages
Chinese (zh)
Other versions
CN106534092B (en
Inventor
高军涛
王笠燕
李雪莲
王丹妮
王誉晓
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xidian University
Original Assignee
Xidian University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University filed Critical Xidian University
Priority to CN201610948549.2A priority Critical patent/CN106534092B/en
Publication of CN106534092A publication Critical patent/CN106534092A/en
Application granted granted Critical
Publication of CN106534092B publication Critical patent/CN106534092B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a message-based and key-dependent privacy data encryption method. The method mainly solves the problems of key-related attacks and key exposure accidents due to the neglected consideration of the correlation between plaintexts and keys and the E-mail-based distribution of group public keys in the prior art. The method comprises the flowing steps: 1, initializing system parameters by an authorization center; 2, verifying the identity of a user at the authorization center; 3, distributing a key to the user who passes the identity authorization; 4, obtaining a cipher text through processing a plaintext file based on the obtained key by the user; 5, uploading the cipher text to a cloud server by the user; 6, during usage, requiring to download the cipher text from the cloud server by the user, obtaining and decrypting the cipher text after the cloud sever passes the request of the user. According to the technical scheme of the invention, the security encryption of a block-chain wallet file is realized through the message-based and key-dependent encryption method in the single-user mode, so that the key exposure is avoided. The occurrence of key-related attacks is reduced, and the safety of the wallet file is improved.

Description

The privacy data encryption method of key is depended on based on message
Technical field
The invention belongs to technical field of data processing, more particularly to a kind of privacy data encryption method, can be used for block To the encryption of wallet file, backup and the process of Cloud Server is uploaded in chain.
Background technology
Block chain is the Distributed sharing account book of a decentration on network or data base, by highly redundant Mode is building high safety.Someone is referred to as " machine of trust ", namely in the case of no central authority, it is right Mutual cooperation is created and is trusted.Block chain technology is applied to the field that all shortages are trusted, thus its range of application can be increasingly Extensively.In following block chain, with the increase of customer transaction amount, substantial amounts of public private key pair needs user to produce and store.And These keys are typically formed and stored in a file or simple data base by user, can be referred to as wallet.Wallet It is the simple set of multiple addresses and decruption key.It is the unique conditional using bit coin to possess private key, therefore private key must be protected It is close and must be backed up, backup is uploaded to into Cloud Server, in case unexpected lose.Therefore, the encryption safe problem to wallet Just seem increasingly important.After user succeeds in registration to authorization center, authorization center distributes symmetric key when encrypting to user. As key management leak or safe sex consciousness be not strong, user is possible to directly make for the symmetric key for encrypting wallet Make a living into the initial private key of public private key pair used by transaction.If now encrypting wallet, the plaintext and key in wallet has dependence to act on, Traditional security definitions are not enough to safeguard the safety of the program.Subsequently, after ciphertext backup is uploaded to Cloud Server, if using Family because local file lose the problems such as, needs are when being downloaded to certain file from Cloud Server, in order to not leak individual privacy Information and cleartext information, user may need to download all of ciphertext from Cloud Server, could obtain after local decryption The file wanted to oneself.In this case user needs to carry out substantial amounts of decryption oprerations, reduces user job efficiency, and damages Consume a large amount of computing resources and storage resource.
Patent " the shared side of a kind of cloud storage data safety for having permission time control that Wuhan University Of Technology applies at which Method " (publication number:105072180A, application number:201510475566.4, the applying date:On 08 06th, 2015) in disclose one Plant the cloud storage data safety sharing method for having permission time control.In the method, after data owner creates group, automatically A pair of secret keys is generated with public key encryption algorithm, during data owner's shared file, using Symmetric Cryptography to file encryption, then With the private key of sharing group being treated to symmetric key encryption, and file cipher text and key ciphertext are sent to into high in the clouds, the group The all users for treating sharing group are issued in public key E-mail address, if user has access rights, can obtain public key, solve ciphertext Part.The method exist weak point be:The patent is not accounted in the private key encryption symmetric key with sharing group first The safety problem of " in plain text may be related to key ", may produce related-key attacked;Secondly, data owner in the patent When group's public key Email is issued group user, the safety problem of Email is not accounted for, once Email quilt Malice is intercepted, and will leak key.
The content of the invention
Present invention aims to above-mentioned existing deficiency, proposes a kind of privacy number for depending on key based on message According to encryption method, to avoid key exposure, the safety of wallet file is improved.
The technical scheme is that, complete the authentication procedures to user by authorization center first, then user obtains The key of symmetric cryptography is obtained, and depends on key KDM symmetric encryption schemes generation ciphertext to be encrypted to plaintext using message, to support Anti- related-key attacked, at the same time, generates index using can search for encrypting to plaintext, to carry out can search for ciphertext, its Realize that step includes as follows:
(1) initialize:
(1a) authorization center determines the first security parameter λ, the second security parameter k, the 3rd security parameter γ, keyword number Parameter τ and Bernoulli Jacob distribution parameter θ=2, the message-length l of definition plaintext matrix, dimension N, block length m, respectively L=l (λ), N=N (λ), m=m (λ);
(1b) generator matrix that authorization center defines error correcting code is G=Gm×l, arrange solution error correcting code number be d=(θ+ σ) m, conciliates error correcting code number d according to generator matrix G and chooses one group of binary linear error correcting code D, wherein, Gm×lRepresent and generate Matrix is m × l ranks, σ be (0, the 1) fixed value chosen on interval;
(1c) for any Bit String K ∈ { 0,1 }γ, authorization center definition PKX () is { 0,1 }τPseudorandom on interval is put Family of functions is changed, F is definedKX it is { 0,1 } that () is domain of definitionτ, codomain be { 0,1 }γThe first pseudo-random function race, define GKX () is The second pseudo-random function race that domain of definition is [1, n], codomain is { 0,1 };
(1d) authorization center discloses error correcting code D, generator matrix G, pseudo-random permutation family of functions PK(x), the first pseudorandom letter Number race FK(x), the second pseudo-random function race GK(x) and common parameter { l, m, N, θ };
(2) identity registration:
(2a) personally identifiable information is submitted to authorization center by user;
(2b) authorization center audits whether the identity information that the user submits to is true, if truly, execution step (3) is no Then, refusal registration;
(3) key distribution:
(3a) authorization center defines finite fieldChoose matrixAs user encryption plaintext Symmetric key, wherein,It is integer item, 2 is prime number;
(3b) key k of the authorization center for needed for user generates message authentication code HMAC operationsmac
(3c) authorization center by safe lane by message S | | kmac| | γ | | τ } it is sent to user;
Wherein, S is the symmetric key of user encryption plaintext, and γ is the 3rd security parameter, and τ is the parameter of keyword number, | | represent cascade symbol;
(3d) user is by symmetric key S, message authentication code HMAC key kmac, the 3rd security parameter γ and keyword number Parameter τ secret preserve;
(4) process clear text file:
(4a) user encryption clear text file εjWhen, piecemeal is carried out to its plaintext matrix, defining each plaintext matrix block isWherein, 1≤j≤n, n are clear text file sum;
(4b) user encrypts each plaintext matrix block M according to symmetric key S, obtains corresponding ciphertext matrix block W:
W=(A, C),
Wherein, A be fromIn the coefficient matrix that randomly selects, C=A S+E+G M, S are symmetric keys, and G is error correction The generator matrix of code D, E is from Berθ m×NIn the noise matrix that randomly selects, BerθRepresent that the Bernoulli Jacob on { 0,1 } is distributed, 1 Probability is θ, and 0 probability is 1- θ;
(4c) by clear text file εjAll of ciphertext matrix block W cascades up, and obtains clear text file εjCorresponding ciphertext File ψj
(4d) user is according to message authentication code HMAC key kmacWith cryptograph files ψjCalculate cryptograph files ψjMessage authentication Label Tj
Tj=HMAC (kmacj),
Wherein, HMAC () represents message authentication tag generating algorithm;
(4e) user uniformly chooses the first secret value s ∈ { 0,1 } at randomγ, the second secret value r ∈ { 0,1 }γ, generate one Recordable 2τIndividual keyword (i, wi) index dictionary, will index dictionary and two secret values s, r are secret preserves;
Wherein, i is label, i ∈ [1,2τ], wiFor keyword, wi∈{0,1}*, * represents random length;
(4f) user generates clear text file εjIndex bit string Ij
(5) data are uploaded:
(5a) channel of the user by safety, by authentication code key kmacIt is sent to Cloud Server, and by message { Ij| |ψj||TjCloud Server is uploaded to, wherein, 1≤j≤n, n are clear text file sum, | | represent cascade symbol;
(5b) Cloud Server carries out integrity verification, the result v according to the following formula to each cryptograph filesjRepresent:
vj=Verify (kmacj,Tj),
Wherein, 1≤j≤n, n are that clear text file is total, and Verify () represents the verification algorithm of message authentication code HMAC;
If vj=1, show ψjIt is not tampered with upload procedure, then the cloud server message, and by index character string IjIt is saved in index character set of strings I, while returning " ψ to userjUpload successfully " notice;
If vj=0, show ψjIt is tampered in upload procedure, then Cloud Server rejects the message, and returns to user “ψjThe notice of upload mistake ";
(5c) user determines whether to upload successfully according to the content of announcement for receiving:
If user receives " ψjUpload successfully " notice, show ψjIt has been successfully uploaded to Cloud Server;
If user receives " ψjUpload mistake " notice, then return to step (5a);
(6) download ciphertext and decrypt:
(6a) user generates the keyword w that need to be downloaded in fileμTrapdoorAnd it is uploaded to Cloud Server;
(6b) Cloud Server is according to trapdoorFile index bit set of strings I to having stored carries out matching retrieval, if The match is successful, and Cloud Server returns corresponding ciphertext ψ to user, continues step (6c);If it fails to match, Cloud Server is to use Family returns the notice of " retrieval failure ";
(6c) user's decrypting ciphertext ψ obtains corresponding clear text file ε.
The present invention compared with prior art, with advantages below:
First, the present invention is it is contemplated that the plaintext situation related to key, depends on key KDM symmetrical using message Encipherment scheme is encrypted to plaintext, when there is key management leak, can resist related-key attacked, improves wallet text The safety of part.
Second, the present invention is due to being encrypted to file using single user, being uploaded and being downloaded, so avoiding and other use The Key Exposure problem existed during the shared key of family.
Description of the drawings
Fig. 1 is the flowchart of the present invention;
Fig. 2 is the schematic diagram of process clear text file in the present invention;
Fig. 3 is the schematic diagram of download decrypting ciphertext in the present invention.
Specific embodiment
The present invention will be further described below in conjunction with the accompanying drawings.
With reference to Fig. 1, the present invention's comprises the following steps that.
Step 1, initialization.
Authorization center determines the first security parameter λ, the second security parameter k, the 3rd security parameter γ, the ginseng of keyword number Amount τ and parameter θ=2 of Bernoulli Jacob's distribution;The message-length l of definition plaintext matrix, dimension N, respectively block length m, l=l (λ), N=N (λ), m=m (λ);It is G=G that authorization center defines the generator matrix of error correcting codem×l, arrange solution error correcting code number be D=(θ+σ) m, conciliates error correcting code number d according to generator matrix G and chooses one group of binary linear error correcting code D, wherein, Gm×lTable Show generator matrix for m × l ranks, σ be (0, the 1) fixed value chosen on interval;
For any Bit String K ∈ { 0,1 }γ, authorization center definition PKX () is { 0,1 }τPseudo-random permutation letter on interval Number race, defines FKX it is { 0,1 } that () is domain of definitionτ, codomain be { 0,1 }γThe first pseudo-random function race, define GKX () is definition The second pseudo-random function race that domain is [1, n], codomain is { 0,1 };
Authorization center discloses error correcting code D, generator matrix G, pseudo-random permutation family of functions PK(x), the first pseudo-random function race FK (x), the second pseudo-random function race GK(x) and common parameter { l, m, N, θ }.
Step 2, identity registration.
Personally identifiable information is submitted to authorization center by user, and whether authorization center audits identity information that the user submits to Truly, if truly, execution step (3), otherwise, refusal registration.
Step 3, key distribution.
(3a) authorization center defines finite fieldChoose matrixAs user encryption plaintext Symmetric key, wherein,It is integer item, 2 is prime number;
(3b) key schedule HMAC-KeyGen (1 of the authorization center using message authentication codek) message is generated for user Key k needed for authentication code HMAC operationsmac
kmac=HMAC-KeyGen (1k),
Wherein, k is the second security parameter that authorization center is chosen;
(3c) authorization center by safe lane by message S | | kmac| | γ | | τ } it is sent to user;
(3d) user is by symmetric key S, the key k of message authentication code HMACmac, the 3rd security parameter γ and keyword Several parameter τ is secret to be preserved.
Step 4, processes clear text file.
It is n, each clear text file ε that setting user needs the clear text file sum of encryptionjRepresent, 1≤j≤n,
With reference to Fig. 2, user processes clear text file εjThe step of it is as follows:
(4a) user is to clear text file εjIn plaintext matrix carry out piecemeal, defining each plaintext matrix block isEach plaintext matrix block M is encrypted according to symmetric key S, is obtained corresponding ciphertext matrix block W=(A, C), will in plain text File εjAll of ciphertext matrix block W cascades up, and obtains clear text file εjCorresponding cryptograph files ψj
Wherein, A be fromIn the coefficient matrix that randomly selects, C=A S+E+G M, S are symmetric keys, and G is error correction The generator matrix of code D, E is from Berθ m×NIn the noise matrix that randomly selects, BerθRepresent that the Bernoulli Jacob on { 0,1 } is distributed, 1 Probability is θ, and 0 probability is 1- θ;
(4b) user is according to message authentication code HMAC key kmacWith cryptograph files ψj, cryptograph files ψ is calculated using following formulaj's Message authentication tag Tj
Tj=HMAC (kmacj);
(4c) user is clear text file ε as followsjGenerate index bit string Ij
(4c1) user uniformly chooses the first secret value s ∈ { 0,1 } at randomγ, the second secret value r ∈ { 0,1 }γ, generate one Recordable 2τIndividual keyword (i, wi) index dictionary, wherein, i is label, i ∈ [1,2τ], wiFor keyword, wi∈{0,1}*, * Random length is represented, will index dictionary and two secret value s, r secret preservations;
(4c2) user chooses pseudo-random permutation family of functions P according to the first secret value sKPseudo-random permutation function P in (x)s X (), chooses the first pseudo-random function race F according to the second secret value rKFunction F in (x)r(x);
(4c3) user calculates subscript value ri=Fr(i), i ∈ [1,2τ], according to riValue choose the second pseudo-random function race GK Function G in (x)ri(x);
(4c4) user is according to εjIn whether include keyword wi, it is clear text file εjGenerate one 2τLong bits of original string Ij′:
If clear text file εjComprising keyword wi, then put bits of original string Ij' PsI () position is 1, i.e. Ij′[Ps(i)]= 1;
If clear text file εjNot comprising keyword wi, then put bits of original string Ij' PsI () position is 0, i.e. Ij′[Ps(i)] =0;
The all values of traversal i, obtain bits of original string Ij′;
(4c5) user is by bits of original string IjValue function value G of ' i-th bitriJ () carries out xor operation, i.e.,Obtain index bit string IjI-th bit value, travel through i all values, obtain index bit string Ij
Step 5, data are uploaded.
(5a) channel of the user by safety, by authentication code key kmacIt is sent to Cloud Server, and by message { Ij| |ψj||TjCloud Server is uploaded to, wherein, 1≤j≤n, n are clear text file sum, | | represent cascade symbol;
(5b) Cloud Server has been carried out to each cryptograph files using verification algorithm Verify () of message authentication code HMAC Integrity verification, the result vjRepresent, i.e. vj=Verify (kmacj,Tj), wherein, 1≤j≤n, n are that clear text file is total Number;
If vj=1, show ψjIt is not tampered with upload procedure, then the cloud server message, and by index character string IjIt is saved in index character set of strings I, while returning " ψ to userjUpload successfully " notice;
If vj=0, show ψjIt is tampered in upload procedure, then Cloud Server rejects the message, and returns to user “ψjThe notice of upload mistake ";
(5c) user determines whether to upload successfully according to the content of announcement for receiving:
If user receives " ψjUpload successfully " notice, show ψjIt has been successfully uploaded to Cloud Server;
If user receives " ψjUpload mistake " notice, then return to step (5a).
Step 6, downloads ciphertext and decrypts.
With reference to Fig. 3, this step is implemented as follows:
(6a) user generates the keyword w that need to be downloaded in fileμTrapdoorAnd it is uploaded to Cloud Server:
(6a1) user is found and keyword w from index dictionaryμCorresponding label μ;
(6a2) user chooses pseudo-random permutation family of functions P according to the first secret value sKPseudo-random permutation function P in (x)s X (), chooses the first pseudo-random function race F according to the second secret value rKFunction F in (x)r(x);
(6a3) user calculates displacement label p=P according to label μs(μ);
(6a4) user calculates index functions value f=F according to displacement label pr(p);
(6a5) with displacement label p and index functions value f, constitute trapdoor
(6b) Cloud Server is according to trapdoorFile index bit set of strings I to having stored carries out matching retrieval:
(6b1) Cloud Server is by index bit string IjMiddle displacement corresponding place value function values G of label pfJ () carries out XOR Operation, i.e.,Obtain bits of original string Ij' middle displacement corresponding the place values of label p, wherein, p is trapdoorIn displacement label, f is trapdoorIn index functions value, GfX () is from the second pseudo-random function race G according to the value of fK The pseudo-random function chosen in (x), Ij' [p] represents bits of original string Ij' middle displacement corresponding the place values of label p, Ij[p] represents rope Draw Bit String IjThe middle displacement corresponding place values of label p,Represent xor operation;
(6b2) Cloud Server travels through all values of j, if there is j ∈ [1, n] so that bits of original string Ij' middle displacement label The corresponding place values of p are 1, i.e. Ij' [p]=1, then the match is successful, and Cloud Server returns corresponding ciphertext ψ to user, continues step (6c);If not existing, it fails to match, and Cloud Server returns the notice of " retrieval failure " to user;
(6c) user's decrypting ciphertext ψ obtains corresponding clear text file ε:
(6c1) user is according to each ciphertext matrix block W=(A, C) in symmetric key S and cryptograph files ψ, in calculating Between matrix Q:
Q=C-A S;
(6c2) user calls error correcting code D to decode every string of intermediary matrix Q, obtains corresponding plaintext matrix block M;
(6c3) all of plaintext matrix block M is cascaded up by user, obtains corresponding clear text file ε.
Above description is only example of the present invention, does not constitute any limitation of the invention, it is clear that for this For the professional in field, after present invention and principle has been understood, all may be without departing substantially from the principle of the invention, structure In the case of, various amendments and the change in form and details is carried out, but these amendments and change based on inventive concept are still Within the claims of the present invention.

Claims (6)

1. the privacy data encryption method of key is depended on based on message, is comprised the steps:
(1) initialize:
(1a) authorization center determines the first security parameter λ, the second security parameter k, the 3rd security parameter γ, the ginseng of keyword number Amount τ and parameter θ=2 of Bernoulli Jacob's distribution, the message-length l of definition plaintext matrix, dimension N, respectively block length m, l=l (λ), N=N (λ), m=m (λ);
(1b) generator matrix that authorization center defines error correcting code is G=Gm×l, the number for arranging solution error correcting code is d=(θ+σ) m, Error correcting code number d is conciliate according to generator matrix G and chooses one group of binary linear error correcting code D, wherein, Gm×lExpression generator matrix is m × l ranks, σ be (0, the 1) fixed value chosen on interval;
(1c) for any Bit String K ∈ { 0,1 }γ, authorization center definition PKX () is { 0,1 }τPseudo-random permutation letter on interval Number race, defines FKX it is { 0,1 } that () is domain of definitionτ, codomain be { 0,1 }γThe first pseudo-random function race, define GKX () is definition The second pseudo-random function race that domain is [1, n], codomain is { 0,1 };
(1d) authorization center discloses error correcting code D, generator matrix G, pseudo-random permutation family of functions PK(x), the first pseudo-random function race FK (x), the second pseudo-random function race GK(x) and common parameter { l, m, N, θ };
(2) identity registration:
(2a) personally identifiable information is submitted to authorization center by user;
(2b) authorization center audits whether the identity information that the user submits to is true, if truly, execution step (3) otherwise, is refused Register absolutely;
(3) key distribution:
(3a) authorization center defines finite fieldChoose matrixAs the symmetrical of user encryption plaintext Key, wherein,It is integer item, 2 is prime number;
(3b) key k of the authorization center for needed for user generates message authentication code HMAC operationsmac
(3c) authorization center by safe lane by message S | | kmac| | γ | | τ } it is sent to user;
Wherein, S is the symmetric key of user encryption plaintext, and γ is the 3rd security parameter, and τ is the parameter of keyword number, | | table Show cascade symbol;
(3d) user is by symmetric key S, message authentication code HMAC key kmac, the 3rd security parameter γ and keyword number ginseng Amount τ is secret to be preserved;
(4) process clear text file:
(4a) user encryption clear text file εjWhen, piecemeal is carried out to its plaintext matrix, defining each plaintext matrix block isWherein, 1≤j≤n, n are clear text file sum;
(4b) user encrypts each plaintext matrix block M according to symmetric key S, obtains corresponding ciphertext matrix block W:
W=(A, C),
Wherein, A be fromIn the coefficient matrix that randomly selects, C=A S+E+G M, S are symmetric keys, and G is error correcting code D Generator matrix, E is from Berθ m×NIn the noise matrix that randomly selects, BerθRepresent { 0,1 } on Bernoulli Jacob distribution, 1 it is general Rate is θ, and 0 probability is 1- θ;
(4c) by clear text file εjAll of ciphertext matrix block W cascades up, and obtains clear text file εjCorresponding cryptograph files ψj
(4d) user is according to message authentication code HMAC key kmacWith cryptograph files ψjCalculate cryptograph files ψjMessage authentication tag Tj
Tj=HMAC (kmacj),
Wherein, HMAC () represents message authentication tag generating algorithm;
(4e) user uniformly chooses the first secret value s ∈ { 0,1 } at randomγ, the second secret value r ∈ { 0,1 }γ, generating one can remember Record 2τIndividual keyword (i, wi) index dictionary, will index dictionary and two secret values s, r are secret preserves;
Wherein, i is label, i ∈ [1,2τ], wiFor keyword, wi∈{0,1}*, * represents random length;
(4f) user generates clear text file εjIndex bit string Ij
(5) data are uploaded:
(5a) channel of the user by safety, by authentication code key kmacIt is sent to Cloud Server, and by message { Ij||ψj|| TjCloud Server is uploaded to, wherein, 1≤j≤n, n are clear text file sum, | | represent cascade symbol;
(5b) Cloud Server carries out integrity verification, the result v according to the following formula to each cryptograph filesjRepresent:
vj=Verify (kmacj,Tj),
Wherein, 1≤j≤n, n are that clear text file is total, and Verify () represents the verification algorithm of message authentication code HMAC;
If vj=1, show ψjIt is not tampered with upload procedure, then the cloud server message, and by index character string IjProtect It is stored in index character set of strings I, while returning " ψ to userjUpload successfully " notice;
If vj=0, show ψjIt is tampered in upload procedure, then Cloud Server rejects the message, and returns " ψ to userj The notice of upload mistake ";
(5c) user determines whether to upload successfully according to the content of announcement for receiving:
If user receives " ψjUpload successfully " notice, show ψjIt has been successfully uploaded to Cloud Server;
If user receives " ψjUpload mistake " notice, then return to step (5a);
(6) download ciphertext and decrypt:
(6a) user generates the keyword w that need to be downloaded in fileμTrapdoorAnd it is uploaded to Cloud Server;
(6b) Cloud Server is according to trapdoorFile index bit set of strings I to having stored carries out matching retrieval, if matching into Work(, Cloud Server return corresponding ciphertext ψ to user, continue step (6c);If it fails to match, Cloud Server is returned to user The notice of " retrieval failure ";
(6c) user's decrypting ciphertext ψ obtains corresponding clear text file ε.
2. method according to claim 1, it is characterised in that authorization center is that user generates message authentication in step (3b) Key k needed for code HMAC operationsmac, calculate according to the following formula:
kmac=HMAC-KeyGen (1k),
Wherein, k be authorization center choose the second security parameter, HMAC-KeyGen (1k) represent that the key of message authentication code is generated Algorithm, kmacIt is the authentication code key for generating.
3. method according to claim 1, it is characterised in that user generates clear text file ε in step (4f)jIndex word Symbol string Ij, carry out as follows:
(4f1) user chooses pseudo-random permutation family of functions P according to the first secret value sKPseudo-random permutation function P in (x)s(x), First pseudo-random function race F is chosen according to the second secret value rKFunction F in (x)r(x);
(4f2) calculate subscript value ri=Fr(i), i ∈ [1,2τ], according to riValue choose the second pseudo-random function race GKIn (x) Function
(4f3) user is according to εjIn whether include keyword wi, it is clear text file εjGenerate one 2τLong bits of original string I 'j
If clear text file εjComprising keyword wi, then put bits of original string I 'jPsI () position is 1, i.e. I 'j[Ps(i)]=1;
If clear text file εjNot comprising keyword wi, then put bits of original string I 'jPsI () position is 0, i.e. I 'j[Ps(i)]=0;
The all values of traversal i, obtain bits of original string Ij′;
(4f4) user is by bits of original string IjThe value function value of ' i-th bitXor operation is carried out, i.e.,Obtain index bit string IjI-th bit value, i ∈ [1,2τ],Represent xor operation;
The all values of traversal i, obtain index bit string Ij
4. method according to claim 1, it is characterised in that user generates the key that need to be downloaded in file in step (6a) Word wμTrapdoorCarry out as follows:
(6a1) user is found and keyword w from index dictionaryμCorresponding label μ;
(6a2) user chooses pseudo-random permutation family of functions P according to the first secret value sKPseudo-random permutation function P in (x)s(x), First pseudo-random function race F is chosen according to the second secret value rKFunction F in (x)r(x);
(6a3) user calculates displacement label p=P according to label μs(μ);
(6a4) user calculates index functions value f=F according to displacement label pr(p);
(6a5) with displacement label p and index functions value f, constitute trapdoor
5. method according to claim 1, it is characterised in that Cloud Server is according to trapdoor in step (6b)To depositing File index bit set of strings I of storage carries out matching retrieval, carries out as follows:
(6b1) Cloud Server is by index bit string IjMiddle displacement corresponding place value function values G of label pfJ () carries out xor operation, I.e.Obtain bits of original string I 'jThe middle displacement corresponding place values of label p, wherein, p is trapdoorIn Displacement label, f is trapdoorIn index functions value, GfX () is from the second pseudo-random function race G according to the value of fKIn (x) The pseudo-random function of selection, I 'j[p] represents bits of original string I 'jThe middle displacement corresponding place values of label p, Ij[p] represents index ratio Special string IjThe middle displacement corresponding place values of label p,Represent xor operation;
(6b2) Cloud Server travels through all values of j, if there is j ∈ [1, n] so that bits of original string I 'jMiddle displacement label p correspondences Place value be 1, i.e. I 'j[p]=1, then the match is successful;If not existing, it fails to match.
6. method according to claim 1, it is characterised in that it is right that the user's decrypting ciphertext ψ described in step (6c) is obtained Clear text file ε answered, is carried out as follows:
(6c1) user calculates middle square according to each ciphertext matrix block W=(A, C) in symmetric key S and cryptograph files ψ Battle array Q:
Q=C-A S;
(6c2) user calls error correcting code D to decode every string of intermediary matrix Q, obtains corresponding plaintext matrix block M;
(6c3) all of plaintext matrix block M is cascaded up by user, obtains corresponding clear text file ε.
CN201610948549.2A 2016-11-02 2016-11-02 The privacy data encryption method of key is depended on based on message Active CN106534092B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610948549.2A CN106534092B (en) 2016-11-02 2016-11-02 The privacy data encryption method of key is depended on based on message

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610948549.2A CN106534092B (en) 2016-11-02 2016-11-02 The privacy data encryption method of key is depended on based on message

Publications (2)

Publication Number Publication Date
CN106534092A true CN106534092A (en) 2017-03-22
CN106534092B CN106534092B (en) 2019-07-02

Family

ID=58292868

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610948549.2A Active CN106534092B (en) 2016-11-02 2016-11-02 The privacy data encryption method of key is depended on based on message

Country Status (1)

Country Link
CN (1) CN106534092B (en)

Cited By (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107301544A (en) * 2017-06-26 2017-10-27 北京泛融科技有限公司 A kind of safe Wallet System of block chain
CN107395349A (en) * 2017-08-16 2017-11-24 深圳国微技术有限公司 A kind of block chain network cryptographic key distribution method based on self-certified public key system
CN107634989A (en) * 2017-08-25 2018-01-26 中积有限公司 A kind of cloud wallet construction method and server
TWI622949B (en) * 2017-05-26 2018-05-01 富邦金融控股股份有限公司 Know your customer (kyc) data marking dispute relief system with multiple secret key and method thereof
CN108011885A (en) * 2017-12-07 2018-05-08 北京科技大学 A kind of E-mail encryption method and system based on group cipher system
CN108846297A (en) * 2018-07-16 2018-11-20 佛山伊苏巨森科技有限公司 A method of distributing and retrieve data in the block chain network with peer node
CN109104270A (en) * 2018-09-21 2018-12-28 华南理工大学 A kind of insincere cloud center resources sharing method based on Hill operation and chaos
CN109104392A (en) * 2017-06-21 2018-12-28 杨树桃 A kind of safe Wallet System of block chain
CN109361663A (en) * 2018-10-10 2019-02-19 中航信托股份有限公司 A kind of correlation technique, system and relevant apparatus accessing encryption data
CN109586894A (en) * 2018-11-16 2019-04-05 重庆邮电大学 The encryption method of data in OPC UA edge calculations is realized based on pseudo-random permutation
CN109951453A (en) * 2019-02-26 2019-06-28 符安文 A kind of safe encryption method based on block chain
CN110012007A (en) * 2019-04-02 2019-07-12 国网新疆电力有限公司电力科学研究院 Annular shuttle dispatching method and scheduling system based on position data encryption
WO2019136959A1 (en) * 2018-01-12 2019-07-18 深圳壹账通智能科技有限公司 Data processing method and device, computer device and storage medium
CN110138749A (en) * 2019-04-23 2019-08-16 华为技术有限公司 Data security protection method and related equipment
CN110232080A (en) * 2019-05-23 2019-09-13 智慧谷(厦门)物联科技有限公司 A kind of method for quickly retrieving based on block chain
CN110610105A (en) * 2019-09-25 2019-12-24 郑州轻工业学院 Secret sharing-based authentication method for three-dimensional model file in cloud environment
CN111600948A (en) * 2020-05-14 2020-08-28 北京安御道合科技有限公司 Cloud platform application and data security processing method, system, storage medium and program based on identification password
WO2020233624A1 (en) * 2019-05-20 2020-11-26 创新先进技术有限公司 Receipt storage method and node employing transaction type in combination with event function type
CN112134939A (en) * 2020-09-16 2020-12-25 许永宾 Block city cloud platform based on smart city
CN112311781A (en) * 2020-10-23 2021-02-02 西安电子科技大学 Encryption method with safe forward and backward direction and recoverable keyword shielding
CN114884700A (en) * 2022-04-18 2022-08-09 华中科技大学 Searchable public key encryption batch processing method and system for resisting keyword guessing attack
CN115996120A (en) * 2023-03-22 2023-04-21 江西经济管理干部学院 Computer data encryption and decryption method and system based on mobile storage device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104320262A (en) * 2014-11-05 2015-01-28 中国科学院合肥物质科学研究院 User public key address binding, searching and verifying method and system based on crypto currency open account book technology
CN104618366A (en) * 2015-01-27 2015-05-13 西安电子科技大学 System and method for security management of Internet archives based on attributes
CN104836790A (en) * 2015-03-30 2015-08-12 西安电子科技大学 Linked storage fine-grained access control model based on attribute encryption and timestamp

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104320262A (en) * 2014-11-05 2015-01-28 中国科学院合肥物质科学研究院 User public key address binding, searching and verifying method and system based on crypto currency open account book technology
CN104618366A (en) * 2015-01-27 2015-05-13 西安电子科技大学 System and method for security management of Internet archives based on attributes
CN104836790A (en) * 2015-03-30 2015-08-12 西安电子科技大学 Linked storage fine-grained access control model based on attribute encryption and timestamp

Cited By (30)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI622949B (en) * 2017-05-26 2018-05-01 富邦金融控股股份有限公司 Know your customer (kyc) data marking dispute relief system with multiple secret key and method thereof
CN108965228B (en) * 2017-05-26 2020-08-28 富邦金融控股股份有限公司 Dispute relief system with KYC data mark of multiple keys and method thereof
CN108965228A (en) * 2017-05-26 2018-12-07 富邦金融控股股份有限公司 Dispute relief system with KYC data mark of multiple keys and method thereof
CN109104392A (en) * 2017-06-21 2018-12-28 杨树桃 A kind of safe Wallet System of block chain
CN107301544A (en) * 2017-06-26 2017-10-27 北京泛融科技有限公司 A kind of safe Wallet System of block chain
CN107395349A (en) * 2017-08-16 2017-11-24 深圳国微技术有限公司 A kind of block chain network cryptographic key distribution method based on self-certified public key system
CN107634989A (en) * 2017-08-25 2018-01-26 中积有限公司 A kind of cloud wallet construction method and server
CN108011885A (en) * 2017-12-07 2018-05-08 北京科技大学 A kind of E-mail encryption method and system based on group cipher system
CN108011885B (en) * 2017-12-07 2020-12-15 北京科技大学 E-mail encryption method and system based on group cryptosystem
WO2019136959A1 (en) * 2018-01-12 2019-07-18 深圳壹账通智能科技有限公司 Data processing method and device, computer device and storage medium
CN108846297A (en) * 2018-07-16 2018-11-20 佛山伊苏巨森科技有限公司 A method of distributing and retrieve data in the block chain network with peer node
CN109104270A (en) * 2018-09-21 2018-12-28 华南理工大学 A kind of insincere cloud center resources sharing method based on Hill operation and chaos
CN109361663A (en) * 2018-10-10 2019-02-19 中航信托股份有限公司 A kind of correlation technique, system and relevant apparatus accessing encryption data
CN109361663B (en) * 2018-10-10 2021-05-28 中航信托股份有限公司 Method, system and device for accessing encrypted data
CN109586894A (en) * 2018-11-16 2019-04-05 重庆邮电大学 The encryption method of data in OPC UA edge calculations is realized based on pseudo-random permutation
CN109951453A (en) * 2019-02-26 2019-06-28 符安文 A kind of safe encryption method based on block chain
CN110012007A (en) * 2019-04-02 2019-07-12 国网新疆电力有限公司电力科学研究院 Annular shuttle dispatching method and scheduling system based on position data encryption
CN110012007B (en) * 2019-04-02 2021-02-26 国网新疆电力有限公司营销服务中心(资金集约中心、计量中心) Annular shuttle vehicle scheduling method and system based on position data encryption
CN110138749A (en) * 2019-04-23 2019-08-16 华为技术有限公司 Data security protection method and related equipment
WO2020233624A1 (en) * 2019-05-20 2020-11-26 创新先进技术有限公司 Receipt storage method and node employing transaction type in combination with event function type
CN110232080A (en) * 2019-05-23 2019-09-13 智慧谷(厦门)物联科技有限公司 A kind of method for quickly retrieving based on block chain
CN110610105A (en) * 2019-09-25 2019-12-24 郑州轻工业学院 Secret sharing-based authentication method for three-dimensional model file in cloud environment
CN111600948A (en) * 2020-05-14 2020-08-28 北京安御道合科技有限公司 Cloud platform application and data security processing method, system, storage medium and program based on identification password
CN112134939A (en) * 2020-09-16 2020-12-25 许永宾 Block city cloud platform based on smart city
CN112311781A (en) * 2020-10-23 2021-02-02 西安电子科技大学 Encryption method with safe forward and backward direction and recoverable keyword shielding
CN112311781B (en) * 2020-10-23 2021-11-12 西安电子科技大学 Encryption method with safe forward and backward direction and recoverable keyword shielding
CN114884700A (en) * 2022-04-18 2022-08-09 华中科技大学 Searchable public key encryption batch processing method and system for resisting keyword guessing attack
CN114884700B (en) * 2022-04-18 2023-04-28 华中科技大学 Searchable public key encryption batch processing method and system for resisting key guessing attack
CN115996120A (en) * 2023-03-22 2023-04-21 江西经济管理干部学院 Computer data encryption and decryption method and system based on mobile storage device
CN115996120B (en) * 2023-03-22 2023-09-29 江西经济管理干部学院 Computer data encryption and decryption method and system based on mobile storage device

Also Published As

Publication number Publication date
CN106534092B (en) 2019-07-02

Similar Documents

Publication Publication Date Title
CN106534092B (en) The privacy data encryption method of key is depended on based on message
US5418854A (en) Method and apparatus for protecting the confidentiality of passwords in a distributed data processing system
JP4774492B2 (en) Authentication system and remote distributed storage system
US6959394B1 (en) Splitting knowledge of a password
CN108768951B (en) Data encryption and retrieval method for protecting file privacy in cloud environment
US20170244687A1 (en) Techniques for confidential delivery of random data over a network
US20060195402A1 (en) Secure data transmission using undiscoverable or black data
US20080123843A1 (en) Method for binding a security element to a mobile device
CN101359991A (en) Public key cipher system private key escrowing system based on identification
CN107920052B (en) Encryption method and intelligent device
EP3395004B1 (en) A method for encrypting data and a method for decrypting data
US20050033963A1 (en) Method and system for authentication, data communication, storage and retrieval in a distributed key cryptography system
US7315950B1 (en) Method of securely sharing information over public networks using untrusted service providers and tightly controlling client accessibility
EP3292654B1 (en) A security approach for storing credentials for offline use and copy-protected vault content in devices
MacKenzie et al. Delegation of cryptographic servers for capture-resilient devices
Chidambaram et al. Enhancing the security of customer data in cloud environments using a novel digital fingerprinting technique
CN110943841A (en) Password authentication using white-box encryption
US20150205970A1 (en) Data encryption using an external arguments encryption algorithm
Jones et al. Information Security: A Coordinated Strategy to Guarantee Data Security in Cloud Computing
US8195959B2 (en) Encrypting a credential store with a lockbox
CA2553081A1 (en) A method for binding a security element to a mobile device
JPH08335208A (en) Method and system for proxy authorization
Veeraragavan et al. Enhanced encryption algorithm (EEA) for protecting users' credentials in public cloud
CN114430321B (en) DFA self-adaptive security-based black box traceable key attribute encryption method and device
Jabbar et al. Design and implementation of hybrid EC-RSA security algorithm based on TPA for cloud storage

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant