CN106789044B - Searchable encryption method for cipher text data public key stored in cloud on grid under standard model - Google Patents

Searchable encryption method for cipher text data public key stored in cloud on grid under standard model Download PDF

Info

Publication number
CN106789044B
CN106789044B CN201710091523.5A CN201710091523A CN106789044B CN 106789044 B CN106789044 B CN 106789044B CN 201710091523 A CN201710091523 A CN 201710091523A CN 106789044 B CN106789044 B CN 106789044B
Authority
CN
China
Prior art keywords
ciphertext
cloud server
keyword
random
component
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710091523.5A
Other languages
Chinese (zh)
Other versions
CN106789044A (en
Inventor
张晓均
张新鹏
何小曼
张源
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Southwest Petroleum University
Original Assignee
Southwest Petroleum University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Southwest Petroleum University filed Critical Southwest Petroleum University
Priority to CN201710091523.5A priority Critical patent/CN106789044B/en
Publication of CN106789044A publication Critical patent/CN106789044A/en
Application granted granted Critical
Publication of CN106789044B publication Critical patent/CN106789044B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Electromagnetism (AREA)
  • Theoretical Computer Science (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Storage Device Security (AREA)

Abstract

The invention belongs to the technical field of network space security, and particularly relates to a searchable encryption method for a cloud storage ciphertext data public key on a grid under a standard model. The method does not need a random prediction machine, so that the method reflects the safety of the designed public key searchable encryption method more truly, and meanwhile, the designed cryptographic algorithm is based on the LWE difficult problem assumption and can effectively resist quantum computer attack. The method needs to appoint a unique cloud server to test and return a corresponding search result, so that any malicious server can not execute the search test operation, and the attack of the malicious server is avoided to a certain extent. And the algorithm can ensure the indistinguishability of the ciphertext. In addition, the method only needs to calculate limited linear algebraic operation in the stage of generating the keyword ciphertext, does not need modular exponential operation and bilinear pairwise operation with high calculation cost, and has great practical application value in a post-quantum communication environment.

Description

Searchable encryption method for cipher text data public key stored in cloud on grid under standard model
Technical Field
The invention belongs to the technical field of network space security, and particularly relates to a searchable encryption method for a cloud storage ciphertext data public key on a grid under a standard model.
Background
With the rapid development of cloud storage technology, more and more users store data to a cloud server. In this way, users enjoy high quality data storage services, greatly reducing the computational overhead of the users and the cost overhead of maintaining the data. In order to securely store outsourced data at an untrusted remote cloud server, the user's sensitive data needs to be encrypted before being outsourced. However, how to efficiently search ciphertext data stored on a cloud server becomes a troublesome problem.
Using a public key searchable encryption algorithm with keywords is a very feasible technique. Boneh et al first proposed a public key searchable encryption algorithm with keywords. Then, Baek et al first proposed a public key searchable encryption algorithm under a common channel. In 2010, Fang et al once again constructed a public key searchable encryption algorithm under the common channel and was more efficient than the algorithm of Baek et al. Wu et al, 2014, proposed an identity-based searchable encryption algorithm for a given tester that, in addition to ensuring that the ciphertext is indistinguishable, also demonstrated that the algorithm can ensure the indistinguishability of trapdoors.
At present, few public key searchable encryption algorithms designed for cloud computing environment applications are available. Moreover, for the existing cloud storage ciphertext data public key searchable encryption algorithms, attention is paid to the devices which are relatively mature in application nowadays, and the safety consideration is also based on the traditional mathematical difficulties such as the DH problem and the CDH problem, and the problems are easy to crack by a quantum computer and are unsafe in the quantum computing environment. In addition, the public key searchable encryption algorithms are designed under a standard model, and the security certification of the public key searchable encryption algorithms is based on a random predictor model, which cannot truly reflect the security of the designed public key searchable encryption algorithms to a certain extent. Based on this, more and more researchers are focusing on the research of public key searchable encryption algorithms for post-quantum cryptography security. Therefore, by combining the lattice cipher and the searchable encryption algorithm and the traditional standard model cipher design technology, it is a significant work to design the quantum computation resistant searchable encryption method of the public key on the lattice under the standard model, which can be applied to the cloud computing environment.
Disclosure of Invention
The invention aims to provide a searchable encryption method for a cloud storage ciphertext data public key under a standard model.
The technical scheme of the invention is as follows: the method for encrypting the ciphertext data public key through the lattice cloud storage under the standard model is characterized by comprising the following steps of:
a. initializing a system: setting security parameters required by a grid cryptographic algorithm, and operating a trapdoor generation function to generate a public and private key pair of a data receiver and a cloud server; simultaneously setting a vector coding function;
b. generating a keyword ciphertext: the data owner calculates a public matrix associated with the keyword according to a vector coding function, and obtains a first component of a keyword ciphertext according to an LWE encryption idea; the data owner selects a random challenge identity, calculates a public matrix associated with the random challenge identity according to the random challenge identity, and obtains a second component of the keyword ciphertext according to the LWE encryption idea; the first component of the keyword ciphertext, the second component of the keyword ciphertext and the random challenge identity form a keyword ciphertext and the keyword ciphertext is sent to the cloud server;
c. search trapdoors generate: the data receiver utilizes a private key of the data receiver and a known selected vector, utilizes a left primary image sampling function to generate a primary image of the vector, namely a searching trap door, and sends the primary image to a designated cloud server through a secure channel;
d. testing and matching: the method comprises the steps that an appointed cloud server firstly splits a ciphertext into three components, namely a first component of a keyword ciphertext, a second component of the keyword ciphertext and a random challenge identity, a search trapdoor sent by a data receiver is used for calculating a check bit from the first component of the keyword ciphertext, a left primitive sampling function is used for deriving a secret vector corresponding to a public matrix associated with a random identity according to the random challenge identity, another check bit is calculated from the second component of the keyword ciphertext according to the check bit, and the two check bits and the random challenge identity are combined in an integer rangeComparing; if the data receivers are close enough, the output bit is 1, the test is correct, and the designated cloud server returns the ciphertext information which is associated with the keyword and is searched by the data receiver; otherwise, the test is in error, and the test is finished directly without returning.
Further, the specific method of the step a is as follows:
a1. setting security parameters required by a lattice cryptographic algorithm: setting a safety parameter n, setting a prime number q ═ poly (n), setting an integer m more than or equal to 2nlogq, and settingIs a discrete gaussian noise distribution; meanwhile, a safe Gaussian parameter delta is set for the left pre-image sampling function SampleLeft to operate correctly;
a2. public and private of trap door generation function generation data receiver and cloud serverKey pair: running the trapdoor generation function TrpGen (q, n) produces a uniform random n m matrixCorresponding gridLattice radical isThe trapdoor generation function TrpGen (q, n) is run again to generate a uniform random n × m matrixCorresponding gridLattice radical is
a3. Setting a vector encoding function: two uniform random n × m matrices A are selected1、B1Simultaneously selecting two uniform random n-dimensional matrix vectorsThen the vector coding function is obtained as H:
a4. the common parameter of the construction system is PP ═ Ac,Ar,A1,B1,v1,v2H), secret parameters
Furthermore, the specific method of the step b is as follows:
inputting system common parameters PP, keywords
b1. Calculating the first component of the keyword ciphertext:
b11. calculating a public matrix associated with the keyword by using a vector coding function H to obtain:selecting random bit b from {0,1}, and selecting uniform random n-dimensional vectorSelecting a uniform random m multiplied by m matrix R ← 1,1}m×m
b12. According to discrete Gaussian noise distributionSelection of noise e1,e2←ZqAccording to the discrete Gaussian noise distributionSelecting two m-dimensional noise vectorsSimultaneous calculation of m-dimensional vectorsm dimension
b13. Obtaining a first component of the keyword ciphertext:
b2. computing a second component of the keyword ciphertext:
selecting random identityComputing public matrices associated with random identitiesObtaining a second component of the keyword ciphertext:
b3. cipher text CT of key word sent by data owner { CT1,CT2Id to the cloud server.
Furthermore, the specific method of step c is as follows:
data receiver selects keywordsThe corresponding search trapdoor is generated as follows:
computing matricesRunning left sampled pre-image functionAnd from discrete Gaussian noise distributionsMiddle output primary imageThe public matrix associated with the keywords can be obtained according to the vector coding function HThus, the
According to the receiver willAnd sending the information to the designated cloud server through a secure channel.
Still further, the specific method of step d is as follows:
the designated cloud server firstly splits the ciphertext data CT into CTs1,CT2Id, and performs:
d1. calculating a check bit from a first component of the keyword ciphertext using a search trapdoor sent by the data receiver: computingComparing b' with the integer rangeIf they are close enough, i.e. in the range of integersThe output of the test result is 1, otherwise, the output is 0;
d2. cloud server utilization using random identity idIn a discrete Gaussian noise distributionGeneratingObtaining the public matrix according to the relevance of the vector coding function H and the keywordsThus, theFinally, cloud server computingComparing b 'and b' over a range of integersIf they are close enough, i.e. in the range of integersThe output of the test result is 1, otherwise, the output is 0;
d3. and the cloud server verifies whether b' is equal to b ", if so, the test is returned to be correct, and otherwise, the test is wrong.
The invention has the beneficial effects that the invention provides a lattice cloud storage ciphertext data public key searchable encryption method with privacy protection, belongs to the whole field of network space, and solves the problem of cloud storage ciphertext data search in a quantum computing environment; the method is a cryptographic algorithm designed under a standard model, a random prediction machine is not needed, the security of the designed public key searchable encryption method is reflected more truly, and meanwhile quantum computer attack can be effectively resisted.
Detailed Description
The technical solution of the present invention is described in detail below:
the initial stage of the system: the system firstly sets security parameters required by a grid cryptographic algorithm, and operates a trapdoor generation function to generate a public and private key pair of a data receiver and a cloud server. The system randomly selects two uniform and random n multiplied by m matrixes and two n-dimensional vectors: a special vector encoding function is set.
Keyword ciphertext generation stage: the data owner calculates a public matrix associated with the keyword, and obtains a first component of a keyword ciphertext according to the LWE encryption idea; and the data owner selects a random challenge identity, calculates a public matrix associated with the random challenge identity according to the random challenge identity, and obtains a second component of the keyword ciphertext according to the LWE encryption idea.
A search trapdoor generation phase: and the data receiver utilizes the private key of the data receiver and the known selected vector, utilizes the left primary image sampling function to generate the primary image of the vector, namely the searching trap door, and sends the primary image of the vector to the designated cloud server through the secure channel.
And (3) testing and matching: the designated cloud server firstly splits the ciphertext into three components, calculates check bits from the first ciphertext component by using a search trapdoor sent by a data receiver, and simultaneously calculates check bits according to the random identityDeriving a secret vector corresponding to the public matrix associated with the random identity using the left primitive sampling function, calculating another check bit from the second ciphertext component, and comparing the two check bits with the public matrix in an integer rangeAnd (7) comparing. If they are close enough, the output bit is 1, the test is correct, and the designated cloud server returns the ciphertext information associated with the keyword that the data receiver wants to search. Otherwise, the test is in error and no return is made.
A specific example description is given below:
the symbols used in the implementation are illustrated in the following table:
and (3) under a standard model, storing the ciphertext data public key in a cloud mode and searching the encryption method. The public key searchable encryption method comprises the following basic steps: setup, PEKS, Trapdoor, Test.
The Setup comprises the following four substeps:
(1) for the safety parameter n, a prime number q ═ poly (n) is set, an integer m ≧ 2nlogq is set, andis a discrete gaussian noise distribution. In order for the left pre-image sampling function SampleLeft to function properly, the system sets a safe gaussian parameter δ.
(2) Running the trapdoor generation function TrpGen (q, n) produces a uniform random n m matrixThe corresponding gridLattice radical isTrapGen (q, n) production was also runUniformly random n x m matrixCorresponding gridLattice radical is
(3) Two uniform random n × m matrices A are selected1,B1. Selecting two uniform random n-dimensional matrix vectors simultaneouslySetting a special vector coding function, specifically H:
(4) the system respectively outputs a common parameter PP ═ Ac,Ar,A1,B1,v1,v2H), secret parameters
PEKS input System common parameters PP, keywordsThe data owner generates the ciphertext of the key as follows:
(1) computing public matrix associated with key words by using special vector coding function HSelecting random bit b from {0,1}, and selecting uniform random n-dimensional vectorSelecting a uniform random m multiplied by m matrix R ← 1,1}m×m
(2) According to discrete Gaussian noise distributionSelection of noise e1,e2←ZqAccording to the discrete Gaussian noise distributionSelecting two m-dimensional noise vectorsSimultaneous calculation of m-dimensional vectorsm dimension
(3) Calculating the first component of the keyword ciphertext:
(4) selecting random identityComputing public matrices associated with random identitiesAnd computing a second component of the keyword cipher text
(5) Cipher text CT of key word sent by data owner { CT1,CT2Id to the cloud server.
Trapdoor: data receiver selects keywordsThe corresponding search trapdoor is generated as follows:
(1) computing matricesRunning left sampled pre-image functionAnd from discrete Gaussian noise distributionsMiddle output primary imageIt is noted thatThus, the
(2) The data receiver willAnd sending the information to the designated cloud server through a secure channel.
Test: the designated cloud server firstly splits the ciphertext data CT into CTs1,CT2Id, and performing the following steps:
(1) computingComparing b' with the integer rangeIf they are close enough, i.e. in the range of integersThe output of the test result is 1, otherwise, the output is 0.
(2) Cloud server utilization using random identity idIn a discrete Gaussian noise distributionGeneratingIt is noted thatThus, theFinally, cloud server computingComparing b 'and b' over a range of integersIf they are close enough, i.e. in the range of integersThe output of the test result is 1, otherwise, the output is 0.
(3) And the cloud server verifies whether b' is equal to b ", if so, the test is returned to be correct, and otherwise, the test is wrong.
The correctness derivation of the lattice public key searchable encryption method under the standard model is as follows:
by means of trapdoors Tw′The designated cloud server is capable of computingUsing its own private decryption keyThe cloud server can obtain the left primary image sampling functionIn this way, the cloud server is able to computeDue to the formulaAndare both noise vectors and in order to decrypt correctly it is necessary to ensure that the two noise upper bounds do not exceed q/5. Once decrypted correctly, the cloud server slave component CT1To obtain b' ═ b, and from CT2B ″ -b is obtained in id, and the specified cloud server can verify b ═ b ″, so the cloud server believes the ciphertext CT ═ b ═ CT (CT)1,CT2Id) and search trapdoors T provided by the data receiverw′The keywords are consistent, that is, the keywords selected by the data receiver are consistent with the keywords corresponding to the ciphertext generated by the data owner.
The correctness derivation of the lattice public key searchable encryption method under the standard model is as follows:
by means of trapdoors Tw′The designated cloud server is capable of computingUsing its own private decryption keyThe cloud server can obtain the left primary image sampling functionIn this way, the cloud server is able to computeDue to the formulaAndare both noise vectors and in order to decrypt correctly it is necessary to ensure that the two noise upper bounds do not exceed q/5. Once decrypted correctly, the cloud server slaveComponent CT1To obtain b' ═ b, and from CT2B ″ -b is obtained in id, and the specified cloud server can verify b ═ b ″, so the cloud server believes the ciphertext CT ═ b ═ CT (CT)1,CT2Id) and search trapdoors T provided by the data receiverw′The keywords are consistent, that is, the keywords selected by the data receiver are consistent with the keywords corresponding to the ciphertext generated by the data owner.
The invention provides a searchable encryption method for a public key of grid cloud storage ciphertext data. The cipher algorithm designed by the public key searchable encryption method under the standard model does not need a random prediction machine, so that the safety of the designed public key searchable encryption method is reflected more truly, and meanwhile, the designed cipher algorithm is based on the LWE difficult problem assumption and can effectively resist quantum computer attack. The method needs to appoint a unique cloud server to test and return a corresponding search result, so that any malicious server can not execute the search test operation, and the attack of the malicious server is avoided to a certain extent. And the algorithm can ensure the indistinguishability of the ciphertext. In addition, the method only needs to calculate limited linear algebraic operation in the stage of generating the keyword ciphertext, and does not need modular exponential operation and bilinear pairwise operation with high calculation cost, so that the method has great practical application value in a post-quantum communication environment.

Claims (1)

1. The method for encrypting the ciphertext data public key through the lattice cloud storage under the standard model is characterized by comprising the following steps of:
a. initializing a system: setting security parameters required by a grid cryptographic algorithm, and operating a trapdoor generation function to generate a public and private key pair of a data receiver and a cloud server; simultaneously setting a vector coding function;
the specific method of the step a comprises the following steps:
a1. setting security parameters required by a lattice cryptographic algorithm: setting a safety parameter n, setting a prime number q ═ poly (n), setting an integer m more than or equal to 2nlogq, and settingIs a discrete gaussian noise distribution; meanwhile, a safe Gaussian parameter delta is set for the left pre-image sampling function SampleLeft to operate correctly;
a2. and operating a trapdoor generation function to generate a public and private key pair of the data receiver and the cloud server: running the trapdoor generation function TrpGen (q, n) produces a uniform random n m matrixCorresponding gridLattice radical isThe trapdoor generation function TrpGen (q, n) is run again to generate a uniform random n × m matrixCorresponding gridLattice radical is
a3. Setting a vector encoding function: two uniform random n × m matrices A are selected1、B1Simultaneously selecting two uniform random n-dimensional matrix vectorsThen the vector coding function is obtained as H:
a4. the common parameter of the construction system is PP ═ Ac,Ar,A1,B112H), secret parameters
b. Generating a keyword ciphertext: the data owner calculates a public matrix associated with the keyword according to a vector coding function, and obtains a first component of a keyword ciphertext according to an LWE encryption idea; the data owner selects a random challenge identity, calculates a public matrix associated with the random challenge identity according to the random challenge identity, and obtains a second component of the keyword ciphertext according to the LWE encryption idea; the first component of the keyword ciphertext, the second component of the keyword ciphertext and the random challenge identity form a keyword ciphertext and the keyword ciphertext is sent to the cloud server;
the specific method of the step b is as follows:
inputting system common parameters PP, keywords
b1. Calculating the first component of the keyword ciphertext:
b11. calculating a public matrix associated with the keyword by using a vector coding function H to obtain:selecting random bit b from {0,1}, and selecting uniform random n-dimensional vectorSelecting a uniform random m multiplied by m matrix R ← 1,1}m×m
b12. According to discrete Gaussian noise distributionSelection of noise e1,e2←ZqAccording to the discrete Gaussian noise distributionSelecting two m-dimensional noise vectorsSimultaneous calculation of m-dimensional vectorsm dimension
b13. Obtaining a first component of the keyword ciphertext:
b2. computing a second component of the keyword ciphertext:
selecting random identityComputing public matrices associated with random identitiesObtaining a second component of the keyword ciphertext:
b3. cipher text CT of key word sent by data owner { CT1,CT2Id to cloud server;
c. search trapdoors generate: the data receiver utilizes a private key of the data receiver and a known selected vector, utilizes a left primary image sampling function to generate a primary image of the vector, namely a searching trap door, and sends the primary image to a designated cloud server through a secure channel;
the specific method of the step c comprises the following steps:
data receiver selects keywordsThe corresponding search trapdoor is generated as follows:
computing matricesRunning left sampled pre-image function And from discrete Gaussian noise distributionsMiddle output primary imageThe public matrix associated with the keywords can be obtained according to the vector coding function HThus, the
According to the receiver willSending the information to a designated cloud server through a secure channel;
d. testing and matching: the method comprises the steps that an appointed cloud server firstly splits a ciphertext into three components, namely a first component of a keyword ciphertext, a second component of the keyword ciphertext and a random challenge identity, a search trapdoor sent by a data receiver is used for calculating a check bit from the first component of the keyword ciphertext, a left primitive sampling function is used for deriving a secret vector corresponding to a public matrix associated with a random identity according to the random challenge identity, another check bit is calculated from the second component of the keyword ciphertext according to the secret vector, and the another check bit is calculated from an integer of the second component of the keyword ciphertextWithin range, the two check bits are AND-edComparing; if the data receivers are close enough, the output bit is 1, the test is correct, and the designated cloud server returns the ciphertext information which is associated with the keyword and is searched by the data receiver; otherwise, the test is in error, and the process is finished directly without returning;
the specific method of the step d is as follows:
the designated cloud server firstly splits the ciphertext data CT into CTs1,CT2Id, and performs:
d1. calculating a check bit from a first component of the keyword ciphertext using a search trapdoor sent by the data receiver: computingComparing b' with the integer rangeIf they are close enough, i.e. in the range of integersThe output of the test result is 1, otherwise, the output is 0;
d2. cloud server utilization using random identity idIn a discrete Gaussian noise distributionGeneratingObtaining the public matrix according to the relevance of the vector coding function H and the keywordsThus, theFinally, cloud server computingComparing b 'and b' over a range of integersIf they are close enough, i.e. in the range of integersThe output of the test result is 1, otherwise, the output is 0;
d3. and the cloud server verifies whether b' is equal to b ", if so, the test is returned to be correct, and otherwise, the test is wrong.
CN201710091523.5A 2017-02-20 2017-02-20 Searchable encryption method for cipher text data public key stored in cloud on grid under standard model Active CN106789044B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710091523.5A CN106789044B (en) 2017-02-20 2017-02-20 Searchable encryption method for cipher text data public key stored in cloud on grid under standard model

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710091523.5A CN106789044B (en) 2017-02-20 2017-02-20 Searchable encryption method for cipher text data public key stored in cloud on grid under standard model

Publications (2)

Publication Number Publication Date
CN106789044A CN106789044A (en) 2017-05-31
CN106789044B true CN106789044B (en) 2019-12-27

Family

ID=58957435

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710091523.5A Active CN106789044B (en) 2017-02-20 2017-02-20 Searchable encryption method for cipher text data public key stored in cloud on grid under standard model

Country Status (1)

Country Link
CN (1) CN106789044B (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108183791B (en) * 2017-12-11 2020-06-26 北京航空航天大学 Intelligent terminal data security processing method and system applied to cloud environment
CN110138752B (en) * 2019-04-19 2021-08-13 北京信息科学技术研究院 Lattice-based public key encryption method
CN110266490B (en) * 2019-07-25 2023-04-21 西南石油大学 Keyword ciphertext generation method and device of cloud storage data
CN111917547B (en) * 2020-07-24 2021-06-01 北京科技大学 Trap door binary one-way function-based broadcast encryption method and device
CN112257096B (en) * 2020-11-23 2022-09-27 中电万维信息技术有限责任公司 Searching method for cloud storage ciphertext encrypted data
CN113657322B (en) * 2021-08-23 2022-06-17 广东君略科技咨询有限公司 Face recognition method and system based on public key ciphertext comparison
CN113810416B (en) * 2021-09-17 2023-07-04 福建师范大学 Public key searchable encryption method based on SM2 public key encryption algorithm
CN114095170B (en) * 2022-01-20 2022-05-27 北京信安世纪科技股份有限公司 Data processing method, device, system and computer readable storage medium
CN114422273B (en) * 2022-03-29 2022-06-17 四川高速公路建设开发集团有限公司 Sensitive decision data safety sharing method in intelligent construction engineering information system
CN114679272B (en) * 2022-05-27 2022-09-20 浙江九州量子信息技术股份有限公司 Cloud storage system and method using quantum key encryption
CN115037556B (en) * 2022-08-09 2022-11-11 晨越建设项目管理集团股份有限公司 Authorized sharing method for encrypted data in smart city system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103023637A (en) * 2012-12-25 2013-04-03 电子科技大学 Encryption and search method for revocable keyword search public keys in cloud storage
CN104852801A (en) * 2015-02-13 2015-08-19 陕西师范大学 Searchable public key encryption method
CN104994110A (en) * 2015-07-16 2015-10-21 电子科技大学 Method for assigning verifier for auditing cloud storage data
CN105007161A (en) * 2015-06-12 2015-10-28 电子科技大学 Fuzzy keyword public key searchable encryption scheme achieving unrecognizable trap door

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103023637A (en) * 2012-12-25 2013-04-03 电子科技大学 Encryption and search method for revocable keyword search public keys in cloud storage
CN104852801A (en) * 2015-02-13 2015-08-19 陕西师范大学 Searchable public key encryption method
CN105007161A (en) * 2015-06-12 2015-10-28 电子科技大学 Fuzzy keyword public key searchable encryption scheme achieving unrecognizable trap door
CN104994110A (en) * 2015-07-16 2015-10-21 电子科技大学 Method for assigning verifier for auditing cloud storage data

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于格上困难问题的新型密码算法设计及应用研究;张晓均;《中国博士学位论文全文数据库 信息科技辑》;20161015(第10期);正文第2-3章 *

Also Published As

Publication number Publication date
CN106789044A (en) 2017-05-31

Similar Documents

Publication Publication Date Title
CN106789044B (en) Searchable encryption method for cipher text data public key stored in cloud on grid under standard model
CN110008717B (en) Decision tree classification service system and method supporting privacy protection
CN107256248B (en) Wildcard-based searchable encryption method in cloud storage security
CN107196926B (en) Cloud outsourcing privacy set comparison method and device
CN109831430B (en) Safe, controllable and efficient data sharing method and system under cloud computing environment
CN111510281B (en) Homomorphic encryption method and device
CN103259660B (en) Based on the image authentication method of phase recovery and ECDSA
Cheon et al. Ghostshell: Secure biometric authentication using integrity-based homomorphic evaluations
EP2965462A1 (en) Privacy-preserving ridge regression using partially homomorphic encryption and masks
CN110826089B (en) Verifiable outsourcing computing method, client and cloud computing system for realizing safety and high efficiency of large-scale matrix multiplication
CN111902809B (en) Ciphertext searching method, device, equipment and storage medium based on CP-ABE under fog calculation
CN110866135B (en) Response length hiding-based k-NN image retrieval method and system
KR20160131798A (en) Method and system for additive homomorphic encryption scheme with error detection functionality
WO2014132552A1 (en) Order-preserving encryption system, device, method, and program
JP2017194521A (en) Key exchange method and key exchange system
CN109120606B (en) Method and device for processing characteristic attribute with privacy protection
Wang et al. A faster fully homomorphic encryption scheme in big data
CN109981265A (en) A kind of ciphertext equivalence determination method without using Bilinear map of identity-based
WO2014030706A1 (en) Encrypted database system, client device and server, method and program for adding encrypted data
Cheng et al. Public key authenticated encryption with keyword search from LWE
JP6368047B2 (en) Key exchange method, key exchange system, key distribution device, representative communication device, general communication device, and program
CN116170142B (en) Distributed collaborative decryption method, device and storage medium
Feng et al. Efficient and verifiable outsourcing scheme of sequence comparisons
CN115021993B (en) Verifiable public key searchable encryption system and method
CN113343258B (en) Attribute-based agent re-encryption method applicable to lattice-based ciphertext strategy shared by body test result cloud

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant