CN106850652A - One kind arbitration can search for encryption method - Google Patents

One kind arbitration can search for encryption method Download PDF

Info

Publication number
CN106850652A
CN106850652A CN201710094114.0A CN201710094114A CN106850652A CN 106850652 A CN106850652 A CN 106850652A CN 201710094114 A CN201710094114 A CN 201710094114A CN 106850652 A CN106850652 A CN 106850652A
Authority
CN
China
Prior art keywords
user
data
mediator
calculate
search
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710094114.0A
Other languages
Chinese (zh)
Other versions
CN106850652B (en
Inventor
周静
肖敏
蒋明达
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangzhou Dayu Chuangfu Technology Co ltd
Original Assignee
Chongqing University of Post and Telecommunications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chongqing University of Post and Telecommunications filed Critical Chongqing University of Post and Telecommunications
Priority to CN201710094114.0A priority Critical patent/CN106850652B/en
Publication of CN106850652A publication Critical patent/CN106850652A/en
Application granted granted Critical
Publication of CN106850652B publication Critical patent/CN106850652B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/088Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

Encryption method is can search for the present invention relates to one kind arbitration, methods described includes:S1:System initialization;S2:Keyword is encrypted;S3:Data encryption;S4:User key is generated;S5:The Trapdoor generations of search trapdoor;S6:Search data;S7:Data deciphering;S8:User cancels.The arbitration that the present invention is provided can search for encryption method, it would be preferable to support online offline encryption and arbitration encryption, it is adaptable to which mobile cloud computing environment simultaneously realizes instant user right revocation.

Description

One kind arbitration can search for encryption method
Technical field
The invention belongs to the safety storage of data and information search field, it is related to a kind of arbitration to can search for encryption method.
Background technology
With the fast development and extensive use of the technologies such as big data, cloud computing, Internet of Things, the magnanimity that a large number of users is produced Data can be uploaded on Cloud Server and be stored or calculated, and home server or PC are solved with this And calculating and the not enough problem of storage resource of the equipment such as mobile terminal.Wherein, technology of Internet of things causes more intelligence eventually End adds internet, and along with the incoming high in the clouds of more data.However, when user data upload to third-party server When, user just loses the direct control to data, and most of existing third-party server by commercial company's operation, so The safety and privacy of data face greatly challenge, the video figure that such as personal electric medical records, home intelligent terminal are uploaded As etc., it has been related to the every aspect of people's life.When these sensitive datas are compromised, to the life even life of people Can threaten.
Traditional access control technology and encryption technology is the main method that user protects data privacy.One effective Access control mechanisms need to be performed by a complete believable server and believable administrative staff, user and data storage Size turns into the bottleneck of system availability, is inapplicable to existing cloud computing environment.Encryption technology is provided for user data Stronger protection, traditional public key cryptography or symmetric cryptographic technique to mass users in the influence for completing information sharing very Greatly, because key management is one of key issue, and may be needed to different with portion file generated for different users Ciphertext, to guarantee data security, increased carrying cost and calculate cost.In addition, when magnanimity information is with the shape of ciphertext Formula is stored when beyond the clouds, and fileinfo is hidden, and user may be needed to download a number of ciphertext, and him can be just found after decryption File destination, such cost consumption is burdensome domestic consumer under cloud computing environment.In sum, counting greatly According under, the technical background of cloud computing, traditional access control mechanisms can not provide the access of user's fine granularity, and encryption technology is not supported The fine-grained file search of user.
Based on above-mentioned two problems, it would be desirable on the premise of data safety is ensured so that user can rapidly be carried out Information search.Encryption attribute (Attribute-Based Encryption, ABE) is that a kind of fine granularity based on strategy accesses control Encryption method processed, the method has scalability and the access control mechanisms of one-to-many encryption is realized under distributed environment, fits For solving data-privacy safety problem in cloud environment.ABE point be based on key strategy ABE (Key-Policy ABE, KP-ABE) and the ABE based on Ciphertext policy (CP-ABE), the former property set is related to key, and the latter's property set is related to ciphertext. From from the perspective of data owner, it is more suitable for carrying out the access control of data using CP-ABE, can freely defines with which The user of a little attributes can access this document.Because the authority of each user is associated with the attribute of itself, if data The person of gathering around changes the access strategy that ciphertext is based on so that some users are accessed it there is no authority.Existing properties secret Research, author Luan I etc. are in document " Mediated Ciphertext-Policy Attribute-Based Encryption In an and Its Application " texts, it is proposed that the encryption attribute mechanism with arbitration, it is proposed that cipher key separation, realize i.e. When user revocation;Author Hohenberger S etc. are in document " Online/Offline Attribute-Based The online offline encryption based on properties secret is proposed in Encryption " so that fine-grained access control technology is applied to In mobile cloud environment.Chinese patent CN103179114A proposes the side that data fine-granularity access control is realized in a kind of cloud storage Method, realizes the authority revocation of user, but does not account for outsourcing decryption;Based on encryption attribute mechanism, patent CN105592100A Effective method is provided to the secret protection of big data with CN104901942A, and all take into account outsourcing decryption and user removes Pin, but can not on the encrypted data realize function of search, it is impossible to realize that efficient user utilizes.
The method that can search for a kind of encryption technology enterprising row information retrieval of data in ciphertext form for people provide, The situation of data file encryption key message is not revealed, also ensure that the search privacy of user.According to the difference of applied environment, can Search encryption technology can be used for personal storage and information sharing, wherein, information sharing has two kinds of situations, and one is that individual data is gathered around The person of having supplies information to multiple users, and another is that multiple data owners supply information to multiple users.Searched existing It is most of all to have only taken into account data retrieval in rope encipherment scheme, that is, when searching file destination, file is returned to, use biography System encryption method is decrypted the key management overhead, it is necessary to extra, and can not provide fine-grained access control.Currently grind Study carefully and a kind of controllable can verify that multi-user end can search for encrypting searching method, branch as Chinese patent CN105763324A is proposed Hold multi-user search and fine-granularity access control, and information integrity verification.But user is needed to data clear text and key Word uses different encryption methods, the calculating task of the data owner of exacerbation;CN105897419A proposes a kind of multi-user Dynamic keyword word can search for encryption method, but not account for user's revocation and data encryption;CN104780161A proposes one Encryption method can search for based on multi-user in kind of cloud storage, but fine granularity control is not carried out to user, and do not examine Consider data encryption.Additionally, author Wenhai Sun etc. are in document " Protecting your right:Attribute- based keyword search with fine-grained owner-enforced search authorization in The encryption mechanism that can search for based on properties secret is proposed in the cloud ", user property revocation is supported, but needs to update institute There is legal private key for user and ciphertext so that the efficiency of system is not high enough.
The content of the invention
In view of this, can search for encryption method it is an object of the invention to provide one kind arbitration, it would be preferable to support online offline Encryption and arbitration encryption, it is adaptable to which mobile cloud computing environment simultaneously realizes instant user right revocation.
To reach above-mentioned purpose, the present invention provides following technical scheme:
One kind arbitration can search for encryption method, and methods described includes:
S1:System initialization, credible attribute authority AA generation system common parameters, the system common parameter includes each The public private key-pair of attribute and the public private key-pair of arbitration side Mediator;
S2:Keyword is encrypted, data owner's cryptography key word, and the keyword after encryption in the form of Security Index Store on Cloud Server;
S3:Data encryption, data owner's encryption file, and the data after encryption are stored to cloud clothes in the form of ciphertext On business device;
S4:User key is generated, and AA distributes a global private key to validated user, and the authority based on user is generated to it Attribute private key, wherein attribute private key include two parts, are sent respectively to user and corresponding Mediator;
S5:Search trapdoor Trapdoor generation, user sends searching request to Mediator, and is generated under its assistance and have The search trapdoor of effect;
S6:Search data, Trapdoor is sent to Cloud Server by Mediator, and the property set of and if only if user meets When keyword in access structure in Security Index, and search trapdoor is identical with the keyword in Security Index, Mediator The data ciphertext that could be returned from Cloud Server;
S7:Data deciphering, Mediator carries out pre- decryption to the ciphertext for obtaining, and obtains decrypted token, and send it to Corresponding user, then user decrypted token is decrypted with its private value, obtain data clear text;
S8:User cancels, and when the authority of user changes, arbitration does not assist user to generate effective search trapdoor, Prevent it from retrieving associated data set.
Further:The step S1 comprises the following steps:
S11:AA is initialized, and is input into the public private key-pair of security parameter, generation system common parameter, including each attribute;
S12:Mediator is initialized, and is input into common parameter, and AA generates the public private key-pair of Mediator.
Further:The step S2 comprises the following steps:
S21:Offline keyword encryption, data owner receives system common parameter from AA, generates middle security rope Draw II;
Wherein, step S21 comprises the following steps:
S211:From set of digits ZpMiddle selection random number s is used as encryption exponent;
S212:Selection random number vk∈Zp, wherein k ∈ { 1 ..., 3n };
S213:Calculate
S214:Output middle security index II;
S22:Online keyword encryption, input common parameter, keyword, access structure and middle security index, data Owner generates complete Security Index;
Wherein step S22 comprises the following steps:
S221:Data owner obtains middle security index II from step S21;
S222:Data owner is based on global property collection N, gives data definition one access structure GT=∧i∈N i, GT is by threshold Door " AND " is represented;
S223:Calculate Di,1And Di,2
S224:Output safety indexes CTw
S225:Data owner is Security Index CTwUpload on Cloud Server;
S23:Based on the user for allowing the access data set, calculate
S24:Output user list UL;
S25:Based on Mediator corresponding with data owner, calculate
S26:Data owner by user list UL andIt is uploaded to related Mediator.
Further:The step S3 comprises the following steps:
S31:Off-line data is encrypted, and data owner receives the public key of system common parameter and each attribute from AA, Generation intermediate data ciphertext IC;
Wherein, step S31 comprises the following steps:
S311:From set of digits ZpMiddle selection random number smAs encryption exponent;
S312:Selection random number hk∈Zp, wherein k ∈ { 1 ..., 3n };
S313:Calculate
S314:Output intermediate data ciphertext IC;
S32:Online file encryption, input common parameter, keyword, access structure, data clear text and intermediate data are close Text, data owner generates complete data ciphertext;
Wherein, step S32 comprises the following steps:
S321:Data owner obtains intermediate data ciphertext IC from step S31;
S322:The access structure GT that data owner obtains from step S222;
S323:Calculate Ci,1And Ci,2
S324:Output data ciphertext CTm
S325:Data owner is data ciphertext CTmUpload on Cloud Server.
Further:The step S4 comprises the following steps:
S41:User adds system, and the property set S for submitting identity information GID to AA and its possessing is registered;
S42:The legitimacy of AA certification users;
S43:It is user generation attribute private key and global private key if user is legal;If the user is illegal, refuse Addition system;
S44:AA carries out cipher key separation to the attribute private key of user, and is distributed to user and corresponding Mediator.
Further:The step S5 comprises the following steps:
S51:User sends data search request to Mediator;
S52:Whether Mediator checkings user GID belongs to user's revocation list UL;
S53:If user is not belonging to UL, continue following operation;If user belongs to UL, Mediator terminates operation;
S54:Mediator retrieves the attribute private key of user, the middle trapdoor T at generation Mediator endsmed, and be sent to To user;
Wherein S54 comprises the following steps:
S541:Choose random number β ∈ Zp
S542:Calculate Q1, to i ∈ N, calculate Qi,1, QFi,1
S543:Output Tmed
S55:Then user is based on middle trapdoor Tmed, generate the middle trapdoor T of user terminalu, and be returned to Mediator;
Wherein S55 comprises the following steps:
S551:Calculate Q1,T1, to i ∈ N, calculate Ti,1,TFi,1,Qi,2,QFi,2
S552:Output Tu
S56:Mediator is based on the middle trapdoor T of user terminalu, complete search trapdoor T is generated, send it to cloud clothes Business device;
Wherein S56 comprises the following steps:
S561:Based on the random number β ∈ Z that S541 choosesp, calculate T0,To i ∈ N, T is calculatedi,2,TFi,2
S562:Output T;
S57:Then T is sent to Cloud Server by Mediator.
Further:The step S6 comprises the following steps:
S61:Cloud Server receives the search trapdoor from Mediator, starts to retrieve corresponding data set;
S62:Cloud Server is matched using search trapdoor with Security Index, if the attribute set of user meets safety cable Keyword in access structure in drawing, and search trapdoor is identical with the keyword in Security Index, then return to the index right The data ciphertext CT for answeringdataTo Mediator;If it is not satisfied, being then returned as sky;
Wherein step S62 comprises the following steps:
S621:Make the attribute set I={ i in access structure GT:I ∈ N }, andIf according to access structure GT, to i ∈ I, carry out pairing computing e (Di,Ti,1) and e (Di,Ti,2);To i ∈ N/I, pairing computing e (D are carried outi,TFi,1) and e (Di, TFi,2);
S622:Then server distinguishes evaluatorWithAnd verify equationWhether set up;
S623:If so, then return to corresponding data ciphertext CTdata;If not, then it is returned as sky.
Further:The step S7 comprises the following steps:
S71:Mediator receives the ciphertext CT of Cloud Server returndata
S72:Mediator is utilized and is decrypted generation decrypted token CT in advance with the information of user mutualtoken
Wherein, S72 comprises the following steps:
S721:Calculate Q1';
S722:Calculate Qi,1',QFi,1';
S723:CalculateWith
S724:Calculate
S725:Output CTtoken, and it is returned to user;
S73:User receives CTtoken, and decryption obtains m.
Further:The step S8 comprises the following steps:
S81:When the authority of user changes, data owner updates user list UL, and is sent to correspondence again Mediator;
S82:User GID is to Mediator request search trapdoors;
S83:IfThen Mediator refusals cooperate therewith the effective search trapdoor of generation, while deleting user The attribute private key of UID.
The beneficial effects of the present invention are:
Encryption attribute mechanism and arbitration encryption mechanism based on on-line/off-line, the present invention propose one and are applied to mist meter The arbitration for calculating environment can search for encryption mechanism.Mediator is half credible mist node during mist is calculated, and supports decryption outsourcing and height User's revocation of effect.The present invention is based on same key pair, i.e., encrypted data clear text and keyword using same access structure, uses Family and arbitration can be decrypted using search trapdoor to Security Index and data ciphertext.Online offline encryption mechanism causes this Invention goes for computing resource and the small mobile terminal of storage resource.
In the present invention, the private key of user is divided into user terminal private key and Mediator ends private key using cipher key separation, its Middle user terminal private key is stored by user, and Mediator ends private key is preserved by Mediator.Therefore, user and Mediator have There are the decryption capabilities of part, but the side of any of which one does not possess the ability of complete decrypting ciphertext.User is Mediator's Assist lower generation search trapdoor, and the attribute of and if only if user meets access structure in Security Index, and search trapdoor In keyword it is identical with keyword in Security Index when, user can just obtain decrypted token and correct decrypting ciphertext.The present invention The characteristics of taking full advantage of mist and calculate, decrypting ciphertext during most of workload all entrust and give Mediator, and Mediator can only part decrypting ciphertext, improve decryption efficiency simultaneously ensure that system safety.When data owner updates the data After the user list of collection, user right changes, and the user not in user list can not interact with Mediator Produce effectively search trapdoor.
Brief description of the drawings
In order that the purpose of the present invention, technical scheme and beneficial effect are clearer, the present invention provides drawings described below and carries out Explanation:
Fig. 1 is FB(flow block) of the invention;
Fig. 2 is System Initialization Procedure figure;
Fig. 3 is that Security Index generates flow chart;
Fig. 4 is data ciphertext product process figure;
Fig. 5 is private key for user product process figure;
Fig. 6 is search trapdoor product process figure;
Fig. 7 is search matching process flow chart;
Fig. 8 is data deciphering flow chart;
Fig. 9 is that user cancels flow chart.
Specific embodiment
Below in conjunction with accompanying drawing, the preferred embodiments of the present invention are described in detail.
Online offline based on arbitration attribute that the present invention is provided can search for encryption mechanism, comprise the following steps, referring to Fig. 1:
S1:System initialization, generation system common parameter (including public private key-pair of each attribute) and Mediator's Public private key-pair, referring to Fig. 2;
Further, the step S1 comprises the following steps:
S11:System initialization, is input into security parameter λ, generates system common parameter, and system master key, wherein system are public Parameter includes that two ranks are the Bilinear Groups G and G of pT, generation unit g and bilinear map e in G:G×G→GT, hash function H: {0,1}*→Zp, and each attribute public private key-pair, make i represent attribute, selection random number t1,...,t3n∈Zp, calculateWherein k ∈ 1 ..., 3n }.Then y ∈ Z are chosenp, calculate Y=e (g, g)y.Output common parameter PP=(p, g, H, Y,{A1,...,A3n), master key MSK=(y, { t1,...,t3n});
S12:Selection γ ∈ Zp, calculate PPmed=Yγ, the public private key-pair for exporting Mediator is (γ, PPmed)。
S2:Keyword is encrypted, data owner's cryptography key word, and the keyword after encryption in the form of Security Index Store on Cloud Server, referring to Fig. 3;
Further, the step S2 comprises the following steps:
S21:Data owner receives system common parameter PP from AA;
S22:Selection random number s ∈ Zp, calculate D0=Ys, and
S23:Data owner is based on global property collection N, for k ∈ { 1 ..., 3n }, selection random number vk∈Zp, calculateOutput IIatt=({ vk,Dk}k∈{1,...,3n})。
S25:Output middle security index
S26:Data owner determines an access structure GT and keyword w, and is randomly choosed according to GTAnd calculateEspecially, for i' ∈ N, calculateDi',2=(s-vi')/H(w)。
S27:Output safety is indexed
S28:Based on Mediator corresponding with data owner, calculate
S29:Data owner willIt is uploaded to related Mediator.
S3:Data encryption, data owner's encryption file, and the file after encryption is stored to cloud clothes in the form of ciphertext On business device, referring to Fig. 4;
Further, the step S3 comprises the following steps:
S31:Data owner receives system common parameter PP from AA;
S32:Selection random number sm∈Zp, calculateWith
S33:Data owner is based on global property collection N, for k ∈ { 1 ..., 3n }, selection random number hk∈Zp, calculateOutput ICatt=({ hk,Ck}k∈{1,...,3n});
S34:Output intermediate ciphertext
S35:Based on the GT in step S26 and keyword w, selectionAnd calculateEspecially, for i' ∈ N, calculateCi',2=(sm-hi')/H (w), so After calculate Cm=mC0
S36:Output data ciphertext
S37:Export complete ciphertext CT=(GT, CTw,CTm), and it is uploaded to Cloud Server.
S4:User key is generated, and AA distributes a global private key to validated user, and the authority based on user is generated to it Attribute private key, wherein attribute private key include two parts, user and corresponding Mediator are sent respectively to, referring to Fig. 5;
Further, the step S4 comprises the following steps:
S41:User adds system, and the property set S for submitting identity information GID to AA and possessing is registered;
S42:The legitimacy of AA certification users;
S43:It is user generation attribute private key and global private key if user is legal;If the user is illegal, refuse Addition system.Selection random number u ∈ Zp, calculate client public key PPUID=Yu
S44:Choose random number ri,xi∈Zp, calculate And
S45:Calculate K1=gy-r, wherein
S46:OutputAndWherein
S47:Data owner calculatesAnd export user listAnd upload To corresponding Mediator.
S5:Search trapdoor (Trapdoor) generation, user sends searching request to Mediator, and is generated under its assistance Effective search trapdoor, referring to Fig. 6.
Further, the step S5 comprises the following steps:
S51:User sends data search request to Mediator;
S52:Whether Mediator checkings user GID belongs to user's revocation list (UL);
S53:If user is not belonging to UL, continue following operation;If user belongs to UL, Mediator terminates operation;
S54:Mediator retrieves the attribute private key of user, selection random number β ∈ Zp, calculateWith
S55:Output Mediator ends trapdoor shares Tmed=(Q1,{Qi,1,QFi,1}i∈N), and send it to application Family;
S56:User receives Mediator ends trapdoors TmedAfterwards, selection random number α ∈ Zp, and calculate Q0=u+ α,Then calculateEspecially,
S57:Output Tu=(Q0,T1,{Ti,1,TFi,1,Qi,2,QFi,2}i∈N), and send it to Mediator;
S58:Random number β ∈ Z based on S54 selectionsp, and the γ ∈ Z that S12 is selectedp, calculate T0=β Q0+ γ,Then calculate
S59:Output complete search trapdoorAnd send it to Cloud Server.
S6:Search data, Trapdoor is sent to Cloud Server by Mediator, and the property set of and if only if user meets When keyword in access structure in Security Index, and search trapdoor is identical with keyword in Security Index, Mediator is The data ciphertext that can be returned from Cloud Server, referring to Fig. 7.
Further, the step S6 comprises the following steps:
S61:Cloud Server receives the search trapdoor from Mediator, starts to retrieve corresponding data set;
S62:Cloud Server is matched using search trapdoor with Security Index, is calculated Belong to GT for attribute i, calculateWithGT is not belonging to for attribute i, is calculatedWith
S63:Cloud Server is calculatedWithWhether checking following equalities are set up
Wherein for b ∈ { 1,2 }, have
S64:If equation is set up, Cloud Server is calculatedOutput data ciphertextAnd send it to Mediator.
S7:Data deciphering, Mediator carries out pre- decryption to the ciphertext for obtaining, and obtains decrypted token, and send it to Corresponding user, then user decrypted token is decrypted with its private value, data clear text is obtained, referring to Fig. 8.
Further, the step S7 comprises the following steps:
S71:Mediator receives data ciphertext CTdata, calculate decrypted token.Calculate first Then belong to GT for i, calculateIt is not belonging to for i GT, calculatesFinally calculate
Output decrypted tokenAnd it is sent to user;
S72:User is calculated using the random private value of oneselfObtain plaintext m.
S8:User cancels, and when the authority of user changes, arbitration does not assist user to generate effective search trapdoor, Prevent it from retrieving associated data set, referring to Fig. 9.
The beneficial effects of the present invention are:
Encryption attribute mechanism and arbitration encryption mechanism based on on-line/off-line, the present invention propose one and are applied to mist meter The arbitration for calculating environment can search for encryption mechanism.Mediator is half credible mist node during mist is calculated, and supports decryption outsourcing and height User's revocation of effect.The present invention is based on same key pair, i.e., encrypted data clear text and keyword using same access structure, uses Family and arbitration can be decrypted using search trapdoor to Security Index and data ciphertext.Online offline encryption mechanism causes this Invention goes for computing resource and the small mobile terminal of storage resource.
In the present invention, the private key of user is divided into user terminal private key and Mediator ends private key using cipher key separation, its Middle user terminal private key is stored by user, and Mediator ends private key is preserved by Mediator.Therefore, user and Mediator have There are the decryption capabilities of part, but the side of any of which one does not possess the ability of complete decrypting ciphertext.User is Mediator's Assist lower generation search trapdoor, and the attribute of and if only if user meets access structure in Security Index, and search trapdoor In keyword it is identical with keyword in Security Index when, user can just obtain decrypted token and correct decrypting ciphertext.The present invention The characteristics of taking full advantage of mist and calculate, decrypting ciphertext during most of workload all entrust and give Mediator, and Mediator can only part decrypting ciphertext, improve decryption efficiency simultaneously ensure that system safety.When data owner updates the data After the user list of collection, user right changes, and the user not in user list can not interact with Mediator Produce effectively search trapdoor.
Finally illustrate, preferred embodiment above is merely illustrative of the technical solution of the present invention and unrestricted, although logical Cross above preferred embodiment to be described in detail the present invention, it is to be understood by those skilled in the art that can be Various changes are made to it in form and in details, without departing from claims of the present invention limited range.

Claims (9)

1. a kind of arbitration can search for encryption method, it is characterised in that methods described includes:
S1:System initialization, credible attribute authority AA generation system common parameters, the system common parameter includes each attribute Public private key-pair and arbitration side Mediator public private key-pair;
S2:Keyword is encrypted, data owner's cryptography key word, and the keyword after encryption is stored in the form of Security Index Onto Cloud Server;
S3:Data encryption, data owner's encryption file, and the data after encryption are stored to Cloud Server in the form of ciphertext On;
S4:User key is generated, and AA distributes a global private key to validated user, and the authority based on user generates attribute to it Private key, wherein attribute private key include two parts, are sent respectively to user and corresponding Mediator;
S5:Search trapdoor Trapdoor generations, user sends searching request to Mediator, and is generated under its assistance effective Search trapdoor;
S6:Search data, Trapdoor is sent to Cloud Server by Mediator, and the property set of and if only if user meets safety When keyword in access structure in index, and search trapdoor is identical with the keyword in Security Index, Mediator ability From the data ciphertext that Cloud Server is returned;
S7:Data deciphering, Mediator carries out pre- decryption to the ciphertext for obtaining, and obtains decrypted token, and send it to correspondence User, then user decrypted token is decrypted with its private value, obtain data clear text;
S8:User cancels, and when the authority of user changes, arbitration does not assist user to generate effective search trapdoor, makes it Associated data set can not be retrieved.
2. method according to claim 1, it is characterised in that:The step S1 comprises the following steps:
S11:AA is initialized, and is input into the public private key-pair of security parameter, generation system common parameter, including each attribute;
S12:Mediator is initialized, and is input into common parameter, and AA generates the public private key-pair of Mediator.
3. method according to claim 1, it is characterised in that:The step S2 comprises the following steps:
S21:Offline keyword encryption, data owner receives system common parameter, generation middle security index II from AA;
Wherein, step S21 comprises the following steps:
S211:From set of digits ZpMiddle selection random number s is used as encryption exponent;
S212:Selection random number vk∈Zp, wherein k ∈ { 1 ..., 3n };
S213:Calculate
S214:Output middle security index II;
S22:Online keyword encryption, input common parameter, keyword, access structure and middle security index, data possess Person generates complete Security Index;
Wherein step S22 comprises the following steps:
S221:Data owner obtains middle security index II from step S21;
S222:Data owner is based on global property collection N, gives data definition one access structure GT=∧i∈N i, GT is by threshold gate " AND " is represented;
S223:Calculate Di,1And Di,2
S224:Output safety indexes CTw
S225:Data owner is Security Index CTwUpload on Cloud Server;
S23:Based on the user for allowing the access data set, calculate
S24:Output user list UL;
S25:Based on Mediator corresponding with data owner, calculate
S26:Data owner by user list UL andIt is uploaded to related Mediator.
4. method according to claim 1, it is characterised in that:The step S3 comprises the following steps:
S31:Off-line data is encrypted, and data owner receives the public key of system common parameter and each attribute from AA, is generated Intermediate data ciphertext IC;
Wherein, step S31 comprises the following steps:
S311:From set of digits ZpMiddle selection random number smAs encryption exponent;
S312:Selection random number hk∈Zp, wherein k ∈ { 1 ..., 3n };
S313:Calculate
S314:Output intermediate data ciphertext IC;
S32:Online file encryption, input common parameter, keyword, access structure, data clear text and intermediate data ciphertext, number Complete data ciphertext is generated according to owner;
Wherein, step S32 comprises the following steps:
S321:Data owner obtains intermediate data ciphertext IC from step S31;
S322:The access structure GT that data owner obtains from step S222;
S323:Calculate Ci,1And Ci,2
S324:Output data ciphertext CTm
S325:Data owner is data ciphertext CTmUpload on Cloud Server.
5. method according to claim 1, it is characterised in that:The step S4 comprises the following steps:
S41:User adds system, and the property set S for submitting identity information GID to AA and its possessing is registered;
S42:The legitimacy of AA certification users;
S43:It is user generation attribute private key and global private key if user is legal;If the user is illegal, refusal is added System;
S44:AA carries out cipher key separation to the attribute private key of user, and is distributed to user and corresponding Mediator.
6. method according to claim 1, it is characterised in that:The step S5 comprises the following steps:
S51:User sends data search request to Mediator;
S52:Whether Mediator checkings user GID belongs to user's revocation list UL;
S53:If user is not belonging to UL, continue following operation;If user belongs to UL, Mediator terminates operation;
S54:Mediator retrieves the attribute private key of user, the middle trapdoor T at generation Mediator endsmed, and send it to use Family;
Wherein S54 comprises the following steps:
S541:Choose random number β ∈ Zp
S542:Calculate Q1, to i ∈ N, calculate Qi,1, QFi,1
S543:Output Tmed
S55:Then user is based on middle trapdoor Tmed, generate the middle trapdoor T of user terminalu, and it is returned to Mediator;
Wherein S55 comprises the following steps:
S551:Calculate Q1,T1, to i ∈ N, calculate Ti,1,TFi,1,Qi,2,QFi,2
S552:Output Tu
S56:Mediator is based on the middle trapdoor T of user terminalu, complete search trapdoor T is generated, send it to Cloud Server;
Wherein S56 comprises the following steps:
S561:Based on the random number β ∈ Z that S541 choosesp, calculate T0,To i ∈ N, T is calculatedi,2,TFi,2
S562:Output T;
S57:Then T is sent to Cloud Server by Mediator.
7. method according to claim 1, it is characterised in that:The step S6 comprises the following steps:
S61:Cloud Server receives the search trapdoor from Mediator, starts to retrieve corresponding data set;
S62:Cloud Server is matched using search trapdoor with Security Index, if during the attribute set of user meets Security Index Access structure, and search trapdoor in keyword it is identical with the keyword in Security Index, then return to the index corresponding Data ciphertext CTdataTo Mediator;If it is not satisfied, being then returned as sky;
Wherein step S62 comprises the following steps:
S621:Make the attribute set I={ i in access structure GT:I ∈ N }, andIf according to access structure GT, to i ∈ I, Carry out pairing computing e (Di,Ti,1) and e (Di,Ti,2);To i ∈ N/I, pairing computing e (D are carried outi,TFi,1) and e (Di,TFi,2);
S622:Then server is calculated respectivelyWithAnd verify equation Whether set up
S623:If so, then return to corresponding data ciphertext CTdata;If not, then it is returned as sky.
8. method according to claim 1, it is characterised in that:The step S7 comprises the following steps:
S71:Mediator receives the ciphertext CT of Cloud Server returndata
S72:Mediator is utilized and is decrypted generation decrypted token in advance with the information of user mutual;
Wherein, S72 comprises the following steps:
S721:Calculate Q1';
S722:Calculate Qi,1',QFi,1';
S723:CalculateWith
S724:Calculate
S725:Output CTtoken, and it is returned to user;
S74:User receives CTtoken, and decryption obtains m.
9. method according to claim 1, it is characterised in that:The step S8 comprises the following steps:
S81:When the authority of user changes, data owner updates user list UL, and is sent to again corresponding Mediator;
S82:User GID is to Mediator request search trapdoors;
S83:IfThen Mediator refusals cooperate therewith the effective search trapdoor of generation, while deleting user UID's Attribute private key.
CN201710094114.0A 2017-02-21 2017-02-21 Arbitration searchable encryption method Active CN106850652B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710094114.0A CN106850652B (en) 2017-02-21 2017-02-21 Arbitration searchable encryption method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710094114.0A CN106850652B (en) 2017-02-21 2017-02-21 Arbitration searchable encryption method

Publications (2)

Publication Number Publication Date
CN106850652A true CN106850652A (en) 2017-06-13
CN106850652B CN106850652B (en) 2020-05-26

Family

ID=59133992

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710094114.0A Active CN106850652B (en) 2017-02-21 2017-02-21 Arbitration searchable encryption method

Country Status (1)

Country Link
CN (1) CN106850652B (en)

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108039944A (en) * 2017-12-15 2018-05-15 复旦大学 Sequence encryption frame algorithm is taken off with forward security
CN108156138A (en) * 2017-12-13 2018-06-12 西安电子科技大学 A kind of fine granularity calculated for mist can search for encryption method
CN108345802A (en) * 2018-02-11 2018-07-31 西安电子科技大学 Join safe and efficient cipher text retrieval method, the onboard system of cloud system based on vehicle
CN108418784A (en) * 2017-12-04 2018-08-17 重庆邮电大学 A kind of distributed cross-domain authorization and access control method based on properties secret
CN108881314A (en) * 2018-08-28 2018-11-23 南京邮电大学 Mist calculates the method and system for realizing secret protection under environment based on CP-ABE ciphertext access control
CN109740364A (en) * 2019-01-04 2019-05-10 大连大学 The cipher text searching method based on attribute of controllable search permission
TWI665580B (en) * 2017-12-14 2019-07-11 國立成功大學 Authorization and search method for image files in cloud environment
CN110430063A (en) * 2019-07-26 2019-11-08 绍兴文理学院 Based on the heterogeneous sensing net node anonymous Identity Verification System of mist computing architecture and method
CN110445756A (en) * 2019-07-04 2019-11-12 中国电子科技集团公司第三十研究所 It can search for the implementation method of cryptographic audit log in cloud storage
CN111930688A (en) * 2020-09-23 2020-11-13 西南石油大学 Method and device for searching secret data of multi-keyword query in cloud server
WO2021232193A1 (en) * 2020-05-18 2021-11-25 深圳技术大学 Cp-abe-based ciphertext search method, apparatus and device in fog computing, and storage medium
WO2022025822A1 (en) * 2020-07-27 2022-02-03 Singapore Management University Cloud data sharing systems and methods for sharing data using the systems
CN114826703A (en) * 2022-04-11 2022-07-29 江苏大学 Block chain-based data search fine-grained access control method and system
CN116132048A (en) * 2023-01-04 2023-05-16 扬州大学 Method suitable for safe sharing of user privacy data in medical internet of things scene

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080098024A1 (en) * 2005-05-20 2008-04-24 Fujitsu Limited Information retrieval apparatus, information retrieval method and computer product
CN104021157A (en) * 2014-05-22 2014-09-03 西安理工大学 Method for keyword searchable encryption based on bilinear pairs in cloud storage
CN104023051A (en) * 2014-05-22 2014-09-03 西安理工大学 Multi-user multi-keyword searchable encryption method in cloud storage
CN104022868A (en) * 2014-02-18 2014-09-03 杭州师范大学 Outsourcing decryption method of attribute-based encryption based on ciphertext policy
CN104486315A (en) * 2014-12-08 2015-04-01 北京航空航天大学 Revocable key external package decryption method based on content attributes
CN105049196A (en) * 2015-07-13 2015-11-11 西安理工大学 Searchable encryption method of multiple keywords at specified location in cloud storage
CN105262843A (en) * 2015-11-12 2016-01-20 武汉理工大学 Data anti-leakage protection method for cloud storage environment
CN105681280A (en) * 2015-12-29 2016-06-15 西安电子科技大学 Searchable encryption method based on Chinese in cloud environment

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080098024A1 (en) * 2005-05-20 2008-04-24 Fujitsu Limited Information retrieval apparatus, information retrieval method and computer product
CN104022868A (en) * 2014-02-18 2014-09-03 杭州师范大学 Outsourcing decryption method of attribute-based encryption based on ciphertext policy
CN104021157A (en) * 2014-05-22 2014-09-03 西安理工大学 Method for keyword searchable encryption based on bilinear pairs in cloud storage
CN104023051A (en) * 2014-05-22 2014-09-03 西安理工大学 Multi-user multi-keyword searchable encryption method in cloud storage
CN104486315A (en) * 2014-12-08 2015-04-01 北京航空航天大学 Revocable key external package decryption method based on content attributes
CN105049196A (en) * 2015-07-13 2015-11-11 西安理工大学 Searchable encryption method of multiple keywords at specified location in cloud storage
CN105262843A (en) * 2015-11-12 2016-01-20 武汉理工大学 Data anti-leakage protection method for cloud storage environment
CN105681280A (en) * 2015-12-29 2016-06-15 西安电子科技大学 Searchable encryption method based on Chinese in cloud environment

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
IBRAIMI L: "Mediated Ciphertext-Policy Attribute-Based Encryption and Its Application", 《INFORMATION SECURITY APPLICATIONS》 *
YANLI REN: "Fully Secure Ciphertext-Policy Attribute-Based Encryption with Constant Size Ciphertext", 《2011 THIRD INTERNATIONAL CONFERENCE ON MULTIMEDIA INFORMATION NETWORKING AND SECURITY》 *

Cited By (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108418784A (en) * 2017-12-04 2018-08-17 重庆邮电大学 A kind of distributed cross-domain authorization and access control method based on properties secret
CN108418784B (en) * 2017-12-04 2020-09-25 重庆邮电大学 Distributed cross-domain authorization and access control method based on attribute password
CN108156138A (en) * 2017-12-13 2018-06-12 西安电子科技大学 A kind of fine granularity calculated for mist can search for encryption method
CN108156138B (en) * 2017-12-13 2020-10-27 西安电子科技大学 Fine-grained searchable encryption method for fog calculation
TWI665580B (en) * 2017-12-14 2019-07-11 國立成功大學 Authorization and search method for image files in cloud environment
CN108039944B (en) * 2017-12-15 2020-09-01 复旦大学 De-ordering encryption framework algorithm with forward security
CN108039944A (en) * 2017-12-15 2018-05-15 复旦大学 Sequence encryption frame algorithm is taken off with forward security
CN108345802B (en) * 2018-02-11 2021-09-17 西安电子科技大学 Safe and efficient ciphertext retrieval method based on vehicle-connected cloud system and vehicle-mounted system
CN108345802A (en) * 2018-02-11 2018-07-31 西安电子科技大学 Join safe and efficient cipher text retrieval method, the onboard system of cloud system based on vehicle
CN108881314B (en) * 2018-08-28 2021-02-02 南京邮电大学 Privacy protection method and system based on CP-ABE ciphertext under fog computing environment
CN108881314A (en) * 2018-08-28 2018-11-23 南京邮电大学 Mist calculates the method and system for realizing secret protection under environment based on CP-ABE ciphertext access control
CN109740364A (en) * 2019-01-04 2019-05-10 大连大学 The cipher text searching method based on attribute of controllable search permission
CN110445756B (en) * 2019-07-04 2021-07-09 中国电子科技集团公司第三十研究所 Method for realizing searchable encryption audit logs in cloud storage
CN110445756A (en) * 2019-07-04 2019-11-12 中国电子科技集团公司第三十研究所 It can search for the implementation method of cryptographic audit log in cloud storage
CN110430063A (en) * 2019-07-26 2019-11-08 绍兴文理学院 Based on the heterogeneous sensing net node anonymous Identity Verification System of mist computing architecture and method
WO2021232193A1 (en) * 2020-05-18 2021-11-25 深圳技术大学 Cp-abe-based ciphertext search method, apparatus and device in fog computing, and storage medium
WO2022025822A1 (en) * 2020-07-27 2022-02-03 Singapore Management University Cloud data sharing systems and methods for sharing data using the systems
CN111930688A (en) * 2020-09-23 2020-11-13 西南石油大学 Method and device for searching secret data of multi-keyword query in cloud server
CN114826703A (en) * 2022-04-11 2022-07-29 江苏大学 Block chain-based data search fine-grained access control method and system
CN114826703B (en) * 2022-04-11 2024-04-05 江苏大学 Block chain-based data search fine granularity access control method and system
CN116132048A (en) * 2023-01-04 2023-05-16 扬州大学 Method suitable for safe sharing of user privacy data in medical internet of things scene

Also Published As

Publication number Publication date
CN106850652B (en) 2020-05-26

Similar Documents

Publication Publication Date Title
CN106850652A (en) One kind arbitration can search for encryption method
CN108989026B (en) Method for revoking user attribute in publishing/subscribing environment
CN107682353B (en) A kind of health account access control method in electron medical treatment cloud
US20200404023A1 (en) Method and system for cryptographic attribute-based access control supporting dynamic rules
CN111913981B (en) Online and offline attribute-based boolean keyword searchable encryption method and system
CN111431898A (en) Multi-attribute mechanism attribute-based encryption method with search function for cloud-assisted Internet of things
CN109740364B (en) Attribute-based ciphertext searching method capable of controlling searching authority
CN108418784A (en) A kind of distributed cross-domain authorization and access control method based on properties secret
CN108171066A (en) The cross-domain searching method of keyword and system in a kind of medical treatment cloud under secret protection
CN106599719A (en) Ciphertext retrieval method supporting efficient key management
Li et al. Attribute-based keyword search and data access control in cloud
CN105897709B (en) The user property encipher-decipher method of non-monotonic access structure in distributed network
CN109981643A (en) A kind of inquiry authorization of fine granularity can search for encryption method and system
WO2020082687A1 (en) File sharing method and apparatus based on cp-abe layered access control, and device and medium
CN114139194A (en) Privacy protection task allocation method based on task content
CN114598472A (en) Conditional-hidden searchable agent re-encryption method based on block chain and storage medium
Abdelfattah et al. Multidata-owner searchable encryption scheme over medical cloud data with efficient access control
Cao et al. A Lightweight Fine‐Grained Search Scheme over Encrypted Data in Cloud‐Assisted Wireless Body Area Networks
CN105790929B (en) Access control method in a kind of encryption environment that rule-based redundancy is eliminated
CN107294701A (en) The multidimensional ciphertext interval query device and querying method managed with efficient key
CN109451077A (en) The model that medical cloud search permission is shared
CN116668149A (en) Electronic medical data sharing method based on policy hiding and attribute updating
CN114826575B (en) Single keyword searchable encryption method based on inner product predicates in cloud
CN116996870A (en) Traceable and revocable decentralised CP-ABE privacy protection method and system
CN111027084A (en) Fine-grained authorized keyword security query method based on attribute-based encryption

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20240325

Address after: Room 801, 85 Kefeng Road, Huangpu District, Guangzhou City, Guangdong Province

Patentee after: Guangzhou Dayu Chuangfu Technology Co.,Ltd.

Country or region after: China

Address before: 400065 Chongqing Nan'an District huangjuezhen pass Chongwen Road No. 2

Patentee before: CHONGQING University OF POSTS AND TELECOMMUNICATIONS

Country or region before: China

TR01 Transfer of patent right