CN107480163B - Efficient ciphertext image retrieval method supporting privacy protection in cloud environment - Google Patents

Efficient ciphertext image retrieval method supporting privacy protection in cloud environment Download PDF

Info

Publication number
CN107480163B
CN107480163B CN201710467097.0A CN201710467097A CN107480163B CN 107480163 B CN107480163 B CN 107480163B CN 201710467097 A CN201710467097 A CN 201710467097A CN 107480163 B CN107480163 B CN 107480163B
Authority
CN
China
Prior art keywords
image
retrieval
encrypted
owner
index
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710467097.0A
Other languages
Chinese (zh)
Other versions
CN107480163A (en
Inventor
陈晓峰
汪园
王剑锋
杨昌松
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xidian University
Original Assignee
Xidian University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University filed Critical Xidian University
Priority to CN201710467097.0A priority Critical patent/CN107480163B/en
Publication of CN107480163A publication Critical patent/CN107480163A/en
Application granted granted Critical
Publication of CN107480163B publication Critical patent/CN107480163B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/50Information retrieval; Database structures therefor; File system structures therefor of still image data
    • G06F16/58Retrieval characterised by using metadata, e.g. metadata not derived from the content or metadata generated manually
    • G06F16/583Retrieval characterised by using metadata, e.g. metadata not derived from the content or metadata generated manually using metadata automatically derived from the content
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06TIMAGE DATA PROCESSING OR GENERATION, IN GENERAL
    • G06T1/00General purpose image data processing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Library & Information Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Data Mining & Analysis (AREA)
  • Databases & Information Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention belongs to the technical field of image retrieval, and discloses a high-efficiency ciphertext image retrieval method supporting privacy protection in a cloud environment, which comprises the following steps: firstly, extracting a characteristic vector from an image in a database by an image owner, and encrypting the image by using an AES or RSA encryption mode; the owner establishes an index by using a hierarchical K-means algorithm based on the characteristic vector and encrypts the index by using a secure modular hash technology; and uploading the encrypted image and the index to a cloud server and executing retrieval operation. The invention can simultaneously realize the privacy protection of ciphertext image retrieval and retrieval accuracy equivalent to that of plaintext image retrieval. Furthermore, the proposed method is subjected to a detailed safety analysis and to experimental evaluation of efficiency and accuracy in different data sets. The result shows that the method can achieve the expected safety target and improve the retrieval efficiency under the condition of ensuring the retrieval accuracy.

Description

Efficient ciphertext image retrieval method supporting privacy protection in cloud environment
Technical Field
The invention belongs to the technical field of ciphertext image retrieval, and particularly relates to an efficient ciphertext image retrieval method supporting privacy protection in a cloud environment.
Background
With the advent of smart mobile devices and the popularization of the internet, more and more multimedia data are generated, and are presented in the life of people in the forms of images, videos, audios and the like every day. The more data, the more stored energy is needed, especially for multimedia data. While mobile devices are often limited by battery life, RAM storage, computing power, etc., a primary challenge for users is limited storage and processing power given that images will cost a lot of storage space. Therefore, people often choose to outsource storage and retrieval work to cloud computing. Compared with the traditional computing mode, the cloud computing can achieve better computing capability by using distributed computing and parallel computing. And cloud computing can provide customized services today and every day in the future. On the other hand, storing the image data in the cloud means that all business processing of the image data is completed in the cloud, so that the user loses the operation on the original image, and the abundant sensitive information contained in the image, such as the face of the person, the geographic position of the person, some sensitive events and the like, also poses a great threat to the privacy of the person. To reduce privacy concerns, more and more users consider encrypting images before uploading them to a cloud server. The encryption makes the image secret to the cloud server in terms of image content. However, retrieving images on encrypted databases has certain difficulties. The goal of searching in a database of dense text images is to obtain similar images without decryption. The application can carry out privacy protection on the user image in the retrieval field. Taking google search as an example, it also provides image retrieval services for individual users. Therefore, many potential users are very concerned about searching a specific image on the encrypted database, and researching an efficient ciphertext image retrieval method is not easy. Encryption is a key technology for general secure data transmission and data storage in privacy protection, but encryption has a certain barrier on similarity retrieval. Early secure information search research focused primarily on text retrieval. To detect whether the text file contains the keywords of the query, Boneh et al established a secure retrieval mechanism using public key encryption. The content of the graphics is described in text, named text-based image retrieval (TBIR), however, when the number of images is very large, it takes a lot of manpower, material resources, and financial resources to describe the images. Over the years of research, content-based image retrieval (CBIR) was proposed. Unlike text-based image retrieval, in CBIR, images use visual features to describe the content of the images, and it is typical to compare local features and global features of the images to evaluate the similarity of the images, so that the conventional searchable encryption scheme cannot meet the requirements of image retrieval. In recent years, the most commonly used encryption techniques are the order-preserving encryption algorithm and the homomorphic encryption algorithm. Lu et al encrypt the reverse order index using order preserving encryption and min-hash, respectively, but these two schemes are only applicable to the encryption of visual bag-of-words libraries of images. Hsu et al, who addresses the problem of privacy-preserving SIFT, can achieve good retrieval efficiency, but its huge computational and communication overhead is not applicable in resource-constrained devices.
In summary, the problems of the prior art are as follows: the current image retrieval method has the defects of serious resource consumption or high calculation overhead and communication overhead.
Disclosure of Invention
Aiming at the problems in the prior art, the invention provides an efficient ciphertext image retrieval method supporting privacy protection in a cloud environment.
The implementation process of the invention is that the efficient ciphertext image retrieval method supporting privacy protection in the cloud environment comprises the following steps:
firstly, extracting a feature vector from an image by an image owner, and encrypting the image by using encryption technologies such as AES (advanced encryption Standard) or RSA (rivest Shamir Adleman) and the like;
secondly, establishing a retrieval index by the image owner based on the feature vector, and encrypting the index by using a secure modular hash;
uploading the encrypted image and the corresponding security index to a cloud server;
step four, the user sends a query request, the cloud server performs retrieval operation on the tree index, and a correct result is returned to the user
Further, the efficient privacy protection ciphertext image retrieval method in the cloud environment specifically comprises the following steps:
(1) the image owner owns a database containing n images, and the data owner is likely to be limited by storage resources and computing resources, and is more inclined to upload the database to a cloud for storage and perform similarity retrieval at the cloud;
(2) the image owner first extracts the L-dimensional feature vectors, f, for all images in the databasei={fi1,fi2,...,fiLN, the image is encrypted by using encryption technology such as AES or RSA, the image can be directly encrypted as ordinary data, and the encrypted image is represented as { C ═ C1,C2,...Cn};
(3) The image owner uses the feature vectors to establish tree retrieval indexes, each node of each layer utilizes a K-means clustering algorithm to cluster the feature vectors of the nodes into T classes, each class is a child node of the node, and the operation is executed recursively until the number of child nodes contained in the last node is less than T. Finally, all the nodes are encrypted, each leaf node is associated with one encrypted image, and the CTRe is output;
(4) and uploading the encrypted image and the corresponding security index to a cloud server, sending a retrieval request to the cloud server when a user needs to retrieve, returning a correct retrieval result to a data owner by the cloud server, decrypting and returning the correct retrieval result to the client.
Further, the efficient ciphertext image retrieval method supporting privacy protection in the cloud environment further comprises the following steps:
inputting security parameter lambda, outputting Key SK, encrypting image content, randomly generating a matrix M with L multiplied by J dimension by an image owner, randomly generating a bit string S (M, S) for encrypting a Key of a feature vector by each line of data elements in the matrix according to Gaussian distribution, and secretly storing the Key Key (SK, (M, S)) by the image owner;
GenIndex({f1,...,fnin order to accelerate the retrieval process, based on the characteristic vector, a hierarchical K-means clustering algorithm is used for establishing a tree index; taking all the feature vectors as input, and outputting the feature vectors as Tree; in each layer, dividing all the feature vectors into T classes by using a K-means clustering algorithm, wherein each class is used as a child node of the node, and recursively executing the K-means algorithm until the last leaf node contains less than T features; each leaf node is associated with an encrypted image, and finally, a security index CTRee is output;
the GenCrypt (Key) takes a main Key Key as input and comprises two specific processes, wherein a Key SK is used for image encryption, and the other Key (M, S) is used for encrypting Tree and outputting CTRee;
DecImg(CkSK) cloud Server returns the first kThe relevant encrypted image is sent to the image owner, and the image owner decrypts the encrypted image by using the SK; the data owner provides authentication for the user upon receipt of the user request, and the user receives the decrypted image from the data owner after the authentication is passed.
Further, the encrypted image content is kept secret from the cloud server, and the data owner encrypts all images { I } with an encryption algorithm1,I2,...,InIs { C }1,C2,...,CnAnd leaf nodes of the CTree are associated with the encrypted image.
Further, the key (M, S) used to encrypt the Tree output ctre comprises: extracting feature vectors f of all images by data owneri={fi1,fi2,..., f iL1, 2.., n, the matrix M and the random string S are keys used to encrypt the feature vectors; encrypting the Tree index Tree into CTRee, and for each vector of CTRee, encrypting the way as follows:
Figure BDA0001325174340000041
each node of the CTRee stores the corresponding hash value, and the leaf nodes of the CTRee correspond to the corresponding encrypted images;
GenSearch(Qq) User extracts feature vector f for retrieval imageqAnd encrypting the feature vector by using the same secret key to obtain Qq
Figure BDA0001325174340000042
Uploading the encrypted query features to a cloud server, and receiving QqThen, the retrieval process is started from the top end of the CTRee and executed to a leaf node; at each layer of the CTree, the cloud server finds the minimum point along this path by computing the hamming distance between the node and the query vector, until the last layer, when Q isqWhen the leaf node is reached, the cloud returns a list of related images corresponding to the encrypted images; all queried images are returned to the user.
The invention further aims to provide an efficient ciphertext image retrieval method supporting privacy protection in the cloud environment. The efficient ciphertext image retrieval system supporting the privacy protection in the cloud environment comprises:
the image owner module owns the image database and outsources the image database to the cloud server in a ciphertext mode; generating a safe query index and uploading the query index to the cloud, and once receiving a request of a user, an image owner decrypts the query index by using the key SK to recover an encrypted picture;
the user module, user, refers to an authorized user, where the authorization process is considered to have been completed. In the image retrieval system, a user sends a query request to obtain similar retrieval images;
the cloud server module has distributed computing capacity and strong storage capacity, is used for storing the encrypted images, executes retrieval operation on the encrypted images and returns the retrieved related images to the user.
The invention also aims to provide an efficient ciphertext image retrieval method supporting privacy protection applied to the cloud environment.
The invention has the advantages and positive effects that: according to the invention, a resource-limited device is considered, an efficient ciphertext image retrieval scheme supporting privacy protection under cloud computing is provided, and the scheme has light-weight computing overhead and is suitable for a resource-limited user. In the whole scheme, a tree index is created by using a K-means algorithm, and then the index is encrypted by using a secure modulo hash. Because of the use of tree structures and the calculation of hamming distances, the time overhead at the retrieval stage is significantly less than for linear retrieval. The security modular hashing technology is used for replacing homomorphic encryption to protect the privacy of the image, and the calculation cost and the communication cost are greatly reduced. In addition, through detailed experimental analysis, the scheme can obtain retrieval accuracy equivalent to that of retrieval in the clear text, so all the above shows that the scheme is suitable for practical application. 1. To achieve distance computation under ciphertext that approximates that in the plaintext state, secure modulo hashing is used. In this way, the privacy of the feature vector can be ensured. In addition, the method can ensure that the retrieval accuracy of the ciphertext image is similar to that of the plaintext retrieval.
2. The scheme provided by the invention is more effective. The tree index is built by fully utilizing the K-means algorithm, the retrieval speed can be accelerated, and the retrieval accuracy is not seriously reduced.
3. Because of the use of the secure modular hashing technique, the scheme provided by the invention only needs one round of communication overhead and does not need additional other calculation. In addition, since the hamming distance is calculated during the search, a part of the retrieval overhead can be reduced.
Drawings
Fig. 1 is a flowchart of an efficient ciphertext image retrieval method supporting privacy protection in a cloud environment according to an embodiment of the present invention.
Fig. 2 is a schematic diagram of a system framework provided by an embodiment of the present invention.
Fig. 3 is a schematic diagram of a process for building a tree structure according to an embodiment of the present invention.
Fig. 4 is a schematic diagram of performing retrieval on an index by using an encrypted query according to an embodiment of the present invention.
FIG. 5 shows a diagram of d according to an embodiment of the present inventionQ(fi,fq) The value of (a) is | | | fi-fqA functional diagram of | l.
Fig. 6 is a schematic diagram of time overhead for encrypting a feature vector according to an embodiment of the present invention.
Fig. 7 is a schematic diagram of a time overhead test of retrieval according to an embodiment of the present invention.
FIG. 8 is a diagram illustrating a relationship between different recals and precision according to an embodiment of the present invention.
Fig. 9 is an experimental schematic diagram of the retrieval accuracy in different dimensions provided by the embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail with reference to the following embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
With the rapid development of cloud computing and big data, outsourcing large-scale data to a cloud server has become a hot trend. While outsourcing can mitigate data maintenance overhead at the user end, it comes with new security challenges where image privacy is of great research interest. Therefore, ciphertext image retrieval supporting privacy protection becomes a new research hotspot in academia. The invention provides a new efficient ciphertext image retrieval scheme, and the K-means clustering algorithm and the secure modular hashing technology are comprehensively used, so that the privacy protection of ciphertext image retrieval can be realized simultaneously, and the retrieval accuracy equivalent to that of plaintext image retrieval is obtained. Furthermore, the proposed method is subjected to a detailed safety analysis and to experimental evaluation of efficiency and accuracy in different actual data sets. The result shows that the method can achieve the expected safety target and improve the retrieval efficiency under the condition of ensuring the retrieval accuracy.
The following detailed description of the principles of the invention is provided in connection with the accompanying drawings.
As shown in fig. 1, the efficient ciphertext image retrieval method supporting privacy protection in a cloud environment according to the embodiment of the present invention includes the following steps:
s101: extracting a characteristic vector from the image, and encrypting the image by using an AES or RSA encryption mode;
s102: the data owner establishes a retrieval index by using the feature vector;
s103: uploading the encrypted image and the index to a cloud server;
s104: and the user sends a query request, the cloud server performs retrieval operation on the tree index, and a correct result is returned to the user.
The application of the principles of the present invention will now be described in further detail with reference to the accompanying drawings.
1. System model
The invention mainly comprises three parts: a schematic diagram of a specific system model of an image owner, a user and a cloud server is shown in fig. 2.
And the image owner module is used for owning an image database and outsourcing the image database to the cloud server in a ciphertext mode. In addition, the image owner generates a secure index and uploads it to the cloud. Upon receiving the user's request, the image owner will decrypt with the private key to recover the encrypted picture.
The user module, user, refers to an authorized user, where authorization operations are considered to have been performed. Additionally, users may be limited by storage resources and computing resources. In an image retrieval system, a user sends a query request to obtain similar retrieval images.
The cloud server module is provided with distributed computing capability and strong storage capability, and is mainly used for storing the encrypted images, executing retrieval operation on the encrypted images and returning the related images to the user.
The cloud server of the invention can honestly execute the specified protocol and return a correct result to the user, but the cloud server can analyze the encrypted image and the security index stored on the cloud server to obtain related plaintext information. In addition, the invention considers that the user and the data owner are credible and can not be in collusion with the cloud server.
The efficient ciphertext image retrieval method supporting privacy protection under cloud computing mainly achieves the following aims:
privacy. First it is ensured that the image database and the corresponding feature vectors are kept secret. That is, the server does not get any plaintext information without decryption.
Efficiency. The client can support effective calculation, and the calculation overhead and the communication overhead of the client are enabled to be as small as possible under the condition that the client is possibly limited by resources.
And (4) accuracy. Since the similarity evaluation is performed in the ciphertext, it is necessary to ensure that the search result obtained in the ciphertext is similar to the search result obtained in the plaintext.
2. Search method of the present invention
Image ownerHaving a database containing n images, and the data owner may be limited by storage and computing resources, may prefer to upload the database to the cloud. To be able to perform the retrieval function in the cloud, the owner first extracts the L-dimensional feature vector, f, from the imagei={fi1,fi2,...,fiLN, the image is encrypted by using an advanced encryption mode, such as an AES encryption algorithm and an RSA encryption algorithm, and the image is directly encrypted as common data. The encrypted image is denoted as { C1,C2,...Cn}. The data owner then builds a search index using the feature vectors. The index tree is established by using a K-means algorithm, all nodes are encrypted, each leaf node is associated with one encrypted image, and the CTRee is output. And finally, uploading the encrypted image and the index to a cloud server. Therefore, when the user needs to search, only the search request needs to be sent to the cloud server, and the cloud server returns the correct search result to the data owner, and the correct search result is decrypted by the data owner and returned to the client.
2.1 the algorithm contained in the present invention is explained in detail:
GenKey (lambda) inputs a security parameter lambda and outputs a key SK which is used for encrypting image content. On the other hand, the data owner randomly generates an L J matrix M whose elements satisfy the Gaussian distribution, and a random bit string S whose values satisfy the uniform distribution of [0, k ]. The matrix M and the random bit string S are keys used to encrypt the feature vector, and finally the Key is (SK, (M, S)) kept secret by the data owner.
GenIndex({f1,...,fnAnd the index is a meaningful research hotspot in the field of image retrieval, and the establishment of the index can accelerate the retrieval process. But there is no more efficient indexing scheme than linear retrieval. In image retrieval, the reverse order index is a more common index structure, but the reverse order index is only suitable for visual word bags and has great limitation. In order not to greatly reduce the retrieval accuracy, a hierarchical K-means clustering algorithm is used for establishing the tree index. In this algorithm, all feature vectors are input and the output is Tree. At each of the layers of the stack, the layers are,and dividing all the feature vectors into T classes by using a K-means algorithm, and recursively executing the K-means algorithm until the last leaf node contains less than T features. Each leaf node is associated with an encrypted image. The detailed procedure will be described in algorithm 1. Num in Algorithm 1tIndicating the number of feature vectors in class t. In addition, the vector nodes in the same class are from the same parent node, denoted as fhThe value is the center value of the class. Fig. 3 is a process of building a tree structure.
Figure BDA0001325174340000091
GenCrypt (Key) takes a main Key Key as input, and the algorithm comprises two specific processes, wherein a Key SK is used for encrypting images, and the other Key (M, S) is used for encrypting Tree output CTRee, which specifically comprises the following steps:
1. image encryption: to ensure that the content of the image is kept secret from the cloud server, the data owner encrypts all images I with an advanced encryption algorithm1,I2,...,InIs { C }1,C2,...,CnAnd the leaf node of the CTRee is associated with the encrypted image.
2. Encryption of the feature vector: extracting feature vectors f of all images by data owneri={fi1,fi2,..., f iL1, 2.., n, the matrix M and the random string S are the keys used to encrypt the feature vectors. Encrypting the Tree index Tree into CTRee, and for each vector of CTRee, encrypting the way as follows:
Figure BDA0001325174340000101
each node of the CTree stores its corresponding hash value and its leaf nodes correspond to their respective encrypted images.
GenSearch(Qq): user extraction of feature vector f for retrieval imageqAnd encrypting the feature vector by using the same secret key to obtain Qq
Figure BDA0001325174340000102
Upload the encrypted query features to the cloud, as shown in FIG. 4, with Q receivedqThereafter, the retrieval process starts at the top of ctre and proceeds to the leaf node. At each layer of the CTree, the cloud server finds the minimum point by the hamming distance between the compute node and the query vector and goes along this path until the last layer, when Q isqReaching the leaf node, the cloud will return a list of the most relevant images, corresponding to the encrypted images. All the inquired images are returned to the user, and fig. 4 shows a schematic diagram of the whole inquiry process, which is described in detail in algorithm 2.
Node in algorithm 2hNode, representing the h-th level in the CTReehNum represents the number of child nodes of a node, QhaIs the value of the node.
Figure BDA0001325174340000111
DecImg(CkSK) the cloud server returns the first k relevant encrypted images to the image owner, who decrypts them using SK. Upon receipt of the user request, the data owner will provide authentication of the user, and upon passing the authentication, the user receives the decrypted image from the data owner.
2.2 analysis of correctness
By pair dQ(fi,fq) And fi-fqThe accuracy of the algorithm is explained by analyzing the relation between | |, and the equation (1) can obtain the f-fq、fi∈RN,P(Qk(fi)=Qk(fq) Has the following relationship:
Figure BDA0001325174340000112
the cloud server calculates the following formula instead
Figure BDA0001325174340000113
When k is 2, dQ(fi,fq) And fi、fqHamming distances between them are equal, fig. 5 shows dQ(fi,fq) The value of (a) is | | | fi-fqA function of.
When the distance between two vectors is close enough, dQ(fi,fq) Can replace fi-fqI, when k is 2, it is equivalent to the calculation of hamming distance instead of euclidean distance, but when fi-fqIf | | is greater than a value r, the two vectors will be indistinguishable, so the present invention uses a color histogram to represent the feature vectors of the image, each value being normalized to meet the requirement of distance calculation.
The safety and efficiency of the present invention will be described in detail in connection with the analysis below.
1.1 safety assay
Privacy of image content: all images are encrypted using more advanced encryption before being outsourced to the cloud. Under the known ciphertext model, the method is confidential for the cloud server.
Privacy of feature vectors: under the known plaintext model, the query vector and the index tree have been encrypted using secure modulo hashing techniques. Without knowing the keys M and S, the server does not have enough capacity to recover the feature vectors in ctre. And M and S are independently randomly generated, the generation space of M and S is large enough, and P ((M, S) ═ M ', S') will be close to 0, assuming a curious server guesses one of M 'and S'.
On the other hand, when the distance between two vectors is greater than a constant value r, the hash value between the two vectors is indistinguishable. Qk(fi) And Qk(fq) Mutual information between is
Figure BDA0001325174340000121
When fi-fjThe mutual information reduces the exponent to 0. alsoThat is, when k is 2 and the euclidean distance between vectors is greater than 5 δ, the boundary value of the mutual information will be 10-50I.e. from the vector fqMiddle leakage fiWill require 1050A hash string.
1.2 efficiency analysis
The computational efficiency of the present invention was analyzed. It is noted from table 1 that J/L ═ t is defined in the encryption time, where L denotes the dimension of the feature vector, J denotes the key length (length after encryption), and h denotes the secure modulo hash operation, and the encryption time of the feature vector depends mainly on t, and the number of images in the entire image set is a decisive factor.
In the search time, the calculation in plaintext is performed by using euclidean distance calculation, the calculation in ciphertext is performed by using hamming distance, and D and H are used to represent euclidean distance calculation and hamming distance calculation, respectively, during the search process, all searches are performed in a tree structure, and the whole search overhead is represented in table 1.
TABLE 1
Figure BDA0001325174340000131
The effect of the present invention will be described in detail below with reference to performance evaluation.
The search experiment was performed on the basis of two image databases. One of them is from the Corel image library, which contains 1000 color images, the images can be divided into 10 classes according to the content, each class has 100 pictures: africa, beach, building, bus, dinosaur, elephant, flower, horse, mountain, and food. The size of the image is 256 × 384 or 384 × 256. Another is the well-known INRIA landmark image database, which mainly contains the landscape images they take during vacation, and is mainly used to evaluate the search effect, and 259 images are randomly selected from the image set for testing. All experimental hardware configurations were Intel (R) core (TM) i 3-21203.3 GHz CPU, 4G memory. The development language mainly uses C + + and MATLAB. In the experimental process, n represents the number of images, L represents the dimension of the feature vector, and J represents the length of the hash. For sufficient comparison, the feature vector is a color histogram of colors, saturation, and values in the color space, and values of different dimensions are extracted to evaluate the solution. In addition, J is also another key factor related to the accuracy of the search.
Encryption time: after extracting the feature vectors from all the images, the feature vectors are encrypted to protect the privacy of the images. As shown in fig. 6(a), it can be seen that the encryption time is determined by the number of images in the database. Furthermore, the ratio of the size of the defined key and the dimension of the feature is variable, and as an argument, the encryption times in different dimensions are compared. Fig. 6(b) shows a curve in which the encryption time linearly increases with an increase in the ratio when the number of images is fixed at 1000. This is because each encryption requires the calculation of (L × J) products, and when n and L are fixed, the encryption time is proportional to J. Different dimensions require different encryption times, and the larger the dimension, the more time overhead.
And (3) retrieval time: in the retrieval stage, first, the linear search and the tree index retrieval are tested, and as can be seen from fig. 7(a), the linear search cost increases linearly with the increase of the number of images, and when the increase of the number of images is accelerated, the search cost increases rapidly. Furthermore, the retrieval overhead of tree indexes is significantly less than linear searches.
The search costs in plaintext and ciphertext were tested separately. In the plaintext, the query feature vector first reaches the root node, the distances between the query feature vector and all child nodes of the root in Euclidean space are calculated and sorted according to the size, and then the smallest one is selected to be along the path. And repeating the steps until the leaf node is reached and the most relevant image index is returned to the user. Unlike retrieval in plaintext, in ciphertext, the cloud server calculates the hamming distance instead of the euclidean distance until the last layer. As can be seen from fig. 7(b), the secure indexing scheme allows the server to perform a retrieval operation, and the retrieval efficiency in ciphertext is comparable to the speed in plaintext. When J/L is 2, the search time in plain text and cipher text is almost the same.
The search accuracy is as follows: in the present invention, two databases are used to evaluate the search accuracy of the proposed solution. One aspect is to evaluate with precision-call using the Coral database, to evaluate the encrypted results, take each image as a query, obtain the accuracy of all the query images, and calculate the average accuracy of 1000 images. FIG. 8 reflects the relationship between different recals and precision. As can be seen from fig. 8, when J/L is 2, the retrieval accuracy of the ciphertext image is almost the same as that in the plaintext, and when J/L is 4, the retrieval accuracy of the ciphertext image is less than that in the plaintext. By encrypting the query request using a key other than the encrypted index, it can be seen that the retrieval accuracy is significantly lower than otherwise, and therefore it can be seen as a random selection of images from a database of images. Although the cloud server performs data retrieval through its own image, it does not get any useful information without an accurate key.
In the INRIA Holiday picture database, the retrieval accuracy is represented by MAP. In the search experiment, each image was used as a query image and the average result was obtained. Furthermore, the same search experiment was performed in different dimensions. As can be taken from fig. 9, after encryption, MAP decreases as the key dimension decreases. It is clear that when J/L falls below 4, MAP will drop sharply with decreasing ratio.
In summary, the present invention can consider that the accuracy of image retrieval is closely related to the image descriptor, the feature matrix size, and the image database.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents and improvements made within the spirit and principle of the present invention are intended to be included within the scope of the present invention.

Claims (6)

1. An efficient ciphertext image retrieval method supporting privacy protection in a cloud environment is characterized in that the efficient ciphertext image retrieval method supporting privacy protection in the cloud environment supports privacy protection of images and achieves efficient ciphertext image retrieval in the cloud environment, and the method comprises the following steps:
firstly, extracting feature vectors from all owned images by an image owner, and encrypting the image content by using an AES or RSA encryption algorithm;
secondly, the image owner establishes a tree retrieval index by using a K-means algorithm based on the image feature vector, encrypts all vectors in the index by using a secure mode hash, and outputs a secure index;
uploading the encrypted image and the corresponding security index to a cloud server, and storing the encrypted image and the corresponding security index by the cloud server;
step four, the user generates a query request and sends the query request to the cloud server, the cloud server executes retrieval operation under the ciphertext image, and the correct similarity image is returned to the user;
the efficient ciphertext image retrieval method supporting privacy protection in the cloud environment specifically comprises the following steps:
(1) the image owner owns a database containing n images, and the image owner is possibly limited by storage resources and computing resources and uploads the image database to the cloud for storage;
(2) the image owner first extracts the L-dimensional feature vector, f, from the imagei={fi1,fi2,...,fiLN, encrypting the image content by using an AES or RSA encryption algorithm, directly encrypting the image as common data, and expressing the encrypted image as { C ═ C1,C2,...Cn};
(3) The image owner establishes a tree retrieval index based on the feature vectors, from a root node to leaf nodes, each layer of the tree structure divides the feature vectors into T classes by using a K-means clustering algorithm, each class forms a node of the tree, and each node repeats the steps until the number of the feature vectors contained in the node is less than T; all nodes of the established tree structure are encrypted and hidden by using secure modular hashing, each leaf node is associated with one encrypted image, and finally, the CTree is output;
(4) and uploading the encrypted image and the corresponding security index to a cloud server, when a user needs to search, sending a search request to the cloud server, returning a correct search result to a data owner by the cloud server, and decrypting the returned ciphertext image by the image owner by using an encryption key and returning the ciphertext image to the user.
2. The efficient ciphertext image retrieval method supporting privacy protection in a cloud environment of claim 1, further comprising:
a GenKey (lambda) which inputs a security parameter lambda and outputs a Key SK for encrypting image content, an L multiplied by J dimensional matrix M is randomly generated by an image owner, each column in the matrix obeys Gaussian distribution, a bit string S is randomly generated, a Key for encrypting a feature vector is randomly generated, and the Key Key is (SK, (M, S)) and is secretly stored by the image owner;
GenIndex({f1,...,fnin order to accelerate the retrieval process, a hierarchical K-means clustering algorithm is used for establishing a tree index; all the feature vectors are used as input, and the output is Tree; in each layer of the tree, dividing all the feature vectors into T classes by using a K-means algorithm, and recursively executing the K-means algorithm until the last node contains less than T feature vectors; each leaf node is associated with an encrypted image;
the GenCrypt (Key) takes a main Key Key as input and comprises two specific processes, wherein a Key SK is used for image encryption, and the other Key (M, S) is used for encrypting Tree and outputting CTRee;
DecImg(Ckthe cloud server returns the first k related encrypted images to the image owner, and the image owner decrypts the returned ciphertext image by using the SK; upon receiving the user request, the data owner provides authentication of the user, and after the authentication is passed, the user receives the decrypted image from the data owner.
3. The efficient ciphertext image retrieval method supporting privacy protection in a cloud environment as claimed in claim 2, wherein the encrypted content of the image is kept secret from the cloud server, and the data owner encrypts all images { I } using an encryption algorithm1,I2,...,InIs { C }1,C2,...,CnAnd leaf nodes of the CTree are associated with the encrypted image.
4. The efficient ciphertext image retrieval method supporting privacy protection in a cloud environment of claim 2, wherein the key (M, S) used to encrypt the Tree output ctre comprises: extracting feature vectors f of all images by data owneri={fi1,fi2,...,fiL1, 2.., n, the matrix M and the random string S are keys used to encrypt the feature vectors; encrypting the Tree index Tree to generate the CTRee, wherein for each vector of the CTRee, the encryption mode is as follows:
Figure FDA0002208565880000031
each node of the CTRee stores the corresponding hash value, and the leaf nodes of the CTRee correspond to the corresponding encrypted images;
GenSearch(Qq) User extracts feature vector f for retrieval imageqAnd encrypting the feature vector by using the same secret key to obtain Qq
Figure FDA0002208565880000032
The encrypted query vector is uploaded to the cloud, and the cloud server receives the QqThen, executing retrieval operation; the retrieval process is started from a CTree root node and executed to a leaf node; at each layer of the CTRee, the cloud server finds the node with the minimum distance by calculating the Hamming distance between the tree node and the query vector, and follows the path to the last layer when Q isqWhen the leaf node is reached, the cloud server returns a related image index corresponding to the encrypted image; and finally returning the inquired image to the user.
5. The efficient ciphertext image retrieval system supporting privacy protection in the cloud environment of the efficient ciphertext image retrieval method supporting privacy protection in the cloud environment of claim 1, wherein the efficient ciphertext image retrieval system supporting privacy protection in the cloud environment comprises:
the image owner module owns the image database and outsources the image database to the cloud server in a ciphertext mode; generating a safe tree-shaped query index based on the image characteristic vector and the secure modular hash and uploading the safe tree-shaped query index to the cloud, wherein once a request of a user is received, a data owner decrypts the secure tree-shaped query index by using a private key SK to recover an encrypted picture;
a user module, wherein the user refers to an authorized user; the method comprises the steps that a resource-limited client side is used, and in an image retrieval system, a user sends a query request and obtains similar retrieval images;
and the cloud server module is used for providing distributed computing capability and strong storage capability, storing the encrypted images, executing retrieval operation on the encrypted images when the user sends a query request, and returning the similar images to the user.
6. A cloud server applying the efficient ciphertext image retrieval method supporting privacy protection in the cloud environment of any one of claims 1 to 4.
CN201710467097.0A 2017-06-19 2017-06-19 Efficient ciphertext image retrieval method supporting privacy protection in cloud environment Active CN107480163B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710467097.0A CN107480163B (en) 2017-06-19 2017-06-19 Efficient ciphertext image retrieval method supporting privacy protection in cloud environment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710467097.0A CN107480163B (en) 2017-06-19 2017-06-19 Efficient ciphertext image retrieval method supporting privacy protection in cloud environment

Publications (2)

Publication Number Publication Date
CN107480163A CN107480163A (en) 2017-12-15
CN107480163B true CN107480163B (en) 2020-03-24

Family

ID=60594758

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710467097.0A Active CN107480163B (en) 2017-06-19 2017-06-19 Efficient ciphertext image retrieval method supporting privacy protection in cloud environment

Country Status (1)

Country Link
CN (1) CN107480163B (en)

Families Citing this family (27)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108182220A (en) * 2017-12-25 2018-06-19 重庆邮电大学 Image search method based on privacy of user protection in Cloud Server
CN108197491B (en) * 2017-12-29 2021-06-15 西安电子科技大学 Subgraph retrieval method based on ciphertext
CN108256031B (en) * 2018-01-11 2021-09-10 北京理工大学 Multi-source encrypted image retrieval method supporting privacy protection
CN108334593B (en) * 2018-01-30 2022-01-28 西安电子科技大学 Secure ciphertext image duplicate removal method in cloud environment and cloud server
CN108600573B (en) * 2018-03-13 2020-05-19 上海大学 Ciphertext JPEG image retrieval method based on tree-shaped BoW model
CN108418995B (en) * 2018-03-20 2019-10-11 西安电子科技大学 Personal images safe retrieving method based on homomorphic encryption algorithm
CN108827254A (en) * 2018-04-12 2018-11-16 重庆市綦江区建筑工程质量监督站 A kind of multifunctional all building engineering quality detecting meter
CN108904941A (en) * 2018-06-12 2018-11-30 深圳市人民医院 A kind of intelligent operation anesthesia management system
CN108985094B (en) * 2018-06-28 2020-07-21 电子科技大学 Method for realizing access control and range query of ciphertext spatial data in cloud environment
CN109409111B (en) * 2018-10-08 2021-09-17 东北大学 Encrypted image-oriented fuzzy search method
CN109635137B (en) * 2018-10-30 2022-05-17 耀灵人工智能(浙江)有限公司 Image associated information retrieval method and system
CN109543061B (en) * 2018-11-16 2021-06-08 西安电子科技大学 Encrypted image retrieval method supporting multiple keys
CN109783667B (en) * 2019-01-14 2023-10-27 西安电子科技大学 Image storage and retrieval method, client and system
CN109918529A (en) * 2019-02-25 2019-06-21 重庆邮电大学 A kind of image search method based on the quantization of tree-like cluster vectors
CN110365654B (en) * 2019-06-19 2022-09-27 平安普惠企业管理有限公司 Data transmission control method and device, electronic equipment and storage medium
KR102234097B1 (en) * 2019-07-17 2021-04-01 부산대학교 산학협력단 Image processing method and system for deep-learning
CN110866135B (en) * 2019-11-12 2022-09-23 重庆邮电大学 Response length hiding-based k-NN image retrieval method and system
CN111339539B (en) * 2020-02-14 2022-04-01 西安电子科技大学 Efficient encrypted image retrieval method under multi-user environment
CN111522973B (en) * 2020-04-16 2023-03-31 重庆邮电大学 Privacy protection image retrieval method fusing compressed sensing
CN111508303A (en) * 2020-04-29 2020-08-07 重庆科技学院 Mathematical simulation demonstration device and method under probability statistics theory
CN111651779B (en) * 2020-05-29 2022-03-18 广西师范大学 Privacy protection method for encrypted image retrieval in block chain
CN112231508B (en) * 2020-10-15 2022-06-24 中山大学 Encrypted JPEG image retrieval method based on content
CN112883403B (en) * 2021-03-18 2022-04-08 广西师范大学 Verifiable encrypted image retrieval privacy protection method
CN113221140A (en) * 2021-04-30 2021-08-06 杭州师范大学 Ciphertext space-time data query method based on access control
CN113468362B (en) * 2021-06-30 2023-12-22 东北大学 Encrypted image retrieval system and method based on outsourcing K-means
CN114638002B (en) * 2022-03-21 2023-04-28 华南理工大学 Compressed image encryption method supporting similarity retrieval
CN116383470B (en) * 2023-05-29 2023-08-29 新智元(南京)科技信息有限公司 Image searching method with privacy protection function

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7778438B2 (en) * 2002-09-30 2010-08-17 Myport Technologies, Inc. Method for multi-media recognition, data conversion, creation of metatags, storage and search retrieval
CN101872415A (en) * 2010-05-06 2010-10-27 复旦大学 Video copying detection method being suitable for IPTV
CN104008174A (en) * 2014-06-04 2014-08-27 北京工业大学 Privacy-protection index generation method for mass image retrieval
CN106326360A (en) * 2016-08-10 2017-01-11 武汉科技大学 Fuzzy multi-keyword retrieval method of encrypted data in cloud environment
CN106599311A (en) * 2016-12-29 2017-04-26 广州市奥威亚电子科技有限公司 Cloud computation-based internet education platform resource library image retrieval method

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7778438B2 (en) * 2002-09-30 2010-08-17 Myport Technologies, Inc. Method for multi-media recognition, data conversion, creation of metatags, storage and search retrieval
CN101872415A (en) * 2010-05-06 2010-10-27 复旦大学 Video copying detection method being suitable for IPTV
CN104008174A (en) * 2014-06-04 2014-08-27 北京工业大学 Privacy-protection index generation method for mass image retrieval
CN106326360A (en) * 2016-08-10 2017-01-11 武汉科技大学 Fuzzy multi-keyword retrieval method of encrypted data in cloud environment
CN106599311A (en) * 2016-12-29 2017-04-26 广州市奥威亚电子科技有限公司 Cloud computation-based internet education platform resource library image retrieval method

Also Published As

Publication number Publication date
CN107480163A (en) 2017-12-15

Similar Documents

Publication Publication Date Title
CN107480163B (en) Efficient ciphertext image retrieval method supporting privacy protection in cloud environment
Zhang et al. PIC: Enable large-scale privacy preserving content-based image search on cloud
CN108200063B (en) Searchable public key encryption method, system and server adopting same
Xia et al. Towards privacy-preserving content-based image retrieval in cloud computing
CN109543061B (en) Encrypted image retrieval method supporting multiple keys
Zhang et al. PPHOCFS: privacy preserving high-order CFS algorithm on the cloud for clustering multimedia data
Liu et al. Intelligent and secure content-based image retrieval for mobile users
JP2014126865A (en) Device and method for encryption processing
CN111026788A (en) Homomorphic encryption-based multi-keyword ciphertext sorting and retrieving method in hybrid cloud
Wang et al. A privacy-preserving and traitor tracking content-based image retrieval scheme in cloud computing
Guo et al. Enabling secure cross-modal retrieval over encrypted heterogeneous IoT databases with collective matrix factorization
CN103970889A (en) Security cloud disc for Chinese and English keyword fuzzy search
Zhang et al. Privacy-preserving image retrieval and sharing in social multimedia applications
Rane et al. Multi-user multi-keyword privacy preserving ranked based search over encrypted cloud data
Yan et al. SSIR: Secure similarity image retrieval in IoT
Hu et al. Towards private and scalable cross-media retrieval
Abduljabbar et al. EEIRI: efficient encrypted image retrieval in IoT-cloud
Cui et al. Harnessing encrypted data in cloud for secure and efficient image sharing from mobile devices
CN109740378A (en) A kind of safety of anti-keyword privacy leakage is to index construction and its search method
Ye et al. Image search scheme over encrypted database
Majhi et al. Random projection and hashing based privacy preserving for image retrieval paradigm using invariant and clustered feature
Yan et al. Privacy-preserving content-based image retrieval in edge environment
Abdulsada et al. Secure image retrieval over untrusted cloud servers
Jin et al. Efficient blind face recognition in the cloud
Yin et al. A new approximate image verification mechanism in cloud computing

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant