CN108111587B - Cloud storage searching method based on time release - Google Patents

Cloud storage searching method based on time release Download PDF

Info

Publication number
CN108111587B
CN108111587B CN201711344491.1A CN201711344491A CN108111587B CN 108111587 B CN108111587 B CN 108111587B CN 201711344491 A CN201711344491 A CN 201711344491A CN 108111587 B CN108111587 B CN 108111587B
Authority
CN
China
Prior art keywords
user
key
document
time
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201711344491.1A
Other languages
Chinese (zh)
Other versions
CN108111587A (en
Inventor
李会格
张方国
田海博
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
National Sun Yat Sen University
Original Assignee
National Sun Yat Sen University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by National Sun Yat Sen University filed Critical National Sun Yat Sen University
Priority to CN201711344491.1A priority Critical patent/CN108111587B/en
Publication of CN108111587A publication Critical patent/CN108111587A/en
Application granted granted Critical
Publication of CN108111587B publication Critical patent/CN108111587B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/951Indexing; Web crawling techniques
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0478Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/068Network architectures or network communication protocols for network security for supporting key management in a packet data network using time-dependent keys, e.g. periodically changing keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]

Abstract

The invention belongs to the field of cloud storage, and particularly relates to a cloud storage searching method based on time release. The invention stipulates the time authority for the plaintext data, and stores the plaintext data to the cloud after encryption processing. When a user wants to search a document, the server utilizes a search instruction generated by the user to search, and the server, the user and the time server interact with each other in the searching process to finally obtain a needed ciphertext file. And then the user and the time server continue to communicate to obtain a decryption key corresponding to the ciphertext, and the file is decrypted on line. The invention fully considers the requirement of the time consulting authority of the electronic document, ensures the privacy of the data and the time consulting authority, and has strong practicability.

Description

Cloud storage searching method based on time release
Technical Field
The invention belongs to the field of cloud storage, and particularly relates to a method for realizing searching on an encrypted electronic document in a certain time period in the future.
Background
With the rapid spread of the Internet, the storage of information has also moved from traditional paper archives to electronic archives using local physical disks. However, the society of today is an era of information explosion, and the storage amount of information is exponentially increased, which means that the costs for information maintenance and management, disk purchase and the like are continuously increased. On 9.8.2006, Google's first executive Auger, Schmidt (Eric Schmidt) first proposed the concept of "Cloud Computing" (Cloud Computing) at the search engine Congress (SES San Jose 2006). Then, amazon, microsoft, IBM, etc., have announced their respective cloud concept products-cloud storage.
The cloud storage refers to a system which integrates a large number of storage devices of various types in a network through application software to cooperatively work through functions such as cluster application, network technology or a distributed file system and provides data storage and service access functions to the outside. The system can reduce the local physical and cost expenses of the user, and the user really experiences the interest of inquiring personal data anytime and anywhere, so more and more users upload personal local data to the cloud. However, once the data is stored in the cloud, the user itself loses direct control of the data. Sensitive information in the data is often a target stolen by others, and in recent years, frequently-outbreak data leakage events make users more and more aware of the importance of guaranteeing data privacy and security.
The data are encrypted by using a cryptographic technology and then uploaded to the cloud, so that the privacy and the safety of the data are guaranteed to a certain extent, and the data query efficiency is influenced by the encryption technology. If the conventional encryption technology is adopted, the user needs to download all the cloud data, then decrypt the cloud data on the local server, and finally screen out the document set required by the user. Assuming that the fiber bandwidth used by the user is 100M, theoretically only 12.8Mb of files can be downloaded per second, and for 100G of data, it takes about 2 hours to completely download. Therefore, for light-weight data, the user can use this traditional search method, but this method is not practical when the data is large.
Song et al, 2000, proposed the concept of search encryption and presented a viable solution. The scheme mainly uses a pseudo-random function and a pseudo-random generator, in the process of executing search, a server needs to carry out bit-by-bit matching test on a search instruction and a ciphertext, and if the test is successful, the ciphertext is returned, so the search complexity of the protocol is O (n), wherein n is the length of a single document. Boneh et al introduced the concept of search encryption into the public key cryptosystem in 2003 and proposed a public key encryption search scheme (PEKS), so far, search encryption mainly includes two directions of public key search encryption and Symmetric Search Encryption (SSE). Generally, public key search encryption is powerful, but most PEKS schemes generally use bilinear pairs, so the search efficiency is not high. In the scheme of the SSE, the encryption and decryption keys of the users are the same, so that the SSE needs to broadcast the key to the users to realize the simultaneous uploading of documents by multiple users, which indirectly results in that the function of the SSE is not powerful enough, but the efficiency of the SSE is much higher than that of PEKS.
In SSE, there are mainly three participants: data owner U, server S and retrieval user U1. Retrieving user U1And the data owner U can be the same person or different, if U1Different from U, then U1The key K needs to be broadcast to U. The main ideas of SSE are: the data owner U uses the key K to change the local data D to (D)1,D2,…,Dn) Encrypted to C ═ C1,C2,…,Cn). Meanwhile, the data owner U creates an index table I for the data D, and finally the U stores C and I on the server S. Retrieving user U1If a document containing a keyword w is to be queried, he first generates a search instruction t (w) for the keyword w by using the key K, and then sends t (w) to the server S. S finds out the pointer set of the document containing w in I through t (w), and then returns the corresponding ciphertext data to the user U according to the pointers1. Finally, U1The cryptograms are decrypted at the local device using the key K.
Early SSE schemes only supported precise searches for a single keyword, and later researchers extended the functions of SSE to some extent, such as fuzzy searches, range searches, subset searches, dynamic searches, ranking searches, sentence searches, and borolean searches. However, these functions have certain limitations and cannot solve the search problem in special occasions. For example, in the current SSE scheme, the time authority problem of the user for referring to the files is not considered, so that according to the current search mode, once the user performs a search, he will immediately obtain all the files required by himself. However, in many practical search problems, a time factor is considered.
For example, to avoid disputes between children and their own due to property segmentation, many merchants currently prescribe their own testimonials in advance and have lawyers manage the documents in a confidential manner. The order can only be opened at a specific time as specified. Since the existing encryption search technology cannot effectively solve such problems, the application range of the cloud storage technology is limited. For another example, in the electronic voting system, each voter anonymously uploads the voting result of the voter to the cloud. The candidate cannot know the ticket number of the candidate in advance, and only at the stage of disclosure, the candidate knows the total ticket number of the candidate. In fact, the search encryption technology based on time release is used in law offices and electronic voting systems, and has other application occasions, such as national examination result inquiry systems and the like.
At present, a method for solving the above problems is that an administrator uploads a file in the previous second of a specified time, however, this method is considerable for lightweight data, but when the file size is large and the number is large, network congestion is easily caused, and thus a user cannot obtain a corresponding query result at the first time. On the other hand, the existing technology does not consider the privacy of data, so that the potential of information leakage exists at any time.
In view of the above problems, it is desirable to provide a method for searching encrypted electronic documents in a specific time period.
Disclosure of Invention
In order to realize searching on the encrypted electronic document after a certain time point in the future, the invention provides a cloud storage searching method based on time release. Time release is an encryption algorithm based at some point in time in the future, the purpose of which is to ensure that encrypted information cannot be decrypted until a specified time.
The invention provides a cloud storage searching method based on time release, which comprises a data owner, a cloud server and a user;
the data owner is used for encrypting the local data and uploading the local data to the cloud server.
The cloud server is used for storing data and helping a user to search the data.
The method is characterized in that: the system also comprises a time server which is a trusted center;
mainly comprises the following steps:
(S1) the data owner inputs a system security parameter lambda to generate a key array used for encrypting the document and constructing the index, which is expressed as an n + 3-dimensional key
Figure GDA0002534536100000031
n is an integer of 1 or more, and represents the number of documents included in the document set D. The time server inputs a safety parameter lambda, randomly generates and broadcasts a series of public keys related to time; is shown as
Figure GDA0002534536100000032
And PK1,1,…,PKm,sM and s are integers which are more than or equal to 1, m is the number of keywords in the database, and the value of s depends on the maximum value of the number of the documents related to the keywords in the database.
(S2), the data owner sets the local document set D ═ D (D)1,D2,…,Dn) Encrypted ciphertext file set C ═ (C)1,C2,…,Cn). Meanwhile, the data owner creates an encryption index table I for the document set D, and the data owner stores the ciphertext document set C and the index table I to the cloud server. Wherein each document is represented as Di(1 ≦ i ≦ n), and each ciphertext document is represented as: ci(1≤i≤n)。
(S3), the legal user inquiry contains the key word wα(1. ltoreq. alpha. ltoreq.m) using the key as the key word wαGenerating a search instruction Tr (w)α) Then search instruction Tr (w)α) And sending the data to the cloud server.
(S4) the cloud server searches for the instruction Tr (w)α) Finding the contained key word w in the index table IαA set of pointers to a document
Figure GDA0002534536100000033
Since the cloud server does not have these file pointer sets
Figure GDA0002534536100000034
Corresponding decryption key SKα,1,…,SKα,sThe server needs to point these file pointers
Figure GDA0002534536100000035
And returned to the user. User receives file pointer set
Figure GDA0002534536100000036
And then communicates with the time server. The time server firstly verifies whether the identity information of the user is legal or not, and if so, the time server sends the corresponding decryption key { SK ] in a specified time periodα,1,…,SKα,sAnd sending the data to the user safely. The user receives the decryption key SKα,1,…,SKα,sAfter, from the file pointer set
Figure GDA0002534536100000037
In-process decryption to obtain plaintext file identity identifier
Figure GDA0002534536100000038
The user communicates with the cloud server again and returns the corresponding ciphertext document
Figure GDA0002534536100000039
(S5), decryption stage: user receives ciphertext set
Figure GDA00025345361000000418
Thereafter, again communicate with the timeserver and obtain a corresponding decryption key from the timeserver
Figure GDA0002534536100000041
These keys are utilized by the end-user
Figure GDA0002534536100000042
Respectively for ciphertext
Figure GDA0002534536100000043
Decrypting to obtain corresponding plaintext information
Figure GDA0002534536100000044
In the step (S2), the data owner encrypts the document and establishes the index table by using a method of combining a symmetric encryption system and a public key encryption system, and finally generates a corresponding ciphertext and the index table.
Specifically, the process for the data owner to encrypt the document is as follows:
(S2 a.) data owner utilizes a key
Figure GDA0002534536100000045
Separately encrypting documents D1,…,Dn
Figure GDA0002534536100000046
I is more than or equal to 1 and less than or equal to n, wherein
Figure GDA0002534536100000047
Representing document DiThe result of the corresponding encryption is that,
Figure GDA0002534536100000048
represents a symmetric encryption algorithm in which the encryption key used is
Figure GDA0002534536100000049
I is more than or equal to 1 and less than or equal to n. The data owner then chooses n time-dependent public keys
Figure GDA00025345361000000410
One-by-one pair of private keys used in encrypting documents
Figure GDA00025345361000000411
Carry out encryption, we denote by cki
Figure GDA00025345361000000412
The encryption result of (1):
Figure GDA00025345361000000413
here, the
Figure GDA00025345361000000414
Represents a public key encryption algorithm in which the encryption public key used is
Figure GDA00025345361000000415
Document DiThe corresponding ciphertext is noted
Figure GDA00025345361000000416
User ciphertext Ci(i ═ 1, …, n) uploading to a cloud server;
specifically, the process of the data owner constructing the index table is as follows:
(S2b 1.) the data owner extracts a set of keywords W from the document set D1,…,wm}. Suppose each document Di(1 ≦ i ≦ n) all have a unique ID idi(i-1, …, n), which may be represented by a k-bit binary string. For each keyword wle.W (l is 1, …, m), and selecting a null set D (W) with the size of sl) And for the set D (w) as followsl) Assigning values to the elements in (1): if document Di(1. ltoreq. i. ltoreq. n) contains a keyword wlThen document D is addediCorresponding identity identifier idiIs stored in D (w)l) In (1). Order to
Figure GDA00025345361000000417
If D (w)l) When the number of the elements in the series is less than s, s- | D (w) is randomly selectedl) The | k-bit binary string is padded with the symbol id'j(id′j≠idj) Represents the corresponding identity identifier, where j ═ 1, …, s- | D (w)l) L. Data owner using key K1And a pseudo-random function F1For each keyword wl(l 1, …, m) the encryption process becomes t (w)l)=F1(K1,wl) (l ═ 1, …, m). Suppose A is an m x s dimensional array initialized to empty, which is used to store D (w)l) (l ═ 1, …, m) of each element. Specifically, the data owner is for each D (w)l)(l=1,…Id of element in m)j(j is more than or equal to 1 and less than or equal to s) are encrypted one by one, and then the encryption results are stored in A (addr (N) in a linked list correlation mode respectivelyl,1)),A(addr(Nl,2)),,…,A(addr(Nl,s) Therein addr (N)l,1),addr(Nl,2),…,addr(Nl,s) Representing s different positions in the matrix a. The data owner selects a {0,1}k×{0,1}kAnd each key w in array Al(l is more than or equal to 1 and less than or equal to m) corresponding to the position information addr (N) of the head node of the linked listl,1) And t (w)l) (1. ltoreq. l. ltoreq.m) is encrypted as (t (w)l),l(wl)⊕addr(Nl,1) And stored in table T).
(S2b 2.) the index table I ═ a, T is uploaded to the cloud server.
The matrix a in the step (S2b1) is constructed as follows:
(S2b11). for D (w)l) (1. ltoreq. l. ltoreq.m) each element idjAnd (j is more than or equal to 1 and less than or equal to s) the encryption is carried out by utilizing the idea of combining symmetric encryption and public key encryption. Specifically, id for each elementjUsing a secret key K3And a keyword wlAnd (3) calculating:
Figure GDA0002534536100000051
(l is more than or equal to 1 and less than or equal to m, and j is more than or equal to 1 and less than or equal to s). Then, a symmetric encryption scheme is used, Enc (,) and
Figure GDA0002534536100000052
will idjIs encrypted as
Figure GDA0002534536100000053
Figure GDA0002534536100000054
(l is more than or equal to 1 and less than or equal to m, and j is more than or equal to 1 and less than or equal to s). Selecting s public keys PK related to time from all public key sets published by cloud serverl,1,…,PKl,sAnd using a public key encryption scheme2Enc (·, ·,) encrypts keys used herein one by one
Figure GDA0002534536100000055
The corresponding ciphertext is noted
Figure GDA0002534536100000056
(j is more than or equal to 1 and less than or equal to s). Finally order
Figure GDA0002534536100000057
This value represents the element idjThe result of the encryption. For each keyword wl(l is more than or equal to 1 and less than or equal to m) s different empty positions addr (N) are randomly selected from Al,1),…,addr(Nl,s) (1. ltoreq. l. ltoreq. m,) and information is expressed
Figure GDA0002534536100000058
(1. ltoreq. l.ltoreq.m, 1. ltoreq. j.ltoreq.s) are stored in the corresponding positions in sequence, where addr (N)l,s+1) And ═ represents the end symbol of the read data and write data programs.
The table T in the step (S2b1) is configured as follows:
(S2b 12.) data owner utilizes a pseudo-random function F1Secret key K1,K2For each keyword wl(1. ltoreq. l. ltoreq.m): t (w)l)=F1(K1,wl),l(wl)=F1(K2,wl). Then the array (t (w)l),
Figure GDA0002534536100000059
) Stored in the table T in a lexicographical ordering manner.
Specifically, the specific procedure of the step (S3) is as follows:
(S3 a.) user utilizes secret key (K)1,K2) For the keyword w desired to be inquiredαe.W generates a search instruction Tr (W)α)=(t(wα),l(wα),h(wα))=(F1(K1,wα),F1(K2,wα),F3(K1,wα) And sends it to the server, where t (w)α) For searching for instruction Tr (w)α) The first score in, l (w)α) For searchingInstruction Tr (w)α) The second score in (d), h (w)α) For searching for instruction Tr (w)α) The third score in (1).
Specifically, the step (S4) includes the following steps:
(S4a) the cloud server searches the instruction Tr (w)α) First score t (w) ofα) Find the corresponding value in the table T
Figure GDA00025345361000000510
Then using Tr (w)α) Second score of l (w)α) XOR with γ to get the address addr (N)α,1). The server extracts array A (addr (N)α,1) Data stored in (c) in
Figure GDA00025345361000000511
Saving pointer information values of the first portion
Figure GDA00025345361000000512
And using Tr (w)α) Third score h (w) ofα) And data
Figure GDA00025345361000000513
XOR to get addr (N)α,2). Read array A (addr (N)α,2) Data stored in (c) in
Figure GDA0002534536100000061
Saving pointer information values
Figure GDA0002534536100000062
Then using Tr (w)α) Third score h (w) ofα) And data
Figure GDA0002534536100000063
XOR to get addr (N)α,3). Repeat the above steps until the server encounters addr (N)α,(s+1)) T ═ so long that the cloud server can obtain the pointer information in turn
Figure GDA0002534536100000064
(S4 b.) the cloud server assembles the pointer information in the last step
Figure GDA0002534536100000065
And returned to the user.
(S4c) the user receives the set of pointer information
Figure GDA0002534536100000066
Thereafter, it communicates with the time server in order to obtain the corresponding decryption key SKα,1,…,SKα,s
(S4d) the user receives the decryption key SK released by the time serverα,j(t 1, …, s) and then use the key SKα,jDecrypting array
Figure GDA0002534536100000067
The second component of
Figure GDA0002534536100000068
Then use
Figure GDA0002534536100000069
Decryption
Figure GDA00025345361000000610
The first component of
Figure GDA00025345361000000611
The user then continues to communicate with the cloud server.
(S4e) the cloud server receives the request of the user
Figure GDA00025345361000000612
Then, the corresponding ciphertext document is found out in C
Figure GDA00025345361000000613
Figure GDA00025345361000000614
And return it toA user.
The specific process of the step (S4c) is as follows:
(S4c1) the time server firstly verifies the identity information of the user, if the identity is legal, then checks whether the public key PK can be released currentlyα,1,…,PKα,sCorresponding private key SKα,1,…,SKα,s. If the private key SK can now be releasedα,j(j is more than or equal to 1 and less than or equal to s), the value is sent to the user; if the specified time period is not reached, the private key SK is not returnedα,j(1≤j≤s)。
Specifically, the step (S5) includes the following steps:
(S5a) to be received by the user
Figure GDA00025345361000000615
Thereafter, the user continues to communicate with the time server to obtain the associated decryption key
Figure GDA00025345361000000616
The time server firstly verifies the identity information of the user, if the identity is legal, the time server checks whether the public key can be released currently
Figure GDA00025345361000000617
Corresponding decryption key
Figure GDA00025345361000000618
If so, the value is sent to the user. Herein, the
Figure GDA00025345361000000619
Is encryption
Figure GDA00025345361000000620
The public key used.
(S5b) the user receives the decryption key
Figure GDA00025345361000000621
Then, firstly, the
Figure GDA00025345361000000622
Second component ck αjAnd (3) decryption:
Figure GDA00025345361000000623
then use
Figure GDA00025345361000000624
Decryption
Figure GDA00025345361000000625
First component of
Figure GDA00025345361000000626
Figure GDA00025345361000000627
Compared with the prior art, the invention has the following beneficial effects.
1. The privacy of the cloud documents is guaranteed. The plaintext data are encrypted and then stored in the cloud, so that on one hand, the privacy of the data is protected, on the other hand, convenience is brought to a user, and the user can inquire the own data on any equipment at any time and any place.
2. Data can be uploaded in advance, and the workload of a data owner is simplified. In the previous manner, the data owner needs to wait until the first second of a specific time to upload the document and is subject to network congestion during the process of uploading the document. The data is processed by utilizing an encryption mode of a time release mechanism, so that the data can be uploaded to the cloud in advance.
3. The time of the user query is normalized. Some data in actual life can only be inquired within a certain specified time period in the future, such as the leave orders, the national unified examination score inquiry and the like. The invention constructs an index related to time for the database, so that a user can only inquire the data set related to the key words in a specific time period.
Drawings
FIG. 1 is a system framework of the present invention.
Detailed Description
The technical solution of the present invention will be specifically described below by taking embodiment 1 as an example, with reference to the accompanying drawings. First we briefly describe the mathematical notation used.
a=(a.Enc(·,·),aDec (·, ·,)) a secure cryptosystem algorithm, whereinaEnc is the corresponding encryption algorithm,adec is the corresponding decryption algorithm. When a is 1, the algorithm is a symmetric encryption algorithm, and when a is 2, the algorithm is a public key encryption algorithm.
-Enc (·,. Dec (·,)) determines a symmetric encryption algorithm, where Enc is the respective encryption algorithm and Dec is the corresponding decryption algorithm. The output length of the algorithm is k bits.
(PK, SK) a public-private key pair, where PK is the public key and SK is the corresponding private key.
Fb:{0,1}k×{0,1}*→{0,1}kPseudo-random function, b1, 2, 3.
π:{0,1}k×{0,1}k→{0,1}kπ is the pseudo-random permutation of k-bit to k-bit.
D=(D1,D2,…,Dn) A collection of documents.
D (w) a set of document identifiers comprising the keyword w.
W is a set of keys in D.
idiIth document DiAnd the corresponding file identifier consists of a k-bit binary character string.
A m · s.
addr(Ni,j) The addr (N) of the array Ai,j) Each position is represented by a k-bit binary string.
T{0,1}k×{0,1}kAn array of (2).
The number of elements in the set W.
Example 1
In this embodiment, a total of four participants are involved: data owner, cloud server, time server, user. The concrete implementation process comprises five links:
1. and a key generation stage: in this phase, the user enters a security parameter λ, generating an array of keys
Figure GDA0002534536100000081
And the time server inputs the security parameter lambda and broadcasts the public key to all members
Figure GDA0002534536100000082
And PK1,1,…,PKm,sThe private keys corresponding to these public keys are published to the legitimate users by the time server at a later specified time. The security parameter lambda takes a binary number of at least 256 bits.
2. And (3) an encryption stage: suppose a data owner has n documents D ═ D (D)1,D2,…,Dn) It needs to be uploaded to the cloud, for which he will complete the following two steps:
a) encrypt the document data. Data owner for each document DiUsing cryptographic keys
Figure GDA0002534536100000083
Is encrypted, i.e.
Figure GDA0002534536100000084
Data owner selects public key
Figure GDA0002534536100000085
Pairing keys according to the idea of the public key cryptosystem
Figure GDA0002534536100000086
Carry out encryption
Figure GDA0002534536100000087
Final document DiThe corresponding ciphertext is
Figure GDA0002534536100000088
b) Construct index table I. The data owner extracts the set of keywords W, assuming | W | ═ m. Then for each keyword wlE.g. W, minSet D (w) of pairsl) And (4) assignment is carried out: if document Dj(j ═ 1, …, n) contains a key wl(l 1, …, m), then D is addedjDocument identifier id ofj(j ═ 1, …, n) is stored in set D (w)l) In (1). Remember of sl=|D(wl) 1 (…, m), and let
Figure GDA0002534536100000089
If D (w)l) The number of the elements in (1) is less than s, then s-s is randomly selectedlA k-dimensional character string {0,1}kD (w)l) (l 1, …, m) is filled up to s elements. Let global variable ctr equal to 1, from keyword w1Starting with the keyword w one by onel(l ═ 1., m) the following is done:
I) calculate t (w)l)←F1(K1,wl),l(wl)←F1(K2,wl),
Figure GDA00025345361000000810
Will array (t (w)l),
Figure GDA00025345361000000811
) Stored in a dictionary ordering manner in a table T, where
Figure GDA00025345361000000812
Representing integer x by a pseudorandom permutation function
Figure GDA00025345361000000813
Mapping to the position of the addr (y) of the array A.
II) to D (w)l) Each element in (1)
Figure GDA00025345361000000814
Selecting a time dependent public key PKl,j(j ═ 1, …, s), and the following operations are performed:
Figure GDA00025345361000000815
and
Figure GDA00025345361000000816
and order
Figure GDA00025345361000000817
III) let ctr ═ ctr +1, calculate
Figure GDA00025345361000000818
Will be provided with
Figure GDA00025345361000000819
Is stored in array A (addr (N)l,j) J ═ 1, …, s), where addr (N)l,(s+1)) ═ denotes a null character, meaning the operation ends.
Let index table I equal (a, T), the data owner uploads ciphertexts C and I to the cloud.
3. A search instruction generation stage: when the user wants to inquire whether the keyword w is includedαThe user utilizes the key K1,K2For the keyword wαCalculating t (w)α)←F1(K1,wα),l(wα)←F1(K2,wα) And h (w)α)←F3(K1,wα). Let Tr (w)α)=(t(wα),l(wα),h(wα) Is a search instruction and sends the value to the cloud server.
4. A search execution stage: when the cloud server receives a search instruction Tr (w) sent by a userα) Then, it first uses t (w)α) Found in Table T
Figure GDA0002534536100000091
Then by l (w)α) To obtain
Figure GDA0002534536100000092
Read array A (addr (N)α,1) Information in (2)
Figure GDA0002534536100000093
Storing information
Figure GDA0002534536100000094
Due to h (w)α)=F3(K1,wα) So the cloud server can calculate
Figure GDA0002534536100000095
The cloud server continues to read A (addr (N)α,2) Value in (1)
Figure GDA0002534536100000096
The above process is repeated until addr (N)l,(s+1)) T, the cloud server may fetch in sequence
Figure GDA0002534536100000097
And returns it to the user.
User receives
Figure GDA0002534536100000098
Then sending the identity information to the time server, and once the verification is passed, the time server consults whether the public key PK can be released currentlyα,j(j ═ 1, …, s) corresponding private key SKα,1,…,SKα,s. If the release is currently possible, the time server will use the corresponding private key SKα,j(j is more than or equal to 1 and less than or equal to s) is returned to the user, if the private key SK is not allowed to be released currentlyα,j(j is more than or equal to 1 and less than or equal to s), the value is not returned to the user.
User receives SKα,j(j is not less than 1 and not more than s), and then using the value pair
Figure GDA0002534536100000099
Second component of
Figure GDA00025345361000000910
And (3) decryption:
Figure GDA00025345361000000911
(j is more than or equal to 1 and less than or equal to s). Then use
Figure GDA00025345361000000912
To corresponding
Figure GDA00025345361000000913
First component of
Figure GDA00025345361000000914
The following operations are performed:
Figure GDA00025345361000000915
user asks cloud server for
Figure GDA00025345361000000916
Corresponding ciphertext document
Figure GDA00025345361000000917
After receiving the instruction, the cloud server returns the corresponding ciphertext document
Figure GDA00025345361000000918
To the user.
5. And a decryption stage: user receives
Figure GDA00025345361000000919
Thereafter, the public key is again solicited from the time server
Figure GDA00025345361000000920
Corresponding decryption key
Figure GDA00025345361000000921
The time server responds to the user and combines
Figure GDA00025345361000000922
The corresponding decryption key is embedded in the time information according to the specified time
Figure GDA00025345361000000923
And sending the data to the user. End user receives
Figure GDA00025345361000000924
j is less than or equal to s), using these
Figure GDA00025345361000000925
To pair
Figure GDA00025345361000000926
Second component ck αj(1. ltoreq. j. ltoreq. s) calculation
Figure GDA0002534536100000101
Then use
Figure GDA0002534536100000102
To corresponding
Figure GDA0002534536100000103
First component of
Figure GDA0002534536100000104
And (3) calculating:
Figure GDA0002534536100000105
(j is more than or equal to 1 and less than or equal to s). Eventually, the user gets the inclusion keyword wαDocument of
Figure GDA0002534536100000106
The foregoing is only a preferred embodiment of the present invention, and it should be noted that those skilled in the art can make various improvements and modifications without departing from the principle of the present invention, and these improvements and modifications should also be construed as the protection scope of the present invention.

Claims (8)

1. A cloud storage searching method based on time release mainly comprises a data owner, a cloud server and a user, and is characterized in that:
the system also comprises a time server which is a trusted center;
the method comprises the following steps:
(S1) the data owner inputs the security parameter lambda to generate a security key for encryptionKey array of documents and construction indexes, expressed as n +3 dimensional keys
Figure FDA0002689266090000011
n is an integer greater than or equal to 1 and represents the number of documents contained in the document set D; the time server inputs a safety parameter lambda, randomly generates and broadcasts a series of public keys related to time; is shown as
Figure FDA0002689266090000012
And PK1,1,…,PKm,sM and s are integers which are more than or equal to 1, m is the number of keywords in the database, and the value of s is determined by the maximum value of the number of documents related to the keywords in the database;
(S2), the data owner sets the local document set D ═ D (D)1,D2,…,Dn) Encrypted ciphertext file set C ═ (C)1,C2,…,Cn) (ii) a Meanwhile, the data owner creates an encryption index table I for the document set D, and the data owner stores the ciphertext document set C and the index table I to the cloud server; wherein each document is represented as Di(1 ≦ i ≦ n), the corresponding ciphertext document is represented as: ci(1≤i≤n);
(S3), the legal user inquiry contains the key word wα(1. ltoreq. alpha. ltoreq.m) document, the user first using the key as the keyword wαGenerating a search instruction Tr (w)α) Then search instruction Tr (w)α) Sending the data to a cloud server;
(S4) the cloud server searches for the instruction Tr (w)α) Finding the contained key word w in the index table IαA set of pointers to a document
Figure FDA0002689266090000013
The server needs to point these file pointers
Figure FDA0002689266090000014
Returning to the user; user receives file pointer set
Figure FDA0002689266090000015
Then communicating with a time server; after the time server verifies that the identity information of the user is legal, the corresponding decryption key SK is used in a future specified time periodα,1,…,SKα,sSending to the user, the user receiving the decryption key SKα,1,…,SKα,sThen, from the file pointer set
Figure 1
In the clear text document identity identifier
Figure FDA0002689266090000017
The legal user communicates with the cloud server again and returns the corresponding ciphertext document
Figure FDA0002689266090000018
(S5), decryption stage: user receives cipher text document
Figure FDA0002689266090000019
Thereafter, communicating with the timeserver and obtaining a corresponding decryption key from the timeserver
Figure FDA00026892660900000110
The user utilizes these key pairs to encrypt the set of text
Figure FDA00026892660900000111
Decrypting to obtain corresponding plaintext information
Figure FDA00026892660900000112
2. The cloud storage searching method based on time release according to claim 1, wherein: in the step (S2), both the method of combining the symmetric encryption system and the public key encryption system is adopted when the data owner encrypts the document and generates the index table, and finally the ciphertext and the encrypted index table are generated.
3. The cloud storage searching method based on time release according to claim 2, wherein:
the specific process of encrypting the document by the data owner is as follows:
(S2 a.) data owner utilizes a key
Figure FDA0002689266090000021
Encrypted document Di(1≤i≤n):
Figure FDA0002689266090000022
Wherein
Figure FDA0002689266090000023
A symmetric encryption scheme is shown that is,
Figure FDA0002689266090000024
it is shown that the process of encryption,
Figure FDA0002689266090000025
which represents the process of decryption of the content,
Figure FDA0002689266090000026
indicating the keys used in the encryption and decryption processes,
Figure FDA0002689266090000027
representing the corresponding encryption result; then using n public keys related to time
Figure FDA0002689266090000028
Separately encrypting keys
Figure FDA0002689266090000029
Figure FDA00026892660900000210
Figure FDA00026892660900000211
Represents an encryption process of a public key encryption scheme using a public key of
Figure FDA00026892660900000212
Document DiThe corresponding ciphertext document is
Figure FDA00026892660900000213
The data owner sets the ciphertext document set C ═ C (C)1,…,Cn) Uploading to a cloud server;
the specific process of constructing the index table by the data owner is as follows:
(S2b 1.) the data owner extracts a set of keywords W from the set of documents D, and for each keyword WlE.g. W (l ═ 1.., m), calculate D (W)l) D (w) as defined abovel) Is composed of a key word wlDocument D ofjIdentifier id ofjSet of constituent documents identifier idjIs a binary string of k bits; data owner using key K1And a pseudo-random function F1Each keyword wlIs encrypted into t (w)l) (l ═ 1,. m); the data owner chooses an array A of dimensions | W | × s initialized to empty for storing D (W | ×)l) (l ═ 1.., m) for each element; data owner first pair D (w)l) Each element of (1., m)
Figure FDA00026892660900000214
The encryption process then stores these values in the addr (N) of matrix A in linked list associationl,1),…,addr(Nl,s) Position; if D (w)l) When the number of elements in (l ═ 1., m) is less than s, the data owner randomly selects s- | D (w |, m)l) Binary string of | k-dimensional bits
Figure FDA00026892660900000215
D (w)l) Filling to s elements; the data owner selects one {0,1}k×{0,1}kAnd each key w in array Al(l ═ 1.. multidata., m) of the head node position information addr (N) of the corresponding linked listl,1) And a keyword wlIs given by the cryptographic value t (w)l) (l ═ 1.., m) is encrypted as
Figure FDA00026892660900000216
Figure FDA00026892660900000217
Then storing the result in a table T according to a dictionary sorting method;
the table T in the step (S2b1) is configured as follows:
(S2b 12.) data owner utilizes a pseudo-random function F1Secret key K1,K2For each keyword wl(1. ltoreq. l. ltoreq.m): t (w)l)=F1(K1,wl),l(wl)=F1(K2,wl) (ii) a Then the array is
Figure FDA00026892660900000218
Storing the data in a table T according to a dictionary sorting method;
(S2b 2.) upload index table I ═ a, T to the cloud server.
4. The cloud storage searching method based on time release according to claim 3, wherein:
the matrix a in the step (S2b1) is constructed as follows:
(S2b11). first, for each D (w)l) Each element id in (1., m)j(j ═ 1.., s) as follows: using a secret key K3And a keyword wlAnd (3) calculating:
Figure FDA0002689266090000031
enc (·, ·) and
Figure FDA0002689266090000032
will idj(1. ltoreq. j. ltoreq. s) is encrypted as
Figure FDA0002689266090000033
Figure FDA0002689266090000034
Selecting s time-dependent public keys PKl,1,…,PKl,sAnd using a public key encryption scheme2Enc (·, ·,) encrypts keys used herein one by one
Figure FDA0002689266090000035
The corresponding ciphertext is noted
Figure FDA0002689266090000036
Figure FDA0002689266090000037
Figure FDA0002689266090000038
Finally order
Figure FDA0002689266090000039
The value is expressed as an element idjThe encryption pointer value of (a); randomly selecting s different empty positions addr (N) in Al,1),…,addr(Nl,s) Respectively transmit the information
Figure FDA00026892660900000310
Figure FDA00026892660900000311
Is stored in A (addr (N)l,j) J is more than or equal to 1 and less than or equal to s); addr (N)l,s+1) And ═ is used as the end symbol of the read data and the write data.
5. The time release-based cloud storage searching method according to claim 3 or 4, wherein: the specific process of the step (S3) is as follows:
(S3 a.) user utilizes secret key (K)1,K2) Keyword w queried for oneselfαGenerating a search instruction Tr (w)α)=(t(wα),l(wα),h(wα) And sends it to the server; wherein t (w)α) For searching for instruction Tr (w)α) The first score in, l (w)α) For searching for instruction Tr (w)α) The second score in (d), h (w)α) For searching for instruction Tr (w)α) The third score in (1).
6. The cloud storage searching method based on time release according to claim 5, wherein: the specific process of the step (S4) is as follows:
(S4a) the cloud server searches the instruction Tr (w)α) First score t (w) ofα) Find the corresponding value in the table T
Figure FDA00026892660900000312
Using Tr (w)α) Second score of l (w)α) Is transformed to gamma
Figure FDA00026892660900000313
Get the address addr (N)α,1) The information of (a); the cloud server extracts array A (addr (N)α,1) Data stored in (c) in
Figure FDA00026892660900000314
Figure FDA00026892660900000315
Saving pointer values in the data
Figure FDA00026892660900000316
Using Tr (w)α) Third score h (w) ofα) For the above data
Figure FDA00026892660900000317
And (3) transformation:
Figure FDA00026892660900000318
obtaining addr (N)α,2) (ii) a Repeating the above steps until the cloud server encounters addr (N)α,(s+1)) Until ═ t, the cloud server can obtain the set of pointers in turn
Figure FDA00026892660900000319
(S4b) the cloud server sets the pointers in the step (S4a)
Figure FDA00026892660900000320
The value of (d) is returned to the user;
(S4c) user receipt
Figure FDA00026892660900000321
Thereafter, it communicates with the time server in order to obtain the corresponding decryption key SKα,1,…,SKα,s
(S4d) the user receives the decryption key SK released by the time serverα,j(j is more than or equal to 1 and less than or equal to s), and then the key SK is utilizedα,j(j is more than or equal to 1 and less than or equal to s) decryption array
Figure FDA0002689266090000041
Is a second component value
Figure FDA0002689266090000042
Figure FDA0002689266090000043
By using
Figure FDA0002689266090000044
Decrypting array
Figure FDA0002689266090000045
Is measured at the first component value of
Figure FDA0002689266090000046
Figure FDA0002689266090000047
The user will
Figure FDA0002689266090000048
Sending the data to a cloud server;
(S4e) the cloud server receives the request of the user
Figure FDA0002689266090000049
Then, the corresponding ciphertext document is found out in C
Figure FDA00026892660900000410
Figure FDA00026892660900000411
And returns it to the user.
7. The cloud storage searching method based on time release according to claim 6, wherein:
the specific process of the step (S4c) is as follows:
(S4c1) the time server firstly verifies the identity information of the user, if the identity is legal, the public key PK is checkedα,1,…,PKα,sThe release time of the corresponding private key; if the release of the private key SK is currently reachedα,1,…,SKα,sThe corresponding private key SKα,j(j is more than or equal to 1 and less than or equal to s) is sent to the user; if the specified time period is not reached, the private key SK is not returnedα,j(1≤j≤s)。
8. The time release-based cloud storage searching method according to claim 6 or 7, wherein: the specific process of the step (S5) is as follows:
(S5a) to be received by the user
Figure FDA00026892660900000412
Thereafter, the user continues to communicate with the time server to obtain the associated decryption key
Figure FDA00026892660900000413
The time server firstly verifies the identity information of the user, if the identity is legal, the time server checks whether the public key can be released currently
Figure FDA00026892660900000414
Corresponding decryption key
Figure FDA00026892660900000415
If so, the corresponding decryption key is used
Figure FDA00026892660900000426
Sending the data to a user; the above-mentioned
Figure FDA00026892660900000416
Is encryption
Figure FDA00026892660900000417
The public key used;
(S5b) the user receives the decryption key
Figure FDA00026892660900000418
Then, firstly, the array is aligned
Figure FDA00026892660900000419
Second component ck αj
Figure FDA00026892660900000420
And (3) decryption:
Figure FDA00026892660900000421
by using
Figure FDA00026892660900000422
Decryption
Figure FDA00026892660900000423
First component of
Figure FDA00026892660900000424
Figure FDA00026892660900000425
CN201711344491.1A 2017-12-15 2017-12-15 Cloud storage searching method based on time release Active CN108111587B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711344491.1A CN108111587B (en) 2017-12-15 2017-12-15 Cloud storage searching method based on time release

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711344491.1A CN108111587B (en) 2017-12-15 2017-12-15 Cloud storage searching method based on time release

Publications (2)

Publication Number Publication Date
CN108111587A CN108111587A (en) 2018-06-01
CN108111587B true CN108111587B (en) 2020-11-06

Family

ID=62217101

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711344491.1A Active CN108111587B (en) 2017-12-15 2017-12-15 Cloud storage searching method based on time release

Country Status (1)

Country Link
CN (1) CN108111587B (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109165520B (en) * 2018-07-16 2020-08-11 哈尔滨工业大学(深圳) Data encryption method and device and data encryption retrieval system
CN109145079B (en) * 2018-07-24 2022-07-19 南京邮电大学 Cloud searchable encryption method based on personal interest user model
CN110380841A (en) * 2019-07-25 2019-10-25 黑龙江头雁科技有限公司 A kind of Electronic Document exchange encryption method based on BlockChain
CN110618999A (en) * 2019-08-01 2019-12-27 平安科技(深圳)有限公司 Data query method and device, computer storage medium and electronic equipment
CN112153078B (en) * 2020-10-26 2021-07-27 广州欧赛斯信息科技有限公司 Encryption method and system based on time release
CN114024776A (en) * 2022-01-05 2022-02-08 北京理工大学 Encryption transmission method and system supporting timing decryption

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1487422A (en) * 2002-04-17 2004-04-07 微软公司 Encrypted data memory & data search based on public key
CN102024054A (en) * 2010-12-10 2011-04-20 中国科学院软件研究所 Ciphertext cloud-storage oriented document retrieval method and system
CN103023637A (en) * 2012-12-25 2013-04-03 电子科技大学 Encryption and search method for revocable keyword search public keys in cloud storage
CN103595730A (en) * 2013-11-28 2014-02-19 中国科学院信息工程研究所 Ciphertext cloud storage method and system
CN103731432A (en) * 2014-01-11 2014-04-16 西安电子科技大学昆山创新研究院 Multi-user supported searchable encryption system and method
CN104052740A (en) * 2014-05-22 2014-09-17 西安理工大学 Verifiable and searchable encryption method based on dictionary in cloud storage
CN104780161A (en) * 2015-03-23 2015-07-15 南京邮电大学 Searchable encryption method supporting multiple users in cloud storage
US9281941B2 (en) * 2012-02-17 2016-03-08 International Business Machines Corporation Homomorphic evaluation including key switching, modulus switching, and dynamic noise management
CN105763324A (en) * 2016-04-19 2016-07-13 四川理工学院 Controllable searchable encryption searching method being able to verify multi user-ends
CN106815350A (en) * 2017-01-19 2017-06-09 安徽大学 Dynamic ciphertext multi-key word searches for method generally in a kind of cloud environment
CN107395568A (en) * 2017-06-21 2017-11-24 西安电子科技大学 A kind of cipher text retrieval method of more data owner's certifications

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1487422A (en) * 2002-04-17 2004-04-07 微软公司 Encrypted data memory & data search based on public key
CN102024054A (en) * 2010-12-10 2011-04-20 中国科学院软件研究所 Ciphertext cloud-storage oriented document retrieval method and system
US9281941B2 (en) * 2012-02-17 2016-03-08 International Business Machines Corporation Homomorphic evaluation including key switching, modulus switching, and dynamic noise management
CN103023637A (en) * 2012-12-25 2013-04-03 电子科技大学 Encryption and search method for revocable keyword search public keys in cloud storage
CN103595730A (en) * 2013-11-28 2014-02-19 中国科学院信息工程研究所 Ciphertext cloud storage method and system
CN103731432A (en) * 2014-01-11 2014-04-16 西安电子科技大学昆山创新研究院 Multi-user supported searchable encryption system and method
CN104052740A (en) * 2014-05-22 2014-09-17 西安理工大学 Verifiable and searchable encryption method based on dictionary in cloud storage
CN104780161A (en) * 2015-03-23 2015-07-15 南京邮电大学 Searchable encryption method supporting multiple users in cloud storage
CN105763324A (en) * 2016-04-19 2016-07-13 四川理工学院 Controllable searchable encryption searching method being able to verify multi user-ends
CN106815350A (en) * 2017-01-19 2017-06-09 安徽大学 Dynamic ciphertext multi-key word searches for method generally in a kind of cloud environment
CN107395568A (en) * 2017-06-21 2017-11-24 西安电子科技大学 A kind of cipher text retrieval method of more data owner's certifications

Also Published As

Publication number Publication date
CN108111587A (en) 2018-06-01

Similar Documents

Publication Publication Date Title
CN108111587B (en) Cloud storage searching method based on time release
Du et al. Privacy-preserving indexing and query processing for secure dynamic cloud storage
Sun et al. An efficient non-interactive multi-client searchable encryption with support for boolean queries
Salam et al. Implementation of searchable symmetric encryption for privacy-preserving keyword search on cloud storage
Zeng et al. Forward secure public key encryption with keyword search for outsourced cloud storage
Örencik et al. Efficient and secure ranked multi-keyword search on encrypted cloud data
CN109361644B (en) Fuzzy attribute based encryption method supporting rapid search and decryption
CN104052740A (en) Verifiable and searchable encryption method based on dictionary in cloud storage
CN110866135B (en) Response length hiding-based k-NN image retrieval method and system
CN113037753B (en) Encrypted data sharing method with privacy protection based on block chain
CN108400970A (en) Set of metadata of similar data message locking encryption De-weight method, cloud storage system in cloud environment
US10733317B2 (en) Searchable encryption processing system
CN111556048B (en) Attribute-based secure communication method and system supporting ciphertext mode matching
CN114598472A (en) Conditional-hidden searchable agent re-encryption method based on block chain and storage medium
Li et al. Fully homomorphic encryption with table lookup for privacy-preserving smart grid
Suveetha et al. Ensuring confidentiality of cloud data using homomorphic encryption
Hoang et al. A multi-server oblivious dynamic searchable encryption framework
CN109672525B (en) Searchable public key encryption method and system with forward index
CN108920968B (en) File searchable encryption method based on connection keywords
US20190026502A1 (en) Searchable symmetric encryption with enhanced locality via balanced allocations
CN111552988A (en) Monte Carlo sampling-based forward safety k neighbor retrieval method and system
Zhu et al. Quantum fully homomorphic encryption scheme for cloud privacy data based on quantum circuit
KR100951034B1 (en) Method of producing searchable keyword encryption based on public key for minimizing data size of searchable keyword encryption and method of searching data based on public key through that
CN113132345B (en) Agent privacy set intersection method with searchable function
CN112765669B (en) Regular language searchable encryption system based on time authorization

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant