CN108197499B - Verifiable ciphertext data range query method - Google Patents

Verifiable ciphertext data range query method Download PDF

Info

Publication number
CN108197499B
CN108197499B CN201810025747.0A CN201810025747A CN108197499B CN 108197499 B CN108197499 B CN 108197499B CN 201810025747 A CN201810025747 A CN 201810025747A CN 108197499 B CN108197499 B CN 108197499B
Authority
CN
China
Prior art keywords
data
prefix
node
local data
pbtree
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810025747.0A
Other languages
Chinese (zh)
Other versions
CN108197499A (en
Inventor
赖俊祚
张江河
王传胜
李燕玲
熊婕
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jinan University
Original Assignee
Jinan University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jinan University filed Critical Jinan University
Priority to CN201810025747.0A priority Critical patent/CN108197499B/en
Publication of CN108197499A publication Critical patent/CN108197499A/en
Application granted granted Critical
Publication of CN108197499B publication Critical patent/CN108197499B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • Power Engineering (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a verifiable ciphertext data range query method, which comprises the steps of sequencing local data to obtain ternary group data and a prefix set of the local data, and storing the prefix set of the local data in a PBtree; encrypting the ternary group data and the prefix sets respectively, and storing the encrypted local data in leaf nodes in a PBtree; the processed data are sent to a cloud server; and generating a trap door through the query range, searching in the PBtree by the cloud server through the trap door, finally returning the ciphertext data in the corresponding searched leaf node, decrypting the ciphertext data by a data user, and judging whether the obtained data size continuously confirms that the result returned by the cloud server is complete according to the decrypted data. According to the invention, the extra information is stored in the PBtree leaf node, so that the user query can be verified, and incomplete query results of the cloud server are prevented.

Description

Verifiable ciphertext data range query method
Technical Field
The invention relates to the field of cloud computing, in particular to a verifiable ciphertext data range query method.
Background
In recent years, with the drive of the rapid development of internet technology, people live with various conveniences brought by the internet technology all the time. In terms of data storage, outsourcing modes of data, such as cloud storage, are gaining increasing acceptance by multiple users. The cloud storage service can be divided into a public cloud and a private cloud from the aspect of deployment. The private cloud is used inside an enterprise, and provides uploading, storing and sharing services of data. Being used inside an enterprise, private clouds are controllable to the user's behavior to access data. In the enterprise, only the user authorized by the manager can access the data stored in the cloud server, the manager can stop the access authority of some users at any time, and the data can be trusted because the server is local and is not networked with the outside. However, when using a public cloud, a user's data access cannot be effectively restricted and the user cannot fully trust the cloud server. There are many advantages of public clouds that private clouds do not have. For enterprise users, the service providers only need to purchase services according to own requirements during use, the service providers can provide corresponding infrastructure for enterprises, technical support is provided in the use process of the enterprises, and the enterprises can effectively reduce cost. Due to the characteristics of the public cloud, the user is not limited to the geographical position any more, and the data can be accessed through various terminals at any time and any place in the network environment. The public cloud service end provider technology is relatively mature, reliable guarantee can be provided for data, and users do not need to worry about the problem of data loss
With the popularization of cloud computing technology, more and more users use cloud servers to store data. But there is no "absolute trust" for the user for the cloud server. In order to search required data in time and prevent a cloud server from stealing data related to privacy, users often adopt a searchable encryption method to store the data. The user encrypts the data and uploads the encrypted data to the cloud server for storage, when the user needs the data, a search command is sent to the cloud server, and the server searches according to conditions. Due to software errors, communication transmission failures or the fact that the server only searches partial data in order to save computing resources, the user obtains wrong or incomplete results, but the user cannot verify whether the results are complete or not. In many application scenarios, a user has both a need for privacy protection and a need for query on data stored in the cloud server, and the queried data is desired to be correct and complete. For example, the patient's age, height, weight, and the like can be counted in a hospital as case data that can be expressed as numerical values. In order to ensure that the patient case is not leaked, the case is processed and uploaded to a cloud server for storage. When a doctor needs to inquire patients in certain ranges, the inquiry range can be sent to the cloud server, and returned data are obtained after range inquiry. When the sample of the case is incomplete, the analysis is biased and no correct conclusion can be reached.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provide a high-safety and high-efficiency verifiable ciphertext data range query method, which ensures that a result obtained after a user queries can be verified by storing additional information in a leaf node of a PBtree and prevents the incomplete result returned by a cloud server.
The purpose of the invention is realized by the following technical scheme: a verifiable ciphertext data range query method comprises the following steps:
step S1, aiming at each local data which needs to be uploaded to the cloud server by the data owner, firstly sequencing each local data which needs to be uploaded to the cloud server at the data owner terminal according to the sequence from big to small or from small to big, and then simultaneously recording the front and back data of each local data aiming at each local data to obtain the triple data of each local data; simultaneously converting each local data into a prefix set, and storing the prefix set of each local data in a tree-shaped PBtree according to the sequencing of each local data;
step S2, for each local data encryption: asymmetrically encrypting the ternary group data corresponding to each local data, and then storing the encrypted ciphertext into a leaf node which correspondingly stores the local data prefix set in a PBtree;
and encrypting the prefixes stored by the nodes in the PBtree: for each node in the PBtree, merging the prefix sets stored by the node to obtain a merged prefix set, for the prefix set merged by the node, performing encryption processing on each prefix in the prefix set, and correspondingly storing each prefix encrypted by the hash function on each bloom filter;
sending the PBtree obtained after the processing to a cloud server by the data owner terminal;
step S3, when a data user needs to query data included in a certain range, first converting the query range into a minimum prefix set, calculating a plurality of hash values for each prefix in the prefix set, and then combining the plurality of hash values of each prefix to form a matrix as a trapdoor of the query range; finally, the trapdoors in the query range are sent to a cloud server through a terminal;
step S4, when the cloud server receives the trapdoor, starting a search from the top to the bottom in the PBtree using the trapdoor, wherein for each node, it is checked whether the following conditions are satisfied through the trapdoor and each bloom filter in the node that stores each encrypted prefix correspondingly: the intersection of the prefix set after union stored in the node and the prefix set with the minimum corresponding query range of the trapdoor is not an empty set; if yes, then detecting whether the condition is met or not aiming at the subsequent nodes of the node until all leaf nodes meeting the condition are found, and returning the ciphertext stored in the searched leaf nodes meeting the condition to a terminal of a data user as a query result;
step S5, after receiving each ciphertext returned by the cloud server, the data user terminal decrypts the ciphertext through the private key to obtain each group of decrypted data, the data user judges whether the size of the obtained data is continuous according to each group of decrypted data, and if the size of the obtained data is continuous, the query result returned by the cloud server is complete; otherwise, the query result returned by the cloud server is incomplete;
and if the data user sends the trap door to the cloud server through the terminal and the cloud server does not inquire the result, the cloud server returns the data stored by the PBtree root node to the data user terminal, the data user terminal verifies whether the intersection of the data stored by the PBtree root node in the range of the cloud server and the inquiry range corresponding to the trap door is an empty set, and if not, the server does not return the data in the range.
Preferably, in step S1, the process of converting each local data into a prefix set is as follows: firstly, aiming at each local data, acquiring a binary number of the local data; then, acquiring a prefix set according to the binary number:
F(x)={b1b2…bw,b1b2…bw-1*,…,b1*…*,**…*};
wherein b is1b2…bwIs a binary number of the local data x, w is a binary digit number of the local data x, and is a binary 0 or 1.
Preferably, in step S1, the specific process of storing the prefix set of each local data in a tree-like PBtree according to the ordering of each local data is as follows:
step S11, firstly, ordering the prefix set of each local data according to the ordering of each local data, forming a root node by the ordered prefix set, and then splitting the prefix set in the root node into left subsets SleftAnd a right subset Sright(ii) a Step S12;
in this step, when the total number of prefix sets in the root node is even, the left subset SleftAnd a right subset SrightThe number of the middle prefix sets is the same; when the total number of prefix sets in the root node is odd, the left subset SleftThe number of the middle prefix set is larger than that of the right subset SrightThe number of the middle prefix sets is one more; proceeding to step S12;
step S12, for each left subset SleftThe following treatments were carried out: from the currently acquired left subsets SleftForming root nodes of the left subtrees, and splitting prefix sets in the root nodes of the left subtrees into left subsets S aiming at the root nodes of the left subtreesleftAnd a right subset Sright(ii) a When the total number of prefix sets in the root node of the left sub-tree is even, the split left sub-set SleftAnd a right subset SrighThe number of the middle prefix sets is the same; when the total number of prefix sets in the root node of the left sub-tree is odd, the split left sub-set SleftThe number of the middle prefix set is larger than that of the right subset SrighMiddle prefix setThe number of the combinations is one more;
for each right subset SrightThe following treatments were carried out: from each right subset SrightRespectively forming root nodes of the right subtrees; then, aiming at the root node of each right subtree, splitting the prefix set in each root node of the right subtree into left subsets SleftAnd a right subset Sright(ii) a When the total number of prefix sets in the root node of the right subtree is even, the split left subset SleftAnd a right subset SrightThe number of the middle prefix sets is the same; when the total number of prefix sets in the root node of the right subtree is odd, the split left subset SleftThe number of the middle prefix set is larger than that of the right subset SrightThe number of the middle prefix sets is one more;
step S13, for each left subset S acquired in step S12leftAnd each right subset SrightRespectively judging whether the number of the prefix sets is 1 or not, and aiming at each left subset S with the prefix set number not being 1rightAnd each right subset SrightThen, the process of step S12 is performed again; and each left subset S with prefix set number of 1rightAnd each right subset SrightRespectively forming each leaf node of the PBtree; and finally, connecting all leaf nodes of the PBtree by using a linked list.
Preferably, in step S2, the process of encrypting each local data is as follows:
step S21, selecting a pair of prime numbers p and q that are different and larger than a certain value, and calculating n ═ pq;
step S22, calculating g (n) ═ p-1 (q-1), and then finding a prime number e with g (n), where 1< e < g (n);
step S23, d is calculated, wherein d is: d ≡ e-1mod g(n);
Step S24, setting the public key pk as (e, n) and the private key sk as (d, n); then, encrypting the triple group formed by each local data and the previous and next data to obtain a ciphertext:
Ci=(di-1||di||di+1)e(mod n);
wherein C isiIs a localData diAnd its preceding data di-1And following data di+1And encrypting the constructed triple data to obtain a ciphertext.
Preferably, in step S2, the process of encrypting the prefix in each node in the PBtree is as follows:
step S2a, firstly, merging the prefix sets stored by the node to obtain a merged prefix set;
s2b, acquiring r secret keys shared by a data owner and a data user; for each prefix in the prefix set after the node union set, the node union set is combined with r keys and calculated by using a hash function to obtain:
HMAC(k1,pi),…,HMAC(kr,pi);
wherein k is1,…,krR keys, p, shared by data owner and data consumeriThe prefix is the ith prefix in the prefix set after the node union set;
step S2c, generating a random number with the same bit length as the key bit length for the node, and then sequentially calculating r hash values of each prefix in the prefix set after the node union by using the random number:
HMAC(vx.R,HMAC(k1,pi)),…,HMAC(vx.R,HMAC(kr,pi));
wherein v isxR is for node vxGenerating a random number with the same bit length as the key bit;
step S2d, for the node, obtaining, after r hash values of each prefix in the prefix set after the node union is obtained in step S2c, each prefix encrypted by the hash function, and then correspondingly storing, on each bloom filter, each prefix encrypted by the hash function by the following operations:
vx.Bi[HMAC(vx.R,HMAC(kj,pi))mod M]:=1;
x=1,2,3,…X;j=1,2,3,…r;i=1,2,3,…I,
wherein v isx.Bi[HMAC(vx.R,HMAC(kj,pi))mod M]1 denotes the node vxThe ith prefix p encrypted by a hash function in the merged prefix setiIn a bloom filter BiThe corresponding stored position in (1); x is the total number of nodes in the PBtree, I is the node vxThe total number of prefixes in the prefix set after union; m is the length of the bloom filter, and the position of the prefix after corresponding storage encryption on the bloom filter is set as 1.
Further, in step S3, the procedure of generating the trapdoor is as follows:
step S31, for the query range given by the data consumer, first converting the query range into a minimum prefix set, and for each prefix in the prefix set, calculating r hash values by r keys shared by the data owner and the data consumer:
HMAC(k1,qy),…,HMAC(kr,qy);
wherein q isyIs the Y-th prefix in the prefix set with the minimum query range, and 1,2,3, … Y is the total number of prefixes in the prefix set with the minimum query range; wherein k is1,…,krR keys shared by the data owner and the data consumer;
step S32, combining the hash values of the prefixes in the prefix set with the minimum query range obtained in step S31 to form a matrix, which is used as a trapdoor of the query range:
Figure BDA0001544884240000051
wherein q is1To qYThe prefixes are respectively the 1 st to Y th prefixes in the prefix set with the minimum query range, wherein the Y-th row in the trapdoor corresponds to r hash values of the Y-th prefix in the prefix set with the minimum query range.
Further, in step S4, after the cloud server receives the trap door, the query process specifically includes:
step S41, first, search is performed from top to bottom from the root node in the PBtree, and for each node in the PBtree, it is checked whether the condition that the intersection of the union prefix set stored in the node and the prefix set with the smallest query range corresponding to the trapdoor is not an empty set is satisfied through the trapdoor and the bloom filters in the node that store the encrypted prefixes correspondingly, specifically: for each row in the trapdoor, checking whether bloom filters in bloom filters corresponding to the encrypted prefixes in the node meet the following conditions with any element calculation in the row:
vx.Bi[HMAC(vx.R,HMAC(kj,qy))mod M]:=1;
x=1,2,3,…X;j=1,2,3,…r;i=1,2,3,…I,y=1,2,3,…Y;
if yes, indicating that the prefix set after union in the node contains the prefix corresponding to the trapdoor row; namely, the intersection of the prefix set after union in the node and the prefix set S ([ a, b ]) with the minimum query range corresponding to the trapdoor is not an empty set;
step S42, for each node satisfying the above condition, the following nodes of the node are checked to see if the above condition is satisfied, until all leaf nodes satisfying the above condition are found, and the searched ciphertext stored in the leaf node satisfying the above condition is returned to the terminal of the data user as the query result.
Further, in step S42, for each node in the PBtree, it is checked whether one of the elements in a row of all bloom filters and trapdoors in the bloom filters storing encrypted prefixes satisfies the following condition: v. ofx.Bi[HMAC(vx.R,HMAC(kj,qy))mod M]0; if yes, the prefix set after union in the node does not contain the prefix corresponding to the hash value in the row of the trapdoor, at the time, when searching is carried out on the nodes subsequent to the node in the PBtree, the row element in the trapdoor is removed, and when all the row elements in the leaf node or the trapdoor are removed through searching, the searching is stopped.
Preferably, in step S1, when the local data that needs to be uploaded to the cloud server are sorted according to the descending order, the first local data, the positive infinity symbol and the second local data form triple data, and the last local data, the penultimate local data and the negative infinity symbol form triple data;
when the local data which need to be uploaded to the cloud server are sequenced according to the sequence from small to large, the first local data, the negative infinite symbol and the second local data form triple data, and the last local data, the penultimate local data and the positive infinite symbol form triple data.
Preferably, in step S5, the process that the data consumer determines whether the acquired data sizes are continuous according to each group of decrypted data is as follows: judging whether the third data after the previous group of decrypted data is the same as the first data after the next group of decrypted data; and judging whether the first decrypted data of the first group and the third decrypted data of the last group are out of the query range, if so, judging that the sizes of the data acquired by the data user are continuous.
Compared with the prior art, the invention has the following advantages and effects:
(1) the invention relates to a verifiable ciphertext data range query method, which comprises the steps of processing local data, sequencing the local data to obtain ternary data of the local data and data before and after the local data and a prefix set of the local data, and storing the prefix set of the local data in a PBtree; then, encrypting the triple data corresponding to each local data and each prefix in the prefix set after each node in the PBtree is stored and collected respectively, correspondingly storing each encrypted prefix in each node in each bloom filter respectively, and simultaneously storing each encrypted local data in a leaf node of the PBtree, which correspondingly stores the local data prefix set; the processed PBtree is sent to a cloud server; when a data user needs to query data contained in a certain range, a trap door is generated through the query range, after the cloud server receives the trap door, the trap door is used for searching in a PBtree, finally, ciphertext data in a corresponding searched leaf node are returned to the data user, after the data user receives the ciphertext data, the ciphertext data are decrypted, whether the size of the acquired data is continuous or not is judged according to each group of decrypted data, and therefore the query result returned by the cloud server is complete. In addition, if the data user sends the trap door to the cloud server through the terminal and the cloud server does not inquire the result, the data stored by the PBtree root node is returned to the data user terminal, and the data user terminal verifies whether the intersection of the data stored by the PBtree root node and the inquiry range corresponding to the trap door is an empty set or not, so that whether the server returns the data meeting the range or not is judged. According to the invention, the data with the local adjacent size is added when each leaf node of the PBtree is stored, and when the query result is returned to the user, the user decrypts the query result to obtain the queried data and the adjacent data, so that whether the data is complete can be verified; therefore, the data user can automatically verify whether the query result of the cloud server is complete according to the query result, and the method has the advantages of high query safety and high efficiency.
(2) In the verifiable ciphertext data range query method, the prefix set corresponding to each local data is stored through the PBtree, so that the speed of data search can be effectively improved.
(3) In the verifiable ciphertext data range query method, aiming at each node in the PBtree, a random number vx.R is added in the encryption process of a prefix set, and r hash values of each prefix in the prefix set after the node union is sequentially calculated are generated through the random number. The random number added in the invention can effectively eliminate the relevance of the same value in different bloom filters during storage. If no random number vx.r is used, then if prefix piAt v1,v2When both nodes have storage, U (v)1) And U (v)2) Will all contain a prefix piHMAC (k) when the computed hash value using the key is stored in the bloom filter1,pi)mod M,…,HMAC(kr,pi) mod M has the same location with bloom filters in both nodes set to 1, although U (v) is not accounted for when some of the same locations in both bloom filters are set to 1 (v)1) And U (v)2) Must contain the same prefix, but if a random number is not used, the probability that two bloom filters will be 1 at the same location is high, and then from an adversary's perspective, they have a high probability of containing the same prefix.
(4) In the verifiable ciphertext data range query method, aiming at each node in the PBtree, whether one element in a certain row of all bloom filters and trapdoors exists in the bloom filters for storing the encrypted prefixes corresponding to the node or not is checked, and the following conditions are met: v. ofx.Bi[HMAC(vx.R,HMAC(kj,qy))mod M]0; if so, indicating that the prefix set after union in the node does not contain the prefix corresponding to the Haxi value in the row of the trapdoor; then, when searching for a node subsequent to the node in the PBtree, the row element in the trapdoor is removed, that is, in the process of searching for the node subsequent to the node, the prefix corresponding to the row of the trapdoor is not matched any more, that is, the intersection of the default subsequent node and the prefix is empty, which greatly improves the speed of searching for the cloud server.
Drawings
FIG. 1 is a diagram showing the structure of a PBtree in the method of the present invention.
FIG. 2 shows node v in PBtree according to the present inventionxEach prefix p in the merged prefix setiIs stored to the corresponding location of the bloom filter.
Detailed Description
The present invention will be described in further detail with reference to examples and drawings, but the present invention is not limited thereto.
Examples
The embodiment discloses a verifiable ciphertext data range query method, which comprises the following steps:
step S1, aiming at each local data which needs to be uploaded to the cloud server by the data owner, firstly sequencing each local data which needs to be uploaded to the cloud server at the data owner terminal according to the sequence from big to small or from small to big, and then simultaneously recording the front and back data of each local data aiming at each local data to obtain the triple data of each local data; simultaneously converting each local data into a prefix set, and storing the prefix set of each local data in a tree-shaped PBtree according to the sequencing of each local data;
when the local data which needs to be uploaded to the cloud server are sequenced according to the descending order in the step, the first local data, the positive infinity symbol and the second local data form triple data, and the last local data, the penultimate local data and the negative infinity symbol form triple data; in this step, when the local data to be uploaded to the cloud server are sorted according to a sequence from small to large, the first local data, the negative infinity symbol and the second local data form triple data, and the last local data, the penultimate local data and the positive infinity symbol form triple data. For example, the set of local data that needs to be uploaded to the cloud server is S ═ {1,9,4,8,14,11,16,21,26,10}, and then S' ═ 1,4,8,9,10,11,14,16,21,26} after sorting the data from small to large, and for local data 4, ternary group data P (4) is formed by data 1 and 8 adjacent to each other before and after the local data 4 {1,4,8 }. When the local data is the first one, namely at the head of the queue, the corresponding triplet array is obtained to be P (1) { - ∞,1,4 }; when the local data is the last one, the corresponding ternary group data is obtained as P (26) {21,26, ∞ }.
In this step, the process of converting each local data into a prefix set is as follows: firstly, aiming at each local data, acquiring a binary number of the local data; then, acquiring a prefix set according to the binary number:
F(x)={b1b2…bw,b1b2…bw-1*,…,b1*…*,**…*};
wherein b is1b2…bwIs a binary number of the local data x, w is a binary digit number of the local data x, and is a binary 0 or 1.
In this step, the specific process of storing the prefix set of each local data in a tree-like PBtree according to the ordering of each local data is as follows:
step S11, firstly, ordering the prefix set of each local data according to the ordering of each local data, forming a root node by the ordered prefix set, and then splitting the prefix set in the root node into left subsets SleftAnd a right subset Sright(ii) a Step S12;
in this step, when the total number of prefix sets in the root node is even, the left subset SleftAnd a right subset SrightThe number of the middle prefix sets is the same; when the total number of prefix sets in the root node is odd, the left subset SleftThe number of the middle prefix set is larger than that of the right subset SrightThe number of the middle prefix sets is one more; proceeding to step S12;
step S12, for each left subset SleftThe following treatments were carried out: from the currently acquired left subsets SleftForming root nodes of the left subtrees, and splitting prefix sets in the root nodes of the left subtrees into left subsets S aiming at the root nodes of the left subtreesleftAnd a right subset Sright(ii) a In this embodiment, when the total number of prefix sets in the root node of the left sub-tree is an even number, the split left sub-set SleftAnd a right subset SrighThe number of the middle prefix sets is the same; when the total number of prefix sets in the root node of the left sub-tree is odd, the split left sub-set SleftThe number of the middle prefix set is larger than that of the right subset SrighThe number of the middle prefix sets is one more;
for each right subset SrightThe following treatments were carried out: from each right subset SrightRespectively forming root nodes of the right subtrees; then, aiming at the root node of each right subtree, splitting the prefix set in each root node of the right subtree into left subsets SleftAnd a right subset Sright(ii) a Wherein the prefix sets in the two subsets have the same number or differ by one; in this embodiment, when the total number of prefix sets in the root node of the right sub-tree is even, the split left subset S isleftAnd a right subset SrightThe number of the middle prefix sets is the same; when the total number of prefix sets in the root node of the right subtree is odd, the split left subset SleftThe number of the middle prefix set is larger than that of the right subset SrightThe number of the middle prefix sets is one more;
step S13, for each left subset S acquired in step S12leftAnd each right subset SrightRespectively judging whether the number of the prefix sets is 1 or not, and aiming at each left subset S with the prefix set number not being 1rightAnd each right subset SrightThen, the process of step S12 is performed again; and each left subset S with prefix set number of 1rightAnd each right subset SrightRespectively forming each leaf node of the PBtree; and finally, connecting all leaf nodes of the PBtree by using a linked list. Fig. 1 shows a structure diagram of the prefix set F (d1), …, F (d9) of the sorted local data d1, …, d9 stored after a tree-like PBtree. The first level in fig. 1 is a root node, and is formed by all prefix sets F (d1), …, F (d9), and for each node at each level, the prefix set in the node is divided into two subsets, and the two subsets respectively form two nodes at the next level, where the number of prefix sets in the two subsets is the same or differs by 1; for example, for a root node, after splitting it into left and right subsets, the left subset is formed by a set of prefixes F (d)1),F(d2),F(d3),F(d4) The right subset is composed of a set of prefixes F (d)6),F(d7),F(d8),F(d9) And when the nodes only contain one prefix set, stopping splitting the nodes.
Step S2, for each local data encryption: asymmetrically encrypting the ternary group data corresponding to each local data, and then storing the encrypted ciphertext into a leaf node which correspondingly stores the local data prefix set in a PBtree; in an embodiment, the process of encrypting for each local data is as follows:
step S21, selecting a pair of prime numbers p and q that are different and larger than a certain value, and calculating n ═ pq;
step S22, calculating g (n) ═ p-1 (q-1), and then finding a number e that is relatively prime to g (n), and 1< e < g (n).
Step S23, d is calculated, wherein d is: d ≡ e-1mod g(n)。
Step S24, setting the public key pk as (e, n) and the private key sk as (d, n); then, encrypting the triple group formed by each local data and the previous and next data to obtain a ciphertext:
Ci=(di-1||di||di+1)e(mod n);
wherein C isiFor local data diAnd its preceding data di-1And following data di+1And encrypting the constructed triple data to obtain a ciphertext.
And encrypting the prefixes stored by the nodes in the PBtree: for each node in the PBtree, merging the prefix sets stored in the node to obtain a merged prefix set, for the prefix set merged by the node, performing encryption processing on the prefixes in the prefix set, and correspondingly storing the prefixes encrypted by the hash function on the bloom filters, wherein each prefix is stored by using one bloom filter correspondingly, that is, in each node, the number of the used merged bloom filters is the same as the number of the prefixes in the prefix set merged by the node.
In this embodiment, the process of encrypting the prefix in each node in the PBtree is as follows:
step S2a, firstly, merging the prefix sets stored by the node to obtain a merged prefix set;
s2b, acquiring r secret keys shared by a data owner and a data user; for each prefix in the prefix set after the node union set, the node union set is combined with r keys and calculated by using a hash function to obtain:
HMAC(k1,pi),…,HMAC(kr,pi);
wherein k is1,…,krR keys, p, shared by data owner and data consumeriThe prefix is the ith prefix in the prefix set after the node union set;
step S2c, generating a random number with the same bit length as the key bit length for the node, and then sequentially calculating r hash values of each prefix in the prefix set after the node union by using the random number:
HMAC(vx.R,HMAC(k1,pi)),…,HMAC(vx.R,HMAC(kr,pi));
wherein v isxR is for node vxGenerating a random number with the same bit length as the key bit;
step S2d, for the node, obtaining, after r hash values of each prefix in the prefix set after the node union is obtained in step S2c, each prefix encrypted by the hash function, and then correspondingly storing, on each bloom filter, each prefix encrypted by the hash function by the following operations:
vx.Bi[HMAC(vx.R,HMAC(kj,pi))mod M]:=1;
x=1,2,3,…X;j=1,2,3,…r;i=1,2,3,…I,
wherein v isx.Bi[HMAC(vx.R,HMAC(kj,pi))mod M]1 denotes the node vxThe ith prefix p encrypted by a hash function in the merged prefix setiIn a bloom filter BiThe corresponding stored position in (1); x is the total number of nodes in the PBtree, I is the node vxThe total number of prefixes in the prefix set after union; m is the length of the bloom filter, the position of the corresponding stored encrypted prefix on the bloom filter is set to be 1, and r encrypted prefixes are obtained for the same prefix due to the fact that each prefix is combined with r secret keys respectively. As shown in fig. 2, will pass through respectivelyKey k1,…,krEncrypted prefix piAre respectively arranged on r positions of the bloom filter, and each bloom filter is set to be 1 by r positions in the embodiment.
Sending the PBtree obtained after the processing to a cloud server by the data owner terminal; and the processed PBtree refers to a PBtree in which a ternary data ciphertext and each prefix encrypted by a hash function in a prefix set after the union of all nodes are added to a leaf node are stored in a corresponding bloom filter.
Step S3, when a data user needs to query data included in a certain range, first converting the query range into a minimum prefix set, and calculating a plurality of hash values for each prefix in the prefix set; then combining a plurality of hash values of each prefix to form a matrix which is used as a trapdoor of the query range; finally, the trapdoors in the query range are sent to a cloud server through a terminal;
in this step of this embodiment, a specific process of generating the trapdoor is as follows:
step S31, for the query range given by the data consumer, first converting the query range into a minimum prefix set, and for each prefix in the prefix set, calculating r hash values by r keys shared by the data owner and the data consumer:
HMAC(k1,qy),…,HMAC(kr,qy);
wherein q isyIs the Y-th prefix in the prefix set with the minimum query range, and 1,2,3, … Y is the total number of prefixes in the prefix set with the minimum query range; wherein k is1,…,krR keys shared by the data owner and the data consumer;
step S32, combining the hash values of the prefixes in the prefix set with the minimum query range obtained in step S31 to form a matrix M[a,b]Trapdoors as the query range:
Figure BDA0001544884240000121
wherein q is1To qYThe prefixes are respectively the 1 st to Y th prefixes in the prefix set with the minimum query range, wherein the Y-th row in the trapdoor corresponds to r hash values of the Y-th prefix in the prefix set with the minimum query range.
Step S4, when the cloud server receives the trapdoor, starting a search from the top to the bottom in the PBtree from the root node using the trapdoor, wherein for each node, whether the following conditions are satisfied is checked through the trapdoor and each bloom filter storing each encrypted prefix in the node: the intersection of each prefix set after union stored in the node and the prefix set with the minimum corresponding query range of the trapdoor is not an empty set; if yes, then detecting whether the condition is met or not aiming at the subsequent nodes of the node until all leaf nodes meeting the condition are found, and returning the ciphertext stored in the searched leaf nodes meeting the condition to a terminal of a data user as a query result; in this step, after the cloud server receives the trap door, the query process is specifically as follows:
step S41, first, search is performed from top to bottom from the root node in the PBtree, and for each node in the PBtree, whether a condition that an intersection of a union prefix set stored in the node and a prefix set with the smallest query range corresponding to the trapdoor is not an empty set is met is checked through the trapdoor and each bloom filter in the node, where each encrypted prefix is stored correspondingly, specifically: for each row in the trapdoor (i.e. j ═ 1,2,3, … r), checking whether any bloom filter in the bloom filters in the node corresponding to the stored encrypted prefixes meets the following condition with the calculation of any element in the row:
vx.Bi[HMAC(vx.R,HMAC(kj,qy))mod M]:=1;
x=1,2,3,…X;j=1,2,3,…r;i=1,2,3,…I,y=1,2,3,…Y;
if yes, indicating that the prefix set after union in the node contains the prefix corresponding to the trapdoor row; namely the prefix set after union in the node and the query range corresponding to the trapdoorMinimal set of prefixes S ([ a, b)]) The intersection is not an empty set; wherein in the above formula, when j goes from 1 to r, it is directed to node vxAnd node vxOne of the bloom filters BiAll satisfy the above relationship, then represent
Figure BDA0001544884240000131
At this time node vxThe union U (v) of each prefix set stored inx) Including a prefix qyI.e. node vxThe union U (v) of each prefix set stored inx) Prefix set S ([ a, b ]) with minimum query range corresponding to trap door]) The intersections are not empty sets, i.e.
Figure BDA0001544884240000132
Wherein S ([ a, b)])={q1,…,qY}。
Step S42, aiming at each node meeting the above condition, then aiming at the subsequent node of the node to detect whether the above condition is met, until the leaf node meeting the above condition is found, returning the cipher text stored in the searched leaf node meeting the above condition as the query result to the terminal of the data user; for example when searching for a certain leaf node vxIf so, the condition in step S41 is still satisfied: v. ofx.Bi[HMAC(vx.R,HMAC(kj,qy))modM]When 1, the leaf node v is describedxThe stored local data belongs to the query scope S ([ a, b ]]) Then the leaf node vxThe ciphertext data stored in the storage unit is used as the query result range data user.
Wherein, in the present step, aiming at each node v in the PBtreexChecking whether one element calculation in a certain row of all bloom filters and trapdoors in each bloom filter corresponding to each encrypted prefix stored by the node meets the following condition:
vx.Bi[HMAC(vx.R,HMAC(kj,qy))mod M]:=0;
if so, this time represents
Figure BDA0001544884240000133
Node vxThe union U (v) of each prefix set stored inx) Does not contain a prefix qy(ii) a Then the node v for the PBtreexAnd the union of each prefix set stored in the subsequent node does not contain the prefix corresponding to the hash value of the trapdoor row, and the node v in the PBtree is aimed at the momentxSubsequent node vmWhen searching is carried out, the row in the trapdoor, namely the y row element, is removed, namely the trapdoor is aimed at the node vxThe subsequent nodes do not check whether any bloom filter and any calculation element of the trapdoor row, namely the y-th row satisfy the following relations:
vm.Bi[HMAC(vm.R,HMAC(kj,qy))mod M]:=1;
wherein v ismRefers to vxSubsequent nodes, m 1,2,3, … Z, Z being vxSubsequent node count, vmR denotes for node vmGenerating a random number with the same bit length as the key bit;
when all row elements in a leaf node or trapdoor are removed by the search, the search is stopped.
In the present embodiment, check vx.Bi[HMAC(vx.R,HMAC(kj,qy))mod M]Whether 1 holds or not means according to the prefix q in the trapdooryBloom Filter B represented by the computed hash valueiIs 1. If 1, this bloom filter B is representediPrefix and q stored inyAre identical, i.e. qyPresent in PBtree; if 0, q is representedyNot present in bloom Filter BiIn (1).
In this embodiment, the node subsequent node refers to each node obtained by taking the node as a root node and sequentially splitting the nodes at different levels.
Step S5, after receiving each ciphertext returned by the cloud server, the data user terminal decrypts the ciphertext through the private key to obtain each group of decrypted data, the data user judges whether the size of the obtained data is continuous according to each group of decrypted data, and if the size of the obtained data is continuous, the query result returned by the cloud server is complete; if not, the query result returned by the cloud server is incomplete; in this embodiment, the process for the data consumer to determine whether the size of the acquired data is continuous according to each group of decrypted data is as follows: and judging whether the third data after the previous group of decrypted data is the same as the first data after the next group of decrypted data, and whether the first data after the first group of decrypted data and the third data after the last group of decrypted data are out of the query range, if so, judging that the sizes of the data acquired by the data user are continuous.
In addition, if the data user sends the trap door to the cloud server through the terminal and the cloud server does not inquire the result, the cloud server returns the data stored by the PBtree root node to the data user terminal, the data user terminal verifies whether the intersection of the data stored by the PBtree root node in the cloud server range and the inquiry range corresponding to the trap door is an empty set, and if not, the server does not return the data in the conforming range.
The data stored by the PBtree root node in the cloud server is as follows: and storing each prefix encrypted by a hash function in the bloom filter, wherein each prefix refers to each prefix in the prefix set after each local data union.
For example, the range of the data user query is [ a, b ]]When the ciphertext returned by the cloud server is C respectivelyi、CjAnd CkAnd then, the data user obtains the data after decryption as follows:
{di-1,di,di+1,dj-1,dj,dj+1,dk-1,dk,dk+1}
at this time, the data user verifies whether the data in the set satisfies di+1=dj-1,dj+1=dk-1And d isi-1And dk+1In the range of [ a, b]Otherwise, if the answer is satisfied, the data returned by the cloud service is complete.
E.g. when data is usedThe range of the query is [ a, b ]]When the result is inquired by the cloud server, the result is returned to the union U (T.root) of all prefix sets stored by the PBtree root node, and the data user passes the verification U (T.root)
Figure BDA0001544884240000141
And if the equation is not satisfied, the server does not return the data which conforms to the range.
The above embodiments are preferred embodiments of the present invention, but the present invention is not limited to the above embodiments, and any other changes, modifications, substitutions, combinations, and simplifications which do not depart from the spirit and principle of the present invention should be construed as equivalents thereof, and all such changes, modifications, substitutions, combinations, and simplifications are intended to be included in the scope of the present invention.

Claims (9)

1. A verifiable ciphertext data range query method is characterized by comprising the following steps:
step S1, aiming at each local data which needs to be uploaded to the cloud server by the data owner, firstly sequencing each local data which needs to be uploaded to the cloud server at the data owner terminal according to the sequence from big to small or from small to big, and then simultaneously recording the front and back data of each local data aiming at each local data to obtain the triple data of each local data; simultaneously converting each local data into a prefix set, and storing the prefix set of each local data in a tree-shaped PBtree according to the sequencing of each local data;
step S2, for each local data encryption: asymmetrically encrypting the ternary group data corresponding to each local data, and then storing the encrypted ciphertext into a leaf node which correspondingly stores the local data prefix set in a PBtree;
and encrypting the prefixes stored by the nodes in the PBtree: for each node in the PBtree, merging the prefix sets stored by the node to obtain a merged prefix set, for the prefix set merged by the node, performing encryption processing on each prefix in the prefix set, and correspondingly storing each prefix encrypted by the hash function on each bloom filter;
sending the PBtree obtained after the processing to a cloud server by the data owner terminal;
step S3, when a data user needs to query data included in a certain range, first converting the query range into a minimum prefix set, calculating a plurality of hash values for each prefix in the prefix set, and then combining the plurality of hash values of each prefix to form a matrix as a trapdoor of the query range; finally, the trapdoors in the query range are sent to a cloud server through a terminal;
step S4, when the cloud server receives the trapdoor, starting a search from the top to the bottom in the PBtree using the trapdoor, wherein for each node, it is checked whether the following conditions are satisfied through the trapdoor and each bloom filter in the node that stores each encrypted prefix correspondingly: the intersection of the prefix set after union stored in the node and the prefix set with the minimum corresponding query range of the trapdoor is not an empty set; if yes, then detecting whether the condition is met or not aiming at the subsequent nodes of the node until all leaf nodes meeting the condition are found, and returning the ciphertext stored in the searched leaf nodes meeting the condition to a terminal of a data user as a query result;
step S5, after receiving each ciphertext returned by the cloud server, the data user terminal decrypts the ciphertext through the private key to obtain each group of decrypted data, the data user judges whether the size of the obtained data is continuous according to each group of decrypted data, and if the size of the obtained data is continuous, the query result returned by the cloud server is complete; otherwise, the query result returned by the cloud server is incomplete;
if the data user sends a trap door to the cloud server through the terminal and the cloud server does not inquire a result, the cloud server returns data stored by the PBtree root node to the data user terminal, the data user terminal verifies whether the intersection of the data stored by the PBtree root node in the range of the cloud server and the inquiry range corresponding to the trap door is an empty set or not, and if not, the server does not return data in accordance with the range;
in step S2, the process of encrypting the prefix in each node in the PBtree is as follows:
step S2a, firstly, merging the prefix sets stored by the node to obtain a merged prefix set;
s2b, acquiring r secret keys shared by a data owner and a data user; for each prefix in the prefix set after the node union set, the node union set is combined with r keys and calculated by using a hash function to obtain:
HMAC(k1,pi),…,HMAC(kr,pi);
wherein k is1,…,krR keys, p, shared by data owner and data consumeriThe prefix is the ith prefix in the prefix set after the node union set;
step S2c, generating a random number with the same bit length as the key bit length for the node, and then sequentially calculating r hash values of each prefix in the prefix set after the node union by using the random number:
HMAC(vx.R,HMAC(k1,pi)),…,HMAC(vx.R,HMAC(kr,pi));
wherein v isxR is for node vxGenerating a random number with the same bit length as the key bit;
step S2d, for the node, obtaining, after r hash values of each prefix in the prefix set after the node union is obtained in step S2c, each prefix encrypted by the hash function, and then correspondingly storing, on each bloom filter, each prefix encrypted by the hash function by the following operations:
vx.Bi[HMAC(vx.R,HMAC(kj,pi))mod M]:=1;
x=1,2,3,…X;j=1,2,3,…r;i=1,2,3,…I,
wherein v isx.Bi[HMAC(vx.R,HMAC(kj,pi))mod M]1 tableShow node vxThe ith prefix p encrypted by a hash function in the merged prefix setiIn a bloom filter BiThe corresponding stored position in (1); x is the total number of nodes in the PBtree, I is the node vxThe total number of prefixes in the prefix set after union; m is the length of the bloom filter, and the position of the prefix after corresponding storage encryption on the bloom filter is set as 1.
2. The verifiable ciphertext data range query method of claim 1, wherein in step S1, the process of converting each local data into a prefix set is as follows: firstly, aiming at each local data, acquiring a binary number of the local data; then, acquiring a prefix set according to the binary number:
F(x)={b1b2…bw,b1b2…bw-1*,…,b1*…*,**…*};
wherein b is1b2…bwIs a binary number of the local data x, w is a binary digit number of the local data x, and is a binary 0 or 1.
3. The verifiable ciphertext data range query method of claim 1, wherein in step S1, the specific process of storing the prefix set of each local data in a tree-like PBtree according to the sorting of each local data is as follows:
step S11, firstly, ordering the prefix set of each local data according to the ordering of each local data, forming a root node by the ordered prefix set, and then splitting the prefix set in the root node into left subsets SleftAnd a right subset Sright(ii) a Step S12;
in this step, when the total number of prefix sets in the root node is even, the left subset SleftAnd a right subset SrightThe number of the middle prefix sets is the same; when the total number of prefix sets in the root node is odd, the left subset SleftThe number of the middle prefix set is larger than that of the right subset SrightThe number of the middle prefix sets is one more;proceeding to step S12;
step S12, for each left subset SleftThe following treatments were carried out: from the currently acquired left subsets SleftForming root nodes of the left subtrees, and splitting prefix sets in the root nodes of the left subtrees into left subsets S aiming at the root nodes of the left subtreesleftAnd a right subset Sright(ii) a When the total number of prefix sets in the root node of the left sub-tree is even, the split left sub-set SleftAnd a right subset SrighThe number of the middle prefix sets is the same; when the total number of prefix sets in the root node of the left sub-tree is odd, the split left sub-set SleftThe number of the middle prefix set is larger than that of the right subset SrighThe number of the middle prefix sets is one more;
for each right subset SrightThe following treatments were carried out: from each right subset SrightRespectively forming root nodes of the right subtrees; then, aiming at the root node of each right subtree, splitting the prefix set in each root node of the right subtree into left subsets SleftAnd a right subset Sright(ii) a When the total number of prefix sets in the root node of the right subtree is even, the split left subset SleftAnd a right subset SrightThe number of the middle prefix sets is the same; when the total number of prefix sets in the root node of the right subtree is odd, the split left subset SleftThe number of the middle prefix set is larger than that of the right subset SrightThe number of the middle prefix sets is one more;
step S13, for each left subset S acquired in step S12leftAnd each right subset SrightRespectively judging whether the number of the prefix sets is 1 or not, and aiming at each left subset S with the prefix set number not being 1rightAnd each right subset SrightThen, the process of step S12 is performed again; and each left subset S with prefix set number of 1rightAnd each right subset SrightRespectively forming each leaf node of the PBtree; and finally, connecting all leaf nodes of the PBtree by using a linked list.
4. The verifiable ciphertext data range query method of claim 1, wherein in step S2, the encryption process for each local data is as follows:
step S21, selecting a pair of prime numbers p and q that are different and larger than a certain value, and calculating n ═ pq;
step S22, calculating g (n) ═ p-1 (q-1), and then finding a prime number e with g (n), where 1< e < g (n);
step S23, d is calculated, wherein d is: d ≡ e-1mod g(n);
Step S24, setting the public key pk as (e, n) and the private key sk as (d, n); then, encrypting the triple group formed by each local data and the previous and next data to obtain a ciphertext:
Ci=(di-1||di||di+1)e(mod n);
wherein C isiFor local data diAnd its preceding data di-1And following data di+1And encrypting the constructed triple data to obtain a ciphertext.
5. The verifiable ciphertext data range query method of claim 1, wherein in the step S3, the trapdoor is generated as follows:
step S31, for the query range given by the data consumer, first converting the query range into a minimum prefix set, and for each prefix in the prefix set, calculating r hash values by r keys shared by the data owner and the data consumer:
HMAC(k1,qy),…,HMAC(kr,qy);
wherein q isyIs the Y-th prefix in the prefix set with the minimum query range, and 1,2,3, … Y is the total number of prefixes in the prefix set with the minimum query range; wherein k is1,…,krR keys shared by the data owner and the data consumer;
step S32, combining the hash values of the prefixes in the prefix set with the minimum query range obtained in step S31 to form a matrix, which is used as a trapdoor of the query range:
Figure FDA0002364178750000041
wherein q is1To qYThe prefixes are respectively the 1 st to Y th prefixes in the prefix set with the minimum query range, wherein the Y-th row in the trapdoor corresponds to r hash values of the Y-th prefix in the prefix set with the minimum query range.
6. The verifiable ciphertext data range query method of claim 5, wherein in the step S4, after the cloud server receives the trap gate, the query process specifically includes:
step S41, first, search is performed from top to bottom from the root node in the PBtree, and for each node in the PBtree, it is checked whether the condition that the intersection of the union prefix set stored in the node and the prefix set with the smallest query range corresponding to the trapdoor is not an empty set is satisfied through the trapdoor and the bloom filters in the node that store the encrypted prefixes correspondingly, specifically: for each row in the trapdoor, checking whether bloom filters in bloom filters corresponding to the encrypted prefixes in the node meet the following conditions with any element calculation in the row:
vx.Bi[HMAC(vx.R,HMAC(kj,qy))mod M]:=1;
x=1,2,3,…X;j=1,2,3,…r;i=1,2,3,…I,y=1,2,3,…Y;
if yes, indicating that the prefix set after union in the node contains the prefix corresponding to the trapdoor row; namely, the intersection of the prefix set after union in the node and the prefix set S ([ a, b ]) with the minimum query range corresponding to the trapdoor is not an empty set;
step S42, for each node satisfying the above condition, the following nodes of the node are checked to see if the above condition is satisfied, until all leaf nodes satisfying the above condition are found, and the searched ciphertext stored in the leaf node satisfying the above condition is returned to the terminal of the data user as the query result.
7. The verifiable ciphertext data range query method of claim 6, wherein in step S42, for each node in the PBtree, it is checked whether one of the element calculations in a row of all bloom filters and trapdoors in the bloom filters storing encrypted prefixes satisfies the following condition: v. ofx.Bi[HMAC(vx.R,HMAC(kj,qy))mod M]0; if yes, the prefix set after union in the node does not contain the prefix corresponding to the hash value in the row of the trapdoor, at the time, when searching is carried out on the nodes subsequent to the node in the PBtree, the row element in the trapdoor is removed, and when all the row elements in the leaf node or the trapdoor are removed through searching, the searching is stopped.
8. The verifiable ciphertext data range query method of claim 1, wherein in step S1, when sorting the local data to be uploaded to the cloud server according to a descending order, the first local data, the positive infinity symbol and the second local data form triple data, and the last local data, the penultimate local data and the negative infinity symbol form triple data;
when the local data which need to be uploaded to the cloud server are sequenced according to the sequence from small to large, the first local data, the negative infinite symbol and the second local data form triple data, and the last local data, the penultimate local data and the positive infinite symbol form triple data.
9. The method for inquiring the verifiable ciphertext data range of claim 1, wherein in the step S5, the process that the data consumer determines whether the size of the acquired data is continuous according to each group of decrypted data is as follows: judging whether the third data after the previous group of decrypted data is the same as the first data after the next group of decrypted data; and judging whether the first decrypted data of the first group and the third decrypted data of the last group are out of the query range, if so, judging that the sizes of the data acquired by the data user are continuous.
CN201810025747.0A 2018-01-11 2018-01-11 Verifiable ciphertext data range query method Active CN108197499B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810025747.0A CN108197499B (en) 2018-01-11 2018-01-11 Verifiable ciphertext data range query method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810025747.0A CN108197499B (en) 2018-01-11 2018-01-11 Verifiable ciphertext data range query method

Publications (2)

Publication Number Publication Date
CN108197499A CN108197499A (en) 2018-06-22
CN108197499B true CN108197499B (en) 2020-08-07

Family

ID=62589024

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810025747.0A Active CN108197499B (en) 2018-01-11 2018-01-11 Verifiable ciphertext data range query method

Country Status (1)

Country Link
CN (1) CN108197499B (en)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109951443B (en) * 2019-01-28 2021-06-04 湖北工业大学 Set intersection calculation method and system for privacy protection in cloud environment
CN111274247B (en) * 2020-01-17 2023-04-14 西安电子科技大学 Verifiable range query method based on ciphertext space-time data
CN112073444B (en) * 2020-11-16 2021-02-05 支付宝(杭州)信息技术有限公司 Data set processing method and device and server
CN113132345B (en) * 2021-03-04 2022-07-26 北京航空航天大学 Agent privacy set intersection method with searchable function
CN113158087A (en) * 2021-04-09 2021-07-23 深圳前海微众银行股份有限公司 Query method and device for space text
CN113312652B (en) * 2021-06-25 2024-05-03 国网辽宁省电力有限公司电力科学研究院 Cloud edge cooperative power terminal acquisition data integrity verification system based on improved CAT
CN113672949A (en) * 2021-07-27 2021-11-19 美库尔商务信息咨询(上海)有限公司 Data transmission method and system for protecting advertisement multiparty privacy

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103984728A (en) * 2014-05-16 2014-08-13 西安交通大学 Range query integrity verification method for outsourcing space database
CN105763324A (en) * 2016-04-19 2016-07-13 四川理工学院 Controllable searchable encryption searching method being able to verify multi user-ends
CN106997384A (en) * 2017-03-24 2017-08-01 福州大学 A kind of semantic ambiguity that can verify that sorts can search for encryption method

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103984728A (en) * 2014-05-16 2014-08-13 西安交通大学 Range query integrity verification method for outsourcing space database
CN105763324A (en) * 2016-04-19 2016-07-13 四川理工学院 Controllable searchable encryption searching method being able to verify multi user-ends
CN106997384A (en) * 2017-03-24 2017-08-01 福州大学 A kind of semantic ambiguity that can verify that sorts can search for encryption method

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
Privacy- and integrity-preserving range queries in sensor networks;Fei Chen等;《IEEE/ACM Transactions on Networking》;20120308;第20卷(第6期);第1774-1787页 *
SafeQ: Secure and Efficient Query Processing in Sensor Networks;Fei Chen等;《2010 Proceedings IEEE INFOCOM》;20100319;第1-9页 *
无线传感器网络隐私保护范围查询处理技术;张晓莹等;《华东师范大学学报(自然科学版)》;20150930(第5期);第1-13页 *

Also Published As

Publication number Publication date
CN108197499A (en) 2018-06-22

Similar Documents

Publication Publication Date Title
CN108197499B (en) Verifiable ciphertext data range query method
CN106815350B (en) Dynamic ciphertext multi-keyword fuzzy search method in cloud environment
Huang et al. Achieving big data privacy via hybrid cloud
US8904171B2 (en) Secure search and retrieval
CN111147508B (en) Searchable attribute-based encryption method for resisting keyword guessing attack
CN110611570B (en) Encryption, key information providing and data acquisition methods and devices
US20100281269A1 (en) Identification Based on Encrypted Biometric Data
CN110866135B (en) Response length hiding-based k-NN image retrieval method and system
CN104102714A (en) Outsourcing data inquiry and verification method and system based on accumulator and Bloom filter
WO2018070932A1 (en) System and method for querying an encrypted database for documents satisfying an expressive keyword access structure
US11829503B2 (en) Term-based encrypted retrieval privacy
Patel et al. What Storage Access Privacy is Achievable with Small Overhead?
CN107451281A (en) Outsourced database SQL query integrity verification system and method based on ADS
Lei et al. Fast and secure knn query processing in cloud computing
CN115495792B (en) Fuzzy keyword searchable encryption method and system with privacy protection function
CN116107967B (en) Multi-keyword ciphertext searching method and system based on homomorphic encryption and tree structure
CN117194418A (en) Verifiable multi-mode space-time data index structure and space-time range query verification method
CN116663046A (en) Private data sharing and retrieving method, system and equipment based on blockchain
CN115048432A (en) Bloom filter-based fuzzy keyword public auditing method
CN114884700A (en) Searchable public key encryption batch processing method and system for resisting keyword guessing attack
CN112328626B (en) Searchable encryption method facing cloud environment and supporting fuzzy keyword sequencing
CN115412233A (en) Searchable encryption method and system with forward and backward privacy based on attributes on block chain
Zhang et al. S-oram: A segmentation-based oblivious ram
CN114416720A (en) Efficient, flexible and verifiable multi-attribute range retrieval method and system in cloud environment
Dou et al. Order-hiding range query over encrypted data without search pattern leakage

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant