CN108710698B - Multi-keyword fuzzy query method based on ciphertext under cloud environment - Google Patents

Abstract

The invention provides a ciphertext-based multi-keyword fuzzy query method in a cloud environment. The method solves the problem of fuzzy query of multiple keywords by introducing wildcards through a method of constructing vectors and matrixes, eliminates the mode of presetting dictionaries, and provides efficient updating and deleting of file indexes; meanwhile, the method supports a round of operation with multiple keywords, and reduces the operation times; moreover, the method has higher precision ratio AND recall ratio, AND provides very flexible rich-semantic AND/OR query, namely the method supports both logic AND query among the keywords AND logic OR query among the keywords. In addition, the matrix in the kNN algorithm encryption processing scheme is adopted, so that the scheme provided by the invention has good safety.

Description

Multi-keyword fuzzy query method based on ciphertext under cloud environment

Technical Field

The invention relates to the technical field of data processing, in particular to a ciphertext-based multi-keyword fuzzy query method in a cloud environment.

Background

The advent and development of cloud computing has realized the dream of human beings regarding computing as an infrastructure. Cloud computing is an internet-based computing method, and software and hardware resources and information in a shared state can be provided to computers and other devices in a network for use as required. However, while effectively solving the condition of limited user resources, cloud computing also brings new and non-negligible security problems.

In order to protect sensitive private data stored on the cloud server from being leaked, a user must encrypt the data and store the data on the cloud platform. The existing keyword-based searchable ciphertext fuzzy query technology allows the user to input the problems of tiny errors and inconsistent forms, and greatly improves the usability of the system and the user search experience.

However, the existing solutions have the following disadvantages: (1) update deletion is not flexible: the existing scheme needs a predefined dictionary which contains possible error forms of each keyword, so that the efficiency of query and update is low; (2) the existing scheme has low operation efficiency: in the existing scheme, the method supporting multi-keyword query needs multiple rounds of operations to obtain the result, so the operation efficiency is low; (3) existing schemes do not support flexible AND/OR queries; (4) the existing scheme can not resist plaintext selection attack and has low safety.

Disclosure of Invention

In order to solve the problems in the prior art, the invention provides a ciphertext-based multi-keyword fuzzy query method in a cloud environment. The method introduces wildcards to solve the problem of fuzzy query of multiple keywords, eliminates the mode of presetting dictionaries, and provides efficient updating and deleting of file indexes; meanwhile, the method supports a round of operation with multiple keywords, and reduces the operation times; moreover, the method has higher precision ratio AND recall ratio, AND provides very flexible AND/OR query, namely the method supports both logic AND query among the keywords AND logic OR query among the keywords.

The invention provides a ciphertext-based multi-keyword fuzzy query method in a cloud environment, which comprises the following steps:

step S1: the local server encrypts a plaintext data set according to a preset data encryption algorithm to obtain a ciphertext data set;

step S2: the local server constructs the initial index key words corresponding to the plaintext data set into index vectors, constructs the index vectors into an index matrix, encrypts the index matrix by adopting a preset matrix encryption algorithm to obtain an encrypted index matrix, and sends the ciphertext data set and the encrypted index matrix to the cloud server;

step S3: constructing query keywords in a query request into a request vector by a user, constructing the request vector into a request matrix, encrypting the request matrix by adopting a preset matrix encryption algorithm to obtain an encrypted request matrix, and sending the encrypted request matrix to a cloud server;

step S4: the cloud server calculates the product of the encryption index matrix and the encryption request matrix according to the encryption request matrix, determines a target data ciphertext according to the product result, and sends the target data ciphertext back to the user;

step S5: the user decrypts the target data ciphertext through the data encryption algorithm of the step S1 to obtain a target data plaintext;

each initial index key corresponds to an index vector;

each row element of the index matrix corresponds to an index vector;

the query keyword in the query request comprises a wildcard character;

the query keywords in the query request are connected through a logical operator;

the logical operators include "AND" OR "OR".

The method provided by the invention comprises the steps of constructing the initial index key words into the index vectors, constructing the index matrixes, encrypting the index vectors to obtain the encrypted index matrixes, constructing the query key words into the request vectors, constructing the query matrixes, encrypting the query matrixes to obtain the encrypted request matrixes, and determining the target data ciphertext by calculating the product of the encrypted index matrixes and the encrypted request matrixes. After the vector and the matrix are constructed by adopting the method provided by the invention, the data ciphertext corresponding to the index vector is the target data ciphertext only when the product of the index vector and the request vector in the matrix is an integer. Meanwhile, the query keyword in the scheme of the invention contains wildcards, and when the request vector is constructed, the influence of the wildcards is considered, and the request vector is correspondingly processed, so that the fuzzy query function can be realized. Wildcards can represent any ambiguous English letter, for example, "unsure" and "insture" are both correct query results when the query keyword is ". times.sure". Because the query keywords in the query request in the scheme of the invention have a logical operation relationship (namely logical OR or logical OR), the invention can also realize logical query. In the scheme of the invention, the keywords comprise two types, namely accurate keywords and fuzzy keywords. The initial index key words can only be accurate key words, and the query key words can be accurate key words or fuzzy key words containing wildcards.

In the prior art, given query keywords W1, W2, and W3, it is necessary to search a file set D (W1) containing W1, then search a file set D (W1 n/W2) containing W2 from the file set D (W1), and finally search a file set D (W1 n/W2 n/W3) containing W3 from the file set D (W1 n/W2), so that the file sets containing W1, W2, and W3 are obtained through 3 rounds of operations, which is equivalent to performing 3 times of query algorithm. The scheme of the invention supports logical operation relation, can realize logical query, and only needs to execute a query algorithm once to obtain the target file D (W1 n W2 n W3).

Further, the preset matrix encryption algorithm is a kNN algorithm;

the key of the preset matrix encryption algorithm is Sk, and the key Sk at least comprises: a prime number sequence table P, a completion alphabet S and a reversible encryption matrix M;

the prime number sequence table P ═ { P ═ P₁,...,P_i,...P_LTherein, each element P_iAre all randomly generated prime numbers;

the complement alphabet S ═ S₁,...,S_i,...S_LTherein, each element S_iAll are from 26 English alphabetic dictionary alphabets

Chinese English letters are randomly selected from the Chinese characters,

the reversible encryption matrix M ═ { M ═ M₁,M₂S }, wherein M₁And M₂Are all invertible matrices of size dxd, M₁And M₂The corresponding inverse matrices are respectively denoted as M₁ ^-1And M₂ ^-1S is a one-dimensional matrix with the number of columns being d, the value of matrix elements being 0 or 1, and is generated by a pseudo-random number function;

and d is more than or equal to 26, L is more than or equal to the number of letters contained in the initial index key word with the longest length, and d and L are positive integers.

The existing literature document "Secure kNN calculation on Encrypted Databases" (w.k.wong, d.w. -l.chenng, b.kao, and n.mamoulis, proc.of SIGMOD,2009) discloses a method for using kNN algorithm for encryption processing.

The prime number sequence table is formed by arranging randomly generated prime numbers in a sequence from small to large. The value of L is determined by the keyword with the longest length in the initial index, and the value of L is more than or equal to the total number of letters contained in the keyword. For the sake of correctness of the scheme, the value of d should be greater than or equal to 26; for safety reasons, d is preferably greater than or equal to 128. Sequential dictionary alphabet

The English letters in the Chinese are not distinguished from case to case. The letters in the completion alphabet are in random order, further increasing the security of the scheme of the invention.

Further, each initial index key W is constructed according to the following steps_i,kCorresponding d-dimensional index vector P_i,k：

Step S201: indexing the initial Key W_i,kThe number of the letters is complemented to a uniform length L;

judging initial index key word W_i,kThe number of letters W_i,kL |: when | | | W_i,k||<When L, sequentially selecting L- | W from the completion alphabet S_i,kCompleting initial index key word W by | letter_i,kSo that | | W_i,kL | ═ L; when | | | W_i,kWhen | | | is greater than or equal to L, directly executing step S202;

step S202: initializing a d-dimensional index vector P_i,kWill index the vector P_i,kAll elements of (2) are set to 1, so that P_i,k[l]＝1,l∈[1,d]L is an integer;

wherein, P_i,k[l]Represents an index vector P_i,kThe element in position I;

step S203: selecting initial index key word W_i,kContaining letters in an index vector P_i,kThe fill position of (1);

sequentially indexing the vector P_i,kPos of (2)_lBit determination as an initial index key W_i,kFill location of the letter of the l-th digit of the inclusion;

wherein, pos_l＝F_kf(W_i,k[l])，F_kf() Is a function of pseudo-random number, W_i,k[l]Representing an initial index key W_i,kContaining the letter in position L ∈ [1, L ]]；

Step S204: updating the index vector P_i,kPos of (2)_lValue P on bit_i,k[pos_l]；

Wherein, P_i,k[pos_l]＝P_i,k[pos_l]/P_l；

P_i,k[pos_l]Is initially value of P_i,k[l]，P_lIs the prime number of the I bit in the prime number sequence table P, and is belonged to [1, L ∈]；

Step S205: randomly selecting a natural number alpha, and indexing the vector P_i,kReplacing the value of the position still being the initial value 1 with alpha to obtain the final index vector P_i,k。

When constructing the index vector, the first step is to complement all the initial index keywords into a uniform length, and for the initial index keywords with insufficient length, the initial index keywords are complemented in a mode of selecting letters from a complementing alphabet and directly complementing the letters behind the original letters of the initial index keywords. The general idea of the vector construction process is "choose the position first and then calculate the value", step S203 is used to choose the position of each letter in the initial index key in the index vector, and step S204 is used to determine the value filled in the corresponding position of each letter in the vector. Step S205 is used to improve the security of the scheme, even if two data in the plaintext data set both contain the same initial Index key, the Index vectors of the initial Index keys corresponding to the two data are different, and the two data are technically referred to as "Index indexing reliability" (Index is indistinguishable).

Go toStep by step, according to the following steps_i,kConstructed set of index vectors

Constructing an index matrix Ai, and encrypting the index matrix Ai by a kNN algorithm:

step S211: sequentially indexing the vector set

P in (1)_i,kIs placed in the kth row of the index matrix Ai to obtain an index matrix Ai with the size of mi x d, k ∈ [1, mi]；

Step S212: two matrices Ai' and Ai "of size mi × d are generated from the index matrix Ai, the generation rule is as follows:

for each row Ai [ k ] [ ] of the index matrix Ai: if s [ j ] is equal to 0, Ai' [ k ] [ j ] ═ Ai "[ k ] [ j ] ═ Ai [ k ] [ j ]; if s [ j ] is 1, Ai' [ k ] [ j ] + Ai "[ k ] [ j ] ═ Ai [ k ] [ j ];

wherein s [ j ] represents the jth bit of a one-dimensional matrix s in the key Sk, Ai [ k ] [ j ] represents the jth column element of the kth row in the index matrix Ai, Ai '[ k ] [ j ] represents the jth column element of the kth row in the matrix Ai', Ai "[ k ] [ j ] represents the jth column element of the kth row in the matrix Ai", and j belongs to [1, d ];

step S213: the matrices Ai 'and Ai' are respectively associated with said M₁And M₂Multiplying to obtain an encryption index matrix I_i；

Wherein, I_i＝(I_i′,I_i")＝(Ai′·M₁,Ai"·M₂) And represents the multiplication of two matrices.

According to the scheme of the invention, the index vector is constructed into the index matrix, and then the index matrix is encrypted by adopting a kNN algorithm to obtain the encrypted index matrix. Therefore, the index contents transmitted in the data interaction process in the scheme are all encrypted contents, and the safety of the scheme is further improved.

Further, each query keyword is constructed according to the following steps

Corresponding d-dimensional request vector q_j,k：

Step S301: will inquire about the key word

The number of the letters is complemented to a uniform length L;

determining query keywords

Number of letters involved

When in use

Then, sequentially selecting from the complement alphabet S

Each letter completes the query key word

Behind the original letter of (A) such that

When in use

If so, directly executing step S302;

step S302: initializing a d-dimensional request vector q_j,kWill request a vector q_j,kAll elements of (a) are set to 1, such that q_j,k[l]＝1,l∈[1,d]L is an integer;

wherein q is_j,k[l]Representing a request vector q_j,kThe element in position I;

step S303: selecting query keywords

Containing letters in the request vector q_j,kIn (1)Fill in the location and update the request vector q_j,kThe value q at the l-th bit of (1)_j,k[pos_l]；

When in use

Then, a vector q will be requested_j,kPos of (2)_lBit determination as a query keyword

Fill position of letter of I-th order contained, and let q_j,k[pos_l]＝q_j,k[pos_l]×P_l(ii) a When in use

Make the request vector q_j,kThe value of all the positions in (A) is multiplied by P_l(ii) a Thereby obtaining a final request vector q_j,k；

Wherein the content of the first and second substances,

F_kf() In order to be a function of the pseudo-random number,

representing query keywords

Containing the letter in position L ∈ [1, L ]]，q_j,k[pos_l]Is an initial value of q_j,k[l]，P_lIs the prime number of the I bit in the prime number sequence table P.

Because the present invention is directed to query terms containing wildcards "", it is the key to the inventive scheme how to construct query terms containing wildcards "", into request vectors. In the first step, the same as constructing the index vector, or filling all the keywords to a uniform length. Secondly, distinguishing letters and wildcards "+" in the keywords to perform corresponding processing: when processing letters, the overall thought is the same as constructing an index vector, and the method is 'selecting bits first and then calculating values'; and the wildcard ". star" is handled by multiplying the values of all the positions in the request vector by a prime number. By adopting the method for processing, the influence of the wildcard can be embodied in the request vector, thereby realizing the function of multi-keyword fuzzy query.

Further, the request vector q is generated according to the following steps_j,kConstructed as a request matrix Q_j,kAnd the request matrix Q is subjected to the matching through the kNN algorithm_j,kStructured request matrix set

And (3) carrying out encryption processing:

step S311: selecting a random number e, wherein e belongs to [2, d ], and e is an integer;

step S312: sequentially reacting q with_j,k[l]Put in Q_j,k[l][num]In, and is filled with Q_j,k[l][*]Middle removing Q_j,k[l][num]Other than the elements, each request vector q_j,kAll expanded to a request matrix Q of size dXe_j,k；

Wherein q is_j,k[l]Representing a request vector q_j,kElement at position I in (1), Q_j,k[l][num]Representation matrix Q_j,kColumn num of (1), num is a random number and num belongs to [1, e ]]L is an integer and is e [1, d ]]，Q_j,k[l][*]Middle removing Q_j,k[l][num]The sum of other elements than gamma_lSo that gamma is_l＝t_l×Q_j,k[l][num]；

Wherein t is_l0 or t_l+1 is a prime number and

Q_j,k[l][*]representing a request matrix Q_j,kAll elements of line l;

step S314: will form a request matrix set

Each request matrix Q of_j,kEach row of elements in the array is placed in the intermediate matrix in turn

Thereby obtaining an intermediate matrix of size d × (nj × e)

Wherein k is an integer and k belongs to [1, nj ];

step S315: according to an intermediate matrix

Generating two matrices of size d × (nj × e)

And

the generation rule is as follows:

for intermediate matrix

Each column of

All have: if s [ i ]]When it is equal to 0, then

If s [ i ]]1, then

Wherein, s [ i ]]Represents the ith bit of a one-dimensional matrix s in the key Sk,

representing an intermediate matrix

The ith row and the kth column of (1),

representation matrix

The ith row and the kth column of (1),

representation matrix

Row i and column k, i e [1, d]；

Step S316: will M₁And M₂Corresponding inverse matrix M₁ ^-1And M₂ ^-1Respectively and matrix with

And

multiplying to obtain an encryption request matrix T_Q；

Wherein the content of the first and second substances,

denotes two matrix multiplications.

In the scheme of the invention, the request vector is expanded into the request matrix mainly due to the consideration of scheme safety. And then, the request matrix is encrypted by adopting a kNN algorithm, so that the safety of the scheme is further improved.

Further, the step S4 of calculating the product of the encryption index matrix and the encryption request matrix, and determining the target data ciphertext according to the product result is as follows:

step S401: calculating a product matrix

Wherein the content of the first and second substances,

is a product of the encryption index matrix and the encryption request matrix and has a size of m_i×(n_jA matrix of x e);

step S402: to the product matrix

Summing every e elements in every line to obtain a sum with m_i×n_jResult matrix of (2)

For the result matrix

Each row of

All have: when k is₂When% e is 0, calculate

And taking the calculation results as a result matrix in turn

Kth₁The elements on each column are arranged in rows to obtain a size m_i×n_jResult matrix of (2)

Wherein k is₁Is an integer and k₁∈[1,mi]，k₂Is an integer and k₂∈[1,nj×e]；

Step S403: according to a matrix

Judging the encryption index matrix I_iCorresponding data cipher textWhether the target data is ciphertext:

when the query request contains a logical operator 'AND', if a result matrix corresponding to the encryption index matrix is obtained

If at least one element in each row is an integer, the data ciphertext corresponding to the encryption index matrix is the target data ciphertext;

when the query request contains a logical operator 'OR', if a result matrix corresponding to the index matrix is encrypted

If at least one row has an element as an integer, the data ciphertext corresponding to the encryption index matrix is the target data ciphertext.

In the scheme of the invention, the cloud server does not need the specific contents of the data plaintext, the initial index and the query keyword, and can judge whether the data ciphertext is the target data ciphertext or not only by calculating the product of the encryption index matrix and the encryption request matrix, so that the risk of disclosure does not exist, and the whole process has good safety. Meanwhile, the matrix constructed by the method can obtain the logical query result of 'AND' OR 'OR' contained in the query keyword through the multiplication result, so that the query is more convenient AND flexible.

In the scheme of the invention, the result matrix is passed

The principle of judging the search result by whether the elements in (1) are integers is as follows:

assuming that the index vector is P, the request vector is q, and the dimensions are d, the dot product of the vectors is represented as:

P·q＝P[1]×q[1]+P[2]×q[2]+...+P[i]×q[i]+K+P[d]×q[d]

where P [ i ] and q [ i ] represent the value of the ith bit of the corresponding vector.

According to the inventive solution, the value at each bit of the index vector P is represented by the formula P_i,k[pos_l]＝P_i,k[pos_l]/P_lThe calculation is either an integer, i.e. the value on each bit of the index vector is either a fraction (like:

P₁and P₂Is a prime number, the numerator must be 1, because the initial value of each bit of the vector is 1), or is a random integer (i.e. the random natural number determined in step S205); the value on each bit of the request vector q is given by the formula q_j,k[pos_l]＝q_j,k[pos_l]×P_lThe calculation is carried out such that the value of each bit of the request vector is only possible to be an integer (e.g., P)₁×P₂×P₃，P₁、P₂And P₃Are all prime numbers). Thus, if P [ i ]]×q[i]Is an integer, it is either the case of multiplying the integer by the integer, or the value of the corresponding position of the two vectors can be reduced. For example:

the result of this calculation is an integer, the molecule P₁×P₂×P₃Decomposed into a prime factor set { P) of three prime factors₁,P₂,P₃Contains a denominator P₁×P₂Decomposed prime factor set { P₁,P₂I.e. P_1,P₂}∈{P_1,P_2,P₃}. And the prime decomposition results of integers are unique.

The formula pos recorded according to the scheme of the invention_l＝F_kf(W_i,k[l]) And

assume initial index key W_i,kIs W_i,k[l]Querying keywords

The first letter of (a) is

If the two letters are identical, i.e.

Then respectively mapped to the vector P_i,kSum vector q_j,kPosition pos of^lAre the same; if the two letters are different, i.e.

Then respectively mapped to the vector P_i,kSum vector q_j,kPosition pos of_lAre not the same. For example, the third letter and the fourth letter "l" in the keyword "hello" map to the same position in the vector; the first letter "h" and the third letter "l" map to different positions in the vector. It can be concluded that: whether vector P_i,kOr a vector q_j,kIn the same pseudo-random function F_kf() Under calculation, the positions of the same letter mapped to the vector are the same, and the positions of different letters mapped to the vector are different.

In the scheme of the invention, the initial index key word W_ikAnd query keyword

The following two cases may occur in the l-th bit:

(1) initial index key W_i,kAnd query keyword

Is the same (contains the query keyword)

With wildcard "×", since wildcard "×" may represent any of the 26 letters): vector P_i,kPos of (2)_lThe denominator of the value of the bit must contain the prime factor P_lVector q_j,kPos of (2)_lThe value of the bit must contain a prime factor P_lAnd vector P_i,kPos of (2)_lBit sum vector q_j,kPos of (2)_lPosition is the same pos_lThe value is obtained.

(2) Initial index key W_i,kAnd query keyword

Is not the same (at this time, the letter of the l-th letter of the query keyword must not be a wildcard): vector P_i,kPos of (2)_lThe denominator of the value of the bit must contain the prime factor P_lVector q_j,kPos of (2)_lThe value of the bit must contain a prime factor P_lBut vector P_i,kPos of (2)_lBit sum vector q_j,kPos of (2)_lBits not being one and the same pos_lThe value is obtained. Note v_l＝pos_l＝F_kf(W_i,k[l])，

Then

Then, vector P_i,kV. of (b)_lThe denominator of the value of the bit must contain a prime factor P_lAnd vector q_j,kV. of (b)_lThe value of the bit not including the prime factor P_lPrime factor P_lPresence vector q_j,kTo (1) a

Bit, vector P_i,kThe denominator of (a) cannot be related to the vector q_j,kThe value of the corresponding position is divided into the quotient P [ pos [ ]_l]×q[pos_l]Must be a fraction.

The solution of the invention does not hold if the following two situations occur:

the first condition is as follows: initial index key W_i,kAnd query keywords

Match, but dot product of index vector P and request vector qNot an integer.

Case two: initial index key W_i,kAnd query keywords

Not matched, but the dot product of the index vector P and the request vector q is an integer.

The following proves that the first case and the second case are both impossible to appear through a back syndrome method respectively:

the first condition of the evidence is:

if the dot product of the index vector P and the request vector q is not an integer, then P [ i ] exists]×q[i]Is a fractional number, and q [ i ]]The prime factor set decomposed into must not contain P [ i]The denominator of (a) is decomposed into a set of prime factors. At this time, the initial index key W is explained_i,kIs the prime number P corresponding to the l-th letter_lMapped to x bits of vector P, and the keywords are queried

Is the prime number P corresponding to the l-th letter_lMapping to other positions than x bits. According to the characteristics of the pseudo-random function, if the mapping positions are different, the initial index key word W is indicated_ikThe first letter and the query keyword

Is different from the initial index key W_i,kAnd query keywords

The premise of matching contradicts each other. Therefore, the situation is unlikely to occur.

And (5) a case of evidence rejection:

if the dot product of the index vector P and the request vector q is an integer, then each P [ i [ i ] ]]×q[i]The values of (A) are all integers. At this time, each P [ i ]]×q[i]The value of (b) may or may not be 0. When the value is not 0, q [ i ]]The decomposed prime factor set must contain P [ i ]]Is decomposed into prime factor sets, i.e., P [ i]Of the denominator of (a) into a prime factor setEach prime factor is present in q [ i ]]Decomposed into prime factor sets. According to the characteristics of the pseudo-random function, the query key words must exist at the moment

Each letter of (A) is equal to the initial index key word W_i,kIn the case that the letters in the corresponding positions of (1) are the same, i.e., the initial index key

And query keywords

Match, and this case is matched with the "initial index key W_i,kAnd query keywords

The preconditions of mismatch contradict each other. Thus, case two is also unlikely.

In summary, neither case one nor case two is likely to occur, and thus the solution provided by the present invention is true.

Advantageous effects

The invention provides a ciphertext-based multi-keyword fuzzy query method in a cloud environment. The method solves the problem of fuzzy query of multiple keywords by introducing wildcards through a method of constructing vectors and matrixes, eliminates the mode of presetting dictionaries, and provides efficient updating and deleting of file indexes; meanwhile, the method supports a round of operation with multiple keywords, and reduces the operation times; moreover, the method has higher precision ratio AND recall ratio, AND provides very flexible AND/OR query, namely the method supports both logic AND query among the keywords AND logic OR query among the keywords. In addition, the matrix in the kNN algorithm encryption processing scheme is adopted, so that the scheme provided by the invention has good safety.

Drawings

FIG. 1 is a schematic diagram illustrating steps of a ciphertext-based multi-keyword fuzzy query method in a cloud environment according to the present invention;

FIG. 2 is a diagram illustrating an initialized 26-dimensional index vector for understanding step S202 according to an embodiment of the present invention;

FIG. 3 is a vector P for understanding step S204 in the embodiment of the present invention_hello；

FIG. 4 is a vector P for understanding step S204 in the embodiment of the present invention_key；

FIG. 5 is a final index vector for understanding step S205 in an embodiment of the present invention;

FIG. 6 is an index matrix Ai for understanding step S211 in the embodiment of the present invention;

FIG. 7 is a diagram of an initial request vector q for understanding step S302 according to an embodiment of the present invention_w*r*dAnd q is_k*y；

FIG. 8 is a vector P for understanding step S303 in the embodiment of the present invention_w*r*d；

FIG. 9 shows a vector P for understanding step S303 in an embodiment of the present invention_k*yAB；

Fig. 10 is a 5-dimensional vector q for understanding the contents of step S312 and step S313 in the embodiment of the present invention;

fig. 11 is a matrix Q before filling for understanding the contents in step S312 and step S313 in the embodiment of the present invention;

fig. 12 is a matrix Q after filling for understanding the contents of step S312 and step S313 in the embodiment of the present invention;

FIG. 13 is an intermediate matrix for understanding the content of step S314 in the embodiment of the present invention

Fig. 14 is an index vector and a request vector for understanding the contents of step S403 in the embodiment of the present invention.

Detailed Description

In order to better understand the contents of the present invention, the following embodiments are further described.

As shown in fig. 1, the present invention provides a ciphertext-based multi-keyword fuzzy query method in a cloud environment, including: step S1: the local server encrypts a plaintext data set according to a preset data encryption algorithm to obtain a ciphertext data set; step S2: the local server constructs the initial index key words corresponding to the plaintext data set into index vectors, constructs the index vectors into an index matrix, encrypts the index matrix by adopting a preset matrix encryption algorithm to obtain an encrypted index matrix, and sends the ciphertext data set and the encrypted index matrix to the cloud server; step S3: constructing query keywords in a query request into a request vector by a user, constructing the request vector into a request matrix, encrypting the request matrix by adopting a preset matrix encryption algorithm to obtain an encrypted request matrix, and sending the encrypted request matrix to a cloud server; step S4: the cloud server calculates the product of the encryption index matrix and the encryption request matrix according to the encryption request matrix, determines a target data ciphertext according to the product result, and sends the target data ciphertext back to the user; step S5: the user decrypts the target data ciphertext through the data encryption algorithm of the step S1 to obtain a target data plaintext; each initial index key corresponds to an index vector; each row element of the index matrix corresponds to an index vector; the query keyword in the query request comprises a wildcard character; the query keywords in the query request are connected through a logical operator; the logical operators include "AND" OR "OR".

The method provided by the invention comprises the steps of constructing the initial index key words into the index vectors, constructing the index matrixes, encrypting the index vectors to obtain the encrypted index matrixes, constructing the query key words into the request vectors, constructing the query matrixes, encrypting the query matrixes to obtain the encrypted request matrixes, and determining the target data ciphertext by calculating the product of the encrypted index matrixes and the encrypted request matrixes. After the vector and the matrix are constructed by adopting the method provided by the invention, the data ciphertext corresponding to the index vector is the target data ciphertext only when the product of the index vector and the request vector in the matrix is an integer. Meanwhile, the query keyword in the scheme of the invention contains wildcards, and when the request vector is constructed, the influence of the wildcards is considered, and the request vector is correspondingly processed, so that the fuzzy query function can be realized. Wildcards can represent any ambiguous English letter, for example, "unsure" and "insture" are both correct query results when the query keyword is ". times.sure". Because the query keywords in the query request in the scheme of the invention have a logical operation relationship (namely logical OR or logical OR), the invention can also realize logical query.

In this embodiment, the preset matrix encryption algorithm is a kNN algorithm; the key of the preset matrix encryption algorithm is Sk, and the key Sk at least comprises: a prime number sequence table P, a completion alphabet S and a reversible encryption matrix M; the prime number sequence table P ═ { P ═ P₁,...,P_i,...P_LTherein, each element P_iAre all randomly generated prime numbers; the complement alphabet S ═ S₁,...,S_i,...S_LTherein, each element S_iAll are from 26 English alphabetic dictionary alphabets

Chinese English letters are randomly selected from the Chinese characters,

the reversible encryption matrix M ═ { M ═ M₁,M₂S }, wherein M₁And M₂Are all invertible matrices of size dxd, M₁And M₂The corresponding inverse matrices are respectively denoted as M₁ ^-1And M₂ ^-1S is a one-dimensional matrix with the number of columns being d, the value of matrix elements being 0 or 1, and is generated by a pseudo-random number function; and d is more than or equal to 26, L is more than or equal to the number of letters contained in the initial index key word with the longest length, and d and L are positive integers.

The existing literature document "Secure kNN calculation on Encrypted Databases" (w.k.wong, d.w. -l.chenng, b.kao, and n.mamoulis, proc.of SIGMOD,2009) discloses a method for using kNN algorithm for encryption processing. Wherein the prime number sequence table is composed of randomly generated prime elementsThe numbers are arranged from small to large. The value of L is determined by the keyword with the longest length in the initial index, and the value of L is more than or equal to the total number of letters contained in the keyword. For the sake of correctness of the scheme, the value of d should be greater than or equal to 26; for safety reasons, the value of d is preferably greater than or equal to 128. Sequential dictionary alphabet

The English letters in the Chinese are not distinguished from case to case.

In the present embodiment, each of the initial index keys W is constructed according to the following steps_i,kCorresponding d-dimensional index vector P_i,k: step S201: indexing the initial Key W_i,kThe number of the letters is complemented to a uniform length L; judging initial index key word W_i,kThe number of letters W_i,kL |: when | | | W_i,k||<When L, sequentially selecting L- | W from the completion alphabet S_i,kCompleting initial index key word W by | letter_i,kSo that | | W_i,kL | ═ L; when | | | W_i,kWhen | | | is greater than or equal to L, directly executing step S202; step S202: initializing a d-dimensional index vector P_i,kWill index the vector P_i,kAll elements of (2) are set to 1, so that P_i,k[l]＝1,l∈[1,d]L is an integer;

wherein, P_i,k[l]Represents an index vector P_i,kThe element in position I; step S203: selecting initial index key word W_i,kContaining letters in an index vector P_i,kThe fill position of (1); sequentially indexing the vector P_i,kPos of (2)_lBit determination as an initial index key W_i,kFill location of the letter of the l-th digit of the inclusion; wherein, pos_l＝F_kf(W_i,k[l])，F_kf() Is a function of pseudo-random number, W_i,k[l]Representing an initial index key W_i,kContaining the letter in position L ∈ [1, L ]](ii) a Step S204: updating the index vector P_i,kPos of (2)_lValue P on bit_i,k[pos_l](ii) a Wherein, P_i,k[pos_l]＝P_i,k[pos_l]/P_l；P_i,k[pos_l]Is initially value of P_i,k[l]，P_lIs the prime number of the I bit in the prime number sequence table P, and is belonged to [1, L ∈](ii) a Step S205: randomly selecting a natural number alpha, and indexing the vector P_i,kReplacing the value of the position still being the initial value 1 with alpha to obtain the final index vector P_i,k。

When constructing the index vector, the first step is to complement all the initial index keywords into a uniform length, and for the initial index keywords with insufficient length, the initial index keywords are complemented in a mode of selecting letters from a complementing alphabet and directly complementing the letters behind the original letters of the initial index keywords. The general idea of the vector construction process is "choose the position first and then calculate the value", step S203 is used to choose the position of each letter in the initial index key in the index vector, and step S204 is used to determine the value filled in the corresponding position of each letter in the vector. Step S205 is used to improve the security of the scheme, even if two data in the plaintext data set both contain the same initial Index key, the Index vectors of the initial Index keys corresponding to the two data are different, and the two data are technically referred to as "Index indexing reliability" (Index is indistinguishable).

Specifically, assume that the plaintext data set D ═ D₁,D₂The initial index corresponding to the plaintext data set D is W ═ W₁,W ₂26, prime sequence table P {3,5,7,11,13}, completion alphabet S { 'a', 'B', 'C', 'D', 'E' }, where data D is obtained₁Corresponding index W₁{ "hello", "key" }, data D₂Corresponding index W₂L is 5, because of key. The process of constructing the index vectors corresponding to the keywords "hello" and "key" is as follows:

according to step S201, the keyword "hello" does not need to be filled, and the keyword "key" needs to be filled, so as to obtain W₁＝{"hello","keyAB"}；

According to step S202, two 26-dimensional index vectors are initialized, and all elements in the index vectors are set to 1, as shown in fig. 2;

according to step S203, for the keywordsFor "hello", W_hello[1]＝′h′，W_hello[2]＝′e′，W_hello[3]＝′l′， W_hello[4]＝′l′，W_hello[5]O'; selecting a pseudo-random number function F_kf() And calculating to obtain the filling position corresponding to each letter. Similarly, the filling position of the keyword "keyAB" is calculated, and finally the filling positions corresponding to the keywords "hello" and "keyAB" are obtained as shown in the following table:

“hello”	‘h’	‘e’	‘l’	‘l’	‘o’
						pos	9	13	11	11	7
“keyAB”	‘k’	‘e’	‘y’	‘A’	‘B’
						pos	8	13	10	5	15

according to step S204, the filling position obtained from the above table is according to the formula P_i,k[pos_l]＝P_i,k[pos_l]/P_lCalculating the specific filling value of each position:

for the keyword "hello", the constructed vector P_helloAs shown in fig. 3:

①pos_′h′9 (available from table above), prime table P ═ {3,5,7,11,13} P ₁3, then

(the calculated meaning is: vector P representing the keyword "hello_helloThe value of the 9 th bit is updated to

)；

②pos _′e′13, prime number table P ═ {3,5,7,11,13} P ₂5, then

(the calculated meaning is: vector P representing the keyword "hello_helloThe value of bit 13 is updated to

)；

③pos _′l′11, prime number table P ═ {3,5,7,11,13} P ₃7, then

(calculated)The meaning is: vector P representing the keyword "hello_helloThe value of 11 th bit is updated to

)；

④pos _′l′11, prime number table P ═ {3,5,7,11,13} P ₄11, then

(the calculated meaning is: vector P representing the keyword "hello_helloThe value of 11 th bit is updated to

)；

⑤pos _′o′7, prime number table P ═ {3,5,7,11,13} P ₅13, then

(the calculated meaning is: vector P representing the keyword "hello_helloThe value of the 7 th bit is updated to

)。

For the keyword "keyAB", the constructed vector P_keyAs shown in fig. 4:

①pos_′k′8 (available from table above), prime table P ═ {3,5,7,11,13} P ₁3, then

②pos _′e′13, prime number table P ═ {3,5,7,11,13} P ₂5, then

③pos _′y′10, prime number table P ═ {3,5,7,11,13} P ₃7, then

④pos_′A′(5), prime number table P ═ {3,5,7,11,13} P ₄11, then

⑤pos _′B′15, prime number table P ═ {3,5,7,11,13} P ₅13, then

In step S205, the random number α is set to 0, and the value of the position in the index vector where the initial value 1 is not yet obtained is replaced with α, so that the final index vector is obtained as shown in fig. 5.

In the present embodiment, the vector P is indexed according to the following steps_i,kConstructed set of index vectors

Constructing an index matrix Ai, and encrypting the index matrix Ai by a kNN algorithm: step S211: sequentially indexing the vector set

P in (1)_i,kIs placed in the kth row of the index matrix Ai to obtain an index matrix Ai with the size of mi x d, k ∈ [1, mi](ii) a Step S212: two matrices Ai' and Ai "of size mi × d are generated from the index matrix Ai, the generation rule is as follows: for each row Ai [ k ] of the index matrix Ai][*]: if s [ j ]]If 0, then Ai' [ k ]][j]＝Ai"[k][j]＝Ai[k][j](ii) a If s [ j ]]When 1, Ai' k][j]+Ai"[k][j]＝Ai[k][j](ii) a Wherein, s [ j ]]Represents the jth bit, Ai [ k ], of a one-dimensional matrix s in the secret key Sk][j]Denotes the element in the k-th row and j-th column of the index matrix Ai, Ai' [ k][j]Denotes the element in the k-th row and j-th column of the matrix Ai', Ai "[ k ]][j]Elements representing the kth row and jth column of the matrix Ai', j ∈ [1, d](ii) a Step S213: the matrices Ai 'and Ai' are respectively associated with said M₁And M₂Multiplying to obtain an encryption index matrix I_i(ii) a Wherein, I_i＝(I_i′,I_i")＝(Ai′·M₁,Ai"·M₂) And represents the multiplication of two matrices.

In the scheme of the invention, an index vector set is constructed into an index matrix, and then the index matrix is encrypted by adopting a kNN algorithm to obtain an encrypted index matrix. Therefore, the index contents transmitted in the data interaction process in the scheme are all encrypted contents, and the safety of the scheme is further improved.

Continuing the example mentioned above, P is added according to step S211₁＝{P_hello,P_keyAre placed in a 2X 26 matrix A₁：P_helloIs arranged in matrix A₁First row of (B), P_keyIs arranged in matrix A₁The resulting index matrix Ai is shown in fig. 6 for the second row of (a).

For the convenience of the splitting step of step S212, a one-dimensional example is specifically described below. Let s be {1,0,0,1}, and a be [1,2,3,4 }]And is separated into A '═ a'₁,a′₂,a′₃,a′₄]And A ″ [ a ″ ]₁,a″₂,a″₃,a″₄]。

①s[1]1, satisfies the resolution condition A [1]][1]＝A′[1][1]+A″[1][1]Namely, such as: 1 ═ 2-3, then a ═ 2, a'₂,a′₃,a′₄]，A″＝[-3,a″₂,a″₃,a″₄]。

②s[2]0 'satisfies the resolution condition A'_i[k][j]＝A″_i[k][j]＝A_i[k][j]That is, then a '═ 2,2, a'₃,a′₄]， A″＝[-3,2,a″₃,a″₄]

③s[3]0 'satisfies the resolution condition A'_i[k][j]＝A″_i[k][j]＝A_i[k][j]That is, then a '═ 2,2,3, a'₄]， A″＝[-3,2,3,a″₄]

(iv) s [4] ═ 1, and the resolution condition a [1] [1] ═ a' [1] [1] + a "[ 1] [1], may be satisfied, for example: 4 ═ 0+4, then a ═ 2,2,3,0], a [ -3,2,3,4 ].

In the present embodiment, each query key is constructed according to the following stepsWord

Corresponding d-dimensional request vector q_j,k: step S301: will inquire about the key word

The number of the letters is complemented to a uniform length L; determining query keywords

Number of letters involved

When in use

Then, sequentially selecting from the complement alphabet S

Each letter completes the query key word

Behind the original letter of (A) such that

When in use

If so, directly executing step S302; step S302: initializing a d-dimensional request vector q_j,kWill request a vector q_j,kAll elements of (a) are set to 1, such that q_j,k[l]＝1,l∈[1,d]L is an integer; wherein q is_j,k[l]Representing a request vector q_j,kThe element in position I; step S303: selecting query keywords

Containing letters in the request vector q_j,kAnd updating the request vector q_j,kThe value q at the l-th bit of (1)_j,k[pos_l](ii) a When in use

Then, a vector q will be requested_j,kPos of (2)_lBit determination as a query keyword

Fill position of letter of I-th order contained, and let q_j,k[pos_l]＝q_j,k[pos_l]×P_l(ii) a When in use

Make the request vector q_j,kThe value of all the positions in (A) is multiplied by P_l(ii) a Thereby obtaining a final request vector q_j,k(ii) a Wherein the content of the first and second substances,

F_kf() In order to be a function of the pseudo-random number,

representing query keywords

Containing the letter in position L ∈ [1, L ]]，q_j,k[pos_l]Is an initial value of q_j,k[l]，P_lIs the prime number of the I bit in the prime number sequence table P.

Because the present invention is directed to query terms containing wildcards "", it is the key to the inventive scheme how to construct query terms containing wildcards "", into request vectors. In the first step, the same as constructing the index vector, or filling all the keywords to a uniform length. Secondly, distinguishing letters and wildcards "+" in the keywords to perform corresponding processing: when processing letters, the overall thought is the same as constructing an index vector, and the method is 'selecting bits first and then calculating values'; and the wildcard ". star" is handled by multiplying the values of all the positions in the request vector by a prime number. By adopting the method for processing, the influence of the wildcard can be embodied in the request vector, thereby realizing the function of multi-keyword fuzzy query.

Suppose that

Obtained according to step S301

According to step S302, a 26-dimensional initial request vector q is obtained_w*r*dAnd q is_k*yAs shown in fig. 7.

According to step S303, the keyword "w × r × d":

keyword "k × yAB":

the filling positions obtained are shown in the following table:

“w*r*d”	‘w’	‘r’	‘d’
					pos	6	14	12
“k*yAB”	‘k’	‘y’	‘A’	‘B’
					pos	8	10	5	15

for the keyword "w r d", the constructed vector P_w*r*dAs shown in fig. 8:

①pos_′w′6 (available from table above), prime table P ═ {3,5,7,11,13} P ₁3, then q_w*r*d[6]＝q_w*r*d[6]×P _l1 × 3 ═ 3 (the calculated meaning is: a vector q representing the keyword "w × r × d_w*r*dThe value of the 6 th bit is updated to 3);

second digit of "w x r x d" is "", prime table P ═ 3,5,7,11,13} P ₂5. Vector q_w*r*dExecute from bit 1 to bit 26

③pos _′r′14, prime number table P ═ {3,5,7,11,13} P₃Q is 7, then q_w*r*d[14]＝q_w*r*d[14]×P _l1 × 7-7; ('r' is the third digit of 'w r d', so the third prime P of the prime table is used₃＝7)；

The fourth bit of "w x r x d" is "", and prime number table P {3,5,7,11,13} P ₄11. Vector q_w*r*dExecute from bit 1 to bit 26

⑤pos _′d′12, prime number table P ═ {3,5,7,11,13} P ₅13, then q_w*r*d[12]＝q_w*r*d[12]×P _l1 × 13 ═ 13; ('d' is the fifth digit of 'w r d', so the fifth prime number P of the prime table is used₅＝13)。

For the keyword "k × yAB", the vector P is formed_k*yABAs shown in fig. 9:

①pos_′k′8 (available from table above), prime table P ═ {3,5,7,11,13} P ₁3, then q_k*y[8]＝q_k*y[8]×P _l1 × 3 ═ 3 (the calculated meaning is: a vector q representing the keyword "k × y_k*yThe value of the 8 th bit is updated to 3);

second digit of "k yAB" is "", prime table P is {3,5,7,11,13} P ₂5. Vector q_k*yExecute from bit 1 to bit 26

③pos _′y′10, prime number table P ═ {3,5,7,11,13} P₃Q is 7, then q_k*y[10]＝q_k*y[10]×P _l1 × 7 ═ 7 ('y' is the third bit of "k × y", so the third prime P of the prime table is used₃＝7)；

④pos_′A′(5), prime number table P ═ {3,5,7,11,13} P₄Q is 11, then q_k*y[5]＝q_k*y[5]×P _l1 × 11 ═ 11 ('a' is the fourth bit of "k × yAB"), so the fourth prime P of the prime table is used₄＝11)；

⑤pos _′B′15, prime number table P ═ {3,5,7,11,13} P ₅13, then q_k*y[15]＝q_k*y[15]×P _l1 × 13 ═ 13 ('a' is the fifth digit of "k × yAB", so the fifth prime P of the prime table is used₅＝13)。

In the present embodiment, the request vector q is generated according to the following steps_j,kConstructed as a request matrix Q_j,kAnd the request matrix Q is subjected to the matching through the kNN algorithm_j,kStructured request matrix set

And (3) carrying out encryption processing: step S311: selecting a random number e, wherein e belongs to [2, d ]]And e is an integer; step S312: sequentially reacting q with_j,k[l]Put in Q_j,k[l][num]In, and is filled with Q_j,k[l][*]Middle removing Q_j,k[l][num]Other than the elements, each request vector q_j,kAll expanded to a request matrix Q of size dXe_j,k(ii) a Wherein q is_j,k[l]Representing a request vector q_j,kElement at position I in (1), Q_j,k[l][num]Representation matrix Q_j,kColumn num of (1), num is a random number and num belongs to [1, e ]]L is an integer and is e [1, d ]]，Q_j,k[l][*]Middle removing Q_j,k[l][num]The sum of other elements than gamma_lSo that gamma is_l＝t_l×Q_j,k[l][num](ii) a Wherein t is_l0 or t_l+1 is a prime number and

Q_j,k[l][*]representing a request matrix Q_j,kAll elements of line l; step S314: will form a request matrix set

Each request matrix Q of_j,kEach row of elements in the array is placed in the intermediate matrix in turn

Thereby obtaining an intermediate matrix of size d × (nj × e)

Wherein k is an integer and k is an element [1, nj ]](ii) a Step S315: according to an intermediate matrix

Generating two matrices of size d × (nj × e)

And

the generation rule is as follows: for intermediate matrix

Each column of

All have: if s [ i ]]When it is equal to 0, then

If s [ i ]]1, then

Wherein, s [ i ]]Represents the ith bit of a one-dimensional matrix s in the key Sk,

representing an intermediate matrix

The ith row and the kth column of (1),

representation matrix

The ith row and the kth column of (1),

representation matrix

Row i and column k, i e [1, d](ii) a Step S316: will M₁And M₂Corresponding inverse matrix M₁ ^-1And M₂ ^-1Respectively and matrix with

And

multiplying to obtain an encryption request matrix T_Q(ii) a Wherein the content of the first and second substances,

denotes two matrix multiplications.

In the scheme of the invention, the request vector is expanded into the request matrix mainly due to the consideration of scheme safety. And then, the request matrix is encrypted by adopting a kNN algorithm, so that the safety of the scheme is further improved.

To simplify the process of expanding the request vector into the request matrix in steps S312 and S313, it is assumed that there is a 5-dimensional vector q (as shown in fig. 10), taking e-3, and starting from l-1, incrementing by 1:

when l is equal to 1, randomly selecting num to 1, and placing Q [1] in a matrix Q [1] [1 ];

when l is 2, randomly selecting num is 2, and placing Q2 in a matrix Q2;

when l is 3, randomly selecting num is 3, and placing Q3 in a matrix Q3;

when l is 4, randomly selecting num is 2, and placing Q4 in a matrix Q4 ] [2 ];

when l is 5, randomly selecting num is 3, and placing Q5 in a matrix Q5;

resulting in a corresponding matrix Q (as shown in fig. 11).

Then, other positions in the matrix Q are filled to obtain an expanded matrix Q (as shown in fig. 12):

when l is 1, filling except Q1][1]An element other than; selecting t₁When the value is 0, then gamma₁＝t₁Q[1][1]0; except for Q1][1]The other element being Q [1]][2]And Q < 1 >][3]Then the condition γ is satisfied₁＝Q[1][2]+Q[1][3]0 is obtained; taking Q [1]][2]＝-2， Q[1][3]＝2。

When l is 2, fill except for Q2][2]An element other than; selecting t₂1 (because of t)₂+1＝2 is a prime number and

then gamma is₂＝t₂Q[2][2]11; except for Q2][2]The other element being Q2][1]And Q2][3]Then the condition γ is satisfied₂＝Q[2][1]+Q[2][3]Can be obtained by taking the formula as 11; taking Q2][1]＝1，Q[2][3]＝10。

(iii) when l is 3, filling except Q3][3]An element other than; selecting t₃When the value is 0, then gamma₃＝t₃Q[3][3]0; except for Q3][3]The other element being Q3][1]And Q3][2]Then the condition γ is satisfied₃＝Q[3][1]+Q[3][2]0 is obtained; taking Q3][1]＝-5， Q[3][2]＝5。

When l is 4, filling except Q4][2]An element other than; selecting t₄16 (because of t)₄+ 1-17 is a prime number and

then gamma is₄＝t₄Q[4][2]16 × 5 ═ 90; except for Q4][2]The other element being Q [4]][1]And Q < 4 >][3]Then the condition γ is satisfied₄＝Q[4][1]+Q[4][3]Can be changed to 90; taking Q [4]][1]＝0，Q[4][3]＝90。

When l is 5, filling except Q5][3]An element other than; selecting t₅16 (because of t)₅+ 1-17 is a prime number and

then gamma is₅＝t₅Q[5][3]16 × 13 ═ 208; except for Q5][3]The other element being Q [5]][1]And Q [5]][2]Then the condition γ is satisfied₅＝Q[5][1]+Q[5][2]208, the product can be obtained; taking Q [5]][1]＝200，Q[5][2]＝8。

To facilitate understanding of the contents of step S314, if a matrix set Q is requested₁＝{Q_w*r*d,Q_k*y}, intermediate matrix

As shown in fig. 13, Q is_w*r*dPlaced in columns 1-3, Q of the matrix_k*yPlaced in columns 4-6 of the matrix. Q_w*r*dAnd Q_k*yAre all a 26 x 3 matrix and therefore

Is a 26 x (2 x 3) or 26 x 6 matrix.

In step S4, the step of calculating the product of the encryption index matrix and the encryption request matrix, and determining the target data ciphertext according to the product result is as follows: step S401: calculating a product matrix

Wherein the content of the first and second substances,

is a product of the encryption index matrix and the encryption request matrix and has a size of m_i×(n_jA matrix of x e); step S402: to the product matrix

Summing every e elements in every line to obtain a sum with m_i×n_jResult matrix of (2)

For the result matrix

Each row of

All have: when k is₂When% e is 0, calculate

And taking the calculation results as a result matrix in turn

Kth₁Each row and each columnThe above element, to obtain a size of m_i×n_jResult matrix of (2)

Wherein k is₁Is an integer and k₁∈[1,mi]，k₂Is an integer and k₂∈[1,nj×e](ii) a Step S403: according to a matrix

Judging the encryption index matrix I_iWhether the corresponding data ciphertext is the target data ciphertext: when the query request contains a logical operator 'AND', if a result matrix corresponding to the encryption index matrix is obtained

If at least one element in each row is an integer, the data ciphertext corresponding to the encryption index matrix is the target data ciphertext; when the query request contains a logical operator 'OR', if a result matrix corresponding to the index matrix is encrypted

If at least one row has an element as an integer, the data ciphertext corresponding to the encryption index matrix is the target data ciphertext.

In the scheme of the invention, the cloud server does not need the specific contents of the data plaintext, the initial index and the query keyword, and can judge whether the data ciphertext is the target data ciphertext or not only by calculating the product of the encryption index matrix and the encryption request matrix, so that the risk of disclosure does not exist, and the whole process has good safety. Meanwhile, the matrix constructed by the method can obtain the logical query result of 'AND' OR 'OR' contained in the query keyword through the multiplication result, so that the query is more convenient AND flexible.

For the convenience of understanding the contents of step S402, it is assumed that there is a matrix of 2 × (2 × 3)

This formula "When k is₂When% e is equal to 0,

this can be understood simply as follows: for matrix

Every e elements. For example:

summing every 3 elements.

For the first row

(1+2+3)＝6，(4+5+6)＝15；

For the second row

(1+1+3)＝5，(3+6+6)＝15。

Thus obtaining a new 2X 2 (i.e.: m)_i×n_j) Of (2) matrix

For the convenience of understanding the content of step S403, assuming that the index vector and the request vector are as shown in fig. 14, then:

matrix array

Matrix A₂＝[P_key]Matrix of

It can be seen that the matrix contains "w x r x d" and "k x y" because no file contains both

And

the requirement that each column has at least one integer is not met, so that the query result conforming to the logic 'AND' does not exist;

since both files contain "k x y", the matrix is a binary matrix

And

all satisfy the requirement that at least one column has an integer, so there is a query result that meets the logical "OR".

In summary, the invention provides a ciphertext-based multi-keyword fuzzy query method in a cloud environment. The method solves the problem of fuzzy query of multiple keywords by introducing wildcards through a method of constructing vectors and matrixes, eliminates the mode of presetting dictionaries, and provides efficient updating and deleting of file indexes; meanwhile, the method supports a round of operation with multiple keywords, and reduces the operation times; moreover, the method has higher precision ratio AND recall ratio, AND provides very flexible AND/OR query, namely the method supports both logic AND query among the keywords AND logic OR query among the keywords. In addition, the matrix in the kNN algorithm encryption processing scheme is adopted, so that the scheme provided by the invention has good safety.

The above description is only exemplary of the present invention and should not be taken as limiting the invention, as any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (5)

1. A ciphertext-based multi-keyword fuzzy query method in a cloud environment is characterized by comprising the following steps:

step S1: the local server encrypts a plaintext data set according to a preset data encryption algorithm to obtain a ciphertext data set;

step S2: the local server constructs the initial index key words corresponding to the plaintext data set into index vectors, constructs the index vectors into an index matrix, encrypts the index matrix by adopting a preset matrix encryption algorithm to obtain an encrypted index matrix, and sends the ciphertext data set and the encrypted index matrix to the cloud server;

step S3: constructing query keywords in a query request into a request vector by a user, constructing the request vector into a request matrix, encrypting the request matrix by adopting a preset matrix encryption algorithm to obtain an encrypted request matrix, and sending the encrypted request matrix to a cloud server;

step S4: the cloud server calculates the product of the encryption index matrix and the encryption request matrix according to the encryption request matrix, determines a target data ciphertext according to the product result, and sends the target data ciphertext back to the user;

step S5: the user decrypts the target data ciphertext through the data encryption algorithm of the step S1 to obtain a target data plaintext;

each initial index key corresponds to an index vector;

each row element of the index matrix corresponds to an index vector;

the query keyword in the query request comprises a wildcard character;

the query keywords in the query request are connected through a logical operator;

the logical operators comprise "AND" OR "OR";

the preset matrix encryption algorithm is a kNN algorithm;

the key of the preset matrix encryption algorithm is Sk, and the key Sk at least comprises: a prime number sequence table P, a completion alphabet S and a reversible encryption matrix M;

the prime number sequence table P ═ { P ═ P₁,...,P_i,...P_LTherein, each element P_iAre all randomly generated prime numbers;

the complement alphabet S ═ S₁,...,S_i,...S_LTherein, each element S_iAll are from 26 English alphabetic dictionary alphabets

Chinese English letters are randomly selected from the Chinese characters,

the reversible encryption matrix M ═ { M ═ M₁,M₂S }, wherein M₁And M₂Are all invertible matrices of size dxd, M₁And M₂The corresponding inverse matrices are respectively denoted as M₁ ^-1And M₂ ^-1S is a one-dimensional matrix with the number of columns being d, the value of matrix elements being 0 or 1, and is generated by a pseudo-random number function;

wherein d is more than or equal to 26, L is more than or equal to the number of letters contained in the initial index key word with the longest length, and d and L are positive integers;

constructing each initial index key W according to the following steps_i,kCorresponding d-dimensional index vector P_i,k：

Step S201: indexing the initial Key W_i,kThe number of the letters is complemented to a uniform length L;

judging initial index key word W_i,kThe number of letters W_i,kL |: when | | | W_i,k||<When L, sequentially selecting L- | W from the completion alphabet S_i,kCompleting initial index key word W by | letter_i,kSo that | | W_i,kL | ═ L; when | | | W_i,kWhen | | | is greater than or equal to L, directly executing step S202;

step S202: initializing a d-dimensional index vector P_i,kWill index the vector P_i,kAll elements of (2) are set to 1, so that P_i,k[l]＝1，l∈[1,d]L is an integer;

wherein, P_i,k[l]Represents an index vector P_i,kThe element in position I;

step S203: selecting initial index key word W_i,kContaining letters in an index vector P_i,kThe fill position of (1);

sequentially indexing the vector P_i,kPos of (2)_lBit determination as an initial index key W_i,kFill location of the letter of the l-th digit of the inclusion;

wherein, pos_l＝F_kf(W_i,k[l])，F_kf() Is a function of pseudo-random number, W_i,k[l]Representing an initial index key W_i,kContaining the letter in position L ∈ [1, L ]]；

Step S204: updating the index vector P_i,kPos of (2)_lValue P on bit_i,k[pos_l]；

Wherein, P_i,k[pos_l]＝P_i,k[pos_l]/P_l；

P_i,k[pos_l]Is initially value of P_i,k[l]，P_lIs the prime number of the I bit in the prime number sequence table P, and is belonged to [1, L ∈]；

Step S205: randomly selecting a natural number alpha, and indexing the vector P_i,kReplacing the value of the position still being the initial value 1 with alpha to obtain the final index vector P_i,k。

2. The method of claim 1, wherein the vector P is indexed according to the following steps_i,kConstructed set of index vectors

Constructing an index matrix Ai, and encrypting the index matrix Ai by a kNN algorithm:

step S211: sequentially indexing the vector set

P in (1)_i,kIs placed in the k-th row of the index matrix Ai to obtain oneAn index matrix Ai, k ∈ [1, mi ] of size mi × d]；

Step S212: two matrices Ai' and Ai "of size mi × d are generated from the index matrix Ai, the generation rule is as follows:

for each row Ai [ k ] [ ] of the index matrix Ai: if s [ j ] is equal to 0, Ai' [ k ] [ j ] ═ Ai "[ k ] [ j ] ═ Ai [ k ] [ j ]; if s [ j ] is 1, Ai' [ k ] [ j ] + Ai "[ k ] [ j ] ═ Ai [ k ] [ j ];

wherein s [ j ] represents the jth bit of a one-dimensional matrix s in the key Sk, Ai [ k ] [ j ] represents the jth column element of the kth row in the index matrix Ai, Ai '[ k ] [ j ] represents the jth column element of the kth row in the matrix Ai', Ai "[ k ] [ j ] represents the jth column element of the kth row in the matrix Ai", and j belongs to [1, d ];

step S213: the matrices Ai 'and Ai' are respectively associated with said M₁And M₂Multiplying to obtain an encryption index matrix I_i；

Wherein, I_i＝(I_i',I_i")＝(Ai'·M₁,Ai"·M₂) Denotes the multiplication of two matrices, I_i',I_i"denotes an intermediate variable, I_i'＝Ai'·M₁，I_i"＝Ai"·M₂。

3. The method of claim 2, wherein each query keyword is constructed according to the following steps

Corresponding d-dimensional request vector q_j,k：

Step S301: will inquire about the key word

The number of the letters is complemented to a uniform length L;

determining query keywords

Number of letters involved

When in use

Then, sequentially selecting from the complement alphabet S

Each letter completes the query key word

Behind the original letter of (A) such that

When in use

If so, directly executing step S302;

step S302: initializing a d-dimensional request vector q_j,kWill request a vector q_j,kAll elements of (a) are set to 1, such that q_j,k[l]＝1，l∈[1,d]L is an integer;

wherein q is_j,k[l]Representing a request vector q_j,kThe element in position I;

step S303: selecting query keywords

Containing letters in the request vector q_j,kAnd updating the request vector q_j,kThe value q at the l-th bit of (1)_j,k[pos_l]；

When in use

Then, a vector q will be requested_j,kPos of (2)_lBit determination as a query keyword

Filling position of the letter of the first digit included, andq_j,k[pos_l]＝q_j,k[pos_l]×P_l(ii) a When in use

Make the request vector q_j,kThe value of all the positions in (A) is multiplied by P_l(ii) a Thereby obtaining a final request vector q_j,k；

Wherein the content of the first and second substances,

representing query keywords

Containing the letter in position L ∈ [1, L ]]，q_j,k[pos_l]Is an initial value of q_j,k[l]，P_lIs the prime number of the I bit in the prime number sequence table P.

4. A method according to claim 3, characterized in that the request vector q is formed according to the following steps_j,kConstructed as a request matrix Q_j,kAnd the request matrix Q is subjected to the matching through the kNN algorithm_j,kStructured request matrix set

And (3) carrying out encryption processing:

step S311: selecting a random number e, wherein e belongs to [2, d ], and e is an integer;

step S312: sequentially reacting q with_j,k[l]Put in Q_j,k[l][num]In, and is filled with Q_j,k[l][*]Middle removing Q_j,k[l][num]Other than the elements, each request vector q_j,kAll expanded to a request matrix Q of size dXe_j,k；

Wherein Q is_j,k[l][num]Representation matrix Q_j,kColumn num of (1), num is a random number and num belongs to [1, e ]]，lIs an integer and is e [1, d ∈ ]]，Q_j,k[l][*]Middle removing Q_j,k[l][num]The sum of other elements than gamma_lSo that gamma is_l＝t_l×Q_j,k[l][num]；

Wherein t is_l0 or t_l+1 is a prime number and

Q_j,k[l][*]representing a request matrix Q_j,kAll elements of line l;

step S314: will form a request matrix set

Each request matrix Q of_j,kEach row of elements in the array is placed in the intermediate matrix in turn

Thereby obtaining an intermediate matrix of size d × (nj × e)

Wherein k is an integer and k belongs to [1, nj ];

step S315: according to an intermediate matrix

Generating two matrices of size d × (nj × e)

And

the generation rule is as follows:

for intermediate matrix

Each column of

All have: if s [ i ]]When it is equal to 0, then

If s [ i ]]1, then

Wherein, s [ i ]]Represents the ith bit of a one-dimensional matrix s in the key Sk,

representing an intermediate matrix

The ith row and the kth column of (1),

representation matrix

The ith row and the kth column of (1),

representation matrix

Row i and column k, i e [1, d]；

Step S316: will M₁And M₂Corresponding inverse matrix M₁ ^-1And M₂ ^-1Respectively and matrix with

And

multiplying to obtain an encryption request matrix T_Q；

Wherein the content of the first and second substances,

denotes the multiplication of two matrices, T_Q',T_Q"means the intermediate variable or variables of the intermediate variable,

5. the method according to claim 4, wherein the step S4 is to calculate a product of the encryption index matrix and the encryption request matrix, and the step of determining the target data ciphertext according to the product result is as follows:

step S401: calculating a product matrix

Wherein the content of the first and second substances,

is a product of the encryption index matrix and the encryption request matrix and has a size of m_iA matrix of x (nj × e);

step S402: to the product matrix

Summing every e elements in every line to obtain a sum with m_iResult matrix of xnj

For the result matrix

Each row of

All have: when k is₂When% e is 0, calculate

And taking the calculation results as a result matrix in turn

Kth₁The elements on each column are arranged in rows to obtain a size m_iResult matrix of xnj

Wherein k is₁Is an integer and k₁∈[1,mi]，k₂Is an integer and k₂∈[1,nj×e]；

Step S403: according to a matrix

Judging the encryption index matrix I_iWhether the corresponding data ciphertext is the target data ciphertext:

when the query request contains a logical operator 'AND', if a result matrix corresponding to the encryption index matrix is obtained

If at least one element in each row is an integer, the data ciphertext corresponding to the encryption index matrix is the target data ciphertext;

when the query request contains a logical operator 'OR', if a result matrix corresponding to the index matrix is encrypted

If at least one row has an element as an integer, the data ciphertext corresponding to the encryption index matrix is the target data ciphertext.

Images