CN109981643A - A kind of inquiry authorization of fine granularity can search for encryption method and system - Google Patents
A kind of inquiry authorization of fine granularity can search for encryption method and system Download PDFInfo
- Publication number
- CN109981643A CN109981643A CN201910232696.3A CN201910232696A CN109981643A CN 109981643 A CN109981643 A CN 109981643A CN 201910232696 A CN201910232696 A CN 201910232696A CN 109981643 A CN109981643 A CN 109981643A
- Authority
- CN
- China
- Prior art keywords
- inquiry
- key
- user
- node
- search
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
Abstract
It can search for encryption method and system the invention discloses a kind of inquiry authorization of fine granularity, implementation steps include that data set provider extracts index key from initial data, encrypts to initial data;Generate two key sk1And sk2;Access control tree is established for index key, index key is encrypted, and the index key of the data file of encryption and encryption is committed to server;Inquiry user encrypts key word of the inquiry using the private key of data set provider authorization, and ciphertext is sent to server;Server is retrieved in encrypted indexes keyword according to the key word of the inquiry of encryption, and returns to the encryption data for meeting query requirement to inquiry user, and inquiry user obtains in plain text in locally decryption ciphertext.The present invention realizes fine-grained data access control and cipher text searching function simultaneously on the encrypted data, the number of attributes of inquiry user does not influence the time overhead of encrypted query keyword substantially, it is suitble to multi-threading parallel process, has many advantages, such as that ciphertext memory space is small, search efficiency is high.
Description
Technical field
The present invention relates to information retrievals and field of cryptography, and in particular to a kind of inquiry authorization of fine granularity can search for encrypting
Method and system can be achieved at the same time the fine-granularity access control of cipher text searching and ciphertext, be very suitable in cloud storage system
Data safety is shared and information retrieval application scenarios.
Background technique
With the rapid development of cloud computing and universal, more and more users start to consider to migrate the private data of oneself
To cloud computing center, local IT investment is on the one hand reduced, on the other hand stores and locates by means of the power of cloud computing platform
Manage data.However, data safety is always one of the critical issue of people's worry.Because data are once outsourced to long-range cloud
Center, they will be disengaged from the direct physical control of data owner.In this way, data are faced with malice inside external attacker and cloud
The double threat of administrator.For data set provider before outer bag data, carrying out encryption to data is the effective of protection data safety
One of approach.However, traditional block cipher technology only can guarantee the confidentiality of data, lacks and effective search is carried out to ciphertext
With the support of access control.
Can search for encryption (Searchable Encryption) is the password that academia and industry are paid close attention to jointly in recent years
Primitive is learned, it can provide data confidentiality protection and cipher text searching function simultaneously.Currently, can search for encryption technology in enhancing number
Certain breakthrough is achieved in research according to security intensity and abundant query function, proposes the forward direction for supporting data dynamic to update
Safety, backward security, combination safety, the inquiry of multiple key ranking, multiple key are extracted conjunctive query, and fuzzy query is personalized
The schemes such as intelligence inquiry.These schemes can guarantee to reach while data confidentiality as Baidu, Google's professional search engine
Inquire flexibility.However, they lack the control of the search access right to inquiry user, inquiry user can use any keyword
Arbitary inquiry is carried out to encryption data.In some actual application scenarios, data set provider needs the angle according to inquiry user
Color permission strictly controls the search access right of inquiry user.For example, the developer of a company can inquire the technology of encryption
Document but have no right to access financial statement, the available financial statement of financial staff and can not inquiring technology document etc..It is shown in FIG. 1
Illustraton of model schematically illustrates this application scenarios.
Encryption attribute (Attribute-based Encryption) allows data publisher according to the attribute of data user
(such as fingerprint, iris, role, position etc.) carries out fine granularity control to the data access capabilities of data user.Its basic principle
It is to be embedded in access control policy in ciphertext or ciphertext decruption key, the attribute set and if only if data access person meets access
When control strategy, ciphertext could effectively be decrypted.The encryption of data can be flexibly and easily arranged in such encryption mechanism
Condition, the decryption range for controlling user, are very suitable to need to protect data confidentiality, and need the control that accesses to data
Distributed data share environment.It is embedded in ciphertext or key according to access control policy, encryption attribute is broadly divided into
Ciphertext policy ABE encryption and the encryption of key policy attribute.
In order to realize fine-grained access control and based on the inquiry of keyword, researcher is mentioned simultaneously on the encrypted data
Go out and encryption method can search for based on attribute.But already present certain methods mainly use linear secret sharing scheme
((Linear Secret Sharing Scheme) realizes access control to LSSS, and access structure only supports " AND ", " OR "
Relationship cannot effectively express " threshold value " thresholding, be very limited in the expression of access control structure.There are also certain methods uses
Close number rank population spikes can search for encrypting based on access control, but close number rank group due to using, and the search efficiency of scheme is non-
It is often low, in actual searching system and it is not suitable for.There are also schemes can search for using key policy attribute encipherment scheme construction
Encryption, but although " AND " of access structure, " OR " and " threshold value " relationship may be implemented in this kind of scheme, but inherit key strategy
The shortcomings that encryption attribute, it may be assumed that access control policy is integrated in data decryption key rather than in data, and system is just
True property needs to distribute by believable Key Distribution Center correct key to correct user.Because access strategy is by key point
Hair center defines and is embedded in key in data, controls so data set provider can not access for the data definition of encryption
Data safety under structure processed and encryption data, realization broadcast environment is shared, is not suitable for the true application scenarios that can search for encryption.
2007, Bethencourt et al. devised an outstanding ciphertext policy ABE encipherment scheme, and each
It is widely applied in a field.The present invention utilizes the encryption attribute scheme, innovatively equips the pass based on ciphertext for it
Key word search capability, construct a keyword fine granularity inquiry authorization can search for encryption method.Compared with the relevant technologies, this hair
Bright the method has following innovation: (1) being a kind of encryption method that can search for based on ciphertext policy ABE encryption, permission data
Supplier controls user query ability according to the attribute fine granularity for inquiring user, implements access control to the data of encryption;(2)
Access control policy is reached using access control tree list, can be indicated " AND " of attribute, " OR " and " threshold value " relationship, is accessed
Control strategy has very strong ability to express and flexibility.(3) pass through the dexterously encryption of design index key, key word of the inquiry
Encryption and matching algorithm between them, this method are seamlessly the ciphertext policy ABE encryption that Bethencourt et al. is proposed
Keyword search ability of the solution integration based on ciphertext has certain practicability.
Summary of the invention
The technical problem to be solved in the present invention: in view of the above problems in the prior art, a kind of fine granularity inquiry authorization is provided
Can search for encryption method and system, the present invention realizes fine-grained data access control and ciphertext simultaneously on the encrypted data
Function of search, and the number of attributes for inquiring user does not influence the time overhead of encrypted query keyword substantially, has inquiry
High-efficient advantage is suitble to multi-threading parallel process.
In order to solve the above-mentioned technical problem, the technical solution adopted by the present invention are as follows:
A kind of inquiry authorization of fine granularity can search for encryption method, and implementation steps include:
1) data set provider extracts index key set W from initial data, and uses symmetric encipherment algorithm addend evidence;
Generate two key sk1And sk2;To each index key w ∈ W, an access control is defined according to its system access right
Set Tw, use key sk2With access control tree TwIndex key w is encrypted to obtain index key ciphertext Iw, will encrypt
Data, all index key ciphertexts are committed to server;
2) inquiry user u sends the request of application addition system to data set provider.Data set provider receive request after it is right
It inquires user u and carries out authentication, and utilize the attribute information and key sk of u1Private key U is generated for itu;
3) inquiry user u uses private key UuTo key word of the inquiry w0It is encrypted, obtains ciphertext Tu(w0) and be sent to service
Device;
4) server is according to ciphertext Tu(w0) in encrypted indexes keyword IwIn retrieved, and meeting query requirement
Encryption data returns to inquiry user u;
5) inquiry user u is decrypted ciphertext to obtain clear data.
Preferably, two key sk are generated in step 1)1And sk2Detailed step include:
Select two ranks for the multiplicative cyclic group G of q1And G2, bilinear map e is defined by G1×G1It is mapped to G2, useTable
Show that value is 1 to the integer composition mould q coprime between q-1 and with q multiplicative group.Using above tool construction as shown in formula (1)
Key sk1And sk2;
In formula (1), key sk1Including β, 1/ β, gαThree elements, key sk2Including e (g, g)αWith two elements of h, wherein
α, β are respectively from multiplicative groupIn random two elements of uniform design, 1/ β expression seeks multiplicative group to element βOn inverse element, g
For multiplicative cyclic group G1Generation member;e(g,g)αFor multiplicative cyclic group G1It generates after member g carries out a bilinear map and seeks α power
Operation result, h be equal to multiplicative cyclic group G1Generation member g β power operation result.
Preferably, access control tree T is established for index key w in step 1)wDetailed step include:
Define access control tree Tw, the access control tree TwIn non-leaf nodes indicate a threshold value door, the threshold value door
Including with door AND or door OR, take part attribute thresholds door m_of_n three types, each leaf node indicates an attribute;
From access control tree TwRoot node start, in a manner of top-down, be TwEach of node x construction one
A multinomial qx, and q is setxThe number of most high-order term is the threshold value of the node few 1, and in non-leaf nodes with door AND node
Threshold value is that the threshold value of the node number of child nodes or door OR node is 1, takes the threshold value of part attribute thresholds door m_of_n node
For m, the threshold value of leaf node all 1;
For access control tree TwRoot node R, data owner is from multiplicative groupAn element is randomly choosed as secret
Close value s constructs a multinomial q about root node RR, it is the above secret value s, i.e. q that the polynomial constant term, which is arranged,R(0)
=s, then according to the degree d of root node RRSelect dRA random value, the complete multinomial q for defining root node RR;To any other section
Point x constructs a multinomial q about node xx, the value that the polynomial constant term is arranged is qparent(x)(index (x)),
qparent(x)When (index (x)) indicates that unknown number takes index (x) in the multinomial of the father node parent (x) about node x
Value, wherein parent (x) indicates that the father node of node x, index (x) indicate call number of the node x about its father node;So
Afterwards according to the degree d of node xxSelect remaining dxA random value, the multinomial q of complete definition node xx。
Preferably, key sk is used in step 1)2With access control tree TwIndex key w is encrypted and is indexed
Keyword ciphertext IwExpression formula such as formula (2) shown in;
In formula (2), IwIt indicates to use key sk2With access control tree encrypted indexes keyword w's as a result, IwCiphertext group
Part includes Tw、I'w、I″wThree elements and with access control tree TwIn the corresponding I of any leaf node yyAnd I'y;I'wFor
With hash function H1Hash operation is carried out to index key w, is mapped as multiplicative groupOn an element H1(w), then with secret
Close value s and H1(w) it does product calculation and obtains sH1(w), key sk is then used2In e (g, g)αCarry out sH1(w) secondary power operation obtains
Result;I″wFor with key sk2In h carry out s H1(w) result that secondary power operation obtains;Y indicates access control tree TwMiddle period
A leaf node in child node set Y, IyFor to leaf node y multiplicative group G1Generation member g carry out qy(0) power is transported
Obtained result;I'yFor with hash function H2Attribute information attr (y) the progress Hash operation of leaf node y is mapped to and is multiplied
Method group G1On an element, then carry out qy(0) result that secondary power operation obtains.
Preferably, according to the customer attribute information of inquiry user u in step 2), data set provider uses key sk1It is raw for u
At private key UuExpression formula such as formula (3) shown in;
In formula (3), UuIndicate the key of user u, UuIncluding U1、U2With with a pairs of any attribute in user property set S
The private key component U answeredaAnd U'a, wherein U1To use key sk1In gαCarry out that 1/ β power operation obtain as a result, U2For to multiplying
Method group G1Generation member g carry out key sk1In 1/ β power operation obtain as a result, a be inquire user u user property set
An attribute in S, raFor attribute a a random element and by data set provider from multiplicative groupIn randomly select;To looking into
The attribute a for asking user u uses hash function H2It is mapped to multiplicative group G1On carry out r againaSecondary power operation obtains Ua;To multiplicative group G1's
It generates member g and carries out raSecondary power operation obtains U'a。
Preferably, ciphertext T in step 3)u(w0) structure such as formula (4) shown in;
In formula (4), Tu(w0) it is that inquiry user u uses private key UuTo key word of the inquiry w0The ciphertext encrypted.Tu
(w0) ciphertext component include T1,TaAnd Ta', wherein T1Indicate the private key U of inquiry user uuIn U1With U2R times of two components
Power result product, r are inquiry user u randomly from multiplicative groupOne element of middle selection, g are multiplicative group G1Generation member;a
An attribute in user property set S to inquire user u, inquiry user u use hash function H first1By key word of the inquiry w0
It is mapped as multiplicative groupOn an element H1(w0), then product value rH is calculated with element r1(w0), then to multiplicative group G1Life
RH is at first g1(w0) secondary power operation obtains resultFinally with the private key U of inquiry user uuIn private key component UaIt calculates
ProductObtain Ta;Ta' be set as inquiring the private key U of user uuIn private key component U'a。
Preferably, the detailed step of step 4) includes:
4.1) server is according to ciphertext Tu(w0) judge to inquire whether user u has to encrypted indexes keyword IwInquiry
Permission, if inquiry user u does not have to encrypted indexes keyword IwSearch access right, then poll-final and exit;Otherwise, it obtains
To inquiry user u to the search access right F of index key wR, jump and execute step 4.2);
4.2) server is according to inquiry user u to the search access right F of index key wRWhat judgement inquiry user u was submitted looks into
Ask keyword w0Whether with encrypted indexes keyword IwIt is equal, inquiry failure is determined if unequal, is terminated and is exited;Otherwise
Determine successful inquiring, the encryption data for meeting query requirement is returned into inquiry user u;It jumps and executes step 5).
Preferably, judge to inquire whether user u has to encrypted indexes keyword I in step 4.1)wSearch access right
Detailed step includes:
First to access control tree TwRecursive operation is carried out from bottom to top:
For TwEach of leaf node x, if the corresponding attribute a of leaf node x be under the jurisdiction of inquiry user u use
Family attribute set S then calculates inquiry user u to the search access right F of leaf node x according to formula (5)xIf attribute a is not belonging to look into
Inquiry user u is then arranged to the search access right F of leaf node x in the user property set S for asking user uxFor sky;
In formula (5), wherein Ta, Ta' it is the encrypted query keyword ciphertext component that inquiry user submits, Ix,I'xFor index
The encrypted indexes I of keyword wwIn ciphertext component, e indicate a bilinear map, g is crowd G1Generation member;For each
Node B threshold is kxNon-leaf nodes x, if there is one include kxThe set S of the child nodes of a xx, and to each child
Node z ∈ SxAll meet FzIt is not sky, wherein FzIndicate that inquiry user u to the search access right of child nodes z, is then counted according to formula (6)
Inquiry user u is calculated to the search access right F of non-leaf nodes xx;If existed without such set, show to inquire user u's
Attribute set S is unsatisfactory for the threshold value of node x, then search access right F of the definition inquiry user u to non-leaf nodes xxFor sky;
In formula (6), FxSearch access right for inquiry user u to non-leaf nodes x, FzIndicate inquiry user u to child nodes
The search access right of z, i=index (z),It is Lagrange coefficient, e indicates one pair
Linear Mapping, g are multiplicative group G1Generation member;
For access control tree TwRoot node, after the above recursive operation, if availableThen illustrate that the attribute set S for inquiring user u meets access control tree Tw,
The user has the search access right to keyword w, and query process continues;Otherwise FRFor sky, illustrate the attribute set for inquiring user u
S is unsatisfactory for access control tree Tw, then determine that inquiring user u does not have to encrypted indexes keyword IwSearch access right, inquire at this time
Process terminates.
Preferably, the key word of the inquiry w that judgement inquiry user u is submitted in step 4.2)0Whether with encrypted indexes keyword Iw
Shown in equal function expression such as formula (7);
In formula (7), I'wWith I "wFor index key ciphertext IwIn ciphertext component, e is bilinear map, T1For inquiry
The encrypted query keyword ciphertext component that user submits, FRIt is inquiry user u to the search access right of index key w.
It can search for encryption system, including computer equipment, the meter the present invention also provides a kind of inquiry authorization of fine granularity
Calculate machine equipment be programmed to perform the present invention aforementioned fine granularity inquiry authorization the step of can search for encryption method or computer
The encryption method that can search for for being programmed to perform the present invention aforementioned fine granularity inquiry authorization is stored on the storage medium of equipment
Computer program.
Compared to the prior art, the present invention has an advantage that the present invention is extracted initial data by data set provider
Index key simultaneously encrypts generation encryption data, generates two keys, establishes access control tree for index key, generates encryption
Encryption data, all encrypted indexes keywords and access control tree are committed to server by index key;User is inquired to use
The private key that data set provider provides is encrypted to obtain ciphertext and is sent to server to key word of the inquiry;Server is according to ciphertext
Retrieved in encrypted indexes keyword, and return meet query requirement encryption data return to inquiry user;Inquiry is used
Family decryption encryption data obtains clear data, realizes that fine-grained data access control and ciphertext are searched simultaneously on the encrypted data
Suo Gongneng, and the number of attributes for inquiring user does not influence the time overhead of encrypted query keyword substantially, has inquiry effect
The high advantage of rate is suitble to multi-threading parallel process.
Detailed description of the invention
Fig. 1 is the application environment structural schematic diagram of the embodiment of the present invention.
Fig. 2 is the application principle schematic diagram of the embodiment of the present invention.
Fig. 3 is the access control tree construction in the embodiment of the present invention.
Fig. 4 is the time overhead lab diagram of inquiry user authorization in the embodiment of the present invention.
Fig. 5 is the time overhead lab diagram that user encryption key word of the inquiry is inquired in the embodiment of the present invention.
When Fig. 6 is permanent quantity change index keyword quantity in the embodiment of the present invention, index key adds
Close time overhead lab diagram;
When Fig. 7 is fixed indices number of keyword amount Delta data file quantity in the embodiment of the present invention, index key adds
Close time overhead lab diagram;
When Fig. 8 is permanent quantity change index keyword quantity in the embodiment of the present invention, Cloud Server is executed
The time overhead lab diagram of inquiry;
When Fig. 9 is that permanent quantity is 4000 in the embodiment of the present invention and number of attributes is 5, Cloud Server is executed
The time overhead lab diagram of inquiry.
When Figure 10 is that fixed indices keyword quantity is 400 in the embodiment of the present invention and number of attributes is 5, Cloud Server is held
The time overhead lab diagram of row inquiry.
Specific embodiment
Hereafter fine granularity of the present invention inquiry authorization will be can search for by encryption method and will be by taking application shown in FIG. 1 as an example
System is described in further detail.Referring to Fig. 1, wherein technology department responsible person and Finance Department are responsible for artificial data set provider, point
Encrypted technical documentation and financial statement Cloud Server is not uploaded into, common developer and financial staff are then inquiry
User u, for using fine granularity of the present invention inquiry authorize can search for encryption method and system is inquired.
As shown in Fig. 2, the implementation steps that can search for encryption method of the present embodiment fine granularity inquiry authorization include:
1) initial data is extracted index key w and encrypted with symmetric encipherment algorithm by data set provider generates encryption number
According to generating two key sk1And sk2, access control tree T is established for index key ww, use key sk2With access control tree
Encrypted indexes keyword obtains encrypted indexes keyword Iw, by encryption data, all encrypted indexes keyword IwAnd access control tree
TwIt is committed to server;
2) inquiry user u sends the request of application addition system to data set provider.Data set provider receive request after it is right
It inquires user u and carries out authentication, and utilize the attribute information and key sk of u1Private key U is generated for itu;
3) inquiry user u uses private key UuTo key word of the inquiry w0It is encrypted, obtains ciphertext Tu(w0) and be sent to service
Device;
4) server is according to ciphertext Tu(w0) in encrypted indexes keyword IwIn retrieved, and return meet query requirement
Encryption data return to inquiry user u;
5) inquiry user u is decrypted ciphertext to obtain clear data.
Referring to fig. 2, data set provider is by encryption data, all encrypted indexes keyword IwAnd access control tree TwIt is committed to
Cloud Server;It inquires user u and uses private key UuTo key word of the inquiry w0It is encrypted to obtain ciphertext Tu(w0) and be sent to cloud service
Device, and the query result of cloud return is obtained, query result is divided into no search access right, there is search access right but keyword match loses
Lose and have permission and keyword match success three kinds of results.System model shown in Fig. 2 includes three entities, is several respectively
According to supplier, user and Cloud Server are inquired.Data set provider is outer after encrypting respectively to data file and index key to be wrapped in
In Cloud Server (index key is extracted from data file, and data file is encrypted using traditional symmetric cryptosystem,
Index key is encrypted using method of the present invention);Data set provider carries out it according to the attribute of inquiry user
Association key is distributed in authorization.When inquiry user needs to inquire data file, he is encrypted using the key that data set provider is authorized
Key word of the inquiry simultaneously submits to Cloud Server.Cloud Server is responsible for after receiving the key word of the inquiry for inquiring the encryption that user submits
It is retrieved in the index key of encryption, and returns to the data file for meeting query requirement to inquiry user.Finally inquiry user solution
Ciphertext obtains clear text file.This application example randomly chooses 4000 text files using in true RFC data set
As experimental data set, all programs are realized using Java language.It is as follows using exemplary running environment: client computer
Main hardware configuration be 2.3GHZ dual core processor, 4G memory, 320G hard disk, the operating system version of installation is windows
7;Server end is also a windows7 operating system, 3.6GHZ i7-7700 processor, 8G memory, 1T hard disk.Client
Computer is mainly used to encrypted indexes keyword and key word of the inquiry, and server-side computer simulates Cloud Server and executes inquiry behaviour
Make.
It is as follows that running environment is pre-established in the present embodiment:
Select two ranks for the multiplicative cyclic group G of prime number q1And G2, g is multiplicative group G1A generation member;
Bilinear map e:G1×G1→G2, it has the following properties:
1, bilinearity: for multiplicative group G1In arbitrary collection U and V, Yi JiqunIn arbitrary element a and b meet e
(Va,Ub)=e (V, U)ab。
2, non-degeneracy: if g is G1Generation member, then e (g, g) is G2Generate member.
3, computability: for multiplicative group G1In arbitrary collection U and V, be constantly present an effective polynomial time
Algorithm calculates e (V, U) ∈ G2。
Two hash function H1And H2:
H1And H2It is respectively group the string of binary characters Hash of a random lengthWith group G1On element, { 0,1 } *
Represent the string of binary characters of a random length.Indicate that the multiplicative group of mould q, element value are 1 between q-1 and and q
Coprime integer.
Define Lagrange coefficient:
S is groupA set for being,Lagrange coefficient can be used for carrying out demosaicing to multinomial
Secret value out.Such asAs can be seen that set in element be 1 to 14 between and
With 15 coprime all integers.
In the present embodiment, data set provider uses Hermetic Word Frequency Counter tool in step 1)
Index key set W is extracted from 4000 text files, then using symmetric encipherment algorithm AES to 4000 text files
It carries out encryption and generates corresponding ciphertext.
In the present embodiment, two key sk are generated in step 1)1And sk2Detailed step include:
Select two ranks for the multiplicative cyclic group G of q1And G2, bilinear map e is defined by G1×G1It is mapped to G2, useTable
Show that value is 1 to the integer composition mould q coprime between q-1 and with q multiplicative group.Using above tool construction as shown in formula (1)
Key sk1And sk2;
In formula (1), key sk1Including β, 1/ β, gαThree elements, key sk2Including e (g, g)αWith two elements of h, wherein
α, β are respectively from multiplicative groupIn random two elements of uniform design, 1/ β expression seeks multiplicative group to element βOn inverse element, g
For multiplicative cyclic group G1Generation member;e(g,g)αFor multiplicative cyclic group G1It generates after member g carries out a bilinear map and seeks α power
Operation result, h be equal to multiplicative cyclic group G1Generation member g β power operation result.To G1Generation member g seek β power operation
Obtain gβ∈G1.Two key sk of middle generation1And sk2Afterwards, data set provider uses sk1Private key, the private key are generated for inquiry user
It is embedded into the attribute information of inquiry user;Use sk2Encrypted indexes keyword, the index key pass through one access control of insertion
System tree definition carrys out its access authority.
Opponent's (Cloud Server) obtains cleartext information from index key in order to prevent, and data owner is crucial to index
Word is encrypted.Without loss of generality, an index key is indicated using w in the present embodiment, an access control tree construction is such as
Shown in Fig. 3.Non-leaf nodes in the tree indicates a threshold value door, including " with (AND) ", " or (OR) " and " threshold value (m of
N) " three types, each leaf node indicate an attribute.In access control tree construction shown in Fig. 3, if some user
It is " department of computer science and undertake data structure, the professor or doctor of any two subjects journey in algorithm and computer network ", that
The attribute of the user meets this access control tree.Several symbols are defined to access control tree construction below:
R: the root node of access control tree;
X: the arbitrary node in access control tree in addition to root node;
The father node of parent (x): x node;
The call number of index (x): x node.Give a node y, the call numbers of child nodes is from left to right suitable
Sequence digital number.Such as in Fig. 3, give node " 2of 3 ", child nodes call number is respectively index (data structure)
=1, index (algorithm)=2, index (computer network)=3.
Attr (x): if x is a leaf node, the attribute that x is indicated is indicated with attr (x).
kx: the threshold value of node x.
Access control tree T is established for index key w in step 1) in the present embodimentwDetailed step include:
Define access control tree Tw, the access control tree TwIn non-leaf nodes indicate a threshold value door, the threshold value door
Be divided into door AND or door OR, take part attribute thresholds door m_of_n three types, each leaf node indicates an attribute, one
A attribute is an index key;The access control tree T that the present embodiment defineswIt can neatly express between attribute
"AND", "or" and threshold value relationship.Index key Encryption Algorithm uses encryption attribute and Secret sharing techniques, and base by ingenious
In access control tree TwStructure, the probability encryption of carry out to index key w.Based on discrete logarithm difficult problem, arbitrarily
Probabilistic polynomial opponent the cleartext information of keyword w can not be recovered from ciphertext, and the ciphertext constructed can be supported effectively
Anti- chosen -plain attact.
From access control tree TwRoot node start, in a manner of top-down, be TwEach of node x construction one
A multinomial qx, and q is setxNumber (the d of most high-order termx) it is the threshold value few 1 of the node (if using kxIndicate the threshold of node x
Value, then dx=kxIt -1) is, and in non-leaf nodes with the threshold value of door AND node that the node number of child nodes or door OR are saved
The threshold value of point is 1, to take the threshold value of part attribute thresholds door m_of_n node be m, the threshold value of leaf node all 1;
For access control tree TwRoot node R, data owner is from multiplicative groupAn element is randomly choosed as secret
Close value s constructs a multinomial q about root node RR, it is the above secret value s, i.e. q that the polynomial constant term, which is arranged,R(0)
=s, then according to the degree d of root node RRSelect dRA random value, the complete multinomial q for defining root node RR;To any other section
Point x constructs a multinomial q about node xx, the value that the polynomial constant term is arranged is qparent(x)(index (x)),
qparent(x)When (index (x)) indicates that unknown number takes index (x) in the multinomial of the father node parent (x) about node x
Value, wherein parent (x) indicates that the father node of node x, index (x) indicate call number of the node x about its father node;So
Afterwards according to the degree d of node xxSelect remaining dxA random value, the multinomial q of complete definition node xx.If being indicated using symbol y
Unknown number in multinomial, then the multinomial of R node is represented by qR(y), if using the unknown number in symbol y representative polynomial
Then the multinomial of x node is represented by qx(y)。
For a further understanding of above-described polynomial construction, in the present embodiment by access shown in Fig. 3 tree for into
Row explanation.The root node of Fig. 3 is " AND " node (being indicated with R), it can be seen that it has 3 child nodes, then its threshold value kRIt is 3,
It therefore can be d with definition node R degreeR=kRThe multinomial of -1=2 is qR(y)=a0+a1y+a2y2, allow constant term a first0=s,
Then from multiplicative groupIn be randomly chosen two elements a, b a be respectively set1And a2Value, the final polynomial repressentation of R node
For qR=s+ay+by2.When the unknown number y in multinomial takes 0, polynomial value is s, i.e. qR(0)=s;For other nodes
X, such as " 2of 3 " node shown in figure, father node are root node, i.e. parent (x)=R, threshold value kxIt is 2, because it is
The 3rd child of root node R, then index (x)=3.It is d according to definition node x degree in these information the present embodimentx=kx- 1=
1 multinomial is qx=b0+b1Y, allows constant term b first0=qR(3)=s+3a+9b, then from multiplicative groupIn randomly select
Select an element c setting b1Value, the multinomial of x node is qx=s+3a+9b+cy.
Access control tree T is indicated with YwLeaf node set, data owner utilize key sk2With access control tree Tw,
In the present embodiment, key sk is used in step 1)2With access control tree TwIndex key w is encrypted to obtain index key
Word ciphertext IwFunction expression such as formula (2) shown in;
In formula (2), IwIt indicates to use key sk2With access control tree encrypted indexes keyword w's as a result, IwCiphertext group
Part includes Tw、I'w、I″wThree elements and with access control tree TwIn the corresponding I of leaf node yyAnd I'y;I'wFor with
Hash function H1Hash operation is carried out to index key w, is mapped to multiplicative groupOn an element H1(w), then with secret
Value s and H1(w) it does product calculation and obtains sH1(w), key sk is then used2In e (g, g)αCarry out sH1(w) secondary power operation obtains
As a result;I″wFor with key sk2In h carry out sH1(w) result that secondary power operation obtains;Y indicates access control tree TwMiddle leaf section
A leaf node in point set Y, IyFor to leaf node y multiplicative group G1Generation member g carry out qy(0) secondary power operation obtains
The result arrived;I'yFor with hash function H2Hash operation is carried out to the attribute information attr (y) of leaf node y and is mapped to multiplicative group
G1On an element, then carry out qy(0) result that secondary power operation obtains.
Data owner authorizes it according to the attribute of inquiry user u, is substantially to utilize key sk1It is used for inquiry
Family generates private key.In the present embodiment, according to the customer attribute information of inquiry user u in step 2), data set provider uses key
sk1Private key U is generated for uuFunction expression such as formula (3) shown in;
In formula (3), UuIndicate the key of user u, UuIncluding U1、U2And with any attribute a in user property set S
Corresponding private key component UaAnd U'a, wherein U1To use key sk1In gαCarry out that 1/ β power operation obtain as a result, U2It is right
Multiplicative group G1Generation member g carry out key sk1In 1/ β power operation obtain as a result, a be inquire user u user property collection
Close an attribute in S, raFor attribute a a random element and by data set provider from multiplicative groupIn randomly select;It is right
The attribute a for inquiring user u uses hash function H2It is mapped to multiplicative group G1On carry out r againaSecondary power operation obtains Ua;To multiplicative group G1
Generation member g carry out raSecondary power operation obtains U'a.When an inquiry user u wishes addition system, he mentions firstly the need of with data
Donor carries out authentication.After certification, data set provider uses key according to the identity information (attribute) of inquiry user
sk1Private key U is produced for itu, form is such as shown in (3).Finally, data set provider sends U by secured communication channeluWith data text
Part encryption key gives inquiry user u.The attribute set of an inquiry user u is indicated with S, data set provider uses key sk1For u
Generate private key Uu, each of attribute set S property element is dexterously embedded into private key UuThe middle inquiry for indicating inquiry user
Permission.The private key U that user u is authorized using data set provider is inquired in the present embodimentuEncrypted query keyword, Encryption Algorithm benefit
Probability encryption is carried out with the key pair key word of the inquiry with inquiry customer attribute information, on the one hand can reach key word of the inquiry
(i.e. two identical keys word of the inquiry have entirely different ciphertext form to the Unlinkability of ciphertext, can be reasonably resistant to
Chosen -plain attact), on the other hand, the search access right of inquiry user is embedded in key word of the inquiry ciphertext automatically.
In the present embodiment, ciphertext T in step 3)u(w0) structure such as formula (4) shown in;
In formula (4), Tu(w0) it is that inquiry user u uses private key UuTo key word of the inquiry w0It is encrypted to obtain ciphertext, Tu
(w0) ciphertext component include T1, TaAnd Ta', wherein T1Indicate the private key U of inquiry user uuIn U1With U2R power product,
R is inquiry user u randomly from multiplicative groupOne element of middle selection, g are multiplicative group G1Generation member;A is inquiry user u
Element in user property set S, inquiry user u use hash function H first1By key word of the inquiry w0It is mapped as multiplicative groupOn
An element H1(w0), product value rH is calculated with element r1(w0), then to multiplicative group G1Generation member g be rH1(w0) power
Operation obtains resultFinally with the private key U of inquiry user uuIn private key component UaCalculate productIt obtainsTa' be set as inquiring the private key U of user uuIn private key component U'a, obtain
As shown in figure 4, the detailed step of step 4) includes: in the present embodiment
4.1) server is according to ciphertext Tu(w0) judge to inquire whether user u has to encrypted indexes keyword IwInquiry
Permission, if inquiry user u does not have to encrypted indexes keyword IwSearch access right, then poll-final and exit;Otherwise, it obtains
To inquiry user u to the search access right F of index key wR, jump and execute step 4.2);
4.2) server is according to inquiry user u to the search access right F of index key wRWhat judgement inquiry user u was submitted looks into
Ask keyword w0Whether with encrypted indexes keyword IwIt is equal, inquiry failure is determined if unequal, is terminated and is exited;Otherwise
Determine successful inquiring, the encryption data for meeting query requirement is returned into inquiry user u;It jumps and executes step 5).
From fig. 4, it can be seen that entire inquiry includes 2 subprocess (subprocess 1 and subprocess 2), subprocess 1 is that inquiry is closed
The permission match process of key word and index key is calculated if key word of the inquiry does not have the access authority of index key
Method terminates in advance, and shows to inquire the search access right that user does not have the index key;Otherwise, subprocess 2 is executed, judges user
Whether the key word of the inquiry of submission is equal with index key.If unequal, inquiry failure, algorithm normal termination;If phase
Deng, successful inquiring, algorithm normal termination.Without loss of generality, symbol w is used in the present embodiment0Indicate key word of the inquiry, encrypted version
This is Tu(w0), an index key, encryption version I are indicated with ww.The query service device of the present embodiment is without carrying out
The authorization that can be realized between efficient index key ciphertext and key word of the inquiry ciphertext in the case where any decryption oprerations is looked into
It askes, and query service device judges whether the key word of the inquiry ciphertext of user's submission meets the permission of some index key ciphertext
It is required that and judge whether key word of the inquiry matches with index key as same process, to greatly improve search efficiency.From
From the point of view of the control of keyword query permission, by using access tree construction and customer attribute information, on the one hand which allows data
Supplier is that index key defines flexible access structure, on the other hand can carry out inquiry with fine granularity for inquiry user and award
Power.For example the access control structure of an index key is " department of computer science " AND (" doctor " OR " professor ") AND (" data knot
Structure ", " Computer Organization Principles ", " algorithm design ": 2of 3), then one " department of computer science ", and " data structure " is served as, it " calculates
Machine principle ", " doctor " or " professor " of any two subjects journey is with the index key in " algorithm design " three subjects
Search access right.
In the present embodiment, judge to inquire whether user u has to encrypted indexes keyword I in step 4.1)wInquiry power
The detailed step of limit includes:
For TwEach of leaf node x, if the corresponding attribute a of leaf node x be under the jurisdiction of inquiry user u use
Family attribute set S then calculates inquiry user u to the search access right F of leaf node x according to formula (5)xIf attribute a is not belonging to look into
Inquiry user u is then arranged to the search access right F of leaf node x in the user property set S for asking user uxFor sky;
Wherein Ta, Ta' it is the encrypted query keyword ciphertext component that inquiry user submits, Ix,I'xFor index key w's
Encrypted indexes IwIn ciphertext component, e indicate a bilinear map, g is crowd G1Generation member;For each Node B threshold
For kxNon-leaf nodes x, if there is one include kxThe set S of the child nodes of a xx, and to each child nodes z ∈
SxAll meet FzIt is not sky, wherein FzIndicate that inquiry user u to the search access right of child nodes z, is then calculated according to formula (6) and inquired
Search access right F of the user u to non-leaf nodes xx;If existed without such set, show the property set for inquiring user u
The threshold value that S is unsatisfactory for node x is closed, then search access right F of the definition inquiry user u to non-leaf nodes xxFor sky;
In formula (6), FxSearch access right for inquiry user u to non-leaf nodes x, FzIndicate inquiry user u to child nodes
The search access right of z, i=index (z),It is Lagrange coefficient, e indicates one pair
Linear Mapping, g are multiplicative group G1Generation member;
For access control tree TwRoot node, after the above recursive operation, if inquiry user u root node is looked into
Asking permission is sky, then determines that inquiring user u does not have to encrypted indexes keyword IwSearch access right, query process terminates;It is no
Then, the search access right F using obtained inquiry user u to the search access right of root node as inquiry user u to index key wR,
That is:
Shown in the derivation such as formula (5-1) of formula (5);
Shown in the derivation such as formula (6-1) of formula (6);
In formula (6-1), i=index (z),It is Lagrange coefficient, formula
(6) it is completed using Lagrange interpolation formula.If existed without such set, show the attribute set S for inquiring user u
It is unsatisfactory for the threshold value of node x, then defining Fx=null.After completing above procedure, if FR=null, it is meant that inquiry is used
Family u to the search access right of keyword w, does not terminate.Otherwise, query service device continues to execute subprocess 2.
In the present embodiment, the key word of the inquiry w of judgement inquiry user u submission in step 4.2)0Whether closed with encrypted indexes
Key word IwShown in equal function expression such as formula (7);
In formula (7), I'wWith I "wFor index key ciphertext IwIn ciphertext component, e is bilinear map, T1For inquiry
The encrypted query keyword ciphertext component that user submits, FRIt is inquiry user u to the search access right of index key w.
Shown in the derivation such as following formula (7-1) of formula (7);
In formula (7-1), h is key sk2In component, remaining parameter can be found in various above.
Cloud Server receives Tu(w0) after, it is scanned in the index key of encryption, and return to the encryption met the requirements
Data file.Security Index is established using inverted index structure in the present embodiment, the index key of each encryption and comprising
All data files of the index key constitute an Inverted List.Data user u receives the inquiry knot of Cloud Server return
After fruit, ciphertext is decrypted using the symmetric key that data set provider is authorized, obtains final clear text file.
Following verifyings have been carried out to the performance that can search for encryption method of the present embodiment fine granularity inquiry authorization:
Fig. 5 is that data set provider is the time overhead for inquiring user's authorization, and Fig. 6 is inquiry user encryption key word of the inquiry
Time overhead.Fig. 5 indicates that the time overhead of inquiry user's authorization linearly increases with the number of attributes of user, and Fig. 6 illustrates to inquire
The number of attributes of user does not have much affect to the time overhead of encrypted query keyword.
Fig. 7 be when permanent quantity is 4000, the time overhead of data set provider encrypted indexes keyword with
The quantity of index key linearly increases, and the leaf node quantity (attribute of the access control tree of encrypted indexes keyword
Quantity) it is more, the time overhead of encrypted indexes keyword is bigger.Fig. 8 shows when fixed indices keyword quantity be 600 when,
The size of data file quantity does not influence index key encryption, but as shown in Fig. 7, the visit of encrypted indexes keyword
Ask that the leaf node quantity (number of attributes) of control tree is more, the time overhead of encrypted indexes keyword is bigger.
Fig. 9 indicates that permanent quantity is 4000 and when number of attributes is 5, the query time expense of Cloud Server with
The size of index key quantity linearly increases.Figure 10 indicates that fixed indices keyword quantity is 400 and number of attributes is 5
When, the query time expense and the size of data file quantity of Cloud Server are not related.It can be seen that from two figures when multi-thread
When under journey environment, number of threads is bigger, and the time required for inquiring is with regard to smaller.By the building to proposition based on cloud computing
Secure storage and searching system, and experimental evaluation is carried out to system on true data set, assessment result shows the present invention
The method of proposition is correct and practical.
In addition, present embodiments provide a kind of inquiry authorization of fine granularity can search for encryption system, including computer equipment,
The computer equipment is programmed to perform the step of can search for encryption method of the aforementioned fine granularity inquiry authorization of the present embodiment, or
It is stored on the storage medium of the computer equipment and is programmed to perform can search for for the aforementioned fine granularity inquiry authorization of the present embodiment
The computer program of encryption method.
The above is only a preferred embodiment of the present invention, protection scope of the present invention is not limited merely to above-mentioned implementation
Example, all technical solutions belonged under thinking of the present invention all belong to the scope of protection of the present invention.It should be pointed out that for the art
Those of ordinary skill for, several improvements and modifications without departing from the principles of the present invention, these improvements and modifications
It should be regarded as protection scope of the present invention.
Claims (10)
1. a kind of inquiry authorization of fine granularity can search for encryption method, it is characterised in that implementation steps include:
1) data set provider extracts index key set W from initial data, and uses symmetric encipherment algorithm addend evidence;It generates
Two key sk1And sk2;To each index key w ∈ W, an access control tree is defined according to its system access right
Tw, use key sk2With access control tree TwIndex key w is encrypted, index key ciphertext I is obtainedw.Finally will
Encryption data and index key ciphertext are committed to server;
2) inquiry user u sends the request of application addition system to data set provider.Data set provider receive request after to inquiry
User u carries out authentication, and utilizes the attribute information and key sk of u1Private key U is generated for itu;
3) inquiry user u uses private key UuTo key word of the inquiry w0It is encrypted, obtains corresponding ciphertext Tu(w0), and it is sent to clothes
Business device;
4) server is according to Tu(w0) in the index key I of encryptionwIn retrieved, and the encryption number for meeting query requirement
User u is inquired according to returning to;
5) inquiry user u is being decrypted ciphertext to obtain clear data.
2. fine granularity inquiry authorization according to claim 1 can search for encryption method, which is characterized in that raw in step 1)
At two key sk1And sk2Detailed step include:
Select two ranks for the multiplicative cyclic group G of q1And G2, bilinear map e is defined by G1×G1It is mapped to G2, useExpression takes
Value is 1 to the multiplicative group that mould q is constituted between q-1 and with q coprime integer.It is close as shown in formula (1) using above tool construction
Key sk1And sk2;
In formula (1), key sk1Including β, 1/ β, gαThree elements, key sk2Including e (g, g)αWith two elements of h, wherein α, β divide
Not fromIn random uniform design.1/ β indicates that β existsOn inverse element, g be multiplicative cyclic group G1Generation member;e(g,g)αIt indicates
G1Generation member g a bilinear map operation after, its value carries out to α power operation again, h is equal to multiplicative cyclic group G1Life
At the β power operation of first g.
3. fine granularity inquiry authorization according to claim 1 can search for encryption method, which is characterized in that be in step 1)
Index key w establishes access control tree TwDetailed step include:
Define access control tree Tw, the access control tree TwIn non-leaf nodes indicate a threshold value door, threshold value door includes
With door AND or door OR, take part attribute thresholds door m_of_n (indicate n element in arbitrarily take m element) three types, often
A leaf node indicates an attribute;
From access control tree TwRoot node start, in a manner of top-down, be TwEach of node x construction more than one
Item formula qx, and q is setxThe number of most high-order term is that the threshold value of the node lacks 1, and the threshold with door AND node in non-leaf nodes
Value be the threshold value of the node number of child nodes or door OR node be 1, the threshold value that takes part attribute thresholds door m_of_n node is
M, the threshold value of leaf node are 1;
For access control tree TwRoot node R, data owner is from multiplicative groupAn element is randomly choosed as secret value s,
Construct a multinomial q about root node RR, it is the above secret value s, i.e. q that the polynomial constant term, which is arranged,R(0)=s, so
Afterwards according to the degree d of root node RRSelect dRA random value, the complete multinomial q for defining root node RR;To any other node x, structure
Make a multinomial q about node xx, the value that the polynomial constant term is arranged is qparent(x)(index (x)), qparent(x)
(index (x)) indicates value when unknown number takes index (x) in the multinomial of the father node parent (x) about node x,
Middle parent (x) indicates that the father node of node x, index (x) indicate call number of the node x in its father node parent (x);
Then according to the degree d of node xxSelect remaining dxA random value, the multinomial q of complete definition node xx。
4. fine granularity inquiry authorization according to claim 1 can search for encryption method, which is characterized in that make in step 1)
With key sk2With access control tree TwIndex key is encrypted to obtain index key ciphertext IwFunction expression such as
Shown in formula (2);
In formula (2), IwIt indicates to use key sk2With access control tree encrypted indexes keyword w's as a result, IwCiphertext component packet
Include Tw、I'w、I”wThree elements and with access control tree TwThe corresponding I of any leaf node yyAnd I'y;I'wFor with Hash
Function H1Hash operation is carried out to index key w, is mapped as multiplicative groupOn an element H1(w), then with secret value s and
H1(w) it does product calculation and obtains sH1(w), key sk is then used2In e (g, g)αCarry out sH1(w) result that secondary power operation obtains;
I”wFor with key sk2In h carry out sH1(w) result that secondary power operation obtains;Y indicates access control tree TwMiddle leaf node collection
Close a leaf node in Y, IyFor to leaf node y multiplicative group G1Generation member g carry out qy(0) secondary power operation obtains
As a result;I'yFor with hash function H2Hash operation is carried out to the attribute information attr (y) of leaf node y and is mapped to multiplicative group G1On
An element, then carry out qy(0) result that secondary power operation obtains.
5. fine granularity inquiry authorization according to claim 2 can search for encryption method, which is characterized in that root in step 2)
It is investigated that asking the customer attribute information of user u, data set provider uses key sk1Private key U is generated for uuFunction expression such as formula
(3) shown in;
In formula (3), UuIndicate the key of user u, UuIncluding U1、U2And it is corresponding with any attribute a in user property set S
Private key component UaAnd U'a, wherein U1To use key sk1In gαCarry out that 1/ β power operation obtain as a result, U2For to multiplicative group
G1Generation member g carry out key sk1In 1/ β power operation obtain as a result, a be inquire user u user property set S in
An attribute, raFor attribute a a random element and by data set provider from multiplicative groupIn randomly select;Inquiry is used
The attribute a of family u uses hash function H2It is mapped to multiplicative group G1On carry out r againaSecondary power operation obtains Ua;To multiplicative group G1Generation
First g carries out raSecondary power operation obtains U'a。
6. fine granularity inquiry authorization according to claim 5 can search for encryption method, which is characterized in that close in step 3)
Literary Tu(w0) structure such as formula (4) shown in;
In formula (4), Tu(w0) it is that inquiry user u uses private key UuTo key word of the inquiry w0The ciphertext encrypted.Tu(w0)
Ciphertext component include T1,TaWith T 'a, wherein T1Indicate the private key U of inquiry user uuIn U1With U2The r power knot of two components
Fruit product, r are inquiry user u randomly from multiplicative groupOne element of middle selection, g are multiplicative group G1Generation member;A is to look into
An attribute in the user property set S of user u is ask, inquiry user u uses hash function H first1By key word of the inquiry w0Mapping
For multiplicative groupOn an element H1(w0), then product value rH is calculated with element r1(w0), then to multiplicative group G1Generation member
G is rH1(w0) secondary power operation obtains resultFinally with the private key U of inquiry user uuIn private key component UaCalculate productObtain Ta;T′aIt is set as the private key U of inquiry user uuIn private key component U'a。
7. fine granularity according to claim 5 inquiry authorization can search for encryption method, which is characterized in that step 4) it is detailed
Carefully step includes:
4.1) server is according to ciphertext Tu(w0) judge to inquire whether user u has to encrypted indexes keyword IwSearch access right,
If inquiring user u not having to encrypted indexes keyword IwSearch access right, then poll-final and exit;Otherwise, it is looked into
User u is ask to the search access right F of index key wR, jump and execute step 4.2);
4.2) server is according to inquiry user u to the search access right F of index key wR, judge that inquiring the inquiry that user u is submitted closes
Key word w0Whether with encrypted indexes keyword IwIt is equal, inquiry failure is determined if unequal, is terminated and is exited;Otherwise determine
The encryption data for meeting query requirement is returned to inquiry user u by successful inquiring;It jumps and executes step 5).
8. fine granularity inquiry authorization according to claim 7 can search for encryption method, which is characterized in that in step 4.1)
Judge to inquire whether user u has to encrypted indexes keyword IwThe detailed step of search access right include:
For TwEach of leaf node x, if the corresponding attribute a of leaf node x be under the jurisdiction of inquiry user u user belong to
Property set S, then calculate inquiry user u to the search access right F of leaf node x according to formula (5)xIt is used if attribute a is not belonging to inquiry
Inquiry user u is then arranged to the search access right F of leaf node x in the user property set S of family uxFor sky;
In formula (5), wherein Ta, T 'aFor the encrypted query keyword ciphertext component that inquiry user submits, Ix,I'xFor index key
The encrypted indexes I of wwIn ciphertext component, e indicate a bilinear map, g is crowd G1Generation member;
It is k for each Node B thresholdxNon-leaf nodes x, if there is one include kxThe set of the child nodes of a x
Sx, and to each child nodes z ∈ SxAll meet FzIt is not sky, wherein FzIndicate that inquiry user u weighs the inquiry of child nodes z
Limit then calculates inquiry user u to the search access right F of non-leaf nodes x according to formula (6)x;If existed without such set,
Then show that the attribute set S for inquiring user u is unsatisfactory for the threshold value of node x, then definition inquiry user u is to non-leaf nodes x's
Search access right FxFor sky;
In formula (6), FxSearch access right for inquiry user u to non-leaf nodes x, FzIndicate inquiry user u to child nodes z's
Search access right, i=index (z), It is Lagrange coefficient, e is to indicate bilinearity
Mapping, g is crowd G1Generation member;
For access control tree TwRoot node, after the above recursive operation, if availableThen illustrate that the attribute set S for inquiring user u meets access control tree Tw,
The user has the search access right to keyword w, and query process continues;Otherwise FRFor sky, illustrate the attribute set for inquiring user u
S is unsatisfactory for access control tree Tw, then determine that inquiring user u does not have to encrypted indexes keyword IwSearch access right, inquire at this time
Process terminates.
9. fine granularity inquiry authorization according to claim 7 can search for encryption method, which is characterized in that in step 4.2)
The key word of the inquiry w that judgement inquiry user u is submitted0Whether with encrypted indexes keyword IwEqual function expression such as formula (7) institute
Show;
In formula (7), I'wAnd I "wFor index key ciphertext IwIn ciphertext component, e is bilinear map, T1It is mentioned for inquiry user
The encrypted query keyword ciphertext component of friendship, FRIt is inquiry user u to the search access right of index key w.
10. a kind of fine granularity inquiry authorization can search for encryption system, including computer equipment, it is characterised in that: the calculating
What machine equipment was programmed to perform the inquiry authorization of fine granularity described in any one of claim 1~9 can search for encryption method
It is stored on the storage medium of step or the computer equipment and is programmed to perform any one of claim 1~9 institute
State the computer program that can search for encryption method of fine granularity inquiry authorization.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910232696.3A CN109981643A (en) | 2019-03-26 | 2019-03-26 | A kind of inquiry authorization of fine granularity can search for encryption method and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910232696.3A CN109981643A (en) | 2019-03-26 | 2019-03-26 | A kind of inquiry authorization of fine granularity can search for encryption method and system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109981643A true CN109981643A (en) | 2019-07-05 |
Family
ID=67080674
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910232696.3A Pending CN109981643A (en) | 2019-03-26 | 2019-03-26 | A kind of inquiry authorization of fine granularity can search for encryption method and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109981643A (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110602099A (en) * | 2019-09-16 | 2019-12-20 | 广西师范大学 | Privacy protection method based on verifiable symmetric searchable encryption |
CN111027084A (en) * | 2019-12-09 | 2020-04-17 | 湖南大学 | Fine-grained authorized keyword security query method based on attribute-based encryption |
CN112365945A (en) * | 2020-10-27 | 2021-02-12 | 扬州大学 | Block chain-based electronic medical record fine-grained access control and ciphertext searchable method |
CN113904823A (en) * | 2021-09-28 | 2022-01-07 | 长沙学院 | Constant-level authorization computation complexity attribute base searchable encryption method and system |
CN114785592A (en) * | 2022-04-21 | 2022-07-22 | 中国科学技术大学 | Information processing method and device |
CN115174568A (en) * | 2022-06-23 | 2022-10-11 | 南京信息工程大学 | Attribute-based ciphertext retrieval method |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103281377A (en) * | 2013-05-31 | 2013-09-04 | 北京鹏宇成软件技术有限公司 | Cryptograph data storage and searching method for cloud |
CN105262843A (en) * | 2015-11-12 | 2016-01-20 | 武汉理工大学 | Data anti-leakage protection method for cloud storage environment |
CN106330865A (en) * | 2016-08-12 | 2017-01-11 | 安徽大学 | Attribute-Based Keyword Search Method Supporting Efficient Revocation in Cloud Environment |
WO2017076705A1 (en) * | 2015-11-03 | 2017-05-11 | Commissariat A L'energie Atomique Et Aux Energies Alternatives | Method of encryption based on the attributes comprising a pre-calculation phase |
-
2019
- 2019-03-26 CN CN201910232696.3A patent/CN109981643A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103281377A (en) * | 2013-05-31 | 2013-09-04 | 北京鹏宇成软件技术有限公司 | Cryptograph data storage and searching method for cloud |
WO2017076705A1 (en) * | 2015-11-03 | 2017-05-11 | Commissariat A L'energie Atomique Et Aux Energies Alternatives | Method of encryption based on the attributes comprising a pre-calculation phase |
CN105262843A (en) * | 2015-11-12 | 2016-01-20 | 武汉理工大学 | Data anti-leakage protection method for cloud storage environment |
CN106330865A (en) * | 2016-08-12 | 2017-01-11 | 安徽大学 | Attribute-Based Keyword Search Method Supporting Efficient Revocation in Cloud Environment |
Non-Patent Citations (2)
Title |
---|
HUI YIN ET AL.: "CP-ABSE: A Ciphertext-Policy Attribute-Based Searchable Encryption Scheme", 《IEEE ACCESS》 * |
尹辉: "云计算环境下隐私保护的安全查询技术研究", 《中国博士学位论文全文数据库 信息科技辑》 * |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110602099A (en) * | 2019-09-16 | 2019-12-20 | 广西师范大学 | Privacy protection method based on verifiable symmetric searchable encryption |
CN111027084A (en) * | 2019-12-09 | 2020-04-17 | 湖南大学 | Fine-grained authorized keyword security query method based on attribute-based encryption |
CN112365945A (en) * | 2020-10-27 | 2021-02-12 | 扬州大学 | Block chain-based electronic medical record fine-grained access control and ciphertext searchable method |
CN112365945B (en) * | 2020-10-27 | 2024-03-26 | 扬州大学 | Electronic medical record fine granularity access control and ciphertext searchable method based on blockchain |
CN113904823A (en) * | 2021-09-28 | 2022-01-07 | 长沙学院 | Constant-level authorization computation complexity attribute base searchable encryption method and system |
CN113904823B (en) * | 2021-09-28 | 2024-02-27 | 长沙学院 | Attribute-based searchable encryption method and system for constant-level authorization computation complexity |
CN114785592A (en) * | 2022-04-21 | 2022-07-22 | 中国科学技术大学 | Information processing method and device |
CN114785592B (en) * | 2022-04-21 | 2023-10-20 | 中国科学技术大学 | Information processing method and device |
CN115174568A (en) * | 2022-06-23 | 2022-10-11 | 南京信息工程大学 | Attribute-based ciphertext retrieval method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110224986B (en) | Efficient searchable access control method based on hidden policy CP-ABE | |
CN109981643A (en) | A kind of inquiry authorization of fine granularity can search for encryption method and system | |
Xhafa et al. | An efficient PHR service system supporting fuzzy keyword search and fine-grained access control | |
CN109768987A (en) | A kind of storage of data file security privacy and sharing method based on block chain | |
CN107634829A (en) | Encrypted electronic medical records system and encryption method can search for based on attribute | |
WO2022099495A1 (en) | Ciphertext search method, system, and device in cloud computing environment | |
CN109450935A (en) | The multi-key word searching method for the Semantic Security that can verify that in cloud storage | |
CN114826703B (en) | Block chain-based data search fine granularity access control method and system | |
CN103780393B (en) | Virtual-desktop security certification system and method facing multiple security levels | |
CN106656997B (en) | One kind being based on the cross-domain friend-making method for secret protection of mobile social networking proxy re-encryption | |
Chaudhari et al. | Keysea: Keyword-based search with receiver anonymity in attribute-based searchable encryption | |
CN108390855A (en) | A kind of attribute base keyword search encryption system and method towards cloud storage | |
CN110166466A (en) | It is a kind of efficiently the multi-user of renewal authority to can search for encryption method and system | |
CN109740364A (en) | The cipher text searching method based on attribute of controllable search permission | |
Yin et al. | A fine-grained authorized keyword secure search scheme with efficient search permission update in cloud computing | |
Damiani et al. | Metadata management in outsourced encrypted databases | |
Padhya et al. | BTG-RKASE: Privacy Preserving Revocable Key Aggregate Searchable Encryption with Fine-grained Multi-delegation & Break-The-Glass Access Control. | |
Varri et al. | Practical verifiable multi-keyword attribute-based searchable signcryption in cloud storage | |
Ali et al. | Provable secure lightweight attribute‐based keyword search for cloud‐based Internet of Things networks | |
CN109451077A (en) | The model that medical cloud search permission is shared | |
Wang et al. | Towards practical private processing of database queries over public data | |
CN111027084A (en) | Fine-grained authorized keyword security query method based on attribute-based encryption | |
Zhang et al. | Efficient personalized search over encrypted data for mobile edge-assisted cloud storage | |
CN116663046A (en) | Private data sharing and retrieving method, system and equipment based on blockchain | |
CN116611083A (en) | Medical data sharing method and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20190705 |
|
WD01 | Invention patent application deemed withdrawn after publication |