CN109981643A - A kind of inquiry authorization of fine granularity can search for encryption method and system - Google Patents

A kind of inquiry authorization of fine granularity can search for encryption method and system Download PDF

Info

Publication number
CN109981643A
CN109981643A CN201910232696.3A CN201910232696A CN109981643A CN 109981643 A CN109981643 A CN 109981643A CN 201910232696 A CN201910232696 A CN 201910232696A CN 109981643 A CN109981643 A CN 109981643A
Authority
CN
China
Prior art keywords
inquiry
key
user
node
search
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910232696.3A
Other languages
Chinese (zh)
Inventor
尹辉
熊荫乔
李方敏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Changsha University
Original Assignee
Changsha University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Changsha University filed Critical Changsha University
Priority to CN201910232696.3A priority Critical patent/CN109981643A/en
Publication of CN109981643A publication Critical patent/CN109981643A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Storage Device Security (AREA)

Abstract

It can search for encryption method and system the invention discloses a kind of inquiry authorization of fine granularity, implementation steps include that data set provider extracts index key from initial data, encrypts to initial data;Generate two key sk1And sk2;Access control tree is established for index key, index key is encrypted, and the index key of the data file of encryption and encryption is committed to server;Inquiry user encrypts key word of the inquiry using the private key of data set provider authorization, and ciphertext is sent to server;Server is retrieved in encrypted indexes keyword according to the key word of the inquiry of encryption, and returns to the encryption data for meeting query requirement to inquiry user, and inquiry user obtains in plain text in locally decryption ciphertext.The present invention realizes fine-grained data access control and cipher text searching function simultaneously on the encrypted data, the number of attributes of inquiry user does not influence the time overhead of encrypted query keyword substantially, it is suitble to multi-threading parallel process, has many advantages, such as that ciphertext memory space is small, search efficiency is high.

Description

A kind of inquiry authorization of fine granularity can search for encryption method and system
Technical field
The present invention relates to information retrievals and field of cryptography, and in particular to a kind of inquiry authorization of fine granularity can search for encrypting Method and system can be achieved at the same time the fine-granularity access control of cipher text searching and ciphertext, be very suitable in cloud storage system Data safety is shared and information retrieval application scenarios.
Background technique
With the rapid development of cloud computing and universal, more and more users start to consider to migrate the private data of oneself To cloud computing center, local IT investment is on the one hand reduced, on the other hand stores and locates by means of the power of cloud computing platform Manage data.However, data safety is always one of the critical issue of people's worry.Because data are once outsourced to long-range cloud Center, they will be disengaged from the direct physical control of data owner.In this way, data are faced with malice inside external attacker and cloud The double threat of administrator.For data set provider before outer bag data, carrying out encryption to data is the effective of protection data safety One of approach.However, traditional block cipher technology only can guarantee the confidentiality of data, lacks and effective search is carried out to ciphertext With the support of access control.
Can search for encryption (Searchable Encryption) is the password that academia and industry are paid close attention to jointly in recent years Primitive is learned, it can provide data confidentiality protection and cipher text searching function simultaneously.Currently, can search for encryption technology in enhancing number Certain breakthrough is achieved in research according to security intensity and abundant query function, proposes the forward direction for supporting data dynamic to update Safety, backward security, combination safety, the inquiry of multiple key ranking, multiple key are extracted conjunctive query, and fuzzy query is personalized The schemes such as intelligence inquiry.These schemes can guarantee to reach while data confidentiality as Baidu, Google's professional search engine Inquire flexibility.However, they lack the control of the search access right to inquiry user, inquiry user can use any keyword Arbitary inquiry is carried out to encryption data.In some actual application scenarios, data set provider needs the angle according to inquiry user Color permission strictly controls the search access right of inquiry user.For example, the developer of a company can inquire the technology of encryption Document but have no right to access financial statement, the available financial statement of financial staff and can not inquiring technology document etc..It is shown in FIG. 1 Illustraton of model schematically illustrates this application scenarios.
Encryption attribute (Attribute-based Encryption) allows data publisher according to the attribute of data user (such as fingerprint, iris, role, position etc.) carries out fine granularity control to the data access capabilities of data user.Its basic principle It is to be embedded in access control policy in ciphertext or ciphertext decruption key, the attribute set and if only if data access person meets access When control strategy, ciphertext could effectively be decrypted.The encryption of data can be flexibly and easily arranged in such encryption mechanism Condition, the decryption range for controlling user, are very suitable to need to protect data confidentiality, and need the control that accesses to data Distributed data share environment.It is embedded in ciphertext or key according to access control policy, encryption attribute is broadly divided into Ciphertext policy ABE encryption and the encryption of key policy attribute.
In order to realize fine-grained access control and based on the inquiry of keyword, researcher is mentioned simultaneously on the encrypted data Go out and encryption method can search for based on attribute.But already present certain methods mainly use linear secret sharing scheme ((Linear Secret Sharing Scheme) realizes access control to LSSS, and access structure only supports " AND ", " OR " Relationship cannot effectively express " threshold value " thresholding, be very limited in the expression of access control structure.There are also certain methods uses Close number rank population spikes can search for encrypting based on access control, but close number rank group due to using, and the search efficiency of scheme is non- It is often low, in actual searching system and it is not suitable for.There are also schemes can search for using key policy attribute encipherment scheme construction Encryption, but although " AND " of access structure, " OR " and " threshold value " relationship may be implemented in this kind of scheme, but inherit key strategy The shortcomings that encryption attribute, it may be assumed that access control policy is integrated in data decryption key rather than in data, and system is just True property needs to distribute by believable Key Distribution Center correct key to correct user.Because access strategy is by key point Hair center defines and is embedded in key in data, controls so data set provider can not access for the data definition of encryption Data safety under structure processed and encryption data, realization broadcast environment is shared, is not suitable for the true application scenarios that can search for encryption.
2007, Bethencourt et al. devised an outstanding ciphertext policy ABE encipherment scheme, and each It is widely applied in a field.The present invention utilizes the encryption attribute scheme, innovatively equips the pass based on ciphertext for it Key word search capability, construct a keyword fine granularity inquiry authorization can search for encryption method.Compared with the relevant technologies, this hair Bright the method has following innovation: (1) being a kind of encryption method that can search for based on ciphertext policy ABE encryption, permission data Supplier controls user query ability according to the attribute fine granularity for inquiring user, implements access control to the data of encryption;(2) Access control policy is reached using access control tree list, can be indicated " AND " of attribute, " OR " and " threshold value " relationship, is accessed Control strategy has very strong ability to express and flexibility.(3) pass through the dexterously encryption of design index key, key word of the inquiry Encryption and matching algorithm between them, this method are seamlessly the ciphertext policy ABE encryption that Bethencourt et al. is proposed Keyword search ability of the solution integration based on ciphertext has certain practicability.
Summary of the invention
The technical problem to be solved in the present invention: in view of the above problems in the prior art, a kind of fine granularity inquiry authorization is provided Can search for encryption method and system, the present invention realizes fine-grained data access control and ciphertext simultaneously on the encrypted data Function of search, and the number of attributes for inquiring user does not influence the time overhead of encrypted query keyword substantially, has inquiry High-efficient advantage is suitble to multi-threading parallel process.
In order to solve the above-mentioned technical problem, the technical solution adopted by the present invention are as follows:
A kind of inquiry authorization of fine granularity can search for encryption method, and implementation steps include:
1) data set provider extracts index key set W from initial data, and uses symmetric encipherment algorithm addend evidence; Generate two key sk1And sk2;To each index key w ∈ W, an access control is defined according to its system access right Set Tw, use key sk2With access control tree TwIndex key w is encrypted to obtain index key ciphertext Iw, will encrypt Data, all index key ciphertexts are committed to server;
2) inquiry user u sends the request of application addition system to data set provider.Data set provider receive request after it is right It inquires user u and carries out authentication, and utilize the attribute information and key sk of u1Private key U is generated for itu
3) inquiry user u uses private key UuTo key word of the inquiry w0It is encrypted, obtains ciphertext Tu(w0) and be sent to service Device;
4) server is according to ciphertext Tu(w0) in encrypted indexes keyword IwIn retrieved, and meeting query requirement Encryption data returns to inquiry user u;
5) inquiry user u is decrypted ciphertext to obtain clear data.
Preferably, two key sk are generated in step 1)1And sk2Detailed step include:
Select two ranks for the multiplicative cyclic group G of q1And G2, bilinear map e is defined by G1×G1It is mapped to G2, useTable Show that value is 1 to the integer composition mould q coprime between q-1 and with q multiplicative group.Using above tool construction as shown in formula (1) Key sk1And sk2
In formula (1), key sk1Including β, 1/ β, gαThree elements, key sk2Including e (g, g)αWith two elements of h, wherein α, β are respectively from multiplicative groupIn random two elements of uniform design, 1/ β expression seeks multiplicative group to element βOn inverse element, g For multiplicative cyclic group G1Generation member;e(g,g)αFor multiplicative cyclic group G1It generates after member g carries out a bilinear map and seeks α power Operation result, h be equal to multiplicative cyclic group G1Generation member g β power operation result.
Preferably, access control tree T is established for index key w in step 1)wDetailed step include:
Define access control tree Tw, the access control tree TwIn non-leaf nodes indicate a threshold value door, the threshold value door Including with door AND or door OR, take part attribute thresholds door m_of_n three types, each leaf node indicates an attribute;
From access control tree TwRoot node start, in a manner of top-down, be TwEach of node x construction one A multinomial qx, and q is setxThe number of most high-order term is the threshold value of the node few 1, and in non-leaf nodes with door AND node Threshold value is that the threshold value of the node number of child nodes or door OR node is 1, takes the threshold value of part attribute thresholds door m_of_n node For m, the threshold value of leaf node all 1;
For access control tree TwRoot node R, data owner is from multiplicative groupAn element is randomly choosed as secret Close value s constructs a multinomial q about root node RR, it is the above secret value s, i.e. q that the polynomial constant term, which is arranged,R(0) =s, then according to the degree d of root node RRSelect dRA random value, the complete multinomial q for defining root node RR;To any other section Point x constructs a multinomial q about node xx, the value that the polynomial constant term is arranged is qparent(x)(index (x)), qparent(x)When (index (x)) indicates that unknown number takes index (x) in the multinomial of the father node parent (x) about node x Value, wherein parent (x) indicates that the father node of node x, index (x) indicate call number of the node x about its father node;So Afterwards according to the degree d of node xxSelect remaining dxA random value, the multinomial q of complete definition node xx
Preferably, key sk is used in step 1)2With access control tree TwIndex key w is encrypted and is indexed Keyword ciphertext IwExpression formula such as formula (2) shown in;
In formula (2), IwIt indicates to use key sk2With access control tree encrypted indexes keyword w's as a result, IwCiphertext group Part includes Tw、I'w、I″wThree elements and with access control tree TwIn the corresponding I of any leaf node yyAnd I'y;I'wFor With hash function H1Hash operation is carried out to index key w, is mapped as multiplicative groupOn an element H1(w), then with secret Close value s and H1(w) it does product calculation and obtains sH1(w), key sk is then used2In e (g, g)αCarry out sH1(w) secondary power operation obtains Result;I″wFor with key sk2In h carry out s H1(w) result that secondary power operation obtains;Y indicates access control tree TwMiddle period A leaf node in child node set Y, IyFor to leaf node y multiplicative group G1Generation member g carry out qy(0) power is transported Obtained result;I'yFor with hash function H2Attribute information attr (y) the progress Hash operation of leaf node y is mapped to and is multiplied Method group G1On an element, then carry out qy(0) result that secondary power operation obtains.
Preferably, according to the customer attribute information of inquiry user u in step 2), data set provider uses key sk1It is raw for u At private key UuExpression formula such as formula (3) shown in;
In formula (3), UuIndicate the key of user u, UuIncluding U1、U2With with a pairs of any attribute in user property set S The private key component U answeredaAnd U'a, wherein U1To use key sk1In gαCarry out that 1/ β power operation obtain as a result, U2For to multiplying Method group G1Generation member g carry out key sk1In 1/ β power operation obtain as a result, a be inquire user u user property set An attribute in S, raFor attribute a a random element and by data set provider from multiplicative groupIn randomly select;To looking into The attribute a for asking user u uses hash function H2It is mapped to multiplicative group G1On carry out r againaSecondary power operation obtains Ua;To multiplicative group G1's It generates member g and carries out raSecondary power operation obtains U'a
Preferably, ciphertext T in step 3)u(w0) structure such as formula (4) shown in;
In formula (4), Tu(w0) it is that inquiry user u uses private key UuTo key word of the inquiry w0The ciphertext encrypted.Tu (w0) ciphertext component include T1,TaAnd Ta', wherein T1Indicate the private key U of inquiry user uuIn U1With U2R times of two components Power result product, r are inquiry user u randomly from multiplicative groupOne element of middle selection, g are multiplicative group G1Generation member;a An attribute in user property set S to inquire user u, inquiry user u use hash function H first1By key word of the inquiry w0 It is mapped as multiplicative groupOn an element H1(w0), then product value rH is calculated with element r1(w0), then to multiplicative group G1Life RH is at first g1(w0) secondary power operation obtains resultFinally with the private key U of inquiry user uuIn private key component UaIt calculates ProductObtain Ta;Ta' be set as inquiring the private key U of user uuIn private key component U'a
Preferably, the detailed step of step 4) includes:
4.1) server is according to ciphertext Tu(w0) judge to inquire whether user u has to encrypted indexes keyword IwInquiry Permission, if inquiry user u does not have to encrypted indexes keyword IwSearch access right, then poll-final and exit;Otherwise, it obtains To inquiry user u to the search access right F of index key wR, jump and execute step 4.2);
4.2) server is according to inquiry user u to the search access right F of index key wRWhat judgement inquiry user u was submitted looks into Ask keyword w0Whether with encrypted indexes keyword IwIt is equal, inquiry failure is determined if unequal, is terminated and is exited;Otherwise Determine successful inquiring, the encryption data for meeting query requirement is returned into inquiry user u;It jumps and executes step 5).
Preferably, judge to inquire whether user u has to encrypted indexes keyword I in step 4.1)wSearch access right Detailed step includes:
First to access control tree TwRecursive operation is carried out from bottom to top:
For TwEach of leaf node x, if the corresponding attribute a of leaf node x be under the jurisdiction of inquiry user u use Family attribute set S then calculates inquiry user u to the search access right F of leaf node x according to formula (5)xIf attribute a is not belonging to look into Inquiry user u is then arranged to the search access right F of leaf node x in the user property set S for asking user uxFor sky;
In formula (5), wherein Ta, Ta' it is the encrypted query keyword ciphertext component that inquiry user submits, Ix,I'xFor index The encrypted indexes I of keyword wwIn ciphertext component, e indicate a bilinear map, g is crowd G1Generation member;For each Node B threshold is kxNon-leaf nodes x, if there is one include kxThe set S of the child nodes of a xx, and to each child Node z ∈ SxAll meet FzIt is not sky, wherein FzIndicate that inquiry user u to the search access right of child nodes z, is then counted according to formula (6) Inquiry user u is calculated to the search access right F of non-leaf nodes xx;If existed without such set, show to inquire user u's Attribute set S is unsatisfactory for the threshold value of node x, then search access right F of the definition inquiry user u to non-leaf nodes xxFor sky;
In formula (6), FxSearch access right for inquiry user u to non-leaf nodes x, FzIndicate inquiry user u to child nodes The search access right of z, i=index (z),It is Lagrange coefficient, e indicates one pair Linear Mapping, g are multiplicative group G1Generation member;
For access control tree TwRoot node, after the above recursive operation, if availableThen illustrate that the attribute set S for inquiring user u meets access control tree Tw, The user has the search access right to keyword w, and query process continues;Otherwise FRFor sky, illustrate the attribute set for inquiring user u S is unsatisfactory for access control tree Tw, then determine that inquiring user u does not have to encrypted indexes keyword IwSearch access right, inquire at this time Process terminates.
Preferably, the key word of the inquiry w that judgement inquiry user u is submitted in step 4.2)0Whether with encrypted indexes keyword Iw Shown in equal function expression such as formula (7);
In formula (7), I'wWith I "wFor index key ciphertext IwIn ciphertext component, e is bilinear map, T1For inquiry The encrypted query keyword ciphertext component that user submits, FRIt is inquiry user u to the search access right of index key w.
It can search for encryption system, including computer equipment, the meter the present invention also provides a kind of inquiry authorization of fine granularity Calculate machine equipment be programmed to perform the present invention aforementioned fine granularity inquiry authorization the step of can search for encryption method or computer The encryption method that can search for for being programmed to perform the present invention aforementioned fine granularity inquiry authorization is stored on the storage medium of equipment Computer program.
Compared to the prior art, the present invention has an advantage that the present invention is extracted initial data by data set provider Index key simultaneously encrypts generation encryption data, generates two keys, establishes access control tree for index key, generates encryption Encryption data, all encrypted indexes keywords and access control tree are committed to server by index key;User is inquired to use The private key that data set provider provides is encrypted to obtain ciphertext and is sent to server to key word of the inquiry;Server is according to ciphertext Retrieved in encrypted indexes keyword, and return meet query requirement encryption data return to inquiry user;Inquiry is used Family decryption encryption data obtains clear data, realizes that fine-grained data access control and ciphertext are searched simultaneously on the encrypted data Suo Gongneng, and the number of attributes for inquiring user does not influence the time overhead of encrypted query keyword substantially, has inquiry effect The high advantage of rate is suitble to multi-threading parallel process.
Detailed description of the invention
Fig. 1 is the application environment structural schematic diagram of the embodiment of the present invention.
Fig. 2 is the application principle schematic diagram of the embodiment of the present invention.
Fig. 3 is the access control tree construction in the embodiment of the present invention.
Fig. 4 is the time overhead lab diagram of inquiry user authorization in the embodiment of the present invention.
Fig. 5 is the time overhead lab diagram that user encryption key word of the inquiry is inquired in the embodiment of the present invention.
When Fig. 6 is permanent quantity change index keyword quantity in the embodiment of the present invention, index key adds Close time overhead lab diagram;
When Fig. 7 is fixed indices number of keyword amount Delta data file quantity in the embodiment of the present invention, index key adds Close time overhead lab diagram;
When Fig. 8 is permanent quantity change index keyword quantity in the embodiment of the present invention, Cloud Server is executed The time overhead lab diagram of inquiry;
When Fig. 9 is that permanent quantity is 4000 in the embodiment of the present invention and number of attributes is 5, Cloud Server is executed The time overhead lab diagram of inquiry.
When Figure 10 is that fixed indices keyword quantity is 400 in the embodiment of the present invention and number of attributes is 5, Cloud Server is held The time overhead lab diagram of row inquiry.
Specific embodiment
Hereafter fine granularity of the present invention inquiry authorization will be can search for by encryption method and will be by taking application shown in FIG. 1 as an example System is described in further detail.Referring to Fig. 1, wherein technology department responsible person and Finance Department are responsible for artificial data set provider, point Encrypted technical documentation and financial statement Cloud Server is not uploaded into, common developer and financial staff are then inquiry User u, for using fine granularity of the present invention inquiry authorize can search for encryption method and system is inquired.
As shown in Fig. 2, the implementation steps that can search for encryption method of the present embodiment fine granularity inquiry authorization include:
1) initial data is extracted index key w and encrypted with symmetric encipherment algorithm by data set provider generates encryption number According to generating two key sk1And sk2, access control tree T is established for index key ww, use key sk2With access control tree Encrypted indexes keyword obtains encrypted indexes keyword Iw, by encryption data, all encrypted indexes keyword IwAnd access control tree TwIt is committed to server;
2) inquiry user u sends the request of application addition system to data set provider.Data set provider receive request after it is right It inquires user u and carries out authentication, and utilize the attribute information and key sk of u1Private key U is generated for itu
3) inquiry user u uses private key UuTo key word of the inquiry w0It is encrypted, obtains ciphertext Tu(w0) and be sent to service Device;
4) server is according to ciphertext Tu(w0) in encrypted indexes keyword IwIn retrieved, and return meet query requirement Encryption data return to inquiry user u;
5) inquiry user u is decrypted ciphertext to obtain clear data.
Referring to fig. 2, data set provider is by encryption data, all encrypted indexes keyword IwAnd access control tree TwIt is committed to Cloud Server;It inquires user u and uses private key UuTo key word of the inquiry w0It is encrypted to obtain ciphertext Tu(w0) and be sent to cloud service Device, and the query result of cloud return is obtained, query result is divided into no search access right, there is search access right but keyword match loses Lose and have permission and keyword match success three kinds of results.System model shown in Fig. 2 includes three entities, is several respectively According to supplier, user and Cloud Server are inquired.Data set provider is outer after encrypting respectively to data file and index key to be wrapped in In Cloud Server (index key is extracted from data file, and data file is encrypted using traditional symmetric cryptosystem, Index key is encrypted using method of the present invention);Data set provider carries out it according to the attribute of inquiry user Association key is distributed in authorization.When inquiry user needs to inquire data file, he is encrypted using the key that data set provider is authorized Key word of the inquiry simultaneously submits to Cloud Server.Cloud Server is responsible for after receiving the key word of the inquiry for inquiring the encryption that user submits It is retrieved in the index key of encryption, and returns to the data file for meeting query requirement to inquiry user.Finally inquiry user solution Ciphertext obtains clear text file.This application example randomly chooses 4000 text files using in true RFC data set As experimental data set, all programs are realized using Java language.It is as follows using exemplary running environment: client computer Main hardware configuration be 2.3GHZ dual core processor, 4G memory, 320G hard disk, the operating system version of installation is windows 7;Server end is also a windows7 operating system, 3.6GHZ i7-7700 processor, 8G memory, 1T hard disk.Client Computer is mainly used to encrypted indexes keyword and key word of the inquiry, and server-side computer simulates Cloud Server and executes inquiry behaviour Make.
It is as follows that running environment is pre-established in the present embodiment:
Select two ranks for the multiplicative cyclic group G of prime number q1And G2, g is multiplicative group G1A generation member;
Bilinear map e:G1×G1→G2, it has the following properties:
1, bilinearity: for multiplicative group G1In arbitrary collection U and V, Yi JiqunIn arbitrary element a and b meet e (Va,Ub)=e (V, U)ab
2, non-degeneracy: if g is G1Generation member, then e (g, g) is G2Generate member.
3, computability: for multiplicative group G1In arbitrary collection U and V, be constantly present an effective polynomial time Algorithm calculates e (V, U) ∈ G2
Two hash function H1And H2:
H1And H2It is respectively group the string of binary characters Hash of a random lengthWith group G1On element, { 0,1 } * Represent the string of binary characters of a random length.Indicate that the multiplicative group of mould q, element value are 1 between q-1 and and q Coprime integer.
Define Lagrange coefficient:
S is groupA set for being,Lagrange coefficient can be used for carrying out demosaicing to multinomial Secret value out.Such asAs can be seen that set in element be 1 to 14 between and With 15 coprime all integers.
In the present embodiment, data set provider uses Hermetic Word Frequency Counter tool in step 1) Index key set W is extracted from 4000 text files, then using symmetric encipherment algorithm AES to 4000 text files It carries out encryption and generates corresponding ciphertext.
In the present embodiment, two key sk are generated in step 1)1And sk2Detailed step include:
Select two ranks for the multiplicative cyclic group G of q1And G2, bilinear map e is defined by G1×G1It is mapped to G2, useTable Show that value is 1 to the integer composition mould q coprime between q-1 and with q multiplicative group.Using above tool construction as shown in formula (1) Key sk1And sk2
In formula (1), key sk1Including β, 1/ β, gαThree elements, key sk2Including e (g, g)αWith two elements of h, wherein α, β are respectively from multiplicative groupIn random two elements of uniform design, 1/ β expression seeks multiplicative group to element βOn inverse element, g For multiplicative cyclic group G1Generation member;e(g,g)αFor multiplicative cyclic group G1It generates after member g carries out a bilinear map and seeks α power Operation result, h be equal to multiplicative cyclic group G1Generation member g β power operation result.To G1Generation member g seek β power operation Obtain gβ∈G1.Two key sk of middle generation1And sk2Afterwards, data set provider uses sk1Private key, the private key are generated for inquiry user It is embedded into the attribute information of inquiry user;Use sk2Encrypted indexes keyword, the index key pass through one access control of insertion System tree definition carrys out its access authority.
Opponent's (Cloud Server) obtains cleartext information from index key in order to prevent, and data owner is crucial to index Word is encrypted.Without loss of generality, an index key is indicated using w in the present embodiment, an access control tree construction is such as Shown in Fig. 3.Non-leaf nodes in the tree indicates a threshold value door, including " with (AND) ", " or (OR) " and " threshold value (m of N) " three types, each leaf node indicate an attribute.In access control tree construction shown in Fig. 3, if some user It is " department of computer science and undertake data structure, the professor or doctor of any two subjects journey in algorithm and computer network ", that The attribute of the user meets this access control tree.Several symbols are defined to access control tree construction below:
R: the root node of access control tree;
X: the arbitrary node in access control tree in addition to root node;
The father node of parent (x): x node;
The call number of index (x): x node.Give a node y, the call numbers of child nodes is from left to right suitable Sequence digital number.Such as in Fig. 3, give node " 2of 3 ", child nodes call number is respectively index (data structure) =1, index (algorithm)=2, index (computer network)=3.
Attr (x): if x is a leaf node, the attribute that x is indicated is indicated with attr (x).
kx: the threshold value of node x.
Access control tree T is established for index key w in step 1) in the present embodimentwDetailed step include:
Define access control tree Tw, the access control tree TwIn non-leaf nodes indicate a threshold value door, the threshold value door Be divided into door AND or door OR, take part attribute thresholds door m_of_n three types, each leaf node indicates an attribute, one A attribute is an index key;The access control tree T that the present embodiment defineswIt can neatly express between attribute "AND", "or" and threshold value relationship.Index key Encryption Algorithm uses encryption attribute and Secret sharing techniques, and base by ingenious In access control tree TwStructure, the probability encryption of carry out to index key w.Based on discrete logarithm difficult problem, arbitrarily Probabilistic polynomial opponent the cleartext information of keyword w can not be recovered from ciphertext, and the ciphertext constructed can be supported effectively Anti- chosen -plain attact.
From access control tree TwRoot node start, in a manner of top-down, be TwEach of node x construction one A multinomial qx, and q is setxNumber (the d of most high-order termx) it is the threshold value few 1 of the node (if using kxIndicate the threshold of node x Value, then dx=kxIt -1) is, and in non-leaf nodes with the threshold value of door AND node that the node number of child nodes or door OR are saved The threshold value of point is 1, to take the threshold value of part attribute thresholds door m_of_n node be m, the threshold value of leaf node all 1;
For access control tree TwRoot node R, data owner is from multiplicative groupAn element is randomly choosed as secret Close value s constructs a multinomial q about root node RR, it is the above secret value s, i.e. q that the polynomial constant term, which is arranged,R(0) =s, then according to the degree d of root node RRSelect dRA random value, the complete multinomial q for defining root node RR;To any other section Point x constructs a multinomial q about node xx, the value that the polynomial constant term is arranged is qparent(x)(index (x)), qparent(x)When (index (x)) indicates that unknown number takes index (x) in the multinomial of the father node parent (x) about node x Value, wherein parent (x) indicates that the father node of node x, index (x) indicate call number of the node x about its father node;So Afterwards according to the degree d of node xxSelect remaining dxA random value, the multinomial q of complete definition node xx.If being indicated using symbol y Unknown number in multinomial, then the multinomial of R node is represented by qR(y), if using the unknown number in symbol y representative polynomial Then the multinomial of x node is represented by qx(y)。
For a further understanding of above-described polynomial construction, in the present embodiment by access shown in Fig. 3 tree for into Row explanation.The root node of Fig. 3 is " AND " node (being indicated with R), it can be seen that it has 3 child nodes, then its threshold value kRIt is 3, It therefore can be d with definition node R degreeR=kRThe multinomial of -1=2 is qR(y)=a0+a1y+a2y2, allow constant term a first0=s, Then from multiplicative groupIn be randomly chosen two elements a, b a be respectively set1And a2Value, the final polynomial repressentation of R node For qR=s+ay+by2.When the unknown number y in multinomial takes 0, polynomial value is s, i.e. qR(0)=s;For other nodes X, such as " 2of 3 " node shown in figure, father node are root node, i.e. parent (x)=R, threshold value kxIt is 2, because it is The 3rd child of root node R, then index (x)=3.It is d according to definition node x degree in these information the present embodimentx=kx- 1= 1 multinomial is qx=b0+b1Y, allows constant term b first0=qR(3)=s+3a+9b, then from multiplicative groupIn randomly select Select an element c setting b1Value, the multinomial of x node is qx=s+3a+9b+cy.
Access control tree T is indicated with YwLeaf node set, data owner utilize key sk2With access control tree Tw, In the present embodiment, key sk is used in step 1)2With access control tree TwIndex key w is encrypted to obtain index key Word ciphertext IwFunction expression such as formula (2) shown in;
In formula (2), IwIt indicates to use key sk2With access control tree encrypted indexes keyword w's as a result, IwCiphertext group Part includes Tw、I'w、I″wThree elements and with access control tree TwIn the corresponding I of leaf node yyAnd I'y;I'wFor with Hash function H1Hash operation is carried out to index key w, is mapped to multiplicative groupOn an element H1(w), then with secret Value s and H1(w) it does product calculation and obtains sH1(w), key sk is then used2In e (g, g)αCarry out sH1(w) secondary power operation obtains As a result;I″wFor with key sk2In h carry out sH1(w) result that secondary power operation obtains;Y indicates access control tree TwMiddle leaf section A leaf node in point set Y, IyFor to leaf node y multiplicative group G1Generation member g carry out qy(0) secondary power operation obtains The result arrived;I'yFor with hash function H2Hash operation is carried out to the attribute information attr (y) of leaf node y and is mapped to multiplicative group G1On an element, then carry out qy(0) result that secondary power operation obtains.
Data owner authorizes it according to the attribute of inquiry user u, is substantially to utilize key sk1It is used for inquiry Family generates private key.In the present embodiment, according to the customer attribute information of inquiry user u in step 2), data set provider uses key sk1Private key U is generated for uuFunction expression such as formula (3) shown in;
In formula (3), UuIndicate the key of user u, UuIncluding U1、U2And with any attribute a in user property set S Corresponding private key component UaAnd U'a, wherein U1To use key sk1In gαCarry out that 1/ β power operation obtain as a result, U2It is right Multiplicative group G1Generation member g carry out key sk1In 1/ β power operation obtain as a result, a be inquire user u user property collection Close an attribute in S, raFor attribute a a random element and by data set provider from multiplicative groupIn randomly select;It is right The attribute a for inquiring user u uses hash function H2It is mapped to multiplicative group G1On carry out r againaSecondary power operation obtains Ua;To multiplicative group G1 Generation member g carry out raSecondary power operation obtains U'a.When an inquiry user u wishes addition system, he mentions firstly the need of with data Donor carries out authentication.After certification, data set provider uses key according to the identity information (attribute) of inquiry user sk1Private key U is produced for itu, form is such as shown in (3).Finally, data set provider sends U by secured communication channeluWith data text Part encryption key gives inquiry user u.The attribute set of an inquiry user u is indicated with S, data set provider uses key sk1For u Generate private key Uu, each of attribute set S property element is dexterously embedded into private key UuThe middle inquiry for indicating inquiry user Permission.The private key U that user u is authorized using data set provider is inquired in the present embodimentuEncrypted query keyword, Encryption Algorithm benefit Probability encryption is carried out with the key pair key word of the inquiry with inquiry customer attribute information, on the one hand can reach key word of the inquiry (i.e. two identical keys word of the inquiry have entirely different ciphertext form to the Unlinkability of ciphertext, can be reasonably resistant to Chosen -plain attact), on the other hand, the search access right of inquiry user is embedded in key word of the inquiry ciphertext automatically.
In the present embodiment, ciphertext T in step 3)u(w0) structure such as formula (4) shown in;
In formula (4), Tu(w0) it is that inquiry user u uses private key UuTo key word of the inquiry w0It is encrypted to obtain ciphertext, Tu (w0) ciphertext component include T1, TaAnd Ta', wherein T1Indicate the private key U of inquiry user uuIn U1With U2R power product, R is inquiry user u randomly from multiplicative groupOne element of middle selection, g are multiplicative group G1Generation member;A is inquiry user u Element in user property set S, inquiry user u use hash function H first1By key word of the inquiry w0It is mapped as multiplicative groupOn An element H1(w0), product value rH is calculated with element r1(w0), then to multiplicative group G1Generation member g be rH1(w0) power Operation obtains resultFinally with the private key U of inquiry user uuIn private key component UaCalculate productIt obtainsTa' be set as inquiring the private key U of user uuIn private key component U'a, obtain
As shown in figure 4, the detailed step of step 4) includes: in the present embodiment
4.1) server is according to ciphertext Tu(w0) judge to inquire whether user u has to encrypted indexes keyword IwInquiry Permission, if inquiry user u does not have to encrypted indexes keyword IwSearch access right, then poll-final and exit;Otherwise, it obtains To inquiry user u to the search access right F of index key wR, jump and execute step 4.2);
4.2) server is according to inquiry user u to the search access right F of index key wRWhat judgement inquiry user u was submitted looks into Ask keyword w0Whether with encrypted indexes keyword IwIt is equal, inquiry failure is determined if unequal, is terminated and is exited;Otherwise Determine successful inquiring, the encryption data for meeting query requirement is returned into inquiry user u;It jumps and executes step 5).
From fig. 4, it can be seen that entire inquiry includes 2 subprocess (subprocess 1 and subprocess 2), subprocess 1 is that inquiry is closed The permission match process of key word and index key is calculated if key word of the inquiry does not have the access authority of index key Method terminates in advance, and shows to inquire the search access right that user does not have the index key;Otherwise, subprocess 2 is executed, judges user Whether the key word of the inquiry of submission is equal with index key.If unequal, inquiry failure, algorithm normal termination;If phase Deng, successful inquiring, algorithm normal termination.Without loss of generality, symbol w is used in the present embodiment0Indicate key word of the inquiry, encrypted version This is Tu(w0), an index key, encryption version I are indicated with ww.The query service device of the present embodiment is without carrying out The authorization that can be realized between efficient index key ciphertext and key word of the inquiry ciphertext in the case where any decryption oprerations is looked into It askes, and query service device judges whether the key word of the inquiry ciphertext of user's submission meets the permission of some index key ciphertext It is required that and judge whether key word of the inquiry matches with index key as same process, to greatly improve search efficiency.From From the point of view of the control of keyword query permission, by using access tree construction and customer attribute information, on the one hand which allows data Supplier is that index key defines flexible access structure, on the other hand can carry out inquiry with fine granularity for inquiry user and award Power.For example the access control structure of an index key is " department of computer science " AND (" doctor " OR " professor ") AND (" data knot Structure ", " Computer Organization Principles ", " algorithm design ": 2of 3), then one " department of computer science ", and " data structure " is served as, it " calculates Machine principle ", " doctor " or " professor " of any two subjects journey is with the index key in " algorithm design " three subjects Search access right.
In the present embodiment, judge to inquire whether user u has to encrypted indexes keyword I in step 4.1)wInquiry power The detailed step of limit includes:
For TwEach of leaf node x, if the corresponding attribute a of leaf node x be under the jurisdiction of inquiry user u use Family attribute set S then calculates inquiry user u to the search access right F of leaf node x according to formula (5)xIf attribute a is not belonging to look into Inquiry user u is then arranged to the search access right F of leaf node x in the user property set S for asking user uxFor sky;
Wherein Ta, Ta' it is the encrypted query keyword ciphertext component that inquiry user submits, Ix,I'xFor index key w's Encrypted indexes IwIn ciphertext component, e indicate a bilinear map, g is crowd G1Generation member;For each Node B threshold For kxNon-leaf nodes x, if there is one include kxThe set S of the child nodes of a xx, and to each child nodes z ∈ SxAll meet FzIt is not sky, wherein FzIndicate that inquiry user u to the search access right of child nodes z, is then calculated according to formula (6) and inquired Search access right F of the user u to non-leaf nodes xx;If existed without such set, show the property set for inquiring user u The threshold value that S is unsatisfactory for node x is closed, then search access right F of the definition inquiry user u to non-leaf nodes xxFor sky;
In formula (6), FxSearch access right for inquiry user u to non-leaf nodes x, FzIndicate inquiry user u to child nodes The search access right of z, i=index (z),It is Lagrange coefficient, e indicates one pair Linear Mapping, g are multiplicative group G1Generation member;
For access control tree TwRoot node, after the above recursive operation, if inquiry user u root node is looked into Asking permission is sky, then determines that inquiring user u does not have to encrypted indexes keyword IwSearch access right, query process terminates;It is no Then, the search access right F using obtained inquiry user u to the search access right of root node as inquiry user u to index key wR, That is:
Shown in the derivation such as formula (5-1) of formula (5);
Shown in the derivation such as formula (6-1) of formula (6);
In formula (6-1), i=index (z),It is Lagrange coefficient, formula (6) it is completed using Lagrange interpolation formula.If existed without such set, show the attribute set S for inquiring user u It is unsatisfactory for the threshold value of node x, then defining Fx=null.After completing above procedure, if FR=null, it is meant that inquiry is used Family u to the search access right of keyword w, does not terminate.Otherwise, query service device continues to execute subprocess 2.
In the present embodiment, the key word of the inquiry w of judgement inquiry user u submission in step 4.2)0Whether closed with encrypted indexes Key word IwShown in equal function expression such as formula (7);
In formula (7), I'wWith I "wFor index key ciphertext IwIn ciphertext component, e is bilinear map, T1For inquiry The encrypted query keyword ciphertext component that user submits, FRIt is inquiry user u to the search access right of index key w.
Shown in the derivation such as following formula (7-1) of formula (7);
In formula (7-1), h is key sk2In component, remaining parameter can be found in various above.
Cloud Server receives Tu(w0) after, it is scanned in the index key of encryption, and return to the encryption met the requirements Data file.Security Index is established using inverted index structure in the present embodiment, the index key of each encryption and comprising All data files of the index key constitute an Inverted List.Data user u receives the inquiry knot of Cloud Server return After fruit, ciphertext is decrypted using the symmetric key that data set provider is authorized, obtains final clear text file.
Following verifyings have been carried out to the performance that can search for encryption method of the present embodiment fine granularity inquiry authorization:
Fig. 5 is that data set provider is the time overhead for inquiring user's authorization, and Fig. 6 is inquiry user encryption key word of the inquiry Time overhead.Fig. 5 indicates that the time overhead of inquiry user's authorization linearly increases with the number of attributes of user, and Fig. 6 illustrates to inquire The number of attributes of user does not have much affect to the time overhead of encrypted query keyword.
Fig. 7 be when permanent quantity is 4000, the time overhead of data set provider encrypted indexes keyword with The quantity of index key linearly increases, and the leaf node quantity (attribute of the access control tree of encrypted indexes keyword Quantity) it is more, the time overhead of encrypted indexes keyword is bigger.Fig. 8 shows when fixed indices keyword quantity be 600 when, The size of data file quantity does not influence index key encryption, but as shown in Fig. 7, the visit of encrypted indexes keyword Ask that the leaf node quantity (number of attributes) of control tree is more, the time overhead of encrypted indexes keyword is bigger.
Fig. 9 indicates that permanent quantity is 4000 and when number of attributes is 5, the query time expense of Cloud Server with The size of index key quantity linearly increases.Figure 10 indicates that fixed indices keyword quantity is 400 and number of attributes is 5 When, the query time expense and the size of data file quantity of Cloud Server are not related.It can be seen that from two figures when multi-thread When under journey environment, number of threads is bigger, and the time required for inquiring is with regard to smaller.By the building to proposition based on cloud computing Secure storage and searching system, and experimental evaluation is carried out to system on true data set, assessment result shows the present invention The method of proposition is correct and practical.
In addition, present embodiments provide a kind of inquiry authorization of fine granularity can search for encryption system, including computer equipment, The computer equipment is programmed to perform the step of can search for encryption method of the aforementioned fine granularity inquiry authorization of the present embodiment, or It is stored on the storage medium of the computer equipment and is programmed to perform can search for for the aforementioned fine granularity inquiry authorization of the present embodiment The computer program of encryption method.
The above is only a preferred embodiment of the present invention, protection scope of the present invention is not limited merely to above-mentioned implementation Example, all technical solutions belonged under thinking of the present invention all belong to the scope of protection of the present invention.It should be pointed out that for the art Those of ordinary skill for, several improvements and modifications without departing from the principles of the present invention, these improvements and modifications It should be regarded as protection scope of the present invention.

Claims (10)

1. a kind of inquiry authorization of fine granularity can search for encryption method, it is characterised in that implementation steps include:
1) data set provider extracts index key set W from initial data, and uses symmetric encipherment algorithm addend evidence;It generates Two key sk1And sk2;To each index key w ∈ W, an access control tree is defined according to its system access right Tw, use key sk2With access control tree TwIndex key w is encrypted, index key ciphertext I is obtainedw.Finally will Encryption data and index key ciphertext are committed to server;
2) inquiry user u sends the request of application addition system to data set provider.Data set provider receive request after to inquiry User u carries out authentication, and utilizes the attribute information and key sk of u1Private key U is generated for itu
3) inquiry user u uses private key UuTo key word of the inquiry w0It is encrypted, obtains corresponding ciphertext Tu(w0), and it is sent to clothes Business device;
4) server is according to Tu(w0) in the index key I of encryptionwIn retrieved, and the encryption number for meeting query requirement User u is inquired according to returning to;
5) inquiry user u is being decrypted ciphertext to obtain clear data.
2. fine granularity inquiry authorization according to claim 1 can search for encryption method, which is characterized in that raw in step 1) At two key sk1And sk2Detailed step include:
Select two ranks for the multiplicative cyclic group G of q1And G2, bilinear map e is defined by G1×G1It is mapped to G2, useExpression takes Value is 1 to the multiplicative group that mould q is constituted between q-1 and with q coprime integer.It is close as shown in formula (1) using above tool construction Key sk1And sk2
In formula (1), key sk1Including β, 1/ β, gαThree elements, key sk2Including e (g, g)αWith two elements of h, wherein α, β divide Not fromIn random uniform design.1/ β indicates that β existsOn inverse element, g be multiplicative cyclic group G1Generation member;e(g,g)αIt indicates G1Generation member g a bilinear map operation after, its value carries out to α power operation again, h is equal to multiplicative cyclic group G1Life At the β power operation of first g.
3. fine granularity inquiry authorization according to claim 1 can search for encryption method, which is characterized in that be in step 1) Index key w establishes access control tree TwDetailed step include:
Define access control tree Tw, the access control tree TwIn non-leaf nodes indicate a threshold value door, threshold value door includes With door AND or door OR, take part attribute thresholds door m_of_n (indicate n element in arbitrarily take m element) three types, often A leaf node indicates an attribute;
From access control tree TwRoot node start, in a manner of top-down, be TwEach of node x construction more than one Item formula qx, and q is setxThe number of most high-order term is that the threshold value of the node lacks 1, and the threshold with door AND node in non-leaf nodes Value be the threshold value of the node number of child nodes or door OR node be 1, the threshold value that takes part attribute thresholds door m_of_n node is M, the threshold value of leaf node are 1;
For access control tree TwRoot node R, data owner is from multiplicative groupAn element is randomly choosed as secret value s, Construct a multinomial q about root node RR, it is the above secret value s, i.e. q that the polynomial constant term, which is arranged,R(0)=s, so Afterwards according to the degree d of root node RRSelect dRA random value, the complete multinomial q for defining root node RR;To any other node x, structure Make a multinomial q about node xx, the value that the polynomial constant term is arranged is qparent(x)(index (x)), qparent(x) (index (x)) indicates value when unknown number takes index (x) in the multinomial of the father node parent (x) about node x, Middle parent (x) indicates that the father node of node x, index (x) indicate call number of the node x in its father node parent (x); Then according to the degree d of node xxSelect remaining dxA random value, the multinomial q of complete definition node xx
4. fine granularity inquiry authorization according to claim 1 can search for encryption method, which is characterized in that make in step 1) With key sk2With access control tree TwIndex key is encrypted to obtain index key ciphertext IwFunction expression such as Shown in formula (2);
In formula (2), IwIt indicates to use key sk2With access control tree encrypted indexes keyword w's as a result, IwCiphertext component packet Include Tw、I'w、I”wThree elements and with access control tree TwThe corresponding I of any leaf node yyAnd I'y;I'wFor with Hash Function H1Hash operation is carried out to index key w, is mapped as multiplicative groupOn an element H1(w), then with secret value s and H1(w) it does product calculation and obtains sH1(w), key sk is then used2In e (g, g)αCarry out sH1(w) result that secondary power operation obtains; I”wFor with key sk2In h carry out sH1(w) result that secondary power operation obtains;Y indicates access control tree TwMiddle leaf node collection Close a leaf node in Y, IyFor to leaf node y multiplicative group G1Generation member g carry out qy(0) secondary power operation obtains As a result;I'yFor with hash function H2Hash operation is carried out to the attribute information attr (y) of leaf node y and is mapped to multiplicative group G1On An element, then carry out qy(0) result that secondary power operation obtains.
5. fine granularity inquiry authorization according to claim 2 can search for encryption method, which is characterized in that root in step 2) It is investigated that asking the customer attribute information of user u, data set provider uses key sk1Private key U is generated for uuFunction expression such as formula (3) shown in;
In formula (3), UuIndicate the key of user u, UuIncluding U1、U2And it is corresponding with any attribute a in user property set S Private key component UaAnd U'a, wherein U1To use key sk1In gαCarry out that 1/ β power operation obtain as a result, U2For to multiplicative group G1Generation member g carry out key sk1In 1/ β power operation obtain as a result, a be inquire user u user property set S in An attribute, raFor attribute a a random element and by data set provider from multiplicative groupIn randomly select;Inquiry is used The attribute a of family u uses hash function H2It is mapped to multiplicative group G1On carry out r againaSecondary power operation obtains Ua;To multiplicative group G1Generation First g carries out raSecondary power operation obtains U'a
6. fine granularity inquiry authorization according to claim 5 can search for encryption method, which is characterized in that close in step 3) Literary Tu(w0) structure such as formula (4) shown in;
In formula (4), Tu(w0) it is that inquiry user u uses private key UuTo key word of the inquiry w0The ciphertext encrypted.Tu(w0) Ciphertext component include T1,TaWith T 'a, wherein T1Indicate the private key U of inquiry user uuIn U1With U2The r power knot of two components Fruit product, r are inquiry user u randomly from multiplicative groupOne element of middle selection, g are multiplicative group G1Generation member;A is to look into An attribute in the user property set S of user u is ask, inquiry user u uses hash function H first1By key word of the inquiry w0Mapping For multiplicative groupOn an element H1(w0), then product value rH is calculated with element r1(w0), then to multiplicative group G1Generation member G is rH1(w0) secondary power operation obtains resultFinally with the private key U of inquiry user uuIn private key component UaCalculate productObtain Ta;T′aIt is set as the private key U of inquiry user uuIn private key component U'a
7. fine granularity according to claim 5 inquiry authorization can search for encryption method, which is characterized in that step 4) it is detailed Carefully step includes:
4.1) server is according to ciphertext Tu(w0) judge to inquire whether user u has to encrypted indexes keyword IwSearch access right, If inquiring user u not having to encrypted indexes keyword IwSearch access right, then poll-final and exit;Otherwise, it is looked into User u is ask to the search access right F of index key wR, jump and execute step 4.2);
4.2) server is according to inquiry user u to the search access right F of index key wR, judge that inquiring the inquiry that user u is submitted closes Key word w0Whether with encrypted indexes keyword IwIt is equal, inquiry failure is determined if unequal, is terminated and is exited;Otherwise determine The encryption data for meeting query requirement is returned to inquiry user u by successful inquiring;It jumps and executes step 5).
8. fine granularity inquiry authorization according to claim 7 can search for encryption method, which is characterized in that in step 4.1) Judge to inquire whether user u has to encrypted indexes keyword IwThe detailed step of search access right include:
For TwEach of leaf node x, if the corresponding attribute a of leaf node x be under the jurisdiction of inquiry user u user belong to Property set S, then calculate inquiry user u to the search access right F of leaf node x according to formula (5)xIt is used if attribute a is not belonging to inquiry Inquiry user u is then arranged to the search access right F of leaf node x in the user property set S of family uxFor sky;
In formula (5), wherein Ta, T 'aFor the encrypted query keyword ciphertext component that inquiry user submits, Ix,I'xFor index key The encrypted indexes I of wwIn ciphertext component, e indicate a bilinear map, g is crowd G1Generation member;
It is k for each Node B thresholdxNon-leaf nodes x, if there is one include kxThe set of the child nodes of a x Sx, and to each child nodes z ∈ SxAll meet FzIt is not sky, wherein FzIndicate that inquiry user u weighs the inquiry of child nodes z Limit then calculates inquiry user u to the search access right F of non-leaf nodes x according to formula (6)x;If existed without such set, Then show that the attribute set S for inquiring user u is unsatisfactory for the threshold value of node x, then definition inquiry user u is to non-leaf nodes x's Search access right FxFor sky;
In formula (6), FxSearch access right for inquiry user u to non-leaf nodes x, FzIndicate inquiry user u to child nodes z's Search access right, i=index (z), It is Lagrange coefficient, e is to indicate bilinearity Mapping, g is crowd G1Generation member;
For access control tree TwRoot node, after the above recursive operation, if availableThen illustrate that the attribute set S for inquiring user u meets access control tree Tw, The user has the search access right to keyword w, and query process continues;Otherwise FRFor sky, illustrate the attribute set for inquiring user u S is unsatisfactory for access control tree Tw, then determine that inquiring user u does not have to encrypted indexes keyword IwSearch access right, inquire at this time Process terminates.
9. fine granularity inquiry authorization according to claim 7 can search for encryption method, which is characterized in that in step 4.2) The key word of the inquiry w that judgement inquiry user u is submitted0Whether with encrypted indexes keyword IwEqual function expression such as formula (7) institute Show;
In formula (7), I'wAnd I "wFor index key ciphertext IwIn ciphertext component, e is bilinear map, T1It is mentioned for inquiry user The encrypted query keyword ciphertext component of friendship, FRIt is inquiry user u to the search access right of index key w.
10. a kind of fine granularity inquiry authorization can search for encryption system, including computer equipment, it is characterised in that: the calculating What machine equipment was programmed to perform the inquiry authorization of fine granularity described in any one of claim 1~9 can search for encryption method It is stored on the storage medium of step or the computer equipment and is programmed to perform any one of claim 1~9 institute State the computer program that can search for encryption method of fine granularity inquiry authorization.
CN201910232696.3A 2019-03-26 2019-03-26 A kind of inquiry authorization of fine granularity can search for encryption method and system Pending CN109981643A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910232696.3A CN109981643A (en) 2019-03-26 2019-03-26 A kind of inquiry authorization of fine granularity can search for encryption method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910232696.3A CN109981643A (en) 2019-03-26 2019-03-26 A kind of inquiry authorization of fine granularity can search for encryption method and system

Publications (1)

Publication Number Publication Date
CN109981643A true CN109981643A (en) 2019-07-05

Family

ID=67080674

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910232696.3A Pending CN109981643A (en) 2019-03-26 2019-03-26 A kind of inquiry authorization of fine granularity can search for encryption method and system

Country Status (1)

Country Link
CN (1) CN109981643A (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110602099A (en) * 2019-09-16 2019-12-20 广西师范大学 Privacy protection method based on verifiable symmetric searchable encryption
CN111027084A (en) * 2019-12-09 2020-04-17 湖南大学 Fine-grained authorized keyword security query method based on attribute-based encryption
CN112365945A (en) * 2020-10-27 2021-02-12 扬州大学 Block chain-based electronic medical record fine-grained access control and ciphertext searchable method
CN113904823A (en) * 2021-09-28 2022-01-07 长沙学院 Constant-level authorization computation complexity attribute base searchable encryption method and system
CN114785592A (en) * 2022-04-21 2022-07-22 中国科学技术大学 Information processing method and device
CN115174568A (en) * 2022-06-23 2022-10-11 南京信息工程大学 Attribute-based ciphertext retrieval method

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103281377A (en) * 2013-05-31 2013-09-04 北京鹏宇成软件技术有限公司 Cryptograph data storage and searching method for cloud
CN105262843A (en) * 2015-11-12 2016-01-20 武汉理工大学 Data anti-leakage protection method for cloud storage environment
CN106330865A (en) * 2016-08-12 2017-01-11 安徽大学 Attribute-Based Keyword Search Method Supporting Efficient Revocation in Cloud Environment
WO2017076705A1 (en) * 2015-11-03 2017-05-11 Commissariat A L'energie Atomique Et Aux Energies Alternatives Method of encryption based on the attributes comprising a pre-calculation phase

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103281377A (en) * 2013-05-31 2013-09-04 北京鹏宇成软件技术有限公司 Cryptograph data storage and searching method for cloud
WO2017076705A1 (en) * 2015-11-03 2017-05-11 Commissariat A L'energie Atomique Et Aux Energies Alternatives Method of encryption based on the attributes comprising a pre-calculation phase
CN105262843A (en) * 2015-11-12 2016-01-20 武汉理工大学 Data anti-leakage protection method for cloud storage environment
CN106330865A (en) * 2016-08-12 2017-01-11 安徽大学 Attribute-Based Keyword Search Method Supporting Efficient Revocation in Cloud Environment

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
HUI YIN ET AL.: "CP-ABSE: A Ciphertext-Policy Attribute-Based Searchable Encryption Scheme", 《IEEE ACCESS》 *
尹辉: "云计算环境下隐私保护的安全查询技术研究", 《中国博士学位论文全文数据库 信息科技辑》 *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110602099A (en) * 2019-09-16 2019-12-20 广西师范大学 Privacy protection method based on verifiable symmetric searchable encryption
CN111027084A (en) * 2019-12-09 2020-04-17 湖南大学 Fine-grained authorized keyword security query method based on attribute-based encryption
CN112365945A (en) * 2020-10-27 2021-02-12 扬州大学 Block chain-based electronic medical record fine-grained access control and ciphertext searchable method
CN112365945B (en) * 2020-10-27 2024-03-26 扬州大学 Electronic medical record fine granularity access control and ciphertext searchable method based on blockchain
CN113904823A (en) * 2021-09-28 2022-01-07 长沙学院 Constant-level authorization computation complexity attribute base searchable encryption method and system
CN113904823B (en) * 2021-09-28 2024-02-27 长沙学院 Attribute-based searchable encryption method and system for constant-level authorization computation complexity
CN114785592A (en) * 2022-04-21 2022-07-22 中国科学技术大学 Information processing method and device
CN114785592B (en) * 2022-04-21 2023-10-20 中国科学技术大学 Information processing method and device
CN115174568A (en) * 2022-06-23 2022-10-11 南京信息工程大学 Attribute-based ciphertext retrieval method

Similar Documents

Publication Publication Date Title
CN110224986B (en) Efficient searchable access control method based on hidden policy CP-ABE
CN109981643A (en) A kind of inquiry authorization of fine granularity can search for encryption method and system
Xhafa et al. An efficient PHR service system supporting fuzzy keyword search and fine-grained access control
CN109768987A (en) A kind of storage of data file security privacy and sharing method based on block chain
CN107634829A (en) Encrypted electronic medical records system and encryption method can search for based on attribute
WO2022099495A1 (en) Ciphertext search method, system, and device in cloud computing environment
CN109450935A (en) The multi-key word searching method for the Semantic Security that can verify that in cloud storage
CN114826703B (en) Block chain-based data search fine granularity access control method and system
CN103780393B (en) Virtual-desktop security certification system and method facing multiple security levels
CN106656997B (en) One kind being based on the cross-domain friend-making method for secret protection of mobile social networking proxy re-encryption
CN108390855A (en) A kind of attribute base keyword search encryption system and method towards cloud storage
Chaudhari et al. Keysea: Keyword-based search with receiver anonymity in attribute-based searchable encryption
CN110166466A (en) It is a kind of efficiently the multi-user of renewal authority to can search for encryption method and system
CN109740364A (en) The cipher text searching method based on attribute of controllable search permission
Yin et al. A fine-grained authorized keyword secure search scheme with efficient search permission update in cloud computing
Damiani et al. Metadata management in outsourced encrypted databases
Padhya et al. BTG-RKASE: Privacy Preserving Revocable Key Aggregate Searchable Encryption with Fine-grained Multi-delegation & Break-The-Glass Access Control.
Varri et al. Practical verifiable multi-keyword attribute-based searchable signcryption in cloud storage
Ali et al. Provable secure lightweight attribute‐based keyword search for cloud‐based Internet of Things networks
CN109451077A (en) The model that medical cloud search permission is shared
CN111027084A (en) Fine-grained authorized keyword security query method based on attribute-based encryption
Zhang et al. Efficient personalized search over encrypted data for mobile edge-assisted cloud storage
CN116663046A (en) Private data sharing and retrieving method, system and equipment based on blockchain
CN116611083A (en) Medical data sharing method and system
Nie et al. Time‐enabled and verifiable secure search for blockchain‐empowered electronic health record sharing in IoT

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20190705

WD01 Invention patent application deemed withdrawn after publication