CN110602099A - Privacy protection method based on verifiable symmetric searchable encryption - Google Patents

Privacy protection method based on verifiable symmetric searchable encryption Download PDF

Info

Publication number
CN110602099A
CN110602099A CN201910870388.3A CN201910870388A CN110602099A CN 110602099 A CN110602099 A CN 110602099A CN 201910870388 A CN201910870388 A CN 201910870388A CN 110602099 A CN110602099 A CN 110602099A
Authority
CN
China
Prior art keywords
key
server
data
user
omega
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910870388.3A
Other languages
Chinese (zh)
Other versions
CN110602099B (en
Inventor
李先贤
付雪梅
石贞奎
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangxi Normal University
Original Assignee
Guangxi Normal University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangxi Normal University filed Critical Guangxi Normal University
Priority to CN201910870388.3A priority Critical patent/CN110602099B/en
Publication of CN110602099A publication Critical patent/CN110602099A/en
Application granted granted Critical
Publication of CN110602099B publication Critical patent/CN110602099B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • H04L9/3213Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention discloses a privacy protection method based on verifiable symmetric searchable encryption. The data owner encrypts the data by using symmetric encryption and stores the data in the cloud; an authorized user authorized by the data owner can initiate query operation to the cloud server to query the data stored in the cloud; the cloud server feeds back the result of the query to the user, and the user needs to verify the integrity and freshness of the result, wherein the integrity is that whether the check result contains all the results which all the queries should contain, and the freshness is that whether the detection server sends the historical version data result to the user. The invention is a universal, verifiable, safe and symmetrical searchable technical scheme under a three-party model, which can ensure the integrity and freshness of the search query results returned by a server to a user, namely prevent the server from launching replay attack.

Description

Privacy protection method based on verifiable symmetric searchable encryption
Technical Field
The invention relates to the technical field of data privacy protection, in particular to a privacy protection method based on verifiable symmetric searchable encryption.
Background
With the continuous development of internet technology, various data are more and more, and the secure storage of data becomes a focus of research. If a large amount of data is stored locally, the data cannot be flexibly used, so that a large amount of cloud services are promoted. Because of the cloud service, more and more users store data in the cloud, so that the users can access and manage the data at any time and any place. More and more governments, businesses, and individuals are beginning to use cloud storage systems to store a wide variety of files. However, cloud storage also brings various privacy disclosure problems, and according to the report of the Cloud Storage Alliance (CSA), data disclosure is an important problem faced by cloud computing. In the first half of 2016, there were 974 publicly disclosed data leakage events, resulting in the theft of 5.44 billion data records.
For this reason, data uploaded to the cloud needs to be protected so as not to reveal privacy of data of individuals or enterprises. However, if the data is directly encrypted and stored in the cloud, the user loses the operability and the manageability of the data, and the symmetric searchable encryption well solves the problems of the operability and the manageability of the data stored in the cloud. However, the traditional searchable encryption method is based on a symmetric encryption technology, that is, based on a two-party model of a data owner and a server, and assuming that a cloud server is trusted or truthful but curious, such an assumption can be understood that the server follows a relevant protocol, but cannot exclude that the server can deduce relevant contents from a query result of a user and the like, such an assumption is not always true, and cannot guarantee the integrity of data returned by the server to the user, that is, the server returns only a part of the result to the user.
Disclosure of Invention
The invention aims to solve the problem that the traditional searchable encryption method cannot ensure the integrity of data returned to a user by a server, and provides a privacy protection method based on verifiable symmetric searchable encryption.
In order to solve the problems, the invention is realized by the following technical scheme:
the privacy protection method based on the verifiable symmetric searchable encryption comprises the following steps:
step 1, the data owner generates 3 keys k by using a symmetric encryption key generation algorithm1、k2、k3And an asymmetric encryption key generation algorithm a pair of keys (ssk, spk); where ssk denotes a public key and spk denotes a secret key;
step 2, the data owner establishes a data reverse list, and key value pairs are recorded in the data reverse list<ωi,Di>Wherein ω isiRepresenting a keyword, DiThe representation contains a key ωiThe document set of (1);
step 3, for each key-value pair in the reverse list<ωi,Di>:
Data owner utilization based on key k1For the keyword omegaiAfter encryption, the encrypted key word, namely the token Tomega is obtainedi
Data owner first utilizes a key k based key2Respectively for the contained key word omegaiEach document fiEncrypting to obtain encrypted files, encrypting all the encrypted files by using an anti-collision Hash function to obtain an encrypted document set V omegai(ii) a Wherein f isi∈Di
Thereby obtaining an encrypted key-value pair<Tωi,Vωi>;
Step 4, the data owner utilizes all the encrypted key value pairs<Tωi,Vωi>Establishing a B + tree safety index I;
step 5, the data owner performs hash operation on each node from the leaf node to the root node of the B + tree security index I to generate a tree root;
step 6, the data owner firstly utilizes the key k3The symmetric encryption algorithm jointly encrypts the root and the timestamp to obtain an encryptor alpha, and then a private key ssk is used for signing the encryptor alpha to generate a verifier pi;
step 7, data owner utilizes the key k2Is symmetrical toThe encryption algorithm is applied to each keyword omegaiDocument set D ofiAfter encryption, a ciphertext document set is generated
Step 8, the data owner makes the B + tree security index I, the verifier pi and all the ciphertext document setsUploading to a server;
step 9, the data owner sends 3 keys k1、k2、k3And the public key ssk in the key pair to the authorized user;
step 10, when the authorized user wants to search the content of the server-side data owner, the authorized user utilizes the key k1The pseudo-random function treats the query keyword omegai' after encryption, the query token T omega is obtainedi', and will query the token T omegai' upload to server;
step 11, the server uploads a query token T omega according to an authorized useri' inquiring whether the B + tree safety index I corresponding to the data owner contains the inquiry token T omegai′:
If the query token T omega is containedi', the server will search the result, i.e. the query token T omegai' corresponding query ciphertext document setAnd returning the generated proof list p and the proof verifier pi' to the authorized user; wherein proof verifier pi' comprises a verifier associated with a user query time pointAnd verifier pi of update time pointc
Otherwise, the server does not process;
step 12, the authorized user judges according to the returned proof verifier pi' of the serverVerifiers for judging whether search results are the latest data, i.e. for judging decrypted user inquiry time pointAnd a verifier pi of the decrypted update time pointcWhether they are equal: if the data are equal, the search result is the latest data, and step 12 is executed; otherwise, the search result is not the latest data, and the authorized user directly rejects the search result returned by the server;
step 13, authorizing user to use key k first2Query ciphertext document set returned by serverDecrypting to obtain a certificate document set, and then utilizing a secret key k2The pseudo-random function respectively encrypts each document in the decrypted document set to obtain an encrypted file, and then the anti-collision hash function is utilized to encrypt all the encrypted files to obtain an encrypted certificate document set V omegai′;
Step 14, authorizing the user to first verify the document set V omega according to after encryptingi'and the proving list p constructs a B + tree, and then hash operation is carried out on each node from a leaf node to a root node of the B + tree to generate a proving tree root';
step 15, authorizing the user to use the key k3And public key ssk verifier for user query time pointDecrypting to obtain a root' of the verification tree;
step 16, the authorized user judges whether the root 'of the proving tree is consistent with the root' of the verifying tree or not: if the search results are consistent, the search results returned by the server are complete; otherwise, the search results returned by the server are incomplete or malicious.
In the above step 10, the certificate list sent to the authorized user is generated by the server according to the corresponding B + tree security index I except for the token T ωiAnd the other nodes are generated from the leaf node to the root node in sequence.
Compared with the prior art, the verifiable scheme based on the three-party model establishes the index by using the B + tree and verifies the integrity and the freshness of the query result fed back by the server by using the verifier, so that the efficiency is improved, the verifiability of the data is ensured, and the integrity and the freshness of the result fed back to the user by the server can be verified. The invention is a universal, verifiable, safe and symmetrical searchable technical scheme under a three-party model, which can ensure the integrity and freshness of the search query results returned by a server to a user, namely prevent the server from launching replay attack.
Drawings
Fig. 1 is a schematic diagram of a verifiable based symmetric searchable encryption system.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail below with reference to specific examples.
The privacy protection method based on the verifiable symmetric searchable encryption realized based on the system specifically comprises the following steps:
step 1: data owner establishment phase
The data owner generates 3 keys k according to a symmetric encryption key generation algorithm in cryptography1、k2、k3A pair of keys (ssk, spk) (public and private) is generated according to an asymmetric cryptographic key algorithm in cryptography.
The data owner establishes a data reverse list Δ, i.e. the name Identification (ID) of the document to which each keyword corresponds, for example word1 exists document D1、D2For each key, a reverse list delta is created<ωi,Di>Such key-value pairs.
Step 2: data owner initialization phase
(1) For each key ω e Δ, for each key-value pair in the inverted list Δ<ωi,Di>The following calculation is performed:
1○for each keyword omegaiUsing a pseudo-random function F in cryptography and a key k generated during the establishment phase1Computing tokens (tokens) T ω for each keywordiSo as to encrypt the key words, and therefore the server can not learn useful information about the key words from the encrypted key words;
i.e. for each document f contained by each keywordiThe pseudo-random function G in the cryptography is used for calculation, and the anti-collision Hash function IH in the cryptography is used for encryption, so that the server cannot modify the content corresponding to the keyword, and cannot learn the related content of the keyword and the document. Since all results will be different from those generated by the data owner (here f) whenever the server modifies the contentiNot the content of the data, but the name identification of the document). Wherein D ωiIndicates that this keyword ω is includediThe names of all documents.
(2) Using all the calculated encrypted key values<Tωi,Vωi>And constructing the B + tree to establish a B + tree safety index I.
(3) Hashing each node of the B + tree from a leaf node to a root by using a hash function in cryptography to generate a tree root, and generating the verifier by calculating the tree root and the update time stamp tp as follows:
firstly, connecting the root of the B + tree and the time stamp tp in series by using a symmetric encryption algorithm in cryptography, and using a secret key k3Encrypting to obtain an encryptor
Secondly, the encryptor alpha is signed by using ssk private key to obtain the signed encryptor Sigssk(α);
③ the encryptor alpha and the signed encryptor SigsskCombined verifier pi ═ a, Sigssk(α))。
(4)I.e. symmetric encryption algorithm in cryptography will be omegaiCorresponding document DiEncrypting to generate ciphertext document
(5) The data owner generates a B + tree security index I, a generated verifier pi and all encrypted documentsAnd sending to a server (cloud server).
And step 3: user query phase
The data owner will key 3 keys k1、k2、k3And the public key ssk of the key pair to the authorized user.
If a user authorized by the data owner wants to search the contents of the server-side data owner, the user needs to use the contents firstGenerating a queried keyword omegai' query token T omegai', will query for the token T omegai' to the server.
And 4, step 4: search phase for server to respond to user query
(1) Server for user sent query token T omegai' conducting a search query on the content stored in the server by the data owner to carry out tree search on the B + tree security index I, and checking whether the security index I of the B + tree contains T omegai': if there is a return T omegai' corresponding toGiving the user; otherwise, the server returns the query failure to the authorized user.
(2) The server generates a list of certificates p.
The certification list p is generated by the server according to the B + tree index except T omegaiOther nodes, and the proof list p is generated sequentially from the leaf node to the root.
(3) Query token T omegai' corresponding query ciphertext document setAnd returning the generated proof list p and proof verifier pi' to the authorized user.
The proof verifier pi' is composed of two parts: is partly thatNamely, a verifier at a time point of user inquiry; another part iscI.e. the verifier at the update time point. Because the time stamping mechanism is the time interval, π, by which the data owner determines how long to updatecIs the verifier of each update point.
And 5: verification phase of return result of user to server
When the user receives the search result of the server, the result is verified,
(1) it is checked whether the search results are the most recent data, not the historical version of data. First the user passesAndwhere Dec is the decryption algorithm for symmetric encryption in cryptography, see decryption generationAnd alphacWhether they are equal or not is checked for freshness of the data, i.e. is the latest data result. User first checkAnd alphac=(Sigc)spkAnd if so, continuing the following operation, otherwise, directly rejecting the result of the server and proving that the returned result of the server is wrong.
(2) The result of the check is whether all documents containing the key word under check are included, the user being required to verify the list p and p of certificates sent by the serverFirstly, the method is carried outPerforms decryption and then performs correlation calculation according to the following algorithmGeneration of V omegai', then according to V ωi'and the proof list p constructs a B + tree, and then generates a tree root'.
(3) User passingGet the tree root ", then the user compares the user generated root' and root" to see if they are equal: if the equality proves that the data is complete, otherwise the server is malicious or sends partial data results.
Fig. 1 is a verifiable symmetric searchable encryption system based on a data owner-user-cloud server three-party model, which mainly comprises a data owner, a plurality of authorized users and a cloud server. The data owner encrypts the data by using symmetric encryption and stores the data in the cloud; an authorized user authorized by the data owner can initiate query operation to the cloud server to query the data stored in the cloud; the cloud server feeds back the result of the query to the user, and the user needs to verify the integrity and freshness of the result, wherein the integrity is that whether the check result contains all the results which all the queries should contain, and the freshness is that whether the detection server sends the historical version data result to the user.
The data owner stores the encrypted data and the generated index on the cloud server, the index is generated according to key tokens, and each key token has a token corresponding to the key token. When a user inquires, a token needs to be submitted to a server, the server inquires according to the token, then the server returns the inquired result to the user, and finally the user needs to verify the integrity and freshness of the result. In addition, the present invention builds an index using the B + tree, and constructs a verifier using the timestamp and the root of the B + tree. The time stamp expiration is used to detect whether the server has initiated a replay attack, and the root of the tree is used to verify the integrity of the results. The invention is a universal, verifiable, safe and symmetrical searchable technical scheme under a three-party model, which can ensure the integrity and freshness of the search query results returned by a server to a user, namely prevent the server from launching replay attack.
It should be noted that, although the above-mentioned embodiments of the present invention are illustrative, the present invention is not limited thereto, and thus the present invention is not limited to the above-mentioned embodiments. Other embodiments, which can be made by those skilled in the art in light of the teachings of the present invention, are considered to be within the scope of the present invention without departing from its principles.

Claims (2)

1. The privacy protection method based on verifiable symmetric searchable encryption is characterized by comprising the following steps:
step 1, the data owner generates 3 keys k by using a symmetric encryption key generation algorithm1、k2、k3And an asymmetric encryption key generation algorithm a pair of keys (ssk, spk); where ssk denotes a public key and spk denotes a secret key;
step 2, the data owner establishes a data reverse list, and key value pairs are recorded in the data reverse list<ωi,Di>Wherein ω isiRepresenting a keyword, DiThe representation contains a key ωiThe document set of (1);
step 3, for each key-value pair in the reverse list<ωi,Di>:
Data owner utilization based on key k1For the keyword omegaiAfter encryption, the encrypted key word, namely the token Tomega is obtainedi
Data owner first utilizes a key k based key2Respectively for the contained key word omegaiEach document fiEncrypting to obtain encrypted files, encrypting all the encrypted files by using an anti-collision Hash function to obtain an encrypted document set V omegai(ii) a Wherein f isi∈Di
Thereby obtaining an encrypted key-value pair<Tωi,Vωi>;
Step 4, the data owner utilizes all the encrypted key value pairs<Tωi,Vωi>Establishing a B + tree safety index I;
step 5, the data owner performs hash operation on each node from the leaf node to the root node of the B + tree security index I to generate a tree root;
step 6, the data owner firstly utilizes the key k3The symmetric encryption algorithm jointly encrypts the root and the timestamp to obtain an encryptor alpha, and then a private key ssk is used for signing the encryptor alpha to generate a verifier pi;
step 7, data owner utilizes the key k2For each keyword omegaiDocument set D ofiAfter encryption, a ciphertext document set is generated
Step 8, the data owner makes the B + tree security index I, the verifier pi and all the ciphertext document setsUploading to a server;
step 9, the data owner sends 3 keys k1、k2、k3And the public key ssk in the key pair to the authorized user;
step 10, when the authorized user wants to search the content of the server-side data owner, the authorized user utilizes the key k1The pseudo-random function treats the query keyword omegai' after encryption, the query token T omega is obtainedi', and will query the token T omegai' upload to server;
step 11, the server uploads a query token T omega according to an authorized useri' inquiring whether the B + tree safety index I corresponding to the data owner contains the inquiry token T omegai′:
If the query token T omega is containedi', the server will search the result, i.e. the query token T omegai' corresponding query ciphertext document setAnd returning the generated proof list p and the proof verifier pi' to the authorized user; wherein proof verifier pi' comprises a verifier associated with a user query time pointAnd verifier pi of update time pointc
Otherwise, the server does not process;
step 12, the authorized user judges whether the search result is the latest data according to the proof verifier pi' returned by the server, namely, the verifier judges the decrypted user inquiry time pointAnd a verifier pi of the decrypted update time pointcWhether they are equal: if the data are equal, the search result is the latest data, and step 12 is executed; otherwise, the search result is not the latest data, and the authorized user directly rejects the search result returned by the server;
step 13, authorizing user to use key k first2Query ciphertext returned by serverDocument collectionDecrypting to obtain a certificate document set, and then utilizing a secret key k2The pseudo-random function respectively encrypts each document in the decrypted document set to obtain an encrypted file, and then the anti-collision hash function is utilized to encrypt all the encrypted files to obtain an encrypted certificate document set V omegai′;
Step 14, authorizing the user to first verify the document set V omega according to after encryptingi'and the proving list p constructs a B + tree, and then hash operation is carried out on each node from a leaf node to a root node of the B + tree to generate a proving tree root';
step 15, authorizing the user to use the key k3And public key ssk verifier for user query time pointDecrypting to obtain a root' of the verification tree;
step 16, the authorized user judges whether the root 'of the proving tree is consistent with the root' of the verifying tree or not: if the search results are consistent, the search results returned by the server are complete; otherwise, the search results returned by the server are incomplete or malicious.
2. The privacy protection method based on verifiable symmetric searchable encryption according to claim 1, wherein in step 10, the certificate list sent to authorized users is generated by the server according to the corresponding B + tree security index I except for the token T ωiAnd the other nodes are generated from the leaf node to the root node in sequence.
CN201910870388.3A 2019-09-16 2019-09-16 Privacy protection method based on verifiable symmetric searchable encryption Active CN110602099B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910870388.3A CN110602099B (en) 2019-09-16 2019-09-16 Privacy protection method based on verifiable symmetric searchable encryption

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910870388.3A CN110602099B (en) 2019-09-16 2019-09-16 Privacy protection method based on verifiable symmetric searchable encryption

Publications (2)

Publication Number Publication Date
CN110602099A true CN110602099A (en) 2019-12-20
CN110602099B CN110602099B (en) 2021-04-06

Family

ID=68859714

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910870388.3A Active CN110602099B (en) 2019-09-16 2019-09-16 Privacy protection method based on verifiable symmetric searchable encryption

Country Status (1)

Country Link
CN (1) CN110602099B (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111262698A (en) * 2020-02-10 2020-06-09 金陵科技学院 Identity authentication and privacy matching system and method based on SM3/4
CN111651779A (en) * 2020-05-29 2020-09-11 广西师范大学 Privacy protection method for encrypted image retrieval in block chain
CN112416948A (en) * 2020-12-15 2021-02-26 暨南大学 Verifiable gene data outsourcing query protocol and system
CN112800471A (en) * 2021-02-23 2021-05-14 广西师范大学 Countermeasure domain self-adaptive differential privacy protection method in multi-source domain migration
CN112883403A (en) * 2021-03-18 2021-06-01 广西师范大学 Verifiable encrypted image retrieval privacy protection method
CN114201773A (en) * 2021-12-13 2022-03-18 合肥工业大学 SkNN query method and system supporting access time limitation and result verification
CN114547647A (en) * 2022-02-18 2022-05-27 河北大学 Mode protection dynamic searchable encryption method based on differential privacy
CN114710357A (en) * 2022-04-12 2022-07-05 河北大学 Dynamic searchable encryption method supporting block verification in editable block chain
CN114900318A (en) * 2022-06-02 2022-08-12 浙江工商大学 Key agreement protocol and verifiable round-of-communication searchable encryption method

Citations (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7734638B2 (en) * 2004-04-21 2010-06-08 Hitachi, Ltd. File system updating metadata of files according to results of keyword search
CN104038349A (en) * 2014-07-03 2014-09-10 西安电子科技大学 Effective and verifiable public key searching encryption method based on KP-ABE
CN105681280A (en) * 2015-12-29 2016-06-15 西安电子科技大学 Searchable encryption method based on Chinese in cloud environment
US9425967B2 (en) * 2013-03-20 2016-08-23 Industrial Technology Research Institute Method for certificate generation and revocation with privacy preservation
CN106612270A (en) * 2016-05-20 2017-05-03 四川用联信息技术有限公司 Keyword search algorithm based on attribute encryption in cloud computing
CN106815350A (en) * 2017-01-19 2017-06-09 安徽大学 Dynamic ciphertext multi-key word searches for method generally in a kind of cloud environment
US20170359177A1 (en) * 2015-01-12 2017-12-14 University Of Science And Technology Beijing Method and System for Cryptographic Decision-making of Set Membership
CN107547530A (en) * 2017-08-21 2018-01-05 安徽大学 On-line/off-line keyword search methodology and its cloud computing application system based on attribute under mobile cloud environment
CN107918664A (en) * 2017-11-22 2018-04-17 广西师范大学 Community network data difference method for secret protection based on uncertain figure
CN107948146A (en) * 2017-11-20 2018-04-20 武汉科技大学 A kind of connection keyword retrieval method based on encryption attribute in mixed cloud
CN108062485A (en) * 2017-12-15 2018-05-22 北京工业大学 A kind of fuzzy keyword searching method of multi-service oriented device multi-user
CN108092766A (en) * 2017-11-30 2018-05-29 深圳大学 A kind of cipher text searching method for verifying authority and its system
CN109214198A (en) * 2018-08-13 2019-01-15 苏州泥娃软件科技有限公司 A kind of secure cloud document system encrypting search
CN109496403A (en) * 2016-07-25 2019-03-19 罗伯特·博世有限公司 For having the preceding dynamic to privacy and commission verifiability to can search for the method and system of symmetric cryptography
CN109614818A (en) * 2018-11-30 2019-04-12 西南石油大学 The band keyword search encryption method of delegatable identity-based
CN109740364A (en) * 2019-01-04 2019-05-10 大连大学 The cipher text searching method based on attribute of controllable search permission
CN109981643A (en) * 2019-03-26 2019-07-05 长沙学院 A kind of inquiry authorization of fine granularity can search for encryption method and system
CN109992995A (en) * 2019-03-05 2019-07-09 华南理工大学 A kind of protection of support position and inquiry privacy can search for encryption method
US20190281465A1 (en) * 2017-12-04 2019-09-12 Kevin K Moshir Blockchain for validating communications archiving

Patent Citations (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7734638B2 (en) * 2004-04-21 2010-06-08 Hitachi, Ltd. File system updating metadata of files according to results of keyword search
US9425967B2 (en) * 2013-03-20 2016-08-23 Industrial Technology Research Institute Method for certificate generation and revocation with privacy preservation
CN104038349A (en) * 2014-07-03 2014-09-10 西安电子科技大学 Effective and verifiable public key searching encryption method based on KP-ABE
US20170359177A1 (en) * 2015-01-12 2017-12-14 University Of Science And Technology Beijing Method and System for Cryptographic Decision-making of Set Membership
CN105681280A (en) * 2015-12-29 2016-06-15 西安电子科技大学 Searchable encryption method based on Chinese in cloud environment
CN106612270A (en) * 2016-05-20 2017-05-03 四川用联信息技术有限公司 Keyword search algorithm based on attribute encryption in cloud computing
CN109496403A (en) * 2016-07-25 2019-03-19 罗伯特·博世有限公司 For having the preceding dynamic to privacy and commission verifiability to can search for the method and system of symmetric cryptography
CN106815350A (en) * 2017-01-19 2017-06-09 安徽大学 Dynamic ciphertext multi-key word searches for method generally in a kind of cloud environment
CN107547530A (en) * 2017-08-21 2018-01-05 安徽大学 On-line/off-line keyword search methodology and its cloud computing application system based on attribute under mobile cloud environment
CN107948146A (en) * 2017-11-20 2018-04-20 武汉科技大学 A kind of connection keyword retrieval method based on encryption attribute in mixed cloud
CN107918664A (en) * 2017-11-22 2018-04-17 广西师范大学 Community network data difference method for secret protection based on uncertain figure
CN108092766A (en) * 2017-11-30 2018-05-29 深圳大学 A kind of cipher text searching method for verifying authority and its system
US20190281465A1 (en) * 2017-12-04 2019-09-12 Kevin K Moshir Blockchain for validating communications archiving
CN108062485A (en) * 2017-12-15 2018-05-22 北京工业大学 A kind of fuzzy keyword searching method of multi-service oriented device multi-user
CN109214198A (en) * 2018-08-13 2019-01-15 苏州泥娃软件科技有限公司 A kind of secure cloud document system encrypting search
CN109614818A (en) * 2018-11-30 2019-04-12 西南石油大学 The band keyword search encryption method of delegatable identity-based
CN109740364A (en) * 2019-01-04 2019-05-10 大连大学 The cipher text searching method based on attribute of controllable search permission
CN109992995A (en) * 2019-03-05 2019-07-09 华南理工大学 A kind of protection of support position and inquiry privacy can search for encryption method
CN109981643A (en) * 2019-03-26 2019-07-05 长沙学院 A kind of inquiry authorization of fine granularity can search for encryption method and system

Non-Patent Citations (6)

* Cited by examiner, † Cited by third party
Title
JINGHUA JIANG: "Towards Secure and Practical Targeted Mobile", 《2015 IEEE CONFERENCE ON COMPUTER COMMUNICATIONS WORKSHOPS》 *
MENG WU: "A Privacy Preserving Public-key Searchable", 《2018 INTERNATIONAL COMPUTERS,SIGNALS AND SYSTEMS CONFERENCE》 *
PENG LIU: "Randomized Perturbation for Privacy-preserving", 《2017 IEEE INTERNATIONAL CONFERENCE ON BIG KNOWLEDGE》 *
RONGMAO CHEN: "Dual-Server Public-Key Encryption With Keyword Search for Secure Cloud Storage", 《IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY》 *
王金艳: "差分隐私的数据流关键模式挖掘方法", 《软件学报》 *
董晓蕾: "可搜索加密研究进展", 《计算机研究与发展》 *

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111262698A (en) * 2020-02-10 2020-06-09 金陵科技学院 Identity authentication and privacy matching system and method based on SM3/4
CN111651779B (en) * 2020-05-29 2022-03-18 广西师范大学 Privacy protection method for encrypted image retrieval in block chain
CN111651779A (en) * 2020-05-29 2020-09-11 广西师范大学 Privacy protection method for encrypted image retrieval in block chain
CN112416948A (en) * 2020-12-15 2021-02-26 暨南大学 Verifiable gene data outsourcing query protocol and system
CN112800471A (en) * 2021-02-23 2021-05-14 广西师范大学 Countermeasure domain self-adaptive differential privacy protection method in multi-source domain migration
CN112800471B (en) * 2021-02-23 2022-04-22 广西师范大学 Countermeasure domain self-adaptive differential privacy protection method in multi-source domain migration
CN112883403A (en) * 2021-03-18 2021-06-01 广西师范大学 Verifiable encrypted image retrieval privacy protection method
CN114201773A (en) * 2021-12-13 2022-03-18 合肥工业大学 SkNN query method and system supporting access time limitation and result verification
CN114201773B (en) * 2021-12-13 2024-02-13 合肥工业大学 SkNN query method and system supporting access time limitation and verifiable result
CN114547647A (en) * 2022-02-18 2022-05-27 河北大学 Mode protection dynamic searchable encryption method based on differential privacy
CN114547647B (en) * 2022-02-18 2024-04-12 河北大学 Differential privacy-based mode protection dynamic searchable encryption method
CN114710357A (en) * 2022-04-12 2022-07-05 河北大学 Dynamic searchable encryption method supporting block verification in editable block chain
CN114710357B (en) * 2022-04-12 2023-07-21 河北大学 Dynamic searchable encryption method supporting block verification in editable blockchain
CN114900318A (en) * 2022-06-02 2022-08-12 浙江工商大学 Key agreement protocol and verifiable round-of-communication searchable encryption method
CN114900318B (en) * 2022-06-02 2024-04-19 浙江工商大学 One-round communication searchable encryption method based on key negotiation protocol and verifiable

Also Published As

Publication number Publication date
CN110602099B (en) 2021-04-06

Similar Documents

Publication Publication Date Title
CN110602099B (en) Privacy protection method based on verifiable symmetric searchable encryption
Aujla et al. SecSVA: secure storage, verification, and auditing of big data in the cloud environment
CN108292402B (en) Determination of a common secret and hierarchical deterministic keys for the secure exchange of information
CN109614818B (en) Authorized identity-based keyword search encryption method
CN110213042A (en) A kind of cloud data duplicate removal method based on no certification agency re-encryption
CA2497561A1 (en) Method and system of securely escrowing private keys in a public key infrastructure
CN110851848B (en) Privacy protection method for symmetric searchable encryption
CN109949035B (en) Block chain data privacy control method, device and system
CN112532650A (en) Block chain-based multi-backup safe deletion method and system
CN115021903A (en) Electronic medical record sharing method and system based on block chain
CN110188545B (en) Data encryption method and device based on chained database
Abo-Alian et al. Auditing-as-a-service for cloud storage
CN117454440A (en) Technology archive authentication method and intelligent management system based on traceable digital signature technology
CN116366259A (en) Public verifiable Boolean search system and method for ciphertext data
Bharat et al. A Secured and Authorized Data Deduplication in Hybrid Cloud with Public Auditing
CN113656818B (en) Trusted-free third party cloud storage ciphertext deduplication method and system meeting semantic security
Yi et al. Distributed data possession provable in cloud
US20220020010A1 (en) Decentralized electronic contract attestation platform
Ma et al. Secure and Efficient Cloud Data Deduplication Supporting Dynamic Data Public Auditing.
Hu A data integrity verification scheme of deduplication for cloud ciphertexts
CN113065146A (en) Homomorphic encryption method for block chain data protection
Lu et al. A study of two-way authentication for decentralized network identities
Yang et al. Identity-based multi-replicas data public audit scheme
Venkatesh et al. Secure authorised deduplication by using hybrid cloud approach
Deng et al. An encrypted file deduplication scheme with permission in cloud storage

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant