CN111444140A - CPBE-based file ciphertext fast searching method - Google Patents

CPBE-based file ciphertext fast searching method Download PDF

Info

Publication number
CN111444140A
CN111444140A CN202010214663.9A CN202010214663A CN111444140A CN 111444140 A CN111444140 A CN 111444140A CN 202010214663 A CN202010214663 A CN 202010214663A CN 111444140 A CN111444140 A CN 111444140A
Authority
CN
China
Prior art keywords
search
file
trapdoor
index
calculating
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010214663.9A
Other languages
Chinese (zh)
Inventor
黄杰
吴远兮
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Southeast University
Original Assignee
Southeast University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Southeast University filed Critical Southeast University
Priority to CN202010214663.9A priority Critical patent/CN111444140A/en
Publication of CN111444140A publication Critical patent/CN111444140A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/13File access structures, e.g. distributed indices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/14Details of searching files based on file metadata
    • G06F16/148File search processing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Abstract

The invention discloses a file ciphertext fast search method based on CPBE, firstly, initializing a system and generating a system public parameter; secondly, the file generating equipment generates a file searching index according to the file attribute set and sends the file searching index to a searching server; then, the searching user generates a file searching trapdoor according to the searching attribute set and sends the file searching trapdoor to a searching server; and finally, the search server operates a search algorithm according to the search index and the search trapdoor to judge whether the file attribute set contains the search attribute set. The invention adopts an attribute-based encryption technology, integrates different attribute keywords through bilinear mapping, and provides a ciphertext search algorithm which is efficient and supports multi-attribute search.

Description

CPBE-based file ciphertext fast searching method
Technical Field
The invention relates to a CPBE-based file ciphertext fast searching method, and belongs to the technical field of searchable encryption.
Background
In 2000, Song et al proposed a searchable encryption concept and received widespread attention in academia. The meaning of searchable encryption is that the user sends encrypted data to a specific server, the server performs matching search on a search certificate and each encrypted file, and if matching is completed, the encrypted file is returned to the user. In the process of searching the ciphertext file, the server cannot acquire any information of the plaintext of the file. The searchable encryption technology requires the server to perform data memorability search on the ciphertext without decrypting the ciphertext, so that the confidentiality of the file is guaranteed while the search is performed. The searchable encryption technology essentially belongs to the function encryption technology, and the ciphertext generated by the searchable encryption technology is the function in the function encryption.
Although the searchable scheme at the time can complete a certain ciphertext search function, fine-grained access control is not supported. In addition, the retrieval efficiency of ciphertext search work completed through the public key cryptography is too low, and great expense is caused to the system, so that the students of cryptography introduce an attribute-based encryption mechanism to complete the ciphertext search work, and the performance of ciphertext search is improved through the characteristics of flexibility of attribute-based encryption and fine-grained access control.
Students introduce attribute-based encryption technology into searchable encryption technology, and fine-grained access control function is brought to the searchable encryption technology. However, the searchable encryption technology based on attribute-based encryption has high computational complexity, requires high computational performance of computing equipment, and is difficult to apply to the internet of things. In addition, the searchable encryption technology based on attribute-based encryption is difficult to perform multi-keyword search, and further design of an algorithm is required.
With the high-speed development of the ciphertext search technology, the ciphertext search not only ensures the privacy of the user, but also improves the retrieval efficiency of the user, and is gradually suitable for the current cloud era. However, to apply the searchable encryption technology to practical applications more widely, the algorithm needs to be applied to more scenes to achieve more functions.
Disclosure of Invention
The purpose of the invention is as follows: the invention provides a method for quickly searching a file Ciphertext based on CPABE (i.e. Ciphertext-Policy Attribute based encryption (CP-ABE) technology, wherein Chinese paraphrase is based on a Ciphertext strategy).
The technical scheme is as follows: the invention relates to a CPBE-based file ciphertext rapid searching method, which comprises the following steps of:
(1) initializing a system, and outputting a system public parameter PM and a master key MSK;
(2) generating a file search index, and calculating and outputting a search index In of the file;
(3) generating a file search trap door, and calculating and outputting a search trap door Tr of the search keyword set;
(4) and searching a file keyword set according to the search index and the search trapdoor.
Further, the specific method for calculating and outputting the search index In of the file In step (2) is as follows:
document keyword collection
Figure BDA0002423982590000021
A subset of a set of user attributes that is an encrypted user;
an m-th order polynomial is constructed using the random numbers a and k in the master key MSK:
g(x)=a·(x-H(w1)(x-H(w2)…(x-H(wm))+k
=amxm+am-1xm-1+…a1x+a0
aiis a polynomial in which xiFor coefficient of (2) of
Figure BDA0002423982590000022
Each attribute calculates a corresponding index member parameter Fi
Figure BDA0002423982590000023
Wherein g is bilinear mapping generation element in the public parameter, c is parameter value in the main key, and the index is calculated to generate parameter W:
W=gck
generating search index In ═ { W, F1,F2,…,Fm}。
Further, the specific method for calculating and outputting the search trapdoor Tr of the search keyword set in the step (3) is as follows:
search keyword set
Figure BDA0002423982590000024
The method is a subset of a user attribute set of a search user, and the user uses an attribute value required to be searched by the user as a search keyword set to generate a corresponding search trapdoor:
selecting a bilinear map ZpRandom number d in the domain, for each i ∈ {0,1, …, m } in the search keyword set, calculating the corresponding trapdoor member parameter Hi
Figure BDA0002423982590000025
And simultaneously calculating a trapdoor generation parameter T:
T=hdt
generating search trapdoor Tr ═ T, H1,H2,…,Hm}。
Further, the step (4) comprises the steps of:
(41) the system inputs a search trapdoor Tr and a search index In a server;
(42) calculating search algorithm parameters E1,E2
Figure BDA0002423982590000026
(43) Calculating search result S ═ E1/E2
Drawings
FIG. 1 is a flow chart of the present invention.
FIG. 2 is a flow diagram of search index generation.
FIG. 3 is a flow chart of search trapdoors generation
Fig. 4 is a ciphertext search flow diagram.
Detailed Description
The invention will be further described with reference to the accompanying drawings. As shown in fig. 1, the present invention comprises the steps of:
step 1, system initialization: running Algorithm 1λObtaining a set of bilinear mapping parameters:
Figure BDA0002423982590000031
choose one-way hash function H: {0,1} → ZpThe generated public parameters are:
Figure BDA0002423982590000032
three random numbers a, c, k ∈ Z are selectedpThe master key is saved as follows:
MSK=(a,c,k)
step 2, generating a file search index: document keyword collection
Figure BDA0002423982590000033
In order to encrypt the subset of the user attribute set of the user, the user encrypts the file attributes as search keys to generate search index values. An m-th order polynomial is constructed using the random numbers a and k in the master key MSK:
g(x)=a·(x-H(w1)(x-H(w2)…(x-H(wm))+k
=amxm+am-1xm-1+…a1x+a0
for each i ∈ {0,1, …, m }, a corresponding index member parameter F is computedi
Figure BDA0002423982590000034
And simultaneously calculating an index generation parameter W:
W=gck
constructing a search index In as:
In={W,F1,F2,…,Fm}
a search index generation flow diagram is shown in fig. 2.
Step 3, searching filesAnd (3) trap door generation: search user using search keyword set
Figure BDA0002423982590000035
And generating a search trapdoor. Search keyword set
Figure BDA0002423982590000036
The method is a subset of a user attribute set of a search user, and the user uses an attribute value required to be searched by the user as a search keyword set to generate a corresponding search trapdoor.
Selecting a random number d ∈ ZpFor each i ∈ {0,1, …, m } in the set of search keywords, the corresponding trapdoor member parameter H is computedi
Figure BDA0002423982590000041
And simultaneously calculating a trapdoor generation parameter T:
T=hdt
the search trapdoor is constructed as follows:
Tr={T,H1,H2,…,Hm}
the search trapdoor generation flow chart is shown in fig. 3.
And 4, ciphertext search: the search server receives a search request and a search trapdoor Tr from a user, calculates whether a keyword set matched with the search trapdoor is contained in a keyword set of a search index, and returns a unique identification number of a file corresponding to the index value if the keyword set is contained in the keyword set of the search index. The system inputs a search trapdoor Tr and a search index In a server, and calculates a search algorithm parameter E1,E2
Figure BDA0002423982590000042
E2=e(W,T)
The search results are calculated as:
Figure BDA0002423982590000043
if the search result S is 1, the index value contains a keyword set of the search trapdoors, the file corresponding to the index accords with the search condition, and the search server sends the unique file identification number corresponding to the index value to a search user; if S is 0, the keyword set in the index value is not matched with the keyword set in the search trapdoor, and the file does not meet the search requirement.
The ciphertext search flow diagram is shown in fig. 4.
The technical means disclosed by the invention are not limited to the technical means disclosed by the technical means, and also comprise technical schemes formed by equivalent replacement of the technical features. The present invention is not limited to the details given herein, but is within the ordinary knowledge of those skilled in the art.

Claims (4)

1. A CPBE-based file ciphertext fast searching method is characterized by comprising the following steps:
(1) initializing a system, and outputting a system public parameter PM and a master key MSK;
(2) generating a file search index, and calculating and outputting a search index In of the file;
(3) generating a file search trap door, and calculating and outputting a search trap door Tr of the search keyword set;
(4) and searching a file keyword set according to the search index and the search trapdoor.
2. The CPBE-based file ciphertext fast-search method according to claim 1, wherein the specific method for calculating and outputting the search index In of the file In step (2) is as follows:
document keyword collection
Figure FDA0002423982580000011
A subset of a set of user attributes that is an encrypted user;
an m-th order polynomial is constructed using the random numbers a and k in the master key MSK:
g(x)=a·(x-H(w1)(x-H(w2)…(x-H(wm))+k
=amxm+am-1xm-1+…a1x+a0
aiis a polynomial in which xiFor coefficient of (2) of
Figure FDA0002423982580000012
Each attribute calculates a corresponding index member parameter Fi
Figure FDA0002423982580000013
Wherein g is bilinear mapping generation element in the public parameter, c is parameter value in the main key, and the index is calculated to generate parameter W:
W=gck
generating search index In ═ { W, F1,F2,…,Fm}。
3. The CPBE-based file ciphertext fast search method according to claim 1, wherein the specific method for calculating and outputting the search trapdoor Tr of the search keyword set in the step (3) is as follows:
search keyword set
Figure FDA0002423982580000014
The method is a subset of a user attribute set of a search user, and the user uses an attribute value required to be searched by the user as a search keyword set to generate a corresponding search trapdoor:
selecting a bilinear map ZpRandom number d in the domain, for each i ∈ {0,1, …, m } in the search keyword set, calculating the corresponding trapdoor member parameter Hi
Figure FDA0002423982580000015
And simultaneously calculating a trapdoor generation parameter T:
T=hdt
generating search trapdoor Tr ═ T, H1,H2,…,Hm}。
4. The CPBE-based file ciphertext fast searching method according to claim 1, wherein the step (4) comprises the steps of:
(41) the system inputs a search trapdoor Tr and a search index In a server;
(42) calculating search algorithm parameters E1,E2
Figure FDA0002423982580000021
(43) Calculating search result S ═ E1/E2
CN202010214663.9A 2020-03-24 2020-03-24 CPBE-based file ciphertext fast searching method Pending CN111444140A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010214663.9A CN111444140A (en) 2020-03-24 2020-03-24 CPBE-based file ciphertext fast searching method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010214663.9A CN111444140A (en) 2020-03-24 2020-03-24 CPBE-based file ciphertext fast searching method

Publications (1)

Publication Number Publication Date
CN111444140A true CN111444140A (en) 2020-07-24

Family

ID=71629504

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010214663.9A Pending CN111444140A (en) 2020-03-24 2020-03-24 CPBE-based file ciphertext fast searching method

Country Status (1)

Country Link
CN (1) CN111444140A (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105871543A (en) * 2016-03-29 2016-08-17 西安电子科技大学 Attribute-based multi-keyword ciphertext retrieval method under background of multiple data owners
CN108062485A (en) * 2017-12-15 2018-05-22 北京工业大学 A kind of fuzzy keyword searching method of multi-service oriented device multi-user
CN110224986A (en) * 2019-05-07 2019-09-10 电子科技大学 It is a kind of that access control method efficiently can search for based on hiding strategy CP-ABE

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105871543A (en) * 2016-03-29 2016-08-17 西安电子科技大学 Attribute-based multi-keyword ciphertext retrieval method under background of multiple data owners
CN108062485A (en) * 2017-12-15 2018-05-22 北京工业大学 A kind of fuzzy keyword searching method of multi-service oriented device multi-user
CN110224986A (en) * 2019-05-07 2019-09-10 电子科技大学 It is a kind of that access control method efficiently can search for based on hiding strategy CP-ABE

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
宋衍: "基于属性的云存储访问控制与密文搜索研究" *

Similar Documents

Publication Publication Date Title
CN107480163B (en) Efficient ciphertext image retrieval method supporting privacy protection in cloud environment
CN110224986B (en) Efficient searchable access control method based on hidden policy CP-ABE
Li et al. Enabling fine-grained multi-keyword search supporting classified sub-dictionaries over encrypted cloud data
CN106803784B (en) Lattice-based multi-user fuzzy searchable encryption method in secure multimedia cloud storage
CN109543061B (en) Encrypted image retrieval method supporting multiple keys
CN111556495B (en) Multi-user searchable encryption method and encryption system in Internet of vehicles environment
CN111143471B (en) Ciphertext retrieval method based on blockchain
CN111026788B (en) Homomorphic encryption-based multi-keyword ciphertext ordering and retrieving method in hybrid cloud
CN109361644B (en) Fuzzy attribute based encryption method supporting rapid search and decryption
WO2022099495A1 (en) Ciphertext search method, system, and device in cloud computing environment
CN108111587B (en) Cloud storage searching method based on time release
CN112332979B (en) Ciphertext search method, system and equipment in cloud computing environment
CN110035067B (en) Attribute encryption method supporting efficient data deduplication and attribute revocation in cloud storage
CN110908959A (en) Dynamic searchable encryption method supporting multi-keyword and result sorting
CN107766739B (en) Phrase retrieval method and device for encrypted text data
CN109088719A (en) Outsourced database multi-key word can verify that cipher text searching method, data processing system
CN112543099A (en) Certificateless searchable encryption method based on edge calculation
CN114244498A (en) Dynamic searchable public key encryption method with forward security
CN113067702A (en) Identity-based encryption method supporting ciphertext equivalence test function
CN111339539A (en) Efficient encrypted image retrieval method under multi-user environment
CN115438230A (en) Safe and efficient dynamic encrypted cloud data multidimensional range query method
CN114142996B (en) Searchable encryption method based on SM9 cryptographic algorithm
Li et al. Multi-keyword fuzzy search over encrypted cloud storage data
CN114021006A (en) Multi-dimensional data security query method and device
CN113992397A (en) Efficient public key encryption method supporting differential equation test

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination