CN111444140A - CPBE-based file ciphertext fast searching method - Google Patents
CPBE-based file ciphertext fast searching method Download PDFInfo
- Publication number
- CN111444140A CN111444140A CN202010214663.9A CN202010214663A CN111444140A CN 111444140 A CN111444140 A CN 111444140A CN 202010214663 A CN202010214663 A CN 202010214663A CN 111444140 A CN111444140 A CN 111444140A
- Authority
- CN
- China
- Prior art keywords
- search
- file
- trapdoor
- index
- calculating
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/13—File access structures, e.g. distributed indices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/14—Details of searching files based on file metadata
- G06F16/148—File search processing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Abstract
The invention discloses a file ciphertext fast search method based on CPBE, firstly, initializing a system and generating a system public parameter; secondly, the file generating equipment generates a file searching index according to the file attribute set and sends the file searching index to a searching server; then, the searching user generates a file searching trapdoor according to the searching attribute set and sends the file searching trapdoor to a searching server; and finally, the search server operates a search algorithm according to the search index and the search trapdoor to judge whether the file attribute set contains the search attribute set. The invention adopts an attribute-based encryption technology, integrates different attribute keywords through bilinear mapping, and provides a ciphertext search algorithm which is efficient and supports multi-attribute search.
Description
Technical Field
The invention relates to a CPBE-based file ciphertext fast searching method, and belongs to the technical field of searchable encryption.
Background
In 2000, Song et al proposed a searchable encryption concept and received widespread attention in academia. The meaning of searchable encryption is that the user sends encrypted data to a specific server, the server performs matching search on a search certificate and each encrypted file, and if matching is completed, the encrypted file is returned to the user. In the process of searching the ciphertext file, the server cannot acquire any information of the plaintext of the file. The searchable encryption technology requires the server to perform data memorability search on the ciphertext without decrypting the ciphertext, so that the confidentiality of the file is guaranteed while the search is performed. The searchable encryption technology essentially belongs to the function encryption technology, and the ciphertext generated by the searchable encryption technology is the function in the function encryption.
Although the searchable scheme at the time can complete a certain ciphertext search function, fine-grained access control is not supported. In addition, the retrieval efficiency of ciphertext search work completed through the public key cryptography is too low, and great expense is caused to the system, so that the students of cryptography introduce an attribute-based encryption mechanism to complete the ciphertext search work, and the performance of ciphertext search is improved through the characteristics of flexibility of attribute-based encryption and fine-grained access control.
Students introduce attribute-based encryption technology into searchable encryption technology, and fine-grained access control function is brought to the searchable encryption technology. However, the searchable encryption technology based on attribute-based encryption has high computational complexity, requires high computational performance of computing equipment, and is difficult to apply to the internet of things. In addition, the searchable encryption technology based on attribute-based encryption is difficult to perform multi-keyword search, and further design of an algorithm is required.
With the high-speed development of the ciphertext search technology, the ciphertext search not only ensures the privacy of the user, but also improves the retrieval efficiency of the user, and is gradually suitable for the current cloud era. However, to apply the searchable encryption technology to practical applications more widely, the algorithm needs to be applied to more scenes to achieve more functions.
Disclosure of Invention
The purpose of the invention is as follows: the invention provides a method for quickly searching a file Ciphertext based on CPABE (i.e. Ciphertext-Policy Attribute based encryption (CP-ABE) technology, wherein Chinese paraphrase is based on a Ciphertext strategy).
The technical scheme is as follows: the invention relates to a CPBE-based file ciphertext rapid searching method, which comprises the following steps of:
(1) initializing a system, and outputting a system public parameter PM and a master key MSK;
(2) generating a file search index, and calculating and outputting a search index In of the file;
(3) generating a file search trap door, and calculating and outputting a search trap door Tr of the search keyword set;
(4) and searching a file keyword set according to the search index and the search trapdoor.
Further, the specific method for calculating and outputting the search index In of the file In step (2) is as follows:
an m-th order polynomial is constructed using the random numbers a and k in the master key MSK:
g(x)=a·(x-H(w1)(x-H(w2)…(x-H(wm))+k
=amxm+am-1xm-1+…a1x+a0
aiis a polynomial in which xiFor coefficient of (2) ofEach attribute calculates a corresponding index member parameter Fi:
Wherein g is bilinear mapping generation element in the public parameter, c is parameter value in the main key, and the index is calculated to generate parameter W:
W=gck
generating search index In ═ { W, F1,F2,…,Fm}。
Further, the specific method for calculating and outputting the search trapdoor Tr of the search keyword set in the step (3) is as follows:
search keyword setThe method is a subset of a user attribute set of a search user, and the user uses an attribute value required to be searched by the user as a search keyword set to generate a corresponding search trapdoor:
selecting a bilinear map ZpRandom number d in the domain, for each i ∈ {0,1, …, m } in the search keyword set, calculating the corresponding trapdoor member parameter Hi:
And simultaneously calculating a trapdoor generation parameter T:
T=hdt
generating search trapdoor Tr ═ T, H1,H2,…,Hm}。
Further, the step (4) comprises the steps of:
(41) the system inputs a search trapdoor Tr and a search index In a server;
(42) calculating search algorithm parameters E1,E2:
(43) Calculating search result S ═ E1/E2。
Drawings
FIG. 1 is a flow chart of the present invention.
FIG. 2 is a flow diagram of search index generation.
FIG. 3 is a flow chart of search trapdoors generation
Fig. 4 is a ciphertext search flow diagram.
Detailed Description
The invention will be further described with reference to the accompanying drawings. As shown in fig. 1, the present invention comprises the steps of:
step 1, system initialization: running Algorithm 1λObtaining a set of bilinear mapping parameters:
choose one-way hash function H: {0,1} → ZpThe generated public parameters are:
three random numbers a, c, k ∈ Z are selectedpThe master key is saved as follows:
MSK=(a,c,k)
step 2, generating a file search index: document keyword collectionIn order to encrypt the subset of the user attribute set of the user, the user encrypts the file attributes as search keys to generate search index values. An m-th order polynomial is constructed using the random numbers a and k in the master key MSK:
g(x)=a·(x-H(w1)(x-H(w2)…(x-H(wm))+k
=amxm+am-1xm-1+…a1x+a0
for each i ∈ {0,1, …, m }, a corresponding index member parameter F is computedi:
And simultaneously calculating an index generation parameter W:
W=gck
constructing a search index In as:
In={W,F1,F2,…,Fm}
a search index generation flow diagram is shown in fig. 2.
Step 3, searching filesAnd (3) trap door generation: search user using search keyword setAnd generating a search trapdoor. Search keyword setThe method is a subset of a user attribute set of a search user, and the user uses an attribute value required to be searched by the user as a search keyword set to generate a corresponding search trapdoor.
Selecting a random number d ∈ ZpFor each i ∈ {0,1, …, m } in the set of search keywords, the corresponding trapdoor member parameter H is computedi:
And simultaneously calculating a trapdoor generation parameter T:
T=hdt
the search trapdoor is constructed as follows:
Tr={T,H1,H2,…,Hm}
the search trapdoor generation flow chart is shown in fig. 3.
And 4, ciphertext search: the search server receives a search request and a search trapdoor Tr from a user, calculates whether a keyword set matched with the search trapdoor is contained in a keyword set of a search index, and returns a unique identification number of a file corresponding to the index value if the keyword set is contained in the keyword set of the search index. The system inputs a search trapdoor Tr and a search index In a server, and calculates a search algorithm parameter E1,E2:
E2=e(W,T)
The search results are calculated as:
if the search result S is 1, the index value contains a keyword set of the search trapdoors, the file corresponding to the index accords with the search condition, and the search server sends the unique file identification number corresponding to the index value to a search user; if S is 0, the keyword set in the index value is not matched with the keyword set in the search trapdoor, and the file does not meet the search requirement.
The ciphertext search flow diagram is shown in fig. 4.
The technical means disclosed by the invention are not limited to the technical means disclosed by the technical means, and also comprise technical schemes formed by equivalent replacement of the technical features. The present invention is not limited to the details given herein, but is within the ordinary knowledge of those skilled in the art.
Claims (4)
1. A CPBE-based file ciphertext fast searching method is characterized by comprising the following steps:
(1) initializing a system, and outputting a system public parameter PM and a master key MSK;
(2) generating a file search index, and calculating and outputting a search index In of the file;
(3) generating a file search trap door, and calculating and outputting a search trap door Tr of the search keyword set;
(4) and searching a file keyword set according to the search index and the search trapdoor.
2. The CPBE-based file ciphertext fast-search method according to claim 1, wherein the specific method for calculating and outputting the search index In of the file In step (2) is as follows:
an m-th order polynomial is constructed using the random numbers a and k in the master key MSK:
g(x)=a·(x-H(w1)(x-H(w2)…(x-H(wm))+k
=amxm+am-1xm-1+…a1x+a0
aiis a polynomial in which xiFor coefficient of (2) ofEach attribute calculates a corresponding index member parameter Fi:
Wherein g is bilinear mapping generation element in the public parameter, c is parameter value in the main key, and the index is calculated to generate parameter W:
W=gck
generating search index In ═ { W, F1,F2,…,Fm}。
3. The CPBE-based file ciphertext fast search method according to claim 1, wherein the specific method for calculating and outputting the search trapdoor Tr of the search keyword set in the step (3) is as follows:
search keyword setThe method is a subset of a user attribute set of a search user, and the user uses an attribute value required to be searched by the user as a search keyword set to generate a corresponding search trapdoor:
selecting a bilinear map ZpRandom number d in the domain, for each i ∈ {0,1, …, m } in the search keyword set, calculating the corresponding trapdoor member parameter Hi:
And simultaneously calculating a trapdoor generation parameter T:
T=hdt
generating search trapdoor Tr ═ T, H1,H2,…,Hm}。
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010214663.9A CN111444140A (en) | 2020-03-24 | 2020-03-24 | CPBE-based file ciphertext fast searching method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010214663.9A CN111444140A (en) | 2020-03-24 | 2020-03-24 | CPBE-based file ciphertext fast searching method |
Publications (1)
Publication Number | Publication Date |
---|---|
CN111444140A true CN111444140A (en) | 2020-07-24 |
Family
ID=71629504
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010214663.9A Pending CN111444140A (en) | 2020-03-24 | 2020-03-24 | CPBE-based file ciphertext fast searching method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111444140A (en) |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105871543A (en) * | 2016-03-29 | 2016-08-17 | 西安电子科技大学 | Attribute-based multi-keyword ciphertext retrieval method under background of multiple data owners |
CN108062485A (en) * | 2017-12-15 | 2018-05-22 | 北京工业大学 | A kind of fuzzy keyword searching method of multi-service oriented device multi-user |
CN110224986A (en) * | 2019-05-07 | 2019-09-10 | 电子科技大学 | It is a kind of that access control method efficiently can search for based on hiding strategy CP-ABE |
-
2020
- 2020-03-24 CN CN202010214663.9A patent/CN111444140A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105871543A (en) * | 2016-03-29 | 2016-08-17 | 西安电子科技大学 | Attribute-based multi-keyword ciphertext retrieval method under background of multiple data owners |
CN108062485A (en) * | 2017-12-15 | 2018-05-22 | 北京工业大学 | A kind of fuzzy keyword searching method of multi-service oriented device multi-user |
CN110224986A (en) * | 2019-05-07 | 2019-09-10 | 电子科技大学 | It is a kind of that access control method efficiently can search for based on hiding strategy CP-ABE |
Non-Patent Citations (1)
Title |
---|
宋衍: "基于属性的云存储访问控制与密文搜索研究" * |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107480163B (en) | Efficient ciphertext image retrieval method supporting privacy protection in cloud environment | |
CN110224986B (en) | Efficient searchable access control method based on hidden policy CP-ABE | |
Li et al. | Enabling fine-grained multi-keyword search supporting classified sub-dictionaries over encrypted cloud data | |
CN106803784B (en) | Lattice-based multi-user fuzzy searchable encryption method in secure multimedia cloud storage | |
CN109543061B (en) | Encrypted image retrieval method supporting multiple keys | |
CN111556495B (en) | Multi-user searchable encryption method and encryption system in Internet of vehicles environment | |
CN111143471B (en) | Ciphertext retrieval method based on blockchain | |
CN111026788B (en) | Homomorphic encryption-based multi-keyword ciphertext ordering and retrieving method in hybrid cloud | |
CN109361644B (en) | Fuzzy attribute based encryption method supporting rapid search and decryption | |
WO2022099495A1 (en) | Ciphertext search method, system, and device in cloud computing environment | |
CN108111587B (en) | Cloud storage searching method based on time release | |
CN112332979B (en) | Ciphertext search method, system and equipment in cloud computing environment | |
CN110035067B (en) | Attribute encryption method supporting efficient data deduplication and attribute revocation in cloud storage | |
CN110908959A (en) | Dynamic searchable encryption method supporting multi-keyword and result sorting | |
CN107766739B (en) | Phrase retrieval method and device for encrypted text data | |
CN109088719A (en) | Outsourced database multi-key word can verify that cipher text searching method, data processing system | |
CN112543099A (en) | Certificateless searchable encryption method based on edge calculation | |
CN114244498A (en) | Dynamic searchable public key encryption method with forward security | |
CN113067702A (en) | Identity-based encryption method supporting ciphertext equivalence test function | |
CN111339539A (en) | Efficient encrypted image retrieval method under multi-user environment | |
CN115438230A (en) | Safe and efficient dynamic encrypted cloud data multidimensional range query method | |
CN114142996B (en) | Searchable encryption method based on SM9 cryptographic algorithm | |
Li et al. | Multi-keyword fuzzy search over encrypted cloud storage data | |
CN114021006A (en) | Multi-dimensional data security query method and device | |
CN113992397A (en) | Efficient public key encryption method supporting differential equation test |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |