CN112287368B - Cloud storage searchable encryption method based on lattice attribute base - Google Patents

Cloud storage searchable encryption method based on lattice attribute base Download PDF

Info

Publication number
CN112287368B
CN112287368B CN202011185531.4A CN202011185531A CN112287368B CN 112287368 B CN112287368 B CN 112287368B CN 202011185531 A CN202011185531 A CN 202011185531A CN 112287368 B CN112287368 B CN 112287368B
Authority
CN
China
Prior art keywords
data
ciphertext
matrix
keyword
attribute
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011185531.4A
Other languages
Chinese (zh)
Other versions
CN112287368A (en
Inventor
马晨哲
吴长泽
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chongqing University
Original Assignee
Chongqing University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chongqing University filed Critical Chongqing University
Priority to CN202011185531.4A priority Critical patent/CN112287368B/en
Publication of CN112287368A publication Critical patent/CN112287368A/en
Application granted granted Critical
Publication of CN112287368B publication Critical patent/CN112287368B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides a cloud storage searchable encryption method based on a lattice attribute base, which comprises the following steps: generating by An Authority (AA) a public key parameter Pk and a master key Msk of the system; the Data Owner (DO) uses Pk to encrypt plaintext data containing a keyword to respectively generate a keyword ciphertext Ind and a data ciphertext Ct, and endows the keyword ciphertext Ind and the data ciphertext Ct with an attribute set S and uploads the keyword ciphertext Ind and the data ciphertext Ct to the Cloud (CS); the AA generates a private key Sk for a data visitor (DU), the DU submits a query keyword to the AA, then generates a search Token generated by the AA and returns the search Token to the DU, the DU initiates a search request to the CS and uploads the Token to the cloud, and the CS judges whether the search Token is matched with a keyword ciphertext Ind or not, if so, the next step is carried out; otherwise, the end algorithm DU decrypts the ciphertext through the private key Sk generated in the last step to obtain the matching data original text information. The invention can be used in cloud storage environment, and data can be stored and retrieved more safely and efficiently.

Description

Cloud storage searchable encryption method based on lattice attribute base
Technical Field
The invention belongs to the field of information security, and relates to a cloud storage searchable encryption method based on a grid attribute base, which is applicable to the security, shared storage and efficient retrieval of data in a cloud storage environment.
Background
Along with the rapid development of information technology and the Internet of things, the information industry is gradually developed and matured, and meanwhile, the cloud computing is driven to rise. The frequency of people using the Internet is increasing, and many users acquire not only information through a network but also various services, and through these services, a large amount of data, which shows different characteristics from the past, will be generated. Complex data structures and fast expanding data sizes not only increase the computational overhead of the user, but also make the storage problem for the user very serious. Therefore, storing data on the cloud is becoming increasingly popular.
To ensure privacy of data, data is often stored in ciphertext form, so it becomes extremely difficult for users to access or share data with others. To address this problem, sahai and Water et al first propose an attribute-based encryption (ABE) concept. It is a flexible "one-to-many" public key encryption method, i.e. one-time encryption, which allows multiple persons to decrypt shared data. When encrypting data, the data owner does not need to know the identity of the data visitor in advance, but only needs to embed the associated access structure or attribute set into the secret. Thus, only users who meet the relevant decryption conditions can decrypt the ciphertext, but users who do not meet the decryption conditions cannot. Attribute-based encryption is considered by many students to be one of the most suitable methods for fine-grained access control in a cloud storage environment due to its flexibility, efficiency, and security.
Since the data is stored in the server in an encrypted manner, although the ciphertext conceals the true content of the data, it also prevents efficient retrieval of the data file, which presents a significant challenge for data retrieval and querying. If a user wants to view a certain file in the ciphertext file set, the entire uploaded file set needs to be downloaded and decrypted, and then the data is searched or queried, which brings great computational cost and expense to the user. So Song et al first proposed the concept of Searchable Encryption (SE). The technique allows the user to search directly for ciphertext. When a user needs to search ciphertext containing a certain keyword, the user only needs to generate a search token corresponding to the keyword and upload the token to the cloud server. After receiving the token, the cloud server matches the keywords in the secret with the keywords in the token. If the matching is successful, the ciphertext containing the key words is returned to the user, and the user only needs to decrypt the ciphertext.
In view of the respective advantages, scholars begin to integrate the ABE scheme and the SE scheme and propose a new scheme called attribute-based searchable encryption (ABSE), which can realize fine-grained access control of the search authority of the data visitor and can also realize keyword search under the ciphertext condition. Most of the existing schemes are constructed by bilinear Diffie-Hellman (BDH) assumption, which are no longer secure with the development of quantum computers. Because of the quantum attack resistance of lattice cryptography, various encryption schemes based on lattice have become research hotspots in recent years, regev et al first put forward a problem of lattice difficulty based on error Learning (LWE), and provide a protocol from worst case to general case of lattice difficulty, which lays a foundation for constructing a public key encryption scheme based on LWE problem later. However, there are few studies on the searchable encryption schemes under public key encryption on the grid. Therefore, the cloud storage searchable encryption method based on the lattice attribute base has important practical significance. In addition, most grid-based ABSE schemes pay little attention to decryption efficiency. Thus, the "G trapdoor" generation algorithm is employed herein to improve the overall efficiency of the scheme.
Disclosure of Invention
In view of the above, the present invention is directed to a cloud storage searchable encryption method based on a lattice attribute base, so that data can be stored and retrieved more safely and efficiently in a cloud storage environment.
The aim of the invention is realized by the following technical scheme:
the invention provides a cloud storage searchable encryption method based on a lattice attribute base, which comprises the following steps:
step 1), an Authority (AA) runs an initialization algorithm to generate a public key parameter Pk and a master key Msk of a system;
step 2), the Data Owner (DO) uses Pk to encrypt plaintext data containing keywords to respectively generate keyword ciphertext Ind and data ciphertext Ct, and endows the keyword ciphertext Ind and the data ciphertext Ct with an attribute set S and uploads the keyword ciphertext Ind and the data ciphertext Ct to a Cloud (CS);
step 3) the AA generates a private key Sk (used for decrypting ciphertext) for a data visitor (DU) according to an access strategy, the DU submits a query keyword to the AA and then generates a search Token by the AA, the search Token is returned to the DU, the DU initiates a search request to the CS and uploads the Token to the cloud, the CS judges whether the search request is matched with the keyword ciphertext Ind or not, if so, the next step is carried out; otherwise, ending the algorithm;
step 4) the CS returns the data ciphertext Ct corresponding to the keyword ciphertext to the DU and the DU to decrypt the ciphertext through the private key Sk generated in the last step to obtain matched data original text information (the data attribute meets the access control strategy of the private key to correctly decrypt the data).
Further, in the step 1), a trapdoor generating function needs to be called to initialize the system to generate the required public-private key pair:
where n and m represent the two-dimensional matrix dimensions to be generated, q is a prime number representing the range of values for all matrix elements, σ represents the minimum error value to be met to generate this trapdoor,and->Then a trapdoor matrix representing which original matrix was generated.
Further, in the step 2), an encryption matrix for encrypting the message data and the index data is respectively required to be constructed, so as to generate a message ciphertext and an index ciphertext:
wherein A is 0 Representing the original matrix selected in step 1), when the message data is encrypted,then represents its corresponding attribute matrix (default to zero matrix if the attribute is not in the system selected attribute set); at the time of encryption of the index data,then the keyword matrix to which it corresponds is represented.
Further, in the step 3), a left sampling algorithm is required to be called to generate a private key (i.e. trapdoor matrix) after matrix expansion according to the existing initial public-private key pair:
wherein A is 0 And R is 0 Representing an initial public-private key pair,represented by A 0 And R is 0 Vector A generated by multiplying public and private keys by points ρi Representing the expanded matrix (which may represent an attribute matrix or a keyword matrix), σ also represents the minimum error value that needs to be met to generate this trapdoor.
Further, in the step 4), a search algorithm is first executed to determine whether the queried keyword has matched corresponding message ciphertext data, i.e. calculation:
if->Then the matching is successful
Wherein I is 1 And I 2 Representing the keyword matrix after encryption,q represents a prime number representing a search token corresponding to a query keyword, and q represents a numerical range of all matrix elements, since the keyword information is encrypted according to zero message bits when encrypted, therefore +.>Is representative of at the time of (a)The zero-bit message represents successful matching and returns corresponding ciphertext data.
Finally, a decryption algorithm needs to be executed to decrypt the ciphertext data:
wherein C is 1,k And C 2 Represents an encrypted message matrix, d j And y j Respectively correspond to trapdoor vectors generated by taking different initial matrices, and likewise, ifThe bit message representing decryption is zero and vice versa.
Additional advantages, objects, and features of the invention will be set forth in part in the description which follows and in part will become apparent to those having ordinary skill in the art upon examination of the following or may be learned from practice of the invention. The objects and other advantages of the invention may be realized and obtained by means of the instrumentalities and combinations particularly pointed out in the specification.
Drawings
In order to make the technical scheme of the present invention more clear, the present invention will be described in detail with reference to the accompanying drawings, in which:
FIG. 1 is a flow chart of the present invention, and FIG. 2 is a system model diagram of the present invention.
Detailed Description
In order to make the technical scheme, advantages and objects of the present invention more clear, the technical scheme of the embodiment of the present invention will be clearly and completely described below with reference to the accompanying drawings of the embodiment of the present invention. It will be apparent that the described embodiments are some, but not all, embodiments of the invention. All other embodiments, which can be obtained by a person skilled in the art without creative efforts, based on the described embodiments of the present invention belong to the protection scope of the present application.
Wherein the drawings are for illustrative purposes only and are shown in schematic, non-physical, and not intended to limit the invention; for the purpose of better illustrating embodiments of the invention, certain elements of the drawings may be omitted, enlarged or reduced and do not represent the size of the actual product; it will be appreciated by those skilled in the art that certain well-known structures in the drawings and descriptions thereof may be omitted.
The invention is further described below with reference to the accompanying drawings.
As shown in fig. 1, a cloud storage searchable encryption method based on a lattice attribute base includes the following steps:
step 1) An Authority (AA) runs a public key parameter Pk and a master key Msk of an initialization algorithm generation system, and the method specifically comprises the following sub-steps:
step 1.1: from respectivelySpace->Random generator matrix->And->Invoking trapdoor generation algorithm +.>Generation (A) 0 ,R 0 ) Wherein R is 0 For the initial trapdoor matrix +.>And is also provided with
Step 1.2: att for each attribute k E U, respectively fromSpace->Random generator matrixAnd->Thereby construct->Where U represents all the attribute sets that would be involved in the present system.
Step 1.3: from Z respectively qRandomly selecting s and +.>Calculation ofWhere s is the secret value chosen when constructing attribute-based encryption based on the access tree, u and +.>For subsequent generation of random vectors required for the trapdoor matrix.
Step 1.4: selecting a hash function H for applying {0,1} * Spatial mapping toSpace, then return the system public key parameter +.>Master key->Where H is used to map the keyword vector into an n x m matrix space. />
Step 2) the Data Owner (DO) uses the public key parameter Pk to encrypt the plaintext data containing the keyword to generate the keyword ciphertext I and the data ciphertext Ct respectively, and gives the attribute set S thereof to upload to the Cloud (CS) together, which specifically comprises the following sub-steps:
step 2.1: from the slaveRandomly selecting a vector a in space, for each k e t]From->Is selected randomly for an error x 1 Calculation to generate->From->An error vector x is randomly selected 2 Calculation to generate->Wherein [ t ]]Bit vector representing message to be encrypted, C 1,k And C 2 Representing ciphertext information of data constructed based on LWE encryption form, C 2 Is constructed based on attributes for encrypting plaintext data,/>Representing a particular discrete gaussian distribution from which values are particularly small error values.
Step 2.2: from the slaveRandomly selecting a vector b in space for eachKeyword kw j E W, first mapped into matrix using hash function, i.e. +.>Then constructing a keyword encryption matrix->In the same way as in step 2.1, from +.>Selecting an error value x 3 And error vector x 4 And calculate I respectively 1 =b T u+x 3Wherein W represents a keyword set of encrypted data, I 1 And I 2,j Represents keyword ciphertext information constructed based on LWE encrypted forms.
Step 2.3: recording deviceFinally, all ciphertext information is returnedS) to the cloud end.
Step 3) the AA generates a private key Sk (used for decrypting ciphertext) for a data visitor (DU) according to an access strategy, the DU submits a query keyword to the AA and then generates a search Token by the AA, the search Token is returned to the DU, the DU initiates a search request to the CS and uploads the Token to the cloud, the CS judges whether the search request is matched with the keyword ciphertext Ind or not, if so, the next step is carried out; otherwise, the algorithm is ended, which specifically comprises the following sub-steps:
step 3.1: from Z q Is randomly selected to be 2 ,...,β θ Build β= (s, β 2 ,...,β θ ) T For each ρ (i) ∈ (M, ρ), (M, ρ) represents the access control policy assumed by the DU, note (λ 1 ,...,λ θ ) T =M·βAnd p is i =(λ i ,0 n-1 ) T Then respectively calling left sampling algorithm LeftSample (A 0 ,A ρi ,R 0i ,σ)、Generating xi ρ(i) 、μ ρ(i) Sk is noted ρ(i) ={ξ ρ(i)ρ(i) },Sk={{Sk ρ(i) } i∈[l] ,(M,ρ)},/>Is selected in step 1.3, s represents the secret value selected by the access control policy. The left sampling algorithm is used to construct a trapdoor matrix, which is a well known algorithm in cryptography and can be invoked directly.
Step 3.2: DU submits query keyword kw to AA j AA first maps it into a keyword matrix using a hash functionThen the left sampling algorithm is called in the same step 3.1>Generating search tokens->DU initiates a query request to CS and uploads search tokens, CS +.>Calculation ofIf->Then the keyword matching is described, the corresponding ciphertext Ct is transmitted to the DU and step 4) is performed; otherwise, the matching fails, and the algorithm is ended.
Step 4) the CS returns a data ciphertext Ct corresponding to the keyword ciphertext to the DU and the DU to decrypt the ciphertext through the private key Sk generated in the last step to obtain matched data original text information (the data attribute meets the access control strategy of the private key and can correctly decrypt the data), and the method specifically comprises the following sub-steps:
step 4.1: if the set S of attributes carried by the ciphertext satisfies the access control policy (M, ρ) imposed by the DU, it means that there must be an integer vector { g } ρ(j) ∈Z q The equation is satisfied j∈s g ρ(j) ·M j = (1, 0, …, 0) (available by access control tree property), then calculateWherein the method comprises the steps of ρ (j) represents the attribute represented by each row in the access control policy (M, ρ), +.>Representing the attribute set carried by the ciphertext, C 1,k And C 2 Obtained in step 2.1, ζ ρ(i) 、μ ρ(i) Obtained in step 3.1.
Step 4.2: for each message bit m k (k∈[t]) If calculatedRepresentation pair->Rounding, q is a prime number representing the range of values of all matrix elements, then m i =0; otherwise, m i =1, and finally all decryption information m= { m is returned 1 ,m 2 ,...,m t }={0,1} t Where q is a prime number representing the range of values for all matrix elements.
Finally, it is noted that the above embodiments are only for illustrating the technical solution of the present invention and not for limiting the same, and although the present invention has been described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that modifications and equivalents may be made thereto without departing from the spirit and scope of the present invention, which is intended to be covered by the claims of the present invention.

Claims (5)

1. A cloud storage searchable encryption method based on a lattice attribute base, the method comprising the steps of:
step 1), an authority AA runs an initialization algorithm to generate a public key parameter Pk and a master key Msk of a system;
step 1.1: from respectivelySpace->Random generator matrix->And->Invoking trapdoor generation algorithmGeneration (A) 0 ,R 0 ) Where n and m represent the dimensions of the two-dimensional matrix to be generated, q is a prime number representing the range of values of all matrix elements, σ represents the minimum error value to be met to generate the trapdoor, A 0 And->Represents a trapdoor matrix, R 0 For the initial trapdoor matrix +.>And->G represents a common original matrix G, and ω () represents an omega function;
step 1.2: att for each attribute k E U, respectively fromSpace->Random generator matrix->And->Thereby construct->Wherein U represents all attribute sets that would be involved in the present system;
step 1.3: from Z respectively qRandomly selecting s and +.>Calculate->Where s is the secret value chosen when constructing attribute-based encryption based on the access tree, u and +.>Random vectors required for subsequent generation of trapdoor matrices; u (u) i Represents->Is the i-th component of (a);
step 1.4: selecting a hash function H for applying {0,1} * Spatial mapping toSpace, then return the system public key parameter +.>Master key->Wherein H is used to map the keyword vector into an n m matrix space; />Representing a set of system attributes;
step 2), the data owner DO uses Pk to encrypt plaintext data containing keywords to respectively generate keyword ciphertext Ind and data ciphertext Ct, and endows the keyword ciphertext Ind and the data ciphertext Ct with an attribute set S and uploads the keyword ciphertext Ind and the data ciphertext Ct to the cloud CS;
step 2.1: from the slaveRandomly selecting a vector a in space, for each k e t]From->Is selected randomly for an error x 1 Calculation to generate->From->An error vector x is randomly selected 2 Calculation to generate->Wherein [ t ]]Bit vector representing message to be encrypted, C 1,k And C 2 Representing ciphertext information of data constructed based on LWE encryption form, C 2 Is constructed based on attributes for encrypting plaintext data,/>Representing a particular discrete gaussian distribution from which values are particularly small error values; a is that 0 Representing the original matrix selected in step 1), when the message data is encrypted, the +.>Representing the attribute matrix corresponding to the attribute, and defaulting to a zero matrix if the attribute is not in the attribute set selected by the system; when index data is encrypted, the index data is encrypted>Representing the keyword matrix corresponding to the keyword matrix; k represents the order of the components in the message bit vector as kth; t represents a message to be encrypted, t=m; m is m k Represents the kth component in the message bit vector;
step 2.2: from the slaveRandomly selecting a vector b in space, for each keyword kw j E W, first mapped into matrix using hash function, i.e. +.>Then constructing a keyword encryption matrix-> In the same way as in step 2.1, from +.>Selecting an error value x 3 And error vector x 4 And calculate I respectively 1 =b T u+x 3 、/>Wherein W represents a keyword set of encrypted data, I 1 And I 2,j Represents keyword ciphertext information constructed based on LWE encryption forms;
step 2.3: record Ct k∈[t] ={C 1,k ,C 2 },Finally return all ciphertext information-> To the cloud end;
step 3) the AA generates a private key Sk for the DU of the data visitor according to the access strategy, the DU submits a query keyword to the AA and then generates a search Token by the AA, the search Token is returned to the DU, the DU initiates a search request to the CS and uploads the Token to the cloud, the CS judges whether the search request is matched with the keyword ciphertext Ind or not, if so, the next step is carried out; otherwise, ending the algorithm;
step 4) the CS returns a data ciphertext Ct corresponding to the keyword ciphertext to the DU and the DU, and the data ciphertext is decrypted through the private key Sk generated in the last step to obtain matched data original text information, and the data attribute meets the access control strategy of the private key so as to correctly decrypt the data;
finally, a decryption algorithm needs to be executed to decrypt the ciphertext data:
wherein C is 1,k And C 2 Represents an encrypted message matrix, d j And y j Respectively corresponding to trapdoor vectors generated by taking different initial matrices,representing the set of attributes carried by ciphertext, g ρ(j) Represents the vector value after the access control policy is satisfied by the corresponding attribute, and likewise, if +.>Representation pair->Rounding off means that the decrypted bit message is zero and vice versa.
2. The cloud storage searchable encryption method based on the lattice attribute base as in claim 1, wherein: the step 1) is to call a trapdoor generating function to initialize the system to generate the required public key parameters and the main key, wherein the trapdoor generating function expression is as follows:
where n and m represent the dimensions of the two-dimensional matrix to be generated, q is a prime number representing the range of values of all matrix elements, σ represents the minimum error value to be satisfied by the trapdoor to be generated, A 0 Andrepresenting a trapdoor matrix.
3. The cloud storage searchable encryption method based on the lattice attribute base as in claim 1, wherein: step 2), constructing an encryption matrix for encrypting the message data and the index data to generate a message ciphertext and an index ciphertext respectively:
wherein A is 0 Representing the original matrix selected in step 1), when the message data is encrypted,representing the attribute matrix corresponding to the attribute, and defaulting to a zero matrix if the attribute is not in the attribute set selected by the system; when index data is encrypted, the index data is encrypted>Then the keyword matrix to which it corresponds is represented.
4. The cloud storage searchable encryption method based on the lattice attribute base as in claim 1, wherein: step 3), a left sampling algorithm is required to be called to generate a private key after matrix expansion, namely a trapdoor matrix according to the existing initial public-private key pair:
wherein A is 0 And R is 0 Representing an initial public-private key pair,represented by A 0 And R is 0 The vector generated by multiplying the public and private keys,/>representing a matrix of attributes or keywords, σ also represents the minimum error value that needs to be met to generate this trapdoor.
5. The cloud storage searchable encryption method based on the lattice attribute base as in claim 1, wherein: step 4), firstly, a search algorithm is executed to judge whether the searched keywords have matched corresponding message ciphertext data, namely, calculation is performed:
if->Then the matching is successful
Wherein I is 1 And I 2 Representing the keyword matrix after encryption,q represents a prime number representing a search token corresponding to a query keyword, and q represents a numerical range of all matrix elements, since the keyword information is encrypted according to zero message bits when encrypted, therefore +.>And when the matching is successful, the corresponding ciphertext data is returned by representing the zero bit message.
CN202011185531.4A 2020-10-29 2020-10-29 Cloud storage searchable encryption method based on lattice attribute base Active CN112287368B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011185531.4A CN112287368B (en) 2020-10-29 2020-10-29 Cloud storage searchable encryption method based on lattice attribute base

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011185531.4A CN112287368B (en) 2020-10-29 2020-10-29 Cloud storage searchable encryption method based on lattice attribute base

Publications (2)

Publication Number Publication Date
CN112287368A CN112287368A (en) 2021-01-29
CN112287368B true CN112287368B (en) 2024-02-13

Family

ID=74353015

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011185531.4A Active CN112287368B (en) 2020-10-29 2020-10-29 Cloud storage searchable encryption method based on lattice attribute base

Country Status (1)

Country Link
CN (1) CN112287368B (en)

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105025021A (en) * 2015-07-13 2015-11-04 西安理工大学 Attribute-based encryption method of principal disjunctive normal form access strategy at lattice
WO2016112954A1 (en) * 2015-01-12 2016-07-21 Nec Europe Ltd. Method and system for providing encrypted data
CN106127075A (en) * 2016-06-27 2016-11-16 湖南大学 The encryption method of can search for based on secret protection under a kind of cloud storage environment
CN107634829A (en) * 2017-09-12 2018-01-26 南京理工大学 Encrypted electronic medical records system and encryption method can search for based on attribute
CN107682157A (en) * 2017-10-11 2018-02-09 河南理工大学 More mechanical properties base encryption methods based on LWE on a kind of new lattice
CN108390855A (en) * 2018-01-11 2018-08-10 中国人民解放军战略支援部队信息工程大学 A kind of attribute base keyword search encryption system and method towards cloud storage
CN108512662A (en) * 2018-04-12 2018-09-07 上海海事大学 The hiding multimachine structure encryption method of support policy on a kind of lattice
CN108632032A (en) * 2018-02-22 2018-10-09 福州大学 The safe multi-key word sequence searching system of no key escrow
CN109559124A (en) * 2018-12-17 2019-04-02 重庆大学 A kind of cloud data safety sharing method based on block chain
CN110224986A (en) * 2019-05-07 2019-09-10 电子科技大学 It is a kind of that access control method efficiently can search for based on hiding strategy CP-ABE

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8634563B2 (en) * 2010-12-17 2014-01-21 Microsoft Corporation Attribute based encryption using lattices

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016112954A1 (en) * 2015-01-12 2016-07-21 Nec Europe Ltd. Method and system for providing encrypted data
CN105025021A (en) * 2015-07-13 2015-11-04 西安理工大学 Attribute-based encryption method of principal disjunctive normal form access strategy at lattice
CN106127075A (en) * 2016-06-27 2016-11-16 湖南大学 The encryption method of can search for based on secret protection under a kind of cloud storage environment
CN107634829A (en) * 2017-09-12 2018-01-26 南京理工大学 Encrypted electronic medical records system and encryption method can search for based on attribute
CN107682157A (en) * 2017-10-11 2018-02-09 河南理工大学 More mechanical properties base encryption methods based on LWE on a kind of new lattice
CN108390855A (en) * 2018-01-11 2018-08-10 中国人民解放军战略支援部队信息工程大学 A kind of attribute base keyword search encryption system and method towards cloud storage
CN108632032A (en) * 2018-02-22 2018-10-09 福州大学 The safe multi-key word sequence searching system of no key escrow
CN108512662A (en) * 2018-04-12 2018-09-07 上海海事大学 The hiding multimachine structure encryption method of support policy on a kind of lattice
CN109559124A (en) * 2018-12-17 2019-04-02 重庆大学 A kind of cloud data safety sharing method based on block chain
CN110224986A (en) * 2019-05-07 2019-09-10 电子科技大学 It is a kind of that access control method efficiently can search for based on hiding strategy CP-ABE

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
Improving the Leakage Rate of Ciphertext-Policy Attribute-Based Encryption for Cloud Computing;Leyou Zhang,Xiaoxu Gao,Fuchun Guo,Gongcheng Hu;《IEEE Access 》;第8卷;94033 - 94042 *
云存储下多关键词可搜索的属性基加密方案;马晨哲;《中国优秀硕士学位论文全文数据库 信息科技辑》(第10期);I137-98 *
新的格上多机构属性基加密方案;闫玺玺, 刘媛, 李子臣, 汤永利, 叶青;《电子与信息学报》;第40卷(第04期);811-817 *
面向移动云环境的属性基加密技术研究;付雨萌;《中国优秀硕士学位论文全文数据库 信息科技辑》(第05期);I138-112 *

Also Published As

Publication number Publication date
CN112287368A (en) 2021-01-29

Similar Documents

Publication Publication Date Title
Li et al. Full verifiability for outsourced decryption in attribute based encryption
CN110224986B (en) Efficient searchable access control method based on hidden policy CP-ABE
Liang et al. Searchable attribute-based mechanism with efficient data sharing for secure cloud storage
Li et al. Verifiable outsourced decryption of attribute‐based encryption with constant ciphertext length
Zeng et al. Forward secure public key encryption with keyword search for outsourced cloud storage
Lien et al. A novel privacy preserving location-based service protocol with secret circular shift for k-nn search
CN111143471B (en) Ciphertext retrieval method based on blockchain
CN106487506B (en) Multi-mechanism KP-ABE method supporting pre-encryption and outsourcing decryption
CN108632248A (en) Data ciphering method, data query method, apparatus, equipment and storage medium
WO2023044963A1 (en) Method and system for re-encrypting threshold proxy based on attribute condition
CN109361644B (en) Fuzzy attribute based encryption method supporting rapid search and decryption
CN108092972B (en) Multi-authorization-center attribute-based searchable encryption method
CN111431897B (en) Multi-attribute mechanism attribute-based encryption method with tracking function for cloud-assisted Internet of things
CN109714157B (en) SDN cross-domain access control method for resisting encryption of key exposure attribute
CN111431898B (en) Multi-attribute mechanism attribute-based encryption method with search function for cloud-assisted Internet of things
CN108111587B (en) Cloud storage searching method based on time release
CN113037753B (en) Encrypted data sharing method with privacy protection based on block chain
CN109981265B (en) Identity-based ciphertext equivalence determination method without using bilinear pairings
CN105282167A (en) Searchable certificateless public key encryption method
Xu et al. Enabling authorized encrypted search for multi-authority medical databases
Wang et al. Efficient verifiable key-aggregate keyword searchable encryption for data sharing in outsourcing storage
Zhang et al. Secure and efficient searchable public key encryption for resource constrained environment based on pairings under prime order group
CN109274659B (en) Certificateless online/offline searchable ciphertext method
Chen et al. Multi-user boolean searchable encryption supporting fast ranking in mobile clouds
CN116684062B (en) Cloud computing outsourcing and data dynamic sharing method and system based on proxy re-encryption

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant