CN112632598A - Encrypted data retrieval and sharing method, system, medium, equipment and application - Google Patents
Encrypted data retrieval and sharing method, system, medium, equipment and application Download PDFInfo
- Publication number
- CN112632598A CN112632598A CN202011430096.7A CN202011430096A CN112632598A CN 112632598 A CN112632598 A CN 112632598A CN 202011430096 A CN202011430096 A CN 202011430096A CN 112632598 A CN112632598 A CN 112632598A
- Authority
- CN
- China
- Prior art keywords
- key
- tuple
- keywords
- nap
- keyword
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6227—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/17—Details of further file system functions
- G06F16/176—Support for shared access to files; File sharing support
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
Abstract
The invention belongs to the technical field of information data processing, and discloses a method, a system, a medium, equipment and an application for retrieving and sharing encrypted data, wherein the method comprises the following steps: initializing a system; generating an encryption matrix index; generating a keyword trapdoor by using a paillier key pair; in the searching stage, ciphertext searching is carried out by using two ciphertext comparison algorithms; and after the intelligent vehicle obtains the query result, transmitting the attribute set of the intelligent vehicle to the authority platform. The authoritative platform resolves the dense-phase correlation key ciphertext based on the attribute set; and updating keywords or data. When the method is used for searching or sharing, data are encrypted, college searching can be realized, fuzzy searching can be performed on keywords with spelling errors, and results are sorted according to the relevance, so that accurate searching is realized; safe retrieval and sharing of data are realized, and fuzzy retrieval can be performed on keywords with spelling errors; the system can realize efficient and encrypted retrieval, and how to realize efficient encryption sharing.
Description
Technical Field
The invention belongs to the technical field of information data processing, and particularly relates to a method, a system, a medium, equipment and an application for retrieving and sharing encrypted data.
Background
At present: as the market for IoV continues to expand, more and more vehicles and associated equipment are being integrated therein. It not only has an impact on network capacity, but also makes the network topology more complex. For these reasons, data sharing and transmission in dense areas of the network may be lost or congested, reducing network reliability and increasing transmission delay.
The disadvantage of the prior IoV technology is that the prior architecture is ground-based, providing network access services for vehicles and vehicular applications. The advent of SASAGETN in response to this major problem has provided a new line of thought for the expansion of IoV. SAGAVIN is a comprehensive network architecture which is based on the ground, multiple dimensions and different layers and is formed by adding a Low Earth Orbit Satellite (LEOS), an Unmanned Aerial Vehicle (UAV) and a High Altitude Platform (HAP) into a ground network. Various network devices in the aerospace field are utilized to provide real-time network access services for vehicles and vehicle-mounted applications in different environments. Notably, SAGIVN is susceptible to various types of attacks and threats as it contains various different types of network interfaces and communication modes.
Through the above analysis, the problems and defects of the prior art are as follows: the prior art SAGIVN is susceptible to various types of attacks and threats under various different types of network interfaces and communication modes.
The difficulty in solving the above problems and defects is: most of the existing data privacy protection aiming at the car networking environment is based on differential privacy protection in machine learning, and only information such as the position of a vehicle can be protected. An effective solution is not provided to the problem of safe storage and sharing of data generated by vehicles in the internet of vehicles. Meanwhile, the vehicle has high-speed mobility, so that higher requirements are provided for the topological structure of the proposed system, and it is difficult to meet the communication low-delay standard in the moving process of the vehicle on the premise of ensuring the safety.
The significance of solving the problems and the defects is as follows: the internet of vehicles serves as an important component in the internet of things, so that global intelligent transportation is greatly developed, but in recent years, the improvement of intelligent transportation is hindered by some problems existing in the internet of vehicles, firstly, the coverage range of the internet of vehicles cannot meet the current transportation requirement, many remote or incomplete areas of network infrastructure cannot be added into the internet of vehicles, in addition, the privacy protection of the vehicles in the internet of vehicles still stays at the stage of data such as positions, and an effective scheme is not provided for the safe storage and sharing of the data of the vehicles. The scheme combines the Internet of vehicles and the SAGIN and simultaneously provides an effective solution for the two problems by combining the searchable encryption technology.
Disclosure of Invention
Aiming at the problems in the prior art, the invention provides a method, a system, a medium, equipment and an application for retrieving and sharing encrypted data.
The invention is realized in such a way that an encrypted data retrieval and sharing method comprises the following steps:
in the initial stage of the system, firstly, system initialization is carried out, wherein the system initialization comprises key initialization and file initialization;
the authority uses an optimization algorithm to calculate the relevance scores among the keywords, uses a public key of the intelligent vehicle to encrypt the keywords in the dictionary or a certain single character to obtain a tuple, uses a hash function and a random function, and uses the obtained keyword ciphertext tuple and a file identifier to generate an encryption index;
the trapdoor generation comprises two parts; the intelligent automobile calculates the weights of all keywords in the query keyword set according to the dependency grammar and the phrase structure tree; the intelligent automobile generates a trap door by using a public key as a keyword, and a final tuple is obtained by combining the weight and the trap door;
after the tuple is obtained, the network access node firstly executes fuzzy search, the trapdoor tuple is put into a candidate set, and the network access node accurately searches the candidate set to obtain a final search result;
after obtaining the query result, the intelligent vehicle sends the attribute set of the intelligent vehicle to the authority, then the authority returns the encryption key, and the intelligent vehicle decrypts the file by using the key to obtain a plaintext set;
the data or keywords are updated.
Further, the specific initialization steps are as follows:
(1) initializing a key, setting a fuzzy value acc of query by a network access Node (NAP) to be x, wherein acc represents a text distance between two keywords, x is an integer, the NAP inputs a security parameter alpha to the AP, the AP outputs a character string K with the length of alpha, K is a key for symmetric encryption, the NAP inputs a security parameter mu to the AP, and the AP outputs a pair of keys, wherein the process is as follows:
step one, AP randomly selects two large prime numbers p and q, and calculates n as p multiplied by q, wherein p is more than 0 and less than 2μ,0<q<2μ,
Step two, AP calculates sigma ═ e-1mod n, where e ═ lcm (p-1, q-1)
Thirdly, generating a public and private key pair by the AP, wherein pk is n and sk is (e, sigma);
(2) file initialization, SV extracting ω from a set of filesiConstructing a dictionary W, SV generating a corresponding file identifier id for each filey(1 < y < n), transmitting the W and the plaintext data set to the AP, and encrypting the files in the file set by the AP by using the symmetric key K; the AP performs an attribute encryption on K, the attribute policy being defined by SV, the AP using the common parameter pp and a random numberThe encryption key is calculated as follows:
the encryption key will be stored at the AP. When the SV needs to decrypt, they send the attribute set to the AP, which returns the decrypted K to the SV.
Further, the specific steps of constructing the index include:
(1) the AP calculates a relevance score between the file and the keyword by using an optimized TF multiplied by IDF algorithm;
(2) the AP executes preprocessing operation on the keywords in the dictionary;
(3) AP uses the public key pk of SVcEncrypting the key words in the dictionary and the letter words or a single character in the key words to obtain the following tuples:
AP uses a hash function Hw(·),HfAnd (c) a random function R (·), generating an encryption index using the obtained key ciphertext tuple and the file identifier, the creation steps of which are as follows:
step one, initializing a matrix eta of a (m '× n') latitude, wherein m is less than or equal to m ', n is less than or equal to n', m is the maximum number in a keyword set, n is the maximum number in a data set, and setting all elements in the matrix to be 0;
step two, for the encryption matrix index with x being 1,2, …, n 'and y being 1,2, …, m', the AP uses the hash function Hw(. to) generate a hash table αw(. to) containing the mapping result αw([wi]pk) The AP generates a hash table alpha by utilizing R (-) and H (-) valuesf(. to) containing the mapping result αf(fy) As follows:
R(idy)=fy
αf(fy)→t;
thirdly, establishing a corresponding relation between the file and the keywords based on the initialization matrix eta, if the file idyThe keyword w appears in (1. ltoreq. y. ltoreq.n)x(x is not less than 1 and not more than m), the corresponding element in the matrix eta is set as wxAnd idyTF x IDF value of, otherwise set to 0;
AP only transmits the encrypted index to NAP, and reserves hash function Hw(·)、Hf(. cndot.) and a random function R (-).
Further, the specific steps for generating the trapdoor are as follows:
the trap door generation comprises two parts, firstly, SV calculates the weight of all key words in a query key word set according to the dependency grammar and the phrase structure tree, secondly, the intelligent automobile generates the trap door for the key words through a key pair, and then the final tuple is obtained by combining the weight and the trap door;
(1) calculating the weight, wherein for each keyword in the query set, the initial keyword relationship is 1, if the keyword has a syntactic relationship with other keywords, the weight of the keyword is changed into 1+ R, wherein R represents the syntactic relationship;
for two search keys q1And q is2Syntactic relations are denoted as R (q)1,q2) If there is a grammatical relationship between them, then q1And q is2Respectively increaseAndwherein d is1And d2Respectively represent the distance between two keywords and the common ancestor node, d represents the distance between the keywords, i.e. d ═ d1+d2;
For any query Q ═ Q1,q2,…,qzZ is the number of search keywords, and the weight value for keyword q is p × z, where p is the weight ratio of search keyword q:
the weight KW of the keyword q is expressed as:
(2) trapdoor generation, SV encrypting the query key w with their keys, SV encrypting the letters or single characters in the key wEncrypting to obtain ciphertext groupThe SV adds the weight associated with the key to the tuple.
Further, after obtaining the tuple, the network access node first performs a fuzzy search, puts the trapdoor tuple into the candidate set, and the network access node accurately searches the candidate set to obtain a final search result specifically including:
CGE algorithm: SV and NAP respectively have a group of paillier key pairs of (pk, sk) and (pk)NAP,skNAP) Given two integers a, b, two ciphertext integers a ═ a are obtained by encrypting with the public key pk]pk,B=[b]pkThe CGE algorithm calculates A and B to obtain the relation between a and B;
the CGE algorithm is performed as follows:
(1) SV selects a relatively small positive integer r and calculatesAccording to additive homomorphism of the paillier encryption algorithm, there is(a-b) and (a-b) × r are marked by the same flag, since r is a small positive integer, SV sends X to NAP;
(2) NAP decrypts X by using private key sk to obtain plaintext X, and if X is larger than or equal to 0, the plaintext X is decrypted by NAPOtherwise cause toSending the results to the SVs;
CE algorithm: the objective of the CE algorithm is to compute two ciphertext integers a ═ a]pkAnd B ═ B]pkDetermining whether the plaintext a and b are equal to realize an accurate searching function, and realizing twice CGE algorithm of the CE algorithm; during searching, after acquiring the trapdoor tuple TTS, the NAP firstly executes fuzzy search, puts items matched with the TTS into a candidate set TTS ', and the NAP accurately searches the TTS' to obtain a final result TTS ";
after the NAP obtains the final set TTS ', the NAP obtains row vectors associated with all items in the TTS' from the encryption matrix etaNAP multiplies each row vector by the correlation coefficient of the corresponding keyword trapdoor sent by SV, adds all the row vectors and obtains vresultAnd then transmitted to DC.
Further, after obtaining the above query result, the intelligent vehicle sends its own attribute set to the authority, and then the authority returns the encryption key, and the intelligent vehicle obtains a plaintext set by using the key decryption file to decrypt the file, which specifically includes: and after obtaining the query result, the SV transmits the attribute set Att to the AP. AP decrypts the relevant encryption key based on Att:
the SV decrypts the ciphertext data by using the symmetric key K to obtain a plaintext set of the query result, and the process is as follows:
the specific steps for updating the data or the keywords are as follows:
and (3) updating the keywords: the SV does not need to transmit the update status onto DC;
(1) key addition, when SV adds a key to a dictionary, an updated tuple is created containing the operation instruction op ═ addition "and the key W that needs to be addedaddAfter AP receives the tuple from SV, AP first calculates WaddAnd the value of TF x IDF between each file, the AP encrypts W using paillieraddObtain ciphertext [ wadd]paillierAnd deriving vectors based on the above valuesAP forms a new tuple by the op and the vector and sends the new tuple to NAP, and the NAP utilizes the hash function H stored by the NAPw(. a) is toMapping to the corresponding position in the matrix index and adding;
(2) the operation instruction of SV is op ═ deletion, and unlike the add operation, when NAP receives the key wdelCiphertext of (1)del]paillierTemporal NAP may use hash function Hw(. to) map its position in the matrix index and then remove the relevant vector v from the matrix indexdel;
And (3) updating data: the data update and key update operations are completely different, the key update only needs to be operated on the NAP, and then the data update needs to be simultaneously performed on the NAP and the DC;
(1) data deletion, file update and key update are different, the file update requires the AP to send out update operation to the NAP and the DC, and in the case of file deletion, SV generates a tuple containing the file identifier f of the file to be deleteddelAnd deleting the instruction op as "deletion", after the AP receives the tuple, utilizing the hash function H stored by the APf(. to) map to obtain [ fdel]paillierPosition ofAP will newly generate tuple (op, pos)del) Sent to NAP and DC respectively, the NAP and DC are in alphaf(. h) and their stored matrix indices;
(2) data addition, the data addition operation also needs the SV to send an operation instruction op ═ add', and the file addition indicator faddAnd addition and faddRelated keywords { [ w { [n]paillierL (n ═ i, j, z, m, n, p) } to AP; AP uses a hash function Hf(. to) map to obtain [ fadd]paillierPosition pos ofaddAP also calculates faddAnd a keyword { [ w { [n]paillierTF × IDF between | (n ═ i, j, z, m, n, p) }; generating a set of tuples { ([ w ]n]paillier,(TF×IDF)n) I (n ═ i, j, z, m, n, p) }, the AP will (op, [ f } will doadd]paillier) Transmitted to DC for updating the two-way hash table alpha stored on DCf(. to) while the AP will be (op, [ f)add]paillier,{([wn]paillier,(TF×IDF)n) | l (n ═ i, j, z, m, n, p) }) is transmitted to the NAP, and the matrix index stored at the NAP is updated.
It is a further object of the invention to provide a computer device comprising a memory and a processor, the memory storing a computer program which, when executed by the processor, causes the processor to perform the steps of:
in the initial stage of the system, firstly, system initialization is carried out, wherein the system initialization comprises key initialization and file initialization;
the authority uses an optimization algorithm to calculate the relevance scores among the keywords, uses a public key of the intelligent vehicle to encrypt the keywords in the dictionary or a certain single character to obtain a tuple, uses a hash function and a random function, and uses the obtained keyword ciphertext tuple and a file identifier to generate an encryption index;
the trapdoor generation comprises two parts; the intelligent automobile calculates the weights of all keywords in the query keyword set according to the dependency grammar and the phrase structure tree; the intelligent automobile generates a trap door by using a public key as a keyword, and a final tuple is obtained by combining the weight and the trap door;
after the tuple is obtained, the network access node firstly executes fuzzy search, the trapdoor tuple is put into a candidate set, and the network access node accurately searches the candidate set to obtain a final search result;
after obtaining the query result, the intelligent vehicle sends the attribute set of the intelligent vehicle to the authority, then the authority returns the encryption key, and the intelligent vehicle decrypts the file by using the key to obtain a plaintext set;
the data or keywords are updated.
It is another object of the present invention to provide a computer-readable storage medium storing a computer program which, when executed by a processor, causes the processor to perform the steps of:
in the initial stage of the system, firstly, system initialization is carried out, wherein the system initialization comprises key initialization and file initialization;
the authority uses an optimization algorithm to calculate the relevance scores among the keywords, uses a public key of the intelligent vehicle to encrypt the keywords in the dictionary or a certain single character to obtain a tuple, uses a hash function and a random function, and uses the obtained keyword ciphertext tuple and a file identifier to generate an encryption index;
the trapdoor generation comprises two parts; the intelligent automobile calculates the weights of all keywords in the query keyword set according to the dependency grammar and the phrase structure tree; the intelligent automobile generates a trap door by using a public key as a keyword, and a final tuple is obtained by combining the weight and the trap door;
after the tuple is obtained, the network access node firstly executes fuzzy search, the trapdoor tuple is put into a candidate set, and the network access node accurately searches the candidate set to obtain a final search result;
after obtaining the query result, the intelligent vehicle sends the attribute set of the intelligent vehicle to the authority, then the authority returns the encryption key, and the intelligent vehicle decrypts the file by using the key to obtain a plaintext set;
the data or keywords are updated.
Another object of the present invention is to provide a vehicle information data processing terminal for implementing the encrypted data retrieval and sharing method.
Another object of the present invention is to provide an encrypted data retrieving and sharing system implementing the encrypted data retrieving and sharing method, the encrypted data retrieving and sharing system comprising:
the system initialization module is used for carrying out system initialization including key initialization and file initialization at the initial stage of the system;
the system comprises an encryption index generation module, an authority and a file identifier generation module, wherein the encryption index generation module is used for calculating correlation row scores among keywords by using an optimization algorithm, acquiring tuples by using the keywords or a certain single character in a public key encryption dictionary of the intelligent vehicle, and generating an encryption index by using the acquired keyword ciphertext tuples and the file identifier by using a hash function and a random function by the authority;
the trapdoor generation module is used for generating the trapdoor; the intelligent automobile calculates the weights of all keywords in the query keyword set according to the dependency grammar and the phrase structure tree; the intelligent automobile generates a trap door by using a public key as a keyword, and a final tuple is obtained by combining the weight and the trap door;
the search result acquisition module is used for performing fuzzy search by the network access node after obtaining the tuple, putting the trapdoor tuple into the candidate set, and accurately searching the candidate set by the network access node to obtain a final search result;
the plaintext set acquisition module is used for sending the attribute set of the intelligent vehicle to the authority after the intelligent vehicle obtains the query result, the authority returns the encryption key, and the intelligent vehicle decrypts the file by using the key to obtain a plaintext set;
and the updating module is used for updating the data or the keywords.
By combining all the technical schemes, the invention has the advantages and positive effects that: the invention provides a safe and effective retrieval and sharing scheme based on encrypted data in order to ensure the safety and the effectiveness of data transmission, the data are encrypted when the data are retrieved or shared, and the scheme can realize college retrieval, can carry out fuzzy retrieval on keywords with spelling errors and sequence the results according to the relevance, thereby realizing accurate retrieval. The safe retrieval and sharing of data are realized, and fuzzy retrieval can be performed on keywords with spelling errors. The system can realize efficient and encrypted retrieval, and how to realize efficient encryption sharing.
Compared with the prior art, the invention has the following advantages:
(1) the invention relates to a keyword conversion method based on a one-way algorithm and parallel encryption. For misspellings of a letter, the scheme may use the misspelled key and the correct key to obtain the fuzzy value. In addition, the method is also effective for other spelling errors.
(2) In order to improve the accuracy of the query, the scheme introduces natural language processing in the trapdoor generation part, and calculates the weight of the keywords in the query keyword set by using the dependency grammar and the phrase structure tree before generating the query trapdoor, which plays an important role in improving the query accuracy by extracting the query part.
(3) The cross-language query method based on the ASCII codes the keywords in the dictionary, encrypts the keywords into the ciphertext by using a higher-level encryption technology, and can realize the cross-language query under any language environment.
(4) Access control management, in the existing loV architecture, data transmission and sharing are realized by using secure broadcast, which not only generates huge communication overhead, but also cannot perform fine management on user authorization, thereby realizing fine management on user access control.
(5) Performance and safety, the invention implements and evaluates the proposed solution according to a real SAGIVN environment. The result shows that the scheme realizes high-precision searching of data and confidentiality of the data.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings needed to be used in the embodiments of the present application will be briefly described below, and it is obvious that the drawings described below are only some embodiments of the present application, and it is obvious for those skilled in the art that other drawings can be obtained from the drawings without creative efforts.
Fig. 1 is a flowchart of an encrypted data retrieving and sharing method according to an embodiment of the present invention.
FIG. 2 is a schematic structural diagram of an encrypted data retrieving and sharing system according to an embodiment of the present invention;
in fig. 2: 1. a system initialization module; 2. an encryption index generation module; 3. a trapdoor generation module; 4. a search result acquisition module; 5. a plaintext collection acquisition module; 6. and updating the module.
Fig. 3 is a flowchart of an implementation of the encrypted data retrieving and sharing method according to an embodiment of the present invention.
Fig. 4 is a sky-ground integration network diagram according to an embodiment of the present invention.
FIG. 5 is an index building block diagram provided by an embodiment of the invention.
FIG. 6 is a simulation diagram of index building provided by an embodiment of the present invention.
FIG. 7 is a simulation diagram of a trapdoor query according to an embodiment of the present invention.
FIG. 8 is a parse tree diagram according to an embodiment of the present invention.
FIG. 9 is a fuzzy query graph as provided by embodiments of the present invention.
Fig. 10 is a simulation diagram of fuzzy search according to an embodiment of the present invention.
FIG. 11 is an accurate query graph provided by embodiments of the present invention.
FIG. 12 is a diagram of an accurate search simulation provided by an embodiment of the present invention.
Fig. 13 is a query matching graph provided by an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail with reference to the following embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
In view of the problems in the prior art, the present invention provides a method, system, medium, device and application for retrieving and sharing encrypted data, which will be described in detail with reference to the accompanying drawings.
As shown in fig. 1, the encrypted data retrieving and sharing method provided by the present invention includes the following steps:
s101: in the initial stage of the system, firstly, system initialization is carried out, wherein the system initialization comprises key initialization and file initialization;
s102: the authority uses an optimization algorithm to calculate the relevance scores among the keywords, uses a public key of the intelligent vehicle to encrypt the keywords in the dictionary or a certain single character to obtain a tuple, and uses a hash function and a random function to generate an encryption index by using the obtained keyword ciphertext tuple and a file identifier;
s103: the trapdoor generation comprises two parts; the intelligent automobile calculates the weights of all keywords in the query keyword set according to the dependency grammar and the phrase structure tree; the intelligent automobile generates a trap door by using a public key as a keyword, and a final tuple is obtained by combining the weight and the trap door;
s104: after the tuple is obtained, the network access node firstly executes fuzzy search, the trapdoor tuple is put into a candidate set, and the network access node accurately searches the candidate set to obtain a final search result;
s105: after obtaining the query result, the intelligent vehicle sends the attribute set of the intelligent vehicle to the authority, then the authority returns the encryption key, and the intelligent vehicle decrypts the file by using the key to obtain a plaintext set;
s106: the data or keywords are updated.
Those skilled in the art can also use other steps to implement the encrypted data retrieving and sharing method provided by the present invention, and the encrypted data retrieving and sharing method provided by the present invention in fig. 1 is only one specific embodiment.
As shown in fig. 2, the encrypted data retrieving and sharing system provided by the present invention includes:
the system initialization module 1 is used for performing system initialization including key initialization and file initialization at the initial stage of the system;
the encrypted index generation module 2 is used for calculating the relevance scores among the keywords by using an optimization algorithm by an authority, encrypting the keywords or a certain single character in a dictionary by using a public key of the intelligent vehicle to obtain a tuple, and generating an encrypted index by using the obtained keyword ciphertext tuple and a file identifier by the authority by using a hash function and a random function;
the trapdoor generation module 3 is used for generating the trapdoor; the intelligent automobile calculates the weights of all keywords in the query keyword set according to the dependency grammar and the phrase structure tree; the intelligent automobile generates a trap door by using a public key as a keyword, and a final tuple is obtained by combining the weight and the trap door;
the search result acquisition module 4 is used for performing fuzzy search by the network access node after obtaining the tuple, putting the trapdoor tuple into the candidate set, and accurately searching the candidate set by the network access node to obtain a final search result;
the plaintext set acquisition module 5 is used for sending the attribute set of the intelligent vehicle to the authority after the intelligent vehicle obtains the query result, returning the encryption key by the authority, and decrypting the file by the intelligent vehicle by using the key to obtain a plaintext set;
and the updating module 6 is used for updating the data or the keywords.
The technical solution of the present invention is further described below with reference to the accompanying drawings.
As shown in fig. 3, the encrypted data retrieving and sharing method provided by the present invention includes the following steps:
the method comprises the following steps: initializing a system;
step two: generating an index;
step three: generating a trap door;
step four: searching;
step five: decrypting the file;
step six: and (6) updating.
As shown in fig. 4, the present invention will be further described in more detail as follows:
the first step is as follows: system initialization
(1) And (5) key initialization. NAP (network access node) sets the fuzzy value acc of the query as x (acc denotes the text distance between two keywords, x is an integer). The NAP inputs a security parameter α to the AP, which outputs a string K of length α, K being a key for symmetric encryption. The NAP inputs the security parameter μ to the AP, which outputs a pair of keys as follows:
step one, AP randomly selects two large prime numbers p and q, and then calculates n as p multiplied by q, wherein p is more than 0 and less than 2μ,0<q<2μ,
Step two, AP calculates sigma ═ e-1mod n, where e ═ lcm (p-1, q-1);
thirdly, generating a public and private key pair by the AP, wherein pk is n and sk is (e, sigma);
(2) and (5) initializing a file. SV extracts omega from a set of filesiA dictionary W is constructed. Furthermore, the SV generates a corresponding file identifier id for each filey(1 < y < n), then W and the plaintext data set are transmitted to the AP. The AP encrypts the files in the file set with the symmetric key K. And the AP performs attribute encryption on K, the attribute policy being defined by SV. AP uses the common parameter pp and a random numberThe encryption key is calculated as follows:
the encryption key will be stored at the AP. When the SV needs to decrypt, they send the attribute set to the AP, which returns the decrypted K to the SV.
The second step is that: index generation
(1) The AP calculates the relevance score between the document and the keyword using an optimized TF x IDF algorithm.
(2) The AP performs a preprocessing operation on the keywords in the dictionary.
(3) AP uses the public key pk of SVcEncrypting a keyword in a dictionary and a letter (Latin letter) or a single character in the keyword to obtain the following tuples:
the AP then uses a hash function Hw(·),HfAnd (c) a random function R (·), generating an encryption index using the obtained key ciphertext tuple and the file identifier, the creation steps of which are as follows:
step one, initializing a matrix eta of a (m '× n') latitude, wherein m is less than or equal to m ', n is less than or equal to n' (m is the largest number in a keyword set, n is the largest number in a data set), and setting all elements in the matrix to be 0.
Step two, encrypting the matrix index for x ═ 1,2, …, n 'and y ═ 1,2, …, m'. AP utilizes a hash function Hw(. to) generate a hash table αw(. to) containing the mapping result αw([wi]pk). In addition, the AP generates a hash table α using R (-) and H (-) valuesf(. to) containing the mapping result αf(fy) As follows:
R(idy)=fy
αf(fy)→t;
and thirdly, constructing a corresponding relation between the file and the keyword based on the initialization matrix eta. If file idyThe keyword w appears in (1. ltoreq. y. ltoreq.n)x(x is not less than 1 and not more than m), the corresponding element in the matrix eta is set as wxAnd idyTF × IDF value, otherwise set to 0.
AP only transmits the encrypted index to NAP, and reserves hash function Hw(·)、Hf(. cndot.) and a random function R (-). Fig. 5 shows a construction process of the encryption matrix index.
The third step: trapdoor generation
Trapdoor generation consists of two parts. First, the smart car computes the weights of all keywords in the query keyword set according to the dependency grammar and the phrase structure tree. Secondly, the intelligent automobile generates a trap door for the key word through the key pair, and then a final tuple is obtained by combining the weight and the trap door.
(1) And (4) calculating the weight. For each keyword in the query set, the initial keyword relationship is 1, and if the keyword has a syntactic relationship with other keywords, its weight becomes 1+ R, where R represents the syntactic relationship.
For two search keys q1And q is2Syntactic relations are denoted as R (q)1,q2). If there is a grammatical relationship between them, then q1And q is2Respectively increaseAndwherein d is1And d2And respectively represent the distance between two key distances and a common ancestor node. d represents the distance between the keywords, i.e. d ═ d1+d2。
For any query Q ═ Q1,q2,…,qzZ is the number of search keys. The weight value for keyword q is p × z, where p is the weight ratio of search keyword q, that is:
thus, the weight KW of the keyword q can be expressed as:
taking "multiple keyword search encryption" as an example, the grammar structure book and the dependency grammar are shown in fig. 6 respectively.
For example, it can be seen from fig. 6 that the distance between "encryption" and "multiplex" is 5, the syntax relationship is r (amod) ═ 1/(ln5), and the distances from "encryption" and "multiplex" to their common root nodes are 3 and 2, respectively, so the corresponding weights should be 2(ln5)/5 and 3(ln 5)/5. Likewise, the syntactic relationships between "multiple" and "keywords", and "multiple" are the same. With the above method, the final weights of "encryption" and "multiple" are kw (multiple) 1.23 and kw (encryption) 0.95, respectively.
(2) And (4) generating a trap door. SV encrypts the query key w with their key. In addition, SV encrypts the letters or single characters in the keyword w to obtain a ciphertext groupFinally, the SV adds the weight associated with the key to the tuple.
The fourth step: searching
The invention introduces two ciphertext comparison algorithms used in the search stage: CGE and CE.
CGE algorithm: SV and NAP respectively have a group of paillier key pairs of (pk, sk) and (pk)NAP,skNAP). Given two integers a, b, two ciphertext integers a ═ a are obtained by encrypting with a public key pk]pk,B=[b]pk. The CGE algorithm obtains the relationship between a and B by making some calculations for a and B. The CGE algorithm flow is as follows:
the CGE algorithm is performed as follows:
(1) SV selects a relatively small positive integer r and calculatesAccording to additive homomorphism of the paillier encryption algorithm, there is(a-b) And (a-b) r are labeled the same since r is a small positive integer. Finally, the SV sends X to the NAP.
(2) NAP decrypts X using private key sk to get plaintext X. If x is greater than or equal to 0, makeOtherwise cause toThe results are then sent to the SVs.
CE algorithm: the objective of the CE algorithm is to compute two ciphertext integers a ═ a]pkAnd B ═ B]pkTo determine whether the plaintexts a, b are equal, thereby implementing an accurate search function. The main idea of the CE algorithm is to implement twice CGE algorithm, which is as follows:
during searching, after acquiring the trapdoor tuple TTS, the NAP firstly executes fuzzy search, puts items matched with the TTS into a candidate set TTS ', and then the NAP carries out accurate search on the TTS' to obtain a final result TTS ". The fuzzy search and precise search algorithms are algorithm 3 and algorithm 4, respectively:
after the NAP obtains the final set TTS ', the NAP obtains row vectors associated with all items in the TTS' from the encryption matrix etaThe NAP then multiplies each row vector by the correlation coefficient of the corresponding keyword trapdoor sent by the SV. Finally NAP adds all row vectors and gets vresultAs shown in fig. 13, and then transmitted to DC.
The fifth step: file decryption
And after obtaining the query result, the SV transmits the attribute set Att to the AP. The AP decrypts the relevant encryption key based on Att, as follows:
the SV decrypts the ciphertext data by using the symmetric key K to obtain a plaintext set of the query result, and the process is as follows:
and a sixth step: updating
The updating of the scheme is divided into two aspects of key updating and data updating. In this section, the present invention will introduce two aspects:
1. and (3) updating the keywords: since only the file-based two-way hash table is stored on the DC, the SV does not need to transmit the update status onto the DC.
(1) And adding the keywords. When SVs add keys to a dictionary, they need to create an updated tuple (containing the operation instruction op ═ addition "and the key W that needs to be addedadd). After AP receives tuple sent by SV, AP calculates W firstaddAnd the value of TF x IDF between each file. AP encrypts W using paillieraddObtain ciphertext [ wadd]paillierAnd deriving vectors based on the above valuesEventually the AP will sum the op and the vector setInto a new tuple and sent to the NAP. NAP utilizes self-stored hash function Hw(. a) is toMapped to the corresponding position in the matrix index and added.
(2) And deleting the keywords. The keyword deletion and addition operations are substantially similar. The operation instruction of SV is op ═ deletion. Unlike the add operation, when the NAP receives the key wdelCiphertext of (1)del]paillierTemporal NAP may use hash function Hw(. to) map its position in the matrix index and then remove the relevant vector v from the matrix indexdel。
2. And (3) updating data: data update and key update operations are quite different. The key update only needs to operate on the NAP. Data updates then need to be done simultaneously on the NAPs and the DC. The update flow will be described in detail below.
(1) And deleting the data. In the solution of the invention, file updates and keyword updates are different. File updates require the AP to issue update operations to the NAPs and the DC. Using file deletion as an example, SV generates a tuple containing the file identifier f of the file to be deleteddelAnd the delete instruction op ═ deletion. After the AP receives the tuple, the self-stored hash function H is utilizedf(. to) map to obtain [ fdel]paillierPosition ofAP will newly generate tuple (op, pos)del) Sent to NAP and DC respectively, and then NAP and DC are in alphafAnd (c) performing a delete operation with their stored matrix index.
(2) And (4) adding data. The data adding operation also needs the SV to send an operation instruction op ═ add', and the file adding indicator faddAnd addition and faddRelated keywords { [ w { [n]paillierI (n ═ i, j, z, m, n, p) } to the AP. The AP then uses a hash function Hf(. to) map to obtain [ fadd]paillierPosition pos ofadd. In addition, the AP also calculates faddAnd a keyword { [ w { [n]paillierTF × IDF between | (n ═ i, j, z, m, n, p) }. Then generating a meta-group set { ([ w ]n]paillier,(TF×IDF)n) I (n ═ i, j, z, m, n, p) }. AP will (op, [ f)add]paillier) Transmitted to DC for updating the two-way hash table alpha stored on DCf(. cndot.). At the same time AP will (op, [ f)add]paillier,{([wn]paillier,(TF×IDF)n) | l (n ═ i, j, z, m, n, p) }) is transmitted to the NAP for updating the matrix index stored at the NAP.
It should be noted that the embodiments of the present invention can be realized by hardware, software, or a combination of software and hardware. The hardware portion may be implemented using dedicated logic; the software portions may be stored in a memory and executed by a suitable instruction execution system, such as a microprocessor or specially designed hardware. Those skilled in the art will appreciate that the apparatus and methods described above may be implemented using computer executable instructions and/or embodied in processor control code, such code being provided on a carrier medium such as a disk, CD-or DVD-ROM, programmable memory such as read only memory (firmware), or a data carrier such as an optical or electronic signal carrier, for example. The apparatus and its modules of the present invention may be implemented by hardware circuits such as very large scale integrated circuits or gate arrays, semiconductors such as logic chips, transistors, or programmable hardware devices such as field programmable gate arrays, programmable logic devices, etc., or by software executed by various types of processors, or by a combination of hardware circuits and software, e.g., firmware.
The above description is only for the purpose of illustrating the present invention and the appended claims are not to be construed as limiting the scope of the invention, which is intended to cover all modifications, equivalents and improvements that are within the spirit and scope of the invention as defined by the appended claims.
Claims (10)
1. An encrypted data retrieving and sharing method, comprising:
in the initial stage of the system, firstly, system initialization is carried out, wherein the system initialization comprises key initialization and file initialization;
the authority uses an optimization algorithm to calculate the relevance scores among the keywords, uses a public key of the intelligent vehicle to encrypt the keywords in the dictionary or a certain single character to obtain a tuple, uses a hash function and a random function, and uses the obtained keyword ciphertext tuple and a file identifier to generate an encryption index;
the trapdoor generation comprises two parts; the intelligent automobile calculates the weights of all keywords in the query keyword set according to the dependency grammar and the phrase structure tree; the intelligent automobile generates a trap door by using a public key as a keyword, and a final tuple is obtained by combining the weight and the trap door;
after the tuple is obtained, the network access node firstly executes fuzzy search, the trapdoor tuple is put into a candidate set, and the network access node accurately searches the candidate set to obtain a final search result;
after obtaining the query result, the intelligent vehicle sends the attribute set of the intelligent vehicle to the authority, then the authority returns the encryption key, and the intelligent vehicle decrypts the file by using the key to obtain a plaintext set;
the data or keywords are updated.
2. The encrypted data retrieving and sharing method according to claim 1, wherein the specific initialization steps are as follows:
(1) initializing a key, setting a fuzzy value acc of query by a network access Node (NAP) to be x, wherein acc represents a text distance between two keywords, x is an integer, the NAP inputs a security parameter alpha to the AP, the AP outputs a character string K with the length of alpha, K is a key for symmetric encryption, the NAP inputs a security parameter mu to the AP, and the AP outputs a pair of keys, wherein the process is as follows:
step one, AP randomly selects two large prime numbers p and q, and calculates n as p multiplied by qWherein 0 < p < 2μ,0<q<2μ,
Step two, AP calculates sigma ═ e-1modn, where e ═ lcm (p-1, q-1);
thirdly, generating a public and private key pair by the AP, wherein pk is n and sk is (e, sigma);
(2) file initialization, SV extracting ω from a set of filesiConstructing a dictionary W, SV generating a corresponding file identifier id for each filey(1 < y < n), transmitting the W and the plaintext data set to the AP, and encrypting the files in the file set by the AP by using the symmetric key K; the AP performs an attribute encryption on K, the attribute policy being defined by SV, the AP using the common parameter pp and a random numberThe encryption key is calculated as follows:
the encryption key will be stored at the AP, and when the SV needs to decrypt, they will send the set of attributes to the AP, which will return the decrypted K to the SV.
3. The encrypted data retrieving and sharing method according to claim 1, wherein the step of constructing the index comprises:
(1) the AP calculates a relevance score between the file and the keyword by using an optimized TF multiplied by IDF algorithm;
(2) the AP executes preprocessing operation on the keywords in the dictionary;
(3) AP uses the public key pk of SVcEncrypting the key words in the dictionary and the letter words or a single character in the key words to obtain the following tuples:
AP uses a hash function Hw(·),HfAnd (c) a random function R (·), generating an encryption index using the obtained key ciphertext tuple and the file identifier, the creation steps of which are as follows:
step one, initializing a matrix eta of a (m '× n') latitude, wherein m is less than or equal to m ', n is less than or equal to n', m is the maximum number in a keyword set, n is the maximum number in a data set, and setting all elements in the matrix to be 0;
step two, for the encryption matrix index with x being 1,2, …, n 'and y being 1,2, …, m', the AP uses the hash function Hw(. to) generate a hash table αw(. to) containing the mapping result αw([wi]pk) The AP generates a hash table alpha by utilizing R (-) and H (-) valuesf(. to) containing the mapping result αf(fy) As follows:
R(idy)=fy
αf(fy)→t;
thirdly, establishing a corresponding relation between the file and the keywords based on the initialization matrix eta, if the file idyThe keyword w appears in (1. ltoreq. y. ltoreq.n)x(x is not less than 1 and not more than m), the corresponding element in the matrix eta is set as wxAnd idyTF x IDF value of, otherwise set to 0;
AP only transmits the encrypted index to NAP, and reserves hash function Hw(·)、Hf(. cndot.) and a random function R (-).
4. The encrypted data retrieving and sharing method of claim 1, wherein the specific steps for implementing trapdoor generation are as follows:
the trap door generation comprises two parts, firstly, SV calculates the weight of all key words in a query key word set according to the dependency grammar and the phrase structure tree, secondly, the intelligent automobile generates the trap door for the key words through a key pair, and then the final tuple is obtained by combining the weight and the trap door;
(1) calculating the weight, wherein for each keyword in the query set, the initial keyword relationship is 1, if the keyword has a syntactic relationship with other keywords, the weight of the keyword is changed into 1+ R, wherein R represents the syntactic relationship;
for two search keys q1And q is2Syntactic relations are denoted as R (q)1,q2) If there is a grammatical relationship between them, then q1And q is2Respectively increaseAndwherein d is1And d2Respectively represent the distance between two keywords and the common ancestor node, d represents the distance between the keywords, i.e. d ═ d1+d2;
For any query Q ═ Q1,q2,…,qzZ is the number of search keywords, and the weight value for keyword q is p × z, where p is the weight ratio of search keyword q:
the weight KW of the keyword q is expressed as:
5. The encrypted data retrieving and sharing method of claim 1, wherein after obtaining the tuple, the net access node first performs a fuzzy search to put the trapdoor tuple into the candidate set, and the net access node performs an accurate search on the candidate set to obtain a final search result specifically comprises:
CGE algorithm: SV and NAP respectively have a group of paillier key pairs of (pk, sk) and (pk)NAP,skNAP) Given two integers a, b, two ciphertext integers a ═ a are obtained by encrypting with the public key pk]pk,B=[b]pkThe CGE algorithm calculates A and B to obtain the relation between a and B;
the CGE algorithm is performed as follows:
(1) SV selects a relatively small positive integer r and calculatesAccording to additive homomorphism of the paillier encryption algorithm, there is(a-b) and (a-b) × r are marked by the same flag, since r is a small positive integer, SV sends X to NAP;
(2) NAP decrypts X by using private key sk to obtain plaintext X, and if X is larger than or equal to 0, the plaintext X is decrypted by NAPOtherwise cause toSending the results to the SVs;
CE algorithm: the objective of the CE algorithm is to compute two ciphertext integers a ═ a]pkAnd B ═ B]pkDetermining whether the plaintext a and b are equal to realize an accurate searching function, and realizing twice CGE algorithm of the CE algorithm; during searching, after acquiring the trapdoor tuple TTS, the NAP firstly executes fuzzy search, puts items matched with the TTS into a candidate set TTS ', and the NAP accurately searches the TTS' to obtain a final result TTS ";
after the NAP obtains the final set TTS ', the NAP obtains row vectors associated with all items in the TTS' from the encryption matrix etaNAP multiplies each row vector by the correlation coefficient of the corresponding keyword trapdoor sent by SV, adds all the row vectors and obtains vresultAnd then transmitted to DC.
6. The encrypted data retrieval and sharing method according to claim 1, wherein the smart vehicle sends its attribute set to the authority after obtaining the query result, and then the authority returns the encryption key, and the smart vehicle decrypts the file by using the key to obtain the plaintext set for file decryption, specifically comprising: and after obtaining the query result, the SV transmits the attribute set Att of the SV to the AP, and the AP decrypts the related encryption key based on the Att:
the SV decrypts the ciphertext data by using the symmetric key K to obtain a plaintext set of the query result, and the process is as follows:
the specific steps for updating the data or the keywords are as follows:
and (3) updating the keywords: the SV does not need to transmit the update status onto DC;
(1) key addition, when SV adds a key to a dictionary, an updated tuple is created containing the operation instruction op ═ addition "and the key W that needs to be addedaddAfter AP receives the tuple from SV, AP first calculates WaddAnd the value of TF x IDF between each file, the AP encrypts W using paillieraddObtain ciphertext [ wadd]paillierAnd deriving vectors based on the above valuesAP forms a new tuple by the op and the vector and sends the new tuple to NAP, and the NAP utilizes the hash function H stored by the NAPw(. a) is toMapping to the corresponding position in the matrix index and adding;
(2) the operation instruction of SV is op ═ deletion, and unlike the add operation, when NAP receives the key wdelCiphertext of (1)del]paillierTemporal NAP may use hash function Hw(. to) map its position in the matrix index and then remove the relevant vector v from the matrix indexdel;
And (3) updating data: the data update and key update operations are completely different, the key update only needs to be operated on the NAP, and then the data update needs to be simultaneously performed on the NAP and the DC;
(1) data deletion, file update and key update are different, the file update requires the AP to send out update operation to the NAP and the DC, and in the case of file deletion, SV generates a tuple containing the data to be deletedFile identifier f of filedelAnd deleting the instruction op as "deletion", after the AP receives the tuple, utilizing the hash function H stored by the APf(. to) map to obtain [ fdel]paillierPosition ofAP will newly generate tuple (op, pos)del) Sent to NAP and DC respectively, the NAP and DC are in alphaf(. h) and their stored matrix indices;
(2) data addition, the data addition operation also needs the SV to send an operation instruction op ═ add', and the file addition indicator faddAnd addition and faddRelated keywords { [ w { [n]paillierL (n ═ i, j, z, m, n, p) } to AP; AP uses a hash function Hf(. to) map to obtain [ fadd]paillierPosition pos ofaddAP also calculates faddAnd a keyword { [ w { [n]paillierTF × IDF between | (n ═ i, j, z, m, n, p) }; generating a set of tuples { ([ w ]n]paillier,(TF×IDF)n) I (n ═ i, j, z, m, n, p) }, the AP will (op, [ f } will doadd]paillier) Transmitted to DC for updating the two-way hash table alpha stored on DCf(. to) while the AP will be (op, [ f)add]paillier,{([wn]paillier,(TF×IDF)n) | l (n ═ i, j, z, m, n, p) }) is transmitted to the NAP, and the matrix index stored at the NAP is updated.
7. A computer device, characterized in that the computer device comprises a memory and a processor, the memory storing a computer program which, when executed by the processor, causes the processor to carry out the steps of:
in the initial stage of the system, firstly, system initialization is carried out, wherein the system initialization comprises key initialization and file initialization;
the authority uses an optimization algorithm to calculate the relevance scores among the keywords, uses a public key of the intelligent vehicle to encrypt the keywords in the dictionary or a certain single character to obtain a tuple, uses a hash function and a random function, and uses the obtained keyword ciphertext tuple and a file identifier to generate an encryption index;
the trapdoor generation comprises two parts; the intelligent automobile calculates the weights of all keywords in the query keyword set according to the dependency grammar and the phrase structure tree; the intelligent automobile generates a trap door by using a public key as a keyword, and a final tuple is obtained by combining the weight and the trap door;
after the tuple is obtained, the network access node firstly executes fuzzy search, the trapdoor tuple is put into a candidate set, and the network access node accurately searches the candidate set to obtain a final search result;
after obtaining the query result, the intelligent vehicle sends the attribute set of the intelligent vehicle to the authority, then the authority returns the encryption key, and the intelligent vehicle decrypts the file by using the key to obtain a plaintext set;
the data or keywords are updated.
8. A computer-readable storage medium storing a computer program which, when executed by a processor, causes the processor to perform the steps of:
in the initial stage of the system, firstly, system initialization is carried out, wherein the system initialization comprises key initialization and file initialization;
the authority uses an optimization algorithm to calculate the relevance scores among the keywords, uses a public key of the intelligent vehicle to encrypt the keywords in the dictionary or a certain single character to obtain a tuple, uses a hash function and a random function, and uses the obtained keyword ciphertext tuple and a file identifier to generate an encryption index;
the trapdoor generation comprises two parts; the intelligent automobile calculates the weights of all keywords in the query keyword set according to the dependency grammar and the phrase structure tree; the intelligent automobile generates a trap door by using a public key as a keyword, and a final tuple is obtained by combining the weight and the trap door;
after the tuple is obtained, the network access node firstly executes fuzzy search, the trapdoor tuple is put into a candidate set, and the network access node accurately searches the candidate set to obtain a final search result;
after obtaining the query result, the intelligent vehicle sends the attribute set of the intelligent vehicle to the authority, then the authority returns the encryption key, and the intelligent vehicle decrypts the file by using the key to obtain a plaintext set;
the data or keywords are updated.
9. A vehicle information data processing terminal, characterized in that the vehicle information data processing terminal is used for realizing the encrypted data retrieval and sharing method of any one of claims 1 to 6.
10. An encrypted data retrieving and sharing system for implementing the encrypted data retrieving and sharing method according to any one of claims 1 to 6, wherein the encrypted data retrieving and sharing system comprises:
the system initialization module is used for carrying out system initialization including key initialization and file initialization at the initial stage of the system;
the system comprises an encryption index generation module, an authority and a file identifier generation module, wherein the encryption index generation module is used for calculating correlation row scores among keywords by using an optimization algorithm, acquiring tuples by using the keywords or a certain single character in a public key encryption dictionary of the intelligent vehicle, and generating an encryption index by using the acquired keyword ciphertext tuples and the file identifier by using a hash function and a random function by the authority;
the trapdoor generation module is used for generating the trapdoor; the intelligent automobile calculates the weights of all keywords in the query keyword set according to the dependency grammar and the phrase structure tree; the intelligent automobile generates a trap door by using a public key as a keyword, and a final tuple is obtained by combining the weight and the trap door;
the search result acquisition module is used for performing fuzzy search by the network access node after obtaining the tuple, putting the trapdoor tuple into the candidate set, and accurately searching the candidate set by the network access node to obtain a final search result;
the plaintext set acquisition module is used for sending the attribute set of the intelligent vehicle to the authority after the intelligent vehicle obtains the query result, the authority returns the encryption key, and the intelligent vehicle decrypts the file by using the key to obtain a plaintext set;
and the updating module is used for updating the data or the keywords.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011430096.7A CN112632598B (en) | 2020-12-09 | 2020-12-09 | Encrypted data retrieval and sharing method, system, medium, equipment and application |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011430096.7A CN112632598B (en) | 2020-12-09 | 2020-12-09 | Encrypted data retrieval and sharing method, system, medium, equipment and application |
Publications (2)
Publication Number | Publication Date |
---|---|
CN112632598A true CN112632598A (en) | 2021-04-09 |
CN112632598B CN112632598B (en) | 2022-10-18 |
Family
ID=75308970
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011430096.7A Active CN112632598B (en) | 2020-12-09 | 2020-12-09 | Encrypted data retrieval and sharing method, system, medium, equipment and application |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112632598B (en) |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113343000A (en) * | 2021-05-17 | 2021-09-03 | 杭州未名信科科技有限公司 | Image encryption method and device based on national cryptographic algorithm, electronic equipment and medium |
CN114219052A (en) * | 2022-02-23 | 2022-03-22 | 富算科技(上海)有限公司 | Graph data fusion method and device, electronic equipment and storage medium |
CN114422273A (en) * | 2022-03-29 | 2022-04-29 | 四川高速公路建设开发集团有限公司 | Sensitive decision data safety sharing method in intelligent construction engineering information system |
CN114727106A (en) * | 2022-06-08 | 2022-07-08 | 深圳市温暖生活科技有限公司 | Signal processing and transmission method and system of electronic equipment |
CN114826736A (en) * | 2022-04-26 | 2022-07-29 | 平安普惠企业管理有限公司 | Information sharing method, device, equipment and storage medium |
CN115033925A (en) * | 2022-08-11 | 2022-09-09 | 三未信安科技股份有限公司 | Database security retrieval method |
CN117131209A (en) * | 2023-10-26 | 2023-11-28 | 中国传媒大学 | Phrase searching and verifying method and system for encrypted data based on blockchain |
CN117574435A (en) * | 2024-01-12 | 2024-02-20 | 云阵(杭州)互联网技术有限公司 | Multi-keyword trace query method, device and system based on homomorphic encryption |
CN117596085A (en) * | 2024-01-19 | 2024-02-23 | 华南理工大学 | Searchable encryption method with forward and backward privacy based on attribute set |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106326360A (en) * | 2016-08-10 | 2017-01-11 | 武汉科技大学 | Fuzzy multi-keyword retrieval method of encrypted data in cloud environment |
WO2018047698A1 (en) * | 2016-09-12 | 2018-03-15 | 日本電信電話株式会社 | Encoded message retrieval method, message transmission/reception system, server, terminal, and program |
CN108345802A (en) * | 2018-02-11 | 2018-07-31 | 西安电子科技大学 | Join safe and efficient cipher text retrieval method, the onboard system of cloud system based on vehicle |
CN108712366A (en) * | 2018-03-27 | 2018-10-26 | 西安电子科技大学 | That morphology meaning of a word fuzzy search is supported in cloud environment can search for encryption method and system |
WO2019153813A1 (en) * | 2018-02-07 | 2019-08-15 | 华南理工大学 | Full-text fuzzy retrieval method for similar chinese characters in ciphertext domain |
CN110908959A (en) * | 2019-10-30 | 2020-03-24 | 西安电子科技大学 | Dynamic searchable encryption method supporting multi-keyword and result sorting |
CN111556495A (en) * | 2020-03-19 | 2020-08-18 | 西安电子科技大学 | Multi-user searchable encryption method and encryption system in Internet of vehicles environment |
-
2020
- 2020-12-09 CN CN202011430096.7A patent/CN112632598B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106326360A (en) * | 2016-08-10 | 2017-01-11 | 武汉科技大学 | Fuzzy multi-keyword retrieval method of encrypted data in cloud environment |
WO2018047698A1 (en) * | 2016-09-12 | 2018-03-15 | 日本電信電話株式会社 | Encoded message retrieval method, message transmission/reception system, server, terminal, and program |
WO2019153813A1 (en) * | 2018-02-07 | 2019-08-15 | 华南理工大学 | Full-text fuzzy retrieval method for similar chinese characters in ciphertext domain |
CN108345802A (en) * | 2018-02-11 | 2018-07-31 | 西安电子科技大学 | Join safe and efficient cipher text retrieval method, the onboard system of cloud system based on vehicle |
CN108712366A (en) * | 2018-03-27 | 2018-10-26 | 西安电子科技大学 | That morphology meaning of a word fuzzy search is supported in cloud environment can search for encryption method and system |
CN110908959A (en) * | 2019-10-30 | 2020-03-24 | 西安电子科技大学 | Dynamic searchable encryption method supporting multi-keyword and result sorting |
CN111556495A (en) * | 2020-03-19 | 2020-08-18 | 西安电子科技大学 | Multi-user searchable encryption method and encryption system in Internet of vehicles environment |
Non-Patent Citations (4)
Title |
---|
KAI FAN等: "Secure and Efficient Privacy-Preserving Ciphertext Retrieval in Connected Vehicular Cloud Computing", 《IEEE NETWORK》 * |
WANG JIE等: "A Novel Dynamic Ranked Fuzzy Keyword Search over Cloud Encrypted Data", 《2014 IEEE 12TH INTERNATIONAL CONFERENCE ON DEPENDABLE, AUTONOMIC AND SECURE COMPUTING》 * |
徐光伟等: "基于语义扩展的多关键词可搜索加密算法", 《计算机研究与发展》 * |
李陶深等: "云环境下支持多用户模糊检索加密算法研究", 《小型微型计算机系统》 * |
Cited By (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113343000A (en) * | 2021-05-17 | 2021-09-03 | 杭州未名信科科技有限公司 | Image encryption method and device based on national cryptographic algorithm, electronic equipment and medium |
CN114219052A (en) * | 2022-02-23 | 2022-03-22 | 富算科技(上海)有限公司 | Graph data fusion method and device, electronic equipment and storage medium |
CN114422273A (en) * | 2022-03-29 | 2022-04-29 | 四川高速公路建设开发集团有限公司 | Sensitive decision data safety sharing method in intelligent construction engineering information system |
CN114422273B (en) * | 2022-03-29 | 2022-06-17 | 四川高速公路建设开发集团有限公司 | Sensitive decision data safety sharing method in intelligent construction engineering information system |
CN114826736A (en) * | 2022-04-26 | 2022-07-29 | 平安普惠企业管理有限公司 | Information sharing method, device, equipment and storage medium |
CN114727106A (en) * | 2022-06-08 | 2022-07-08 | 深圳市温暖生活科技有限公司 | Signal processing and transmission method and system of electronic equipment |
CN115033925A (en) * | 2022-08-11 | 2022-09-09 | 三未信安科技股份有限公司 | Database security retrieval method |
CN115033925B (en) * | 2022-08-11 | 2022-10-28 | 三未信安科技股份有限公司 | Database security retrieval method |
CN117131209A (en) * | 2023-10-26 | 2023-11-28 | 中国传媒大学 | Phrase searching and verifying method and system for encrypted data based on blockchain |
CN117131209B (en) * | 2023-10-26 | 2024-02-13 | 中国传媒大学 | Phrase searching and verifying method and system for encrypted data based on blockchain |
CN117574435A (en) * | 2024-01-12 | 2024-02-20 | 云阵(杭州)互联网技术有限公司 | Multi-keyword trace query method, device and system based on homomorphic encryption |
CN117574435B (en) * | 2024-01-12 | 2024-04-23 | 云阵(杭州)互联网技术有限公司 | Multi-keyword trace query method, device and system based on homomorphic encryption |
CN117596085A (en) * | 2024-01-19 | 2024-02-23 | 华南理工大学 | Searchable encryption method with forward and backward privacy based on attribute set |
Also Published As
Publication number | Publication date |
---|---|
CN112632598B (en) | 2022-10-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN112632598B (en) | Encrypted data retrieval and sharing method, system, medium, equipment and application | |
Sun et al. | Practical backward-secure searchable encryption from symmetric puncturable encryption | |
Jiang et al. | A utility-aware general framework with quantifiable privacy preservation for destination prediction in LBSs | |
US11537626B2 (en) | Full-text fuzzy search method for similar-form Chinese characters in ciphertext domain | |
CN106815350B (en) | Dynamic ciphertext multi-keyword fuzzy search method in cloud environment | |
EP3168771B1 (en) | Poly-logarythmic range queries on encrypted data | |
CN113626484B (en) | Encryption method, system and computer equipment capable of flexibly replacing ciphertext and searching | |
Jing et al. | Authentication of k nearest neighbor query on road networks | |
CN109493017A (en) | Credible outsourcing storage method based on block chain | |
CN108345802B (en) | Safe and efficient ciphertext retrieval method based on vehicle-connected cloud system and vehicle-mounted system | |
Garg et al. | TWORAM: round-optimal oblivious RAM with applications to searchable encryption | |
CN110908959A (en) | Dynamic searchable encryption method supporting multi-keyword and result sorting | |
Kermanshahi et al. | Geometric range search on encrypted data with forward/backward security | |
CN109088719A (en) | Outsourced database multi-key word can verify that cipher text searching method, data processing system | |
CN114531220A (en) | Efficient fault-tolerant dynamic phrase searching method based on forward privacy and backward privacy | |
CN115438230A (en) | Safe and efficient dynamic encrypted cloud data multidimensional range query method | |
CN110222520B (en) | Keyword query method for supporting graph encrypted data in cloud environment | |
CN113254743B (en) | Security semantic perception searching method for dynamic spatial data in Internet of vehicles | |
Wang et al. | Encrypted data retrieval and sharing scheme in space–air–ground-integrated vehicular networks | |
Li et al. | Secure semantic-aware search over dynamic spatial data in VANETs | |
Xu et al. | Dynamic chameleon authentication tree for verifiable data streaming in 5G networks | |
Zhang et al. | Tree-based public key encryption with conjunctive keyword search | |
Utsunomiya et al. | LPCQP: Lightweight private circular query protocol with divided POI-table and somewhat homomorphic encryption for privacy-preserving k-NN search | |
CN112632063B (en) | Restricted shortest distance query method, electronic device, and readable storage medium | |
Li et al. | Adaptive secure nearest neighbor query processing over encrypted data |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |