CN113420175B - Verifiable fine-grained encrypted image retrieval method and system - Google Patents

Abstract

A verifiable fine-grained encrypted image retrieval method and a verifiable fine-grained encrypted image retrieval system are provided, wherein the method comprises the following steps: generating an image vector; generating a searchable index and a final index signature; generating a query vector; generating searchable trapdoors and final trapdoor signatures; inquiring an image ciphertext set; and verifying the correctness of the selected image ciphertext. The invention realizes effective fine-grained access control through the polynomial-based access strategy. Different search keywords are distributed to different image owners and query users, the initial index and the trapdoors are converted into searchable indexes and trapdoors by the cloud server respectively, and image retrieval supporting the environment of multiple owners and multiple users is achieved. Before uploading the initial index and the trapdoor, the image owner and the querying user authenticate the initial index and the trapdoor to obtain an index signature and a trapdoor signature, respectively. The cloud server then generates a proof for the search result based on the signature. Finally, the querying user can effectively verify the correctness of the search results based on the proof.

Description

Verifiable fine-grained encrypted image retrieval method and system

Technical Field

The invention belongs to the field of information security, and particularly relates to a method and a system for searching verifiable fine-grained encrypted images.

Background

The paper "An effective and private-preserving content-based image retrieval documents" published by Zhihua Xia et alAn image retrieval scheme based on content efficient privacy protection in a cloud computing environment is disclosed in (Information Sciences, vol.387, pp.195-204, 2017). The method firstly extracts image features f based on local descriptors _i And calculate f _i Constructing a pre-filtering index table and a linear index table by using the corresponding bucket values, and pairing f by using a KNN algorithm _i Is encrypted to obtain f _i ' and after further encrypting the bucket values in the pre-filtering index table, uploading the encrypted image set and the encrypted index table to a cloud server by an image owner; query user extracts query image features f based on local descriptors _q And calculate f _q Corresponding inquiry bucket value and using KNN algorithm to pair f _q Is encrypted to obtain f _q ' Generation includes f _q ' uploading the query trapdoors with the query bucket values to a cloud server; the cloud server firstly traverses the pre-filtering table by using the query bucket value so as to filter most dissimilar image results and improve retrieval efficiency, and then traverses the linear index table corresponding to the query bucket value to calculate f _q ' and f _i The inner product of' selects the items with larger inner product values of the first k, and feeds back top-k ciphertext images as retrieval results to the query user.

A patent application "a high-efficiency ciphertext image retrieval method supporting privacy protection in a cloud environment" (application number CN201710467097.0, publication number CN 107480163A) proposed by dawn peak, wang garden, etc. discloses a high-efficiency ciphertext image retrieval scheme supporting privacy protection in a cloud environment, i.e. an image owner firstly extracts feature vectors from images in a database and encrypts the images by using an AES or RSA encryption mode; the owner establishes an index by using a hierarchical K-means algorithm based on the feature vector, and encrypts the index by using a secure modular hash technology; and uploading the encrypted image and the index to a cloud server and executing retrieval operation. The scheme can simultaneously realize privacy protection of ciphertext image retrieval and retrieval accuracy equivalent to that of plaintext image retrieval.

The above prior art has the following technical problems: 1) Fine-grained access control is not supported: in the second prior art scheme, each image in the encrypted image set is not provided with an access structure, so that the problem of privacy disclosure may be caused. 2) Multi-owner multi-user environments are not supported: the two prior art schemes are only suitable for single-owner and single-user environments, and have low application prospects. 3) The correctness of the retrieval result cannot be verified: in the two prior art schemes, the cloud server is honest and curious, if the cloud server can carry out malicious tampering on the retrieval result data for the benefit of the cloud server, the query user cannot know the tampering result data, and therefore the security is low.

Disclosure of Invention

The present invention aims to solve the problems in the prior art, and provides a method and a system for verifying a fine-grained encrypted image retrieval, which can achieve effective fine-grained access control and image retrieval in a multi-owner and multi-user environment, and can effectively verify the correctness of a search result.

In order to achieve the purpose, the invention has the following technical scheme:

a verifiable fine-grained encrypted image retrieval method comprises the following steps:

-generating an image vector;

-generating a searchable index and a final index signature;

-generating a query vector;

-generating searchable trapdoors and final trapdoor signatures;

-querying the image corpus;

-verifying the correctness of the selected image ciphertext.

As a preferred aspect of the present invention, the specific step of generating the image vector includes:

(1a) The image owner extracts each image f _i And reducing the extracted features into a d-dimensional bit feature vector p _i Wherein the value range of i is {1,2, \8230;, m }, and m represents the size of the outsourcing image set;

(1b) The image owner will assign each bit feature vector p _i All 0's in (1) are converted to-1, resulting in a vector

(1c) Suppose A _i ＝{a ₁ ,a ₂ ,…,a _ρ Is an accessible image f _i A set of all roles, the image owner will set a _i As roots, construct a polynomial g _i (x)＝D×(x-a ₁ )×…×(x-a _ρ ) A goniochromatic polynomial as the ith image, where a ₁ ,a ₂ ,…,a _ρ D is a positive integer and is more than or equal to 2D;

(1d) The image owner will use the bit feature vector p _i Expansion into image vectors

Wherein, the first and the second end of the pipe are connected with each other,

angular polynomial g representing the ith image _i (x) Coefficient of expansion, epsilon _i1 ,…,ε _iv And v random numbers independently and randomly selected from normal distribution are shown, wherein h represents the total number of all roles, and v is more than or equal to 1.

As a preferred embodiment of the present invention, the polynomial g to be constructed in the step (1 c) _i (x)＝D×(x-a ₁ )×…×(x-a _ρ ) Is replaced by g _i (x)＝(x-a ₁ )×…×(x-a _ρ ) Wherein, { a ₁ ,a ₂ ,…,a _ρ Satisfy certain relationships, including { a } ₁ ,a ₂ ,…,a _ρ The tolerance is a positive integer which is greater than or equal to 2d; or { a } ₁ ,a ₂ ,…,a _ρ Is a super-increment number row, and

tau has a value range of {1,2, \8230;, rho }, and sigma represents a summation symbol.

As a preferred embodiment of the present invention, the specific steps of generating the searchable index and the final index signature include:

(2a) The trusted authority generates a random bit vector s with dimension of (d + h + v + 1)Two random reversible matrixes M with dimensions of (d + h + v + 1) × (d + h + v + 1),

one verification key K = { δ, α }, where δ represents a seed of a pseudorandom function, α is a random number, and α ∈ R _η ，R _η A set of real numbers representing a η -bit encoding;

(2b) The trusted authority generates a pair of owner keys K for each data owner _DO,1 ,K _DO,2 A 1 is prepared by _DO,2 Sending to the cloud server, wherein K _DO,1 Representing the first owner key component:

K _DO,2 represents the second owner key component:

M _o ,

M′ _o ,

are random reversible matrices of (d + h + v + 1) × (d + h + v + 1) dimensions, and M = M _o ·M′ _o ，

(2c) The image owner utilizes a first owner key component K _DO,1 Corresponding image vector of each outsourcing image

Initial index encrypted to 2 (d + h + v + 1) dimensions

Wherein the content of the first and second substances,

is two (d + h + v + 1) dimensionsIf s [ iota ] is]=0, satisfies

Otherwise

The value range of the iota is {1,2, \8230;, d + h + v +1}, and T represents transposition operation;

(2d) Image owner calculates r _i,j ＝F _δ (l _i,j ) Wherein l _i,j Is an initial index I _i The value range of j of the label of the jth element in the middle is {1,2, \8230;, d + h + v +1}, and a 2 (d + h + v + 1) -dimensional vector R is obtained _i ＝(r _i,1 ,r _i,2 ,…,r _i,2(d+h+v+1) ) Calculating

Obtaining an initial index signature

(2e) The image owner encrypts the image set to obtain an encrypted image set;

(2f) Image owner will encrypt image set, initial image index { I } _i } _i∈[1,m] Initial index signature { σ } _I,i } _i∈[1,m] Sending the data to a cloud server;

(2g) The cloud server utilizes the second owner key component

Each initial index I _i Conversion into a searchable index

Signing each initial index by sigma _I,i Conversion to final index signature

Wherein

To represent

A vector consisting of the first d + h + v +1 elements,

represent

And d + h + v +1 elements in the middle and later stages.

As a preferable scheme of the present invention, in the step (2 e), the image set is encrypted by an image encryption algorithm, wherein the image encryption algorithm is chaotic mapping encryption, DES or RSA.

As a preferred embodiment of the present invention, the specific steps of generating the query vector include:

(3a) Trusted authority generates a pair of user keys K for newly-joined inquiring users _EN,1 ,K _EN,2 A 1 is prepared by _EN,2 Sent to the cloud server, wherein K _EN,1 Representing the first user key component:

K _EN,2 representing a second user key component:

wherein M is _u ,

M′ _u ,

Are random reversible matrices of (d + h + v + 1) × (d + h + v + 1) dimensions, and M ^-1 ＝M′ _u ·M _u ，

(3b) The query user extracts the characteristics of the query image and reduces the dimension of the extracted characteristics into a d-dimensional bit query characteristic vector q;

(3c) The inquiring user converts all 0 s in the bit inquiry characteristic vector q into-1 to obtain a vector

(3d) Querying a user about vectors

Expansion into query vectors

Wherein, a represents the role corresponding to the query user, and b represents a v-dimensional random bit vector;

(3e) Querying a user for a first user key component

Encrypting a query vector

Obtaining an initial trapdoor

Wherein the content of the first and second substances,

representing two d + h + v +1 dimensional vectors if s [ iota ]]=0, satisfies

Otherwise

Wherein the value range of the iota is {1,2, \8230;, d + h + v +1};

(3f) Query computation r _j ＝F _δ (l _j ) Wherein l is _j The value range of j is {1,2, \8230;, d + h + v +1}, and a 2 (d + h + v + 1) -dimensional vector R is obtained ₀ ＝(r ₁ ,r ₂ ,…,r _2(d+h+v+1) ) Calculating

Deriving initial trapdoor signature

(3g) Inquiring user will initial trapdoor T and initial trapdoor signature sigma _T And sending the data to a cloud server.

As a preferred solution of the present invention, the specific steps of generating searchable trapdoors and final trapdoor signatures and querying the dense corpus of images include:

(4a) Utilizing a second user key component

Converting each initial trapdoor T into a searchable trapdoor

Converting each initial trapdoor signature into a final trapdoor signature

Wherein

Represent

A vector consisting of the first d + h + v +1 elements,

represent

A vector consisting of d + h + v +1 elements after the neutralization;

(4b) The cloud server calculates the inner product of each searchable index and each searchable trapdoor, compares the absolute value of each calculated inner product value with the value of d, and if the absolute value of the inner product value is smaller than d, the query user can access the corresponding image; otherwise, inquiring the corresponding image ciphertext which the user does not have access to;

(4c) The cloud server selects k image ciphertexts with the maximum inner product value in the accessible image cipher text set, and calculates a final index signature corresponding to each selected image cipher text

And final trapdoor signature

Is convolved with

Obtaining a certificate of a corresponding image ciphertext, wherein k is a positive integer, and the value range of i' is {1,2, \ 8230;, k };

(4d) And the cloud server returns the selected k image ciphertexts, the corresponding inner product values and the proofs to the query user as query results.

As a preferred aspect of the present invention, the specific step of verifying the correctness of the selected image ciphertext includes:

(5a) Querying the user with the corresponding second user key component

Encryption vector R ₀ ＝(r ₁ ,r ₂ ,…,r _2(d+h+v+1) ) To obtain a ciphertext

Wherein the content of the first and second substances,

represents R ₀ The first d + h + v +1 elements of (a),

represents R ₀ The last d + h + v +1 elements of (d) to (v);

(5b) Calculating the vector R corresponding to each selected image ciphertext _i′ ＝(r _i′,1 ,r _i′,2 ,…,r _{i′,2(d+h+v+1)} ) And ciphertext

Inner product psi of _i′ Calculating phi _i′ And vector (alpha) ⁰ ,α ¹ ,α ² ) Internal product psi' _i′ ；

(5c) Judge psi _i′ And psi' _i′ Whether they are equal or not, and determining

And whether the inner product values corresponding to the corresponding image ciphertexts are equal or not is judged, if the inner product values corresponding to the corresponding image ciphertexts are equal, the image ciphertexts are decrypted by using the key used by the image encryption algorithm to obtain the plaintext image meeting the requirement, and if not, the corresponding image ciphertexts are refused to be accepted.

The invention also provides a verifiable fine-grained encrypted image retrieval system, which comprises:

the image vector generation module is used for generating an image vector;

an index generation module for generating a searchable index and a final index signature;

the query vector generation module is used for generating a query vector;

the trapdoor generation module is used for generating a searchable trapdoor and a final trapdoor signature;

the image dense text set query module is used for querying the image dense text set;

and the verification module is used for verifying the correctness of the selected image ciphertext.

Compared with the prior art, the invention has the following beneficial effects: effective fine-grained access control is achieved through a polynomial-based access policy. In particular, the access structure of each image is specified by constructing a role polynomial, and different access roles are assigned to different querying users according to their identities. If the querying user does not have access to an image, the corresponding calculation may be much larger than the given threshold. Different search keywords are distributed to different image owners and inquiry users by using a double-safety k-nearest neighbor technology, wherein the initial index and the trapdoor are respectively converted into a searchable index and a trapdoor by the cloud server by using the safety k-nearest neighbor technology, and the image retrieval supporting the environment of multiple owners and multiple users is realized. The similarity calculation results are effectively verified using adaptive homomorphic message authentication techniques, and in particular, the image owner and the querying user authenticate the initial index and the trapdoor before uploading them to obtain an index signature and a trapdoor signature, respectively. The cloud server then generates a proof for the search result based on the signature. Finally, the querying user may effectively verify the correctness of the search results based on the proof.

Drawings

FIG. 1 is a flow chart of a verifiable fine-grained encrypted image retrieval method of the present invention;

FIG. 2 is a signal flow diagram of a verifiable fine-grained encrypted image retrieval method in a multi-owner multi-user environment.

Detailed Description

The present invention will be described in further detail with reference to the accompanying drawings and examples.

The invention provides a verifiable fine-grained encrypted image retrieval method aiming at the problems that the existing privacy protection image retrieval method cannot realize light-weight fine-grained access control and cannot verify the correctness of retrieval results.

The design idea of the invention is that a trusted authority initializes the system to generate a related key; the data owner encrypts the image set, constructs an initial index, generates an initial index signature, and stores the image ciphertext set, the initial index and the initial index signature in the cloud server; the cloud server converts the initial index and the initial index signature to generate a searchable index and a final index signature; the query user encrypts the query vector, generates an initial trapdoor and an initial trapdoor signature and submits the initial trapdoor signature to the cloud server; the cloud server converts the initial trapdoor and the initial trapdoor signature to obtain a searchable trapdoor and a final trapdoor signature, finds out the first k ciphertext image data with the largest image correlation value in the accessible range according to the inner product calculation result of the searchable index and the searchable trapdoor, generates corresponding proofs, and returns the ciphertext image retrieval result and the corresponding proofs to the inquiring user; and the inquiring user carries out correctness verification on the retrieval result, and if the verification is successful, the inquiring user decrypts a plaintext image result.

Specifically, referring to fig. 1 and 2, the method for retrieving the fine-grained encrypted image includes the following steps:

(1) And (3) generating an image vector:

(1a) Image owner extracts each image f using convolutional neural network model _i And reducing the extracted features into a d-dimensional bit feature vector p by using an iterative quantization method _i Wherein, the value range of i is {1,2, \8230;, m }, and m represents the size of the outsourcing image set; d is a positive integer and is generally 128 or 256, the larger d the less features are lost and the greater the computational complexity;

(1b) The image owner will assign each bit feature vector p _i All 0's in (1) are converted to-1, resulting in a vector

(1c) Suppose A _i ＝{a ₁ ,a ₂ ,…,a _ρ Is an accessible image f _i A set of all roles, the image owner will set a _i As roots, construct a polynomial g _i (x)＝D×(x-a ₁ )×…×(x-a _ρ ) As a color polynomial of the ith image, where a ₁ ,a ₂ ,…,a _ρ D is a positive integer and is not less than 2D;

the angle polynomial g _i (x)＝D×(x-a ₁ )×…×(x-a _ρ ) Can also be replaced by g _i (x)＝(x-a ₁ )×…×(x-a _ρ ) Wherein, { a ₁ ,a ₂ ,…,a _ρ Satisfy a certain relationship, such as { a } ₁ ,a ₂ ,…,a _ρ The arithmetic is an arithmetic progression, and the tolerance is a positive integer greater than or equal to 2d; or { a } ₁ ,a ₂ ,…,a _ρ Is a super-increment number row, and

tau has a value range of {1,2, \8230;, rho }.

(1d) The image owner converts the bit feature vector p _i Expansion into image vectors

Wherein the content of the first and second substances,

angular polynomial g representing the ith image _i (x) Coefficient of expansion, epsilon _i1 ,…,ε _iv The method comprises the steps of representing v random numbers independently and randomly selected from normal distribution, wherein h represents the total number of all roles, and v is larger than or equal to 1;

in an embodiment of the invention, the set 1,6,12,24,48 may be used as the set of access roles. If the role 1,12,24 has access to the outsourced image f _i Then outsourcing the image f _i Has a goniochromatic polynomial of g ₁ ＝(x-1)(x-12)(x-24)＝-288+324x-36x ² +1x ³ +0x ⁴ +0x ⁵ Thus, the outsourcing image f _i Is an intermediate data vector of

(2) Generating a searchable index and a final index signature:

(2a) The trusted authority generates a random bit vector s with dimension of (d + h + v + 1) and two random reversible matrixes M with dimension of (d + h + v + 1) and (d + h + v + 1),

one verification key K = { δ, α }, where δ represents a seed of a pseudorandom function, α is a random number, and α ∈ R _η ，R _η A set of real numbers representing an η -bit encoding;

(2b) The trusted authority generates a pair of owner keys K for each data owner _DO,1 ,K _DO,2 Is a reaction of K _DO,2 Sending to the cloud server, wherein K _DO,1 Represents the first ownerKey component:

K _DO,2 representing the second owner key component:

M _o ,

M′ _o ,

all are random reversible matrices of (d + h + v + 1) × (d + h + v + 1) dimensions, and M = M _o ·M′ _o ，

(2c) The image owner utilizes a first owner key component K _DO,1 Corresponding image vector of each outsourcing image

Initial index encrypted to 2 (d + h + v + 1) dimensions

Wherein the content of the first and second substances,

is a vector of two dimensions (d + h + v + 1), if s [ iota [ ]]=0, satisfies

Otherwise

The value range of iota is {1,2, \8230;, d + h + v +1}, and T represents transposition operation;

(2d) Image owner calculates r _i,j ＝F _δ (l _i,j ) Wherein l is _i,j Is an initial index I _i The value range of j of the label of the jth element in the list is {12, \ 8230;, d + h + v +1}, to obtain a 2 (d + h + v + 1) -dimensional vector R _i ＝(r _i,1 ,r _i,2 ,…,r _i,2(d+h+v+1) ) Calculating

Obtaining an initial index signature

(2e) The image owner encrypts the image set by adopting an image encryption algorithm to obtain an encrypted image set; the image encryption algorithm is as follows: any algorithm of chaotic mapping encryption, DES and RSA;

(2f) Image owner will encrypt image set, initial image index { I } _i } _i∈[1,m] Initial index signature [ sigma ] _I,i } _i∈[1,m] Sending to a cloud server;

(2g) The cloud server utilizes the second owner key component

Each initial index I _i Conversion into a searchable index

Signing each initial index by sigma _I,i Conversion to final index signature

Wherein

Represent

A vector consisting of the first d + h + v +1 elements,

represent

And d + h + v +1 elements in the middle and later stages.

(3) Generating a query vector:

(3a) Trusted authority generates a pair of user keys K for newly-joined inquiring users _EN,1 ,K _EN,2 Is a reaction of K _EN,2 Sent to the cloud server, wherein K _EN,1 Representing a first user key component:

K _EN,2 representing a second user key component:

wherein M is _u ,

M′ _u ,

Are random reversible matrices of (d + h + v + 1) × (d + h + v + 1) dimensions, and M ^-1 ＝M′ _u ·M _u ，

(3b) The query user extracts the characteristics of the query image according to the convolutional neural network model, and reduces the dimensions of the extracted characteristics into a d-dimensional bit query characteristic vector q by using an iterative quantization method;

(3c) The inquiring user converts all 0 s in the bit inquiry characteristic vector q into-1 to obtain a vector

(3d) Querying a user about vectors

Expansion into query vectors

Wherein, a represents a query user pairCorresponding roles, b represents a v-dimensional random bit vector;

(3e) Querying a user for a first user key component

Encrypting a query vector

Obtaining an initial trapdoor

Wherein the content of the first and second substances,

represents two d + h + v +1 dimensional vectors if s [ iota ]]=0, satisfies

Otherwise

Wherein the value range of the iota is {1,2, \8230;, d + h + v +1};

(3f) Query computation r _j ＝F _δ (l _j ) Wherein l _j Is the label of the jth element in the initial trapdoor T, the value range of j is {1,2, \8230;, d + h + v +1}, and a 2 (d + h + v + 1) -dimensional vector R is obtained ₀ ＝(r ₁ ,r ₂ ,…,r _2(d+h+v+1) ) Calculating

Obtaining an initial trapdoor signature

(3g) Inquiring user will initially trap door T and initially trap door signature sigma _T Sending the data to a cloud server;

(4) Inquiring the image ciphertext set:

(4a) Using a second user key component

Converting each initial trapdoor T into a searchable trapdoor

Converting each initial trapdoor signature into a final trapdoor signature

Wherein

Represent

A vector consisting of the first d + h + v +1 elements,

represent

A vector consisting of d + h + v +1 elements after the neutralization;

(4b) The cloud server calculates the inner product of each searchable index and each searchable trapdoor, compares the absolute value of each calculated inner product value with the value of d, and if the absolute value of the inner product value is smaller than d, the query user can access the corresponding image; otherwise, inquiring the corresponding image ciphertext which the user does not have access to;

(4c) The cloud server selects k image ciphertexts with the maximum inner product values in the accessible image cipher text set, and calculates the final index signature corresponding to each selected image cipher text

And final trapdoor signature

Is convolved with

Obtaining the proof of the corresponding image ciphertext, wherein k is a positive integer, and the value range of i' is{1,2,…,k}；

(4d) The cloud server returns the selected k image ciphertexts, the corresponding inner product values and the proofs to the query user as query results;

(5) Verifying the correctness of the selected k image ciphertexts:

(5a) Querying the user with the corresponding second user key component

Encrypted vector R ₀ ＝(r ₁ ,r ₂ ,…,r _2(d+h+v+1) ) To obtain a ciphertext

Wherein the content of the first and second substances,

represents R ₀ The first d + h + v +1 elements of (a),

represents R ₀ The last d + h + v +1 elements of (d) to (v);

(5b) Calculating the vector R corresponding to each selected image ciphertext _i′ ＝(r _i′,1 ,r _i′,2 ,…,r _{i′,2(d+h+v+1)} ) And ciphertext

Inner product psi of _i′ Calculating phi _i′ And vector (alpha) ⁰ ,α ¹ ,α ² ) Internal product psi' _i′ ；

(5c) Judge psi _i′ And psi' _i′ Whether they are equal to each other is judged

And if the inner product values corresponding to the corresponding image ciphertexts are equal, decrypting the image ciphertexts by using the key used by the image encryption algorithm to obtain a plaintext image meeting the requirement, otherwise, refusing to accept the corresponding image ciphertexts.

The invention also provides a verifiable fine-grained encrypted image retrieval system, which comprises:

the image vector generating module is used for generating an image vector;

the index generating module is used for generating a searchable index and a final index signature;

the query vector generation module is used for generating a query vector;

the trapdoor generation module is used for generating a searchable trapdoor and a final trapdoor signature;

the image dense text set query module is used for querying the image dense text set;

and the verification module is used for verifying the correctness of the selected image ciphertext.

The above-described system of the present invention may be implemented by a hardware module of a specific function or by a software module provided in a computer program, which may be divided into one or more modules/units, which are stored in the memory and executed by the processor, to complete the verifiable fine-grained encrypted image retrieval method of the present invention.

The above-mentioned embodiments are only preferred embodiments of the present invention, and are not intended to limit the technical solution of the present invention, and it should be understood by those skilled in the art that the technical solution can be modified and replaced by a plurality of simple modifications and replacements without departing from the spirit and principle of the present invention, and the modifications and replacements also fall into the protection scope covered by the claims.

Claims (4)

1. A verifiable fine-grained encrypted image retrieval method is characterized by comprising the following steps:

-generating an image vector;

-generating a searchable index and a final index signature;

-generating a query vector;

-generating searchable trapdoors and final trapdoor signatures;

-querying the image corpus;

-verifying the correctness of the selected image ciphertext;

the specific step of generating the image vector comprises:

(1a) The image owner extracts each image f _i And reducing the extracted features into a d-dimensional bit feature vector p _i Wherein the value range of i is {1,2, \8230;, m }, and m represents the size of the outsourcing image set;

(1b) The image owner will assign each bit feature vector p _i All 0's in (a) are converted to-1's to obtain a vector

(1c) Suppose A _i ＝{a ₁ ,a ₂ ,…,a _ρ Is an accessible image f _i A set of all roles, the image owner will set a _i As roots, construct a polynomial g _i (x)＝D×(x-a ₁ )×…×(x-a _＜ ) A goniochromatic polynomial as the ith image, where a ₁ ,a ₂ ,…,a _ρ D is a positive integer and is not less than 2D;

(1d) The image owner will use the bit feature vector p _i Expansion into image vectors

Wherein, the first and the second end of the pipe are connected with each other,

angular polynomial g representing the ith image _i (x) Coefficient of expansion, epsilon _i1 ,…,ε _iv The method comprises the steps of representing v random numbers independently and randomly selected from normal distribution, wherein h represents the total number of all roles, and v is larger than or equal to 1;

the specific steps of generating the searchable index and the final index signature include:

(2a) The trusted authority generates a random bit vector s with dimension of (d + h + v + 1) and two random reversible matrixes M with dimension of (d + h + v + 1) and (d + h + v + 1),

one verification key K = { δ, α }, where δ represents the seed of the pseudorandom function, α is a random number, and α ∈ R _η ，R _η A set of real numbers representing an η -bit encoding;

(2b) The trusted authority generates a pair of owner keys K for each data owner _DO,1 ,K _DO,2 Is a reaction of K _DO,2 Sending to the cloud server, wherein K _DO,1 Representing the first owner key component:

K _DO,2 representing the second owner key component:

M _o ,

M′ _o ,

are random reversible matrices of (d + h + v + 1) × (d + h + v + 1) dimensions, and M = M _o ·M′ _o ，

(2c) Image owner using first owner key component K _DO,1 Corresponding image vector of each outsourcing image

Encrypt the initial index to 2 (d + h + v + 1) dimensions

Wherein the content of the first and second substances,

is a vector of two dimensions (d + h + v + 1), if s [ iota [ ]]=0, satisfies

Otherwise

The value range of iota is {1,2, \8230;, d + h + v +1}, and T represents transposition operation;

(2d) Image owner calculates r _i,j ＝F _δ (l _i,j ) Wherein l _i,j Is an initial index I _i The value range of j of the label of the jth element in the middle is {1,2, \8230;, d + h + v +1}, and a 2 (d + h + v + 1) -dimensional vector R is obtained _i ＝(r _i,1 ,r _i,2 ,…,r _i,2(d+h+v+1) ) Calculating

Obtaining an initial index signature

(2e) The image owner encrypts the image set to obtain an encrypted image set;

(2f) Image owner will encrypt image set, initial image index { I } _i } _i∈[1,m] Initial index signature { σ } _I,i } _i∈[1,m] Sending to a cloud server;

(2g) The cloud server utilizes the second owner key component

Each initial index I _i Conversion into a searchable index

Signing each initial index by sigma _I,i Conversion to final index signature

Wherein

Represent

A vector consisting of the first d + h + v +1 elements,

represent

A vector consisting of d + h + v +1 elements after the neutralization;

the specific steps of generating the query vector include:

(3a) Trusted authority generates a pair of user keys K for newly-joined inquiring users _EN,1 ,K _EN,2 Is a reaction of K _EN,2 Sent to the cloud server, wherein K _EN,1 Representing a first user key component:

K _EN,2 representing a second user key component:

wherein M is _u ,

M′ _u ,

Are random reversible matrices of (d + h + v + 1) × (d + h + v + 1) dimensions, and M ^-1 ＝M′ _u ·M _u ，

(3b) The query user extracts the characteristics of the query image and reduces the dimension of the extracted characteristics into a d-dimensional bit query characteristic vector q;

(3c) The inquiring user converts all 0 s in the bit inquiry characteristic vector q into-1 to obtain a vector

(3d) Querying a user for a vector

Expansion into query vectors

Wherein, a represents the role corresponding to the query user, and b represents a v-dimensional random bit vector;

(3e) Querying a user for a first user key component

Encrypting a query vector

Obtaining an initial trapdoor

Wherein the content of the first and second substances,

represents two d + h + v +1 dimensional vectors if s [ iota ]]=0, satisfies

Otherwise

Wherein the value range of the iota is {1,2, \ 8230;, d + h + v +1};

(3f) Query computation r _j ＝F _δ (l _j ) Wherein l _j The value range of j is {1,2, \8230;, d + h + v +1}, and a 2 (d + h + v + 1) -dimensional vector R is obtained ₀ ＝(r ₁ ,r ₂ ,…,r _2(d+h+v+1) ) Calculating

Deriving initial trapdoor signature

(3g) Inquiring user will initial trapdoor T and initial trapdoor signature sigma _T Sending the data to a cloud server;

the specific steps of generating the searchable trapdoors and the final trapdoor signature and querying the image ciphertext set comprise:

(4a) Utilizing a second user key component

Converting each initial trapdoor T into a searchable trapdoor

Converting each initial trapdoor signature into a final trapdoor signature

Wherein

Represent

A vector consisting of the first d + h + v +1 elements,

represent

A vector consisting of d + h + v +1 elements after the neutralization;

(4b) The cloud server calculates the inner product of each searchable index and each searchable trapdoor, compares the absolute value of each calculated inner product value with the value of d, and if the absolute value of each inner product value is smaller than d, the inquiry user can access the corresponding image; otherwise, inquiring the corresponding image ciphertext which the user does not have access to;

(4c) The cloud server selects k image ciphertexts with the maximum inner product values in the accessible image cipher text set, and calculates the final index signature corresponding to each selected image cipher text

And final trapdoor signature

Is convolved with

Obtaining a certificate of a corresponding image ciphertext, wherein k is a positive integer, and the value range of i' is {1,2, \ 8230;, k };

(4d) The cloud server returns the k selected image ciphertexts, the corresponding inner product values and the certificates as query results to the query user;

the specific step of verifying the correctness of the selected image ciphertext comprises:

(5a) Querying the user with the corresponding second user key component

Encrypted vector R ₀ ＝(r ₁ ,r ₂ ,…,r _2(d+h+v+1) ) To obtain a ciphertext

Wherein the content of the first and second substances,

represents R ₀ The first d + h + v +1 elements of (a),

represents R ₀ A vector consisting of the last d + h + v +1 elements;

(5b) Calculating the vector R corresponding to each selected image ciphertext _i ＝(r _i′,1 ,r _i′,2 ,…,r _{i′,2(d+h+v+1)} ) And ciphertext

Inner product psi of _i′ Calculating phi _i′ And vector (alpha) ⁰ ,α ¹ ,α ² ) Inner product psi of _i ′；

(5c) Judge psi _i′ Phi 'and psi' _i′ Whether they are equal to each other is judged

And whether the inner product values corresponding to the corresponding image ciphertexts are equal or not is judged, if the inner product values corresponding to the corresponding image ciphertexts are equal, the image ciphertexts are decrypted by using the key used by the image encryption algorithm to obtain the plaintext image meeting the requirement, and if not, the corresponding image ciphertexts are refused to be accepted.

2. The verifiable fine-grained encrypted image retrieval method of claim 1, wherein the polynomial g to be constructed in step (1 c) _i (x)＝D×(x-a ₁ )×…×(x-a _ρ ) Is replaced by g _i (x)＝(x-a ₁ )×…×(x-a _ρ ) Wherein, { a { ₁ ,a ₂ ,…,a _ρ Satisfy certain relationships, including { a } ₁ ,a ₂ ,…,a _ρ The tolerance is a positive integer which is greater than or equal to 2d; or { a ₁ ,a ₂ ,…,a _ρ Is a super-increment number row, and

tau has the value range of {1,2, \8230;, rho }, and sigma tableThe sign of the sum is shown.

3. The verifiable fine-grained encrypted image retrieval method of claim 1, wherein step (2 e) encrypts the image set by an image encryption algorithm, which is chaotic map encryption, DES or RSA.

4. An authenticatable fine-grained encrypted image retrieval system for implementing the authenticatable fine-grained encrypted image retrieval method according to claim 1, comprising:

the image vector generation module is used for generating an image vector;

an index generation module for generating a searchable index and a final index signature;

the query vector generation module is used for generating a query vector;

the trapdoor generation module is used for generating a searchable trapdoor and a final trapdoor signature;

the image dense text set query module is used for querying the image dense text set;

and the verification module is used for verifying the correctness of the selected image ciphertext.

Images