CN115310125A - Encrypted data retrieval system, method, computer equipment and storage medium - Google Patents

Encrypted data retrieval system, method, computer equipment and storage medium Download PDF

Info

Publication number
CN115310125A
CN115310125A CN202210869384.5A CN202210869384A CN115310125A CN 115310125 A CN115310125 A CN 115310125A CN 202210869384 A CN202210869384 A CN 202210869384A CN 115310125 A CN115310125 A CN 115310125A
Authority
CN
China
Prior art keywords
access
data
attribute
node
ciphertext
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210869384.5A
Other languages
Chinese (zh)
Inventor
王树兰
王凯文
邱瑶
李采果
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Technology University
Original Assignee
Shenzhen Technology University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Technology University filed Critical Shenzhen Technology University
Priority to CN202210869384.5A priority Critical patent/CN115310125A/en
Publication of CN115310125A publication Critical patent/CN115310125A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/13File access structures, e.g. distributed indices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/14Details of searching files based on file metadata
    • G06F16/148File search processing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/30Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
    • G06F16/31Indexing; Data structures therefor; Storage structures
    • G06F16/313Selection or weighting of terms for indexing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/30Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
    • G06F16/31Indexing; Data structures therefor; Storage structures
    • G06F16/316Indexing structures
    • G06F16/328Management therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/30Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
    • G06F16/33Querying
    • G06F16/3331Query processing
    • G06F16/334Query execution
    • G06F16/3347Query execution using vector based model
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Databases & Information Systems (AREA)
  • Software Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Data Mining & Analysis (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • General Business, Economics & Management (AREA)
  • Computational Linguistics (AREA)
  • Automation & Control Theory (AREA)
  • Business, Economics & Management (AREA)
  • Medical Informatics (AREA)
  • Library & Information Science (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention relates to an encrypted data retrieval system, a method, computer equipment and a storage medium, relating to the technical field of encryption, wherein the system consists of 4 parts, namely a data owner, a data user, an authority authentication center and a cloud server, wherein the data owner sends an encrypted ciphertext set and a corresponding file index vector set to the cloud server, and constructs an authority control table-a document retrieval table at the cloud server end and transmits set access authority to the authority authentication center. The invention ensures the safety and reliability of the cloud environment, has the searchable encryption performance with the characteristics of reliability, high efficiency and flexibility, and provides a Word2Vec model technology on the basis of attribute-based encryption, thereby realizing the document index with constant length, reducing the calculation cost in the process of ciphertext retrieval, and efficiently and accurately retrieving; and improving the access strategy of the CP-ABE, performing homomorphic fuzzy on an access control processing mechanism, hiding sensitive data, and realizing dynamic updating operation on user permission.

Description

Encrypted data retrieval system, method, computer equipment and storage medium
Technical Field
The present invention relates to the field of encryption technologies, and in particular, to an encrypted data retrieval system, an encrypted data retrieval method, a computer device, and a storage medium.
Background
In the development process of computer technology nowadays, the strong computing capacity and storage capacity of the cloud environment make more and more individuals and enterprises show a rising trend of dependence on the cloud environment, and the requirement on information security is higher and higher on the basis of dependence on the cloud environment. Therefore, users generally tend to upload private data to the cloud after an encryption step, which presents a new challenge to access control of the ciphertext information on the cloud server. How to realize data privacy and user security on the basis of not reducing cloud service performance, pursuing higher-efficiency security guarantee becomes an important problem at present.
The main safety problems are as follows: 1. the confidentiality of the data. The cloud server may actively or inadvertently process data stored by a user, which may cause information leakage, and even cause data destruction caused by malicious stealing of private data by a third party; 2. privacy of data owner. The access operation on the sensitive data on the cloud server can be performed only by limiting the specified user who is authorized, and if the key parameter for verifying the identity is leaked, the identity of the authorized user is invalid, so that a large amount of information is leaked. 3. The steps for the user to obtain the cloud data are too complicated. As the number of times of searching data increases, a large amount of storage overhead and calculation overhead is spent in traversing the ciphertext set on the cloud server and in the process of encrypting and decrypting the ciphertext. These challenges have been major problems affecting the development and popularization of cloud environment, so how to protect the security and security processing of sensitive data on cloud servers has become a research hotspot with great potential now.
If a data user starts to query the encrypted information uploaded to the cloud server, the data user applies for specified content, and then the data user is required to decrypt the specified content and determine a file, so that the searching cost is high, and information leakage may be caused in the process. The above problems are actually main contents to be researched by the Searchable Encryption (SE), and a main function of the Searchable Encryption technology is to enable a data user to directly search a large amount of encrypted data on the cloud server. Therefore, the cloud data safety is guaranteed, data leakage is avoided, authorization control of a user can be performed, and the safety is greatly improved.
Searchable encryption techniques are divided into: (1) Symmetric Searchable Encryption (SSE) realizes Symmetric Encryption by a Symmetric Encryption algorithm and a random function, and has the advantages of high algorithm Encryption efficiency, simplicity and quickness, but is easy to be broken by a malicious third party due to fixed Encryption logic and low security; (2) Asymmetric Searchable Encryption (ASE) is based on a complex logical mathematical formula, such as bilinear mapping and lagrange formulas, so that the encryption algorithm is established on the mathematical problem and has high security performance, but due to the complexity of the algorithm, a large amount of calculation overhead and storage overhead are usually caused. Therefore, in order to ensure the safety and reliability of the cloud environment, it is very important to research a searchable encryption solution with reliable, efficient and flexible characteristics through related technologies.
Disclosure of Invention
The invention aims to provide an encrypted data retrieval system, an encrypted data retrieval method, computer equipment and a storage medium, so as to solve the security problem of the current cloud environment.
In order to achieve the purpose, the invention provides the following technical scheme:
in a first aspect, an embodiment of the present invention provides an encrypted data retrieval system, which is composed of 4 parts, namely, a data owner, a data user, an authority authentication center, and a cloud server;
the data owner is an original data owner and is used for determining an access strategy, accessing a data encryption strategy and uploading encrypted data to the cloud server;
the data user is used for applying for a ciphertext and decrypting the ciphertext to acquire a plaintext when only one group of attributes meeting the ciphertext access authority is provided;
the authority authentication center is used for performing attribute authentication according to the identity attribute characteristics of the entrusted user;
the cloud server is used for storing the encrypted data, and when a user or a data owner accesses the file, the cloud server operates the stored data according to the application.
As a further scheme of the present invention, the data owner is configured to send the encrypted ciphertext set and the corresponding file index vector set to the cloud server, construct an authority control table-document retrieval table at the cloud server, and transmit the set access authority to the authority authentication center;
the data user is used for sending the application search authentication to the authority authentication center, acquiring an authentication result, constructing a search token and sending a cloud server request for searching, wherein the authentication result comprises a private key;
and the cloud server is used for executing search, transmitting a result obtained by using the search table to a data user, and decrypting to obtain plaintext data.
As a further scheme of the invention, the encrypted data retrieval system further comprises a Word2Vec model, wherein the Word2Vec model is used for successively training the weight of the document keywords based on deep learning to generate a document index set with constant length, and the actual search precision and the index length of the document index set are adjusted as required.
As a further scheme of the invention, the encrypted data retrieval system also comprises an access control processing mechanism, the access control processing mechanism is a dynamically updated CP-ABE, an access structure is used in the CP-ABE, and the access authority of a user is controlled by setting an attribute set.
As a further aspect of the present invention, the encrypted data retrieval system further includes an initialization algorithm, a key generation algorithm, an encryption algorithm, an index generation algorithm, a token generation algorithm, a search algorithm, a pre-decryption algorithm, and a decryption algorithm.
In a second aspect, an embodiment of the present invention provides an encrypted data retrieval method, where based on the encrypted data retrieval system, the encrypted data retrieval method includes the following steps:
the owner of the data sets parameters through the authority authentication center and calls the initialization Setup (1) λ ) The function obtains relevant parameters;
performing ciphertext encryption Encrypt () function operation on a local server, generating a corresponding document index for each ciphertext through an Indexgen () function, and then building an attribute-document index retrieval table through a set attribute set;
the search user applies for obtaining a private key from the authority authentication center, and the authority authentication center issues the private key with specified personal identity attribute to the search user through a KeyGen () function;
a search user generates a search Trapdoor by using a Tracpool () function through related parameters and sends the search Trapdoor to a cloud server;
the cloud server matches the attribute-document index table by calling a Search () function, determines a ciphertext set with top-k sequencing, performs Pre-Decrypt () function operation on the ciphertext through the cloud server, returns an intermediate value to a searching user, and calls a Decrypt () function to perform local calculation to obtain a plaintext.
As a further embodiment of the present invention, setup (1) λ ) → (PK, MK): here, an authoritative authentication center AA operates, and a bilinear group G is constructed through a parameter lambda 0 The group order is a prime number p, an
Figure BDA0003759938130000041
Taking a random value eta, setting G as a generator, and bilinear mapping e to G 0 ×G 0 →G r Defining a hash function:
H 0 :{0,1} * →G 0 and H 1 :{0,1} * →G zp In group G zp In the method, three random numbers a, b, c epsilon to G are selected zp And calculating to obtain:
PK={G 0 ,G zp ,e,H 0 ,H 1 ,g,h 1 =g a ,h 2 =g b ,h 3 =g c }
MK={a,b,c}。
as a further embodiment of the invention, setup (A, S) → (PP) Weight ) Here, the operation is performed for the data owner, the access structure A and the attribute set S are input, and the attribute set S requires that S belongs to S AA
According to the access structure, an access structure A and a set of attributes S are input, where the set of attributes S requires S ∈ S AA According to the access structure, attribute nodes are distributed to construct an access strategy tree T, and a leaf attribute node set S under a father node of a bottom second layer node Performing weighting and ensuring the leaf node set S node The assigned weights of (A) are all ordered, i.e. S (node,w) ={E node (x),x∈S node };
Has E node (x 1 )>E node (x 2 )>…>E node (x n ),n≤Size(S node ) And the access tree T is divided into weight subtrees T from the second layer w And repeating the previous steps to generate the access strategy tree which is a two-layer tree structure. Set of subtrees thereof
Figure BDA0003759938130000046
And the path is mapped into a vector, i.e.
Figure BDA0003759938130000047
Wherein index d The representative root node d. Final attribute weight parameter set PP W ={E DO (x) X ∈ S }, and the PP is determined W And sending the information to a limited authentication center.
As a further embodiment of the invention, keyGen (MK, S) id ,PK)→(SK (S,id) ): the authentication center performs operation, when the user applies for the private key, the user attribute set S is input id In which S is id The attribute weight parameter set stored in the server passing the limited authentication center belongs to SPP W Then the calculation is performed:
E id,x =(ppW(x)) α *g α ,x∈S id
obtaining random number through main private key MK and public key PK
Figure BDA0003759938130000042
And for all attributes in the set S of attributes, i.e.
Figure BDA0003759938130000043
Taking random numbers
Figure BDA0003759938130000044
Calculating to obtain:
Figure BDA0003759938130000045
as a further aspect of the present invention,
Figure BDA0003759938130000051
for DO operation, the Word2Vec model uses M dimension to represent the feature of the document, then M is an mxm dimension reversible matrix generated randomly, and DO obtains each document D in D i Of m-dimensional feature vectors DV i Wherein the value range of i is the number of the document set D; the DV is normalized and used as a plaintext index of semantic perception search, and the method comprises the following steps:
the DO uses the document vector constructed matrix M to index the DV to generate the calculation:
I i ={DV i *M T },i∈D;
the DO processes each document in the document set D to obtain an encryption security index I M Generating a document index table
Figure BDA0003759938130000052
Then the subtree set path, S, according to the known T (DO,d) →index d And S (node,w) ={E node (x),x∈S node Get the weight strategy directionQuantity structure, i.e. weight policy vector I w Classifying and combining the vector data to generate a weight strategy vector table
Figure BDA0003759938130000053
Last uploading double meters
Figure BDA0003759938130000054
To the cloud server.
As a further aspect of the present invention, encrypt (PK, M, a) → (CT) of obtaining a ciphertext CT from a plaintext M, an access policy a and a public key PK, including the steps of:
selection by encryption of plaintext by data owner
Figure BDA0003759938130000055
Then calculated separately are:
Figure BDA0003759938130000056
constructing an access strategy tree T through an access structure A, traversing any node i of the access tree from a root node of the tree, and selecting a polynomial q i And is in accordance with q i = d-1, for the root node T of the tree 0 Has r of 0 ∈G zp Let us order
Figure BDA0003759938130000057
And if Y is set to all leaf point sets in the strategy tree T, calculating:
Figure BDA0003759938130000058
the obtained ciphertext content is:
ciphertext:
Figure BDA0003759938130000059
as a further aspect of the invention, trapdoor (w, SK) (S,id) ) → TR, search token generationThe algorithm is run by the local server of the DU and passes through the keyword set w and the private key SK (S,id) And then outputs the search token TR to the CSP.
In a third aspect, an embodiment of the present invention provides a computer device, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor implements the steps of the encrypted data retrieval method when executing the program.
In a fourth aspect, the embodiment of the present invention further provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the steps of the above encrypted data retrieval method.
The technical scheme provided by the embodiment of the invention has the following beneficial effects:
the encrypted data retrieval system, the encrypted data retrieval method, the computer equipment and the storage medium ensure the safety and reliability of cloud environment, have the searchable encryption performance with reliable, efficient and flexible characteristics, and provide a Word2Vec model technology on the basis of attribute-based encryption, so that the document index with constant length is realized, the calculation cost in the ciphertext retrieval process is reduced, and the efficient and accurate retrieval is realized; the access strategy of the CP-ABE is improved, homomorphic fuzziness is carried out on an access control processing mechanism, sensitive data are hidden, dynamic updating operation on user authority is realized, and an efficient and safe CP-ABE scheme for providing dynamic updating is realized.
These and other aspects of the present application will be more readily apparent from the following description of the embodiments. It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the application.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application. In the drawings:
FIG. 1 schematically illustrates a model schematic of an encrypted data retrieval system in an exemplary embodiment of the invention;
FIG. 2 is a schematic diagram illustrating policy tree partitioning in an encrypted data retrieval system in an exemplary embodiment of the invention;
FIG. 3 is a diagram schematically illustrating a weight policy tree access control structure in an encrypted data retrieval method according to an exemplary embodiment of the present invention;
FIG. 4 schematically illustrates a flow chart of a method of encrypted data retrieval in an exemplary embodiment of the invention;
FIG. 5 is a schematic diagram of data compression of an n-bit compressed data homomorphic algorithm;
FIG. 6 is a schematic diagram of Skip-Gram model in Word2Vec technology;
fig. 7 is a diagram of a hardware architecture of a computer device in an embodiment of the invention.
The objectives, features, and advantages of the present application will be further described with reference to the accompanying drawings.
Detailed Description
The present application is further described with reference to the accompanying drawings and the detailed description, and it should be noted that, in the present application, the embodiments or technical features described below may be arbitrarily combined to form a new embodiment without conflict.
It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some, but not all, of the embodiments of the present application. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The flow diagrams depicted in the figures are merely illustrative and do not necessarily include all of the elements and operations/steps, nor do they necessarily have to be performed in the order depicted. For example, some operations/steps may be decomposed, combined or partially combined, so that the actual execution order may be changed according to the actual situation.
In order to ensure the safety and reliability of the cloud environment, it is important to research a searchable encryption solution with reliable, efficient and flexible characteristics through related technologies, and an object of the present invention is to provide an encrypted data retrieval system, method, computer device and storage medium to solve the above problems.
Some embodiments of the present application will be described in detail below with reference to the accompanying drawings. The embodiments described below and the features of the embodiments can be combined with each other without conflict.
Referring to fig. 1, an embodiment of the present invention provides an encrypted data retrieval system, which is composed of 4 parts, namely, a data owner, a data user, an authority authentication center, and a cloud server.
The Data Owner (DO, data Owner) is an original Data Owner and is used for determining an access strategy, accessing a Data encryption strategy and uploading encrypted Data to the cloud server;
the Data User (DU, data User): the system is used for applying for a ciphertext, and when only one set of attributes meeting the ciphertext access authority exists, the ciphertext is decrypted to obtain a plaintext;
the Authority authentication center (AA) is used for performing attribute authentication according to the identity attribute characteristics of the entrusted user;
the Cloud Server (CSP) is responsible for storing encrypted data, and when a user or a data owner accesses a file, the Cloud server operates the stored data according to an application.
In the encrypted data retrieval system, a data owner is used for sending an encrypted ciphertext set and a corresponding file index vector set to a cloud server, constructing an authority control table-document retrieval table at the cloud server end, and transmitting set access authority to an authority authentication center; the data user is used for sending the application search authentication to the authority authentication center, acquiring an authentication result, constructing a search token and sending a cloud server request for searching, wherein the authentication result comprises a private key; and the cloud server is used for executing search, transmitting a result obtained by using the search table to a data user, and decrypting to obtain plaintext data.
Namely: and the DO sends the encrypted ciphertext set and the corresponding file index vector set to the CSP, constructs an authority control table-document retrieval table at the CSP end, transmits the set access authority to the AA, then sends the application search authentication to the AA, acquires an authentication result (containing a private key), constructs a search token and sends the CSP to request for search. And the CSP executes search, transmits the result obtained by using the search table to the DU, and decrypts to obtain plaintext data.
Referring to fig. 2, the encrypted data retrieval system further includes a Word2Vec model, where the Word2Vec model is used to successively train the weights of the document keywords based on deep learning, and generate a document index set with a constant length, and the actual search precision and index length of the document index set are adjusted as needed.
The encrypted data retrieval system also comprises an access control processing mechanism which is a CP-ABE with dynamic update, wherein an access structure is used in the CP-ABE, and the access authority of a user is controlled by setting an attribute set.
In the embodiment of the invention, a Word2Vec model technology is introduced mainly on the basis of attribute-based encryption, so that constant-length document indexing is realized, the calculation cost in the ciphertext retrieval process is reduced, and efficient and accurate retrieval is realized. The access strategy of the CP-ABE is improved, homomorphic fuzziness is carried out on an access control processing mechanism, sensitive data are hidden, dynamic updating operation on user authority is realized, and an efficient and safe CP-ABE scheme for providing dynamic updating is realized.
The searchable encryption technology is used for searching encrypted data, a document index is generated for an encrypted document, and a user can search for documents meeting the search condition through matching calculation of a document index set. However, generally, the search technology performs traversal operation on the document index set, which consumes a large amount of computation overhead. Therefore, by introducing the semantic model to optimize the scheme, the generation technology of the document index is improved, and therefore the retrieval efficiency and precision are improved. And the Word2Vec model is used in the method, the weight of the keywords of the training document is continuously trained on the basis of deep learning, and the index generated by the Word2Vec model has stable performance reliability unless massive files are uploaded again at one time. Although the document index set generated by the model is of constant length, the adjustment between the actual search precision and the index length can be flexibly achieved, and balance is achieved between the two. The Word2Vec model is pre-trained from a large-scale dataset with a large dictionary that covers most of the vocabulary of the dataset. Feature vectors for documents in the document set are inferred using a neural network model, and the dimensions of the feature vectors are much smaller than the size of the document set dictionary.
For an access control processing mechanism in the scheme, an access structure is used in the CP-ABE, and the access authority of a user is controlled by setting an attribute set. The access structure generated in the initial CP-ABE scheme is embedded into the encrypted data, and the user can carry out user attribute detection and matching when accessing the data, and can decrypt the data only if the structure is matched. However, in practical applications, a data uploader may upload a ciphertext for multiple times, an access structure in encrypted data requires to be changed according to the setting of the data uploader, so that the identity authority and the attribute of an accessible user may be changed, and when a ciphertext is decrypted each time, the whole access structure needs to be recursively traversed, which requires a great computational overhead, for example, a data set d1 that a user a can access, a new access structure d2 that the data uploader sets up a new access structure to upload a new ciphertext set, and the user a is required to access only a part of documents in the ciphertext sets d1 and d2, which requires that the encryption scheme can provide a dynamic update function for the access authority, support an attribute revocation and modification function, and flexibly control the access authority of cloud data.
According to the illustration in FIG. 2, the set of leaf nodes under the parent node of the second layer of the bottom layer of the access policy tree is weighted according to the order from small to large, and the access tree T is divided into weighted sub-trees T from the second layer w ' and then repeating the previous steps, and finally generating the access policy tree as a two-layer tree structure. The weight strategy tree generated in this way is much smaller than the original access strategy tree, thus greatly reducing decryptionThe cost is calculated when the ciphertext is encrypted, and the security performance is guaranteed by designing a weight strategy tree access control structure.
In an embodiment of the present invention, the encrypted data retrieval system further includes an initialization algorithm, a key generation algorithm, an encryption algorithm, an index generation algorithm, a token generation algorithm, a search algorithm, a pre-decryption algorithm, and a decryption algorithm.
In one embodiment of the present invention, there is provided an encrypted data retrieval method, based on the encrypted data retrieval system, including the steps of:
the owner of the data sets parameters through the authority authentication center and calls the initialization Setup (1) λ ) The function obtains relevant parameters;
performing ciphertext encryption Encrypt () function operation on a local server, generating a corresponding document index for each ciphertext through an Indexgen () function, and building an attribute-document index retrieval table through a set attribute set;
the search user applies for obtaining a private key from the authority authentication center, and the authority authentication center issues the private key with specified personal identity attribute to the search user through a KeyGen () function;
a search user generates a search Trapdoor by using a Tracpool () function through related parameters and sends the search Trapdoor to a cloud server;
the cloud server matches the attribute-document index table by calling a Search () function, determines a ciphertext set with top-k sequencing, performs Pre-Decrypt () function operation on the ciphertext through the cloud server, returns an intermediate value to a searching user, and calls a Decrypt () function to perform local calculation to obtain a plaintext.
Referring to fig. 4, a total of 8 algorithms are used, including an initialization algorithm, a key generation algorithm, an encryption algorithm, an index generation algorithm, a token generation algorithm, a search algorithm, a pre-decryption algorithm, and a decryption algorithm,
in the present application, the data owner DO first sets the parameters via the AA, invoking an initialization Setup (1) λ ) The function obtains relevant parameters, then ciphertext encryption Encrypt () function operation is carried out on the local server, and Indexgen () function pair is usedGenerating a corresponding document index for each ciphertext, and constructing an attribute-document index retrieval table through a set attribute set; the search user firstly applies for obtaining the private key from the AA, and the authorization center AA issues the private key of the specified personal identity attribute to the search user through a KeyGen () function.
And the search user generates a search Trapdoor by using a Trapdoor () function through the related parameters and sends the search Trapdoor to the cloud server side. The cloud server CSP matches the attribute-document index table by calling the Search () function, determines a ciphertext set with top-k sequencing, performs Pre-Decrypt () function operation on the ciphertext by using the strong computing power of the cloud server, returns an intermediate value to a searching user, and can obtain a plaintext by calling the Decrypt () function to perform a small amount of local computation.
In addition, the data owner DO can operate the attribute-document index table on the cloud only through homomorphic operation, and attribute revocation operation can be achieved by combining the authoritative authentication center AA.
The algorithm is designed as follows:
①Setup(1 λ ) → (PK, MK): here, the authoritative authentication center AA operates, and a bilinear group G is established through an algorithm through a parameter lambda 0 The group order is a prime number p, and
Figure BDA0003759938130000111
taking a random value eta, setting G as a generator, and bilinear mapping e to G 0 ×G 0 →G r Defining a hash function: h 0 :{0,1} * →G 0 And H 1 :{0,1} * →G zp In group G zp In the method, three random numbers a, b, c epsilon to G are selected zp . Then the calculation can result in:
PK={G 0 ,G zp ,e,H 0 ,H 1 ,g,h 1 =g a ,h 2 =g b ,h 3 =g c }
MK={a,b,c}
Setup(A,S)→(PP Weight ): where the operation is done for DO, the input accesses the structure A and the set of attributes S, where the set of attributes S requires S e S AA . According to the access nodeConstructing, distributing attribute nodes to construct an access policy tree T, and collecting S from leaf attribute nodes under a father node of a bottom second layer node Performing weighting value and ensuring leaf node set S node The assigned weights of (A) are all ordered, i.e. S (node,w) ={E node (x),x∈S node Is of E node (x 1 )>E node (x 2 )>···>E node (x n ),n≤Size(S node ) And the access tree T is divided into weight subtrees T from the second layer w And then repeating the previous steps, wherein the finally generated access strategy tree is a two-layer tree structure. Set of subtrees thereof
Figure BDA0003759938130000116
And the path is mapped into a vector, i.e.
Figure BDA0003759938130000117
Wherein index d The representative root node d. Final attribute weight parameter set PP W ={E DO (x) X belongs to S }, and combining PP W Sent to the AA.
②KeyGen(MK,S id ,PK)→(SK (S,id) ): the method is operated by an authorization center AA, and when a user applies for a private key, a user attribute set S is input id In which S is id Belongs to S and collects PP through attribute weight parameters stored in AA server W Then it can be calculated:
E id,x =pp W (x),x∈S id
obtaining random number through main private key MK and public key PK
Figure BDA0003759938130000112
And for all attributes in the attribute set S, i.e.
Figure BDA0003759938130000113
Taking random numbers
Figure BDA0003759938130000114
Calculating to obtain:
Figure BDA0003759938130000115
Figure BDA0003759938130000121
operating for DO, using M dimension to represent the characteristics of the document by the Word2Vec model, wherein M is an mxm dimension reversible matrix generated randomly, and obtaining each document D in D by the DO i Of m-dimensional feature vectors DV i And the value range of i is the number of the document set D. The DV is normalized and indexed as plaintext for a semantic aware search as follows.
1) The DO uses the document vector constructed matrix M to index the DV for generating calculations:
I i ={DV i *M T },i∈D
the DO processes each document in the document set D to obtain an encryption security index I M Generating a document index table
Figure BDA0003759938130000122
Then the subtree set path, S, according to the known T (DO,d) →index d And S (node,w) ={E node (x),x∈S node Fifthly, generating a weight strategy vector structure, namely a weight strategy vector I w Classifying and combining the vector data to generate a weight strategy vector table
Figure BDA0003759938130000123
Last uploading double meters
Figure BDA0003759938130000124
To the cloud server.
(4) Encrypt (PK, M, A) → (CT) by means of the plaintext M, the access policy A and the public key PK, resulting in a ciphertext CT. The algorithm is implemented as follows:
1) Selection by encryption of its plain text by the data owner
Figure BDA0003759938130000125
Then calculated separately are:
Figure BDA0003759938130000126
2) Constructing an access strategy tree T through an access structure A, traversing any node i of the access tree from a root node of the tree, and selecting a polynomial q i And is in accordance with q i D-1, for the root node T of the tree 0 Has r of 0 ∈G zp Let us order
Figure BDA0003759938130000127
And if Y is set to all leaf point sets in the strategy tree T, calculating:
Figure BDA0003759938130000128
finally, the obtained ciphertext content is:
ciphertext:
Figure BDA0003759938130000129
⑤Trapdoor(w,SK (S,id) ) → TR the search token generation algorithm is run by the local server of the DU, which passes the set of keywords w, the private key SK (S,id) And then outputs the search token TR to the CSP.
(1) And the DU local server sets and generates a random value d, stores the random value d, and calculates:
D pai =D*h 1 d =g d(r+ab)/b
(2) By taking a random value t j ∈G zp ,S id For a set of user attributes, j ∈ S id The following calculations are made:
Figure BDA00037599381300001210
(3) The attribute authority number applied for access by the user is calculated and generated hereSet of values R (s,id)
R (id,s) ={E id,x ,x∈S id }
(4) DU sends the keyword group to be inquired to AA, and normalizes the m-dimensional feature vector through the Word2Vec model parameter stored by AA, namely the keyword inquiry vector I w . Encrypting I using a security matrix M w Generating a search vector I sw
I sw ={I w *M -1 }
Search for a token:
Figure BDA0003759938130000131
(6) search (CT, TR) → (1 /) the algorithm runs on CSP, searches vectors using the set of attribute authority values and keywords in the Search token TR, and searches for a vector with the attribute authority values on the cloud
Figure BDA0003759938130000132
And verifying, determining the access right of the user and the range of the retrieval ciphertext, calculating the inner product vector of the similarity to obtain the similarity of the document, screening, selecting the corresponding ciphertext meeting the requirement, and generating a ciphertext set to be decrypted.
(1) Here by searching for a set of attribute authority values R on the token (s,id) Authority verification is carried out on the weight policy table at the cloud end, and an access ciphertext set W of a user can be obtained id
(2) By computing a set of ciphertexts W id Document index I w,id And can calculate:
I sw *I w,i
={I w *M -1 }*{DV i *M T }
=DV*I w
and obtaining the relevance of document matching through simple inner product operation. In the process of ciphertext screening, a matching ciphertext set of top-k can be selected according to the setting parameter k of the DU. And returning to 1 if the ciphertext meeting the requirement is searched out, or returning to reverse.
(7) Pre-Decrypt (CT, TR) → (M'): and the CSP calculates the ciphertext which meets the requirement and returns the intermediate value of the ciphertext to the searcher server.
1) And starting a pre-decryption operation on the searched returned ciphertext set:
if y is a leaf node in a given access structure a in the ciphertext CT, j = att (y) is defined. For any attribute j ∈ A, the median is calculated as follows:
Figure BDA0003759938130000133
if y is a non-leaf node of A, then S may be set Z Is an arbitrary k Z And calculating the child node z set of the size according to the following formula to obtain an intermediate value:
Figure BDA0003759938130000134
if y is the root node, then the intermediate value is calculated as follows:
Figure BDA0003759938130000135
2) If the corresponding formula operation is carried out:
Figure BDA0003759938130000141
then the median value is finally obtained:
Figure BDA0003759938130000142
⑧Decrypt(M',SK (S,id) ) → M decryption algorithm inputs intermediate results
Figure BDA0003759938130000143
And the searching party DO stores the d value in the local server and calculates according to a formula:
and (3) decrypting the plaintext:
Figure BDA0003759938130000144
it should be noted that, when encrypting the attribute of the ciphertext policy, the encryption algorithm includes an ABE encryption algorithm, and the ABE encryption algorithm has wide business requirements in real life, such as implementing distributed access management, network social contact, private data encryption, and the like. However, the Sahai et al who has developed the attribute encryption algorithm further adds the attribute characteristics on the basis of the Identity Based Cryptography (IBC) theory, so as to satisfy the requirements of improving the user identity security privacy and authorization efficiency, and to realize flexible authorization access control, and in 2007, waters et al has proposed the attribute Based encryption (CP-ABE) algorithm of the ciphertext policy for the first time, and introduces the encryption algorithm of the attribute access control mechanism in comparison with the original scheme, so as to provide higher security performance and work efficiency, and have more flexible data security performance and access control capability.
Setting { p 1 ,p 2 ,…,p n And f is set as an authorized access subset. If Γ is the access policy, Γ will: if B ∈ Γ and
Figure BDA0003759938130000145
c e Γ, where B, C is the set of representative users, and otherwise is the set of unauthorized users. Therefore, in the system, the access structure is a subset of certain authorized users, and the policy attribute set in Γ can be said to be a user authorization set.
In a CP-ABE encryption algorithm, an access structure is used for hiding key decryption parameters in a logic expression of the structure, and policy tree leaf nodes are actually attribute and representative parameter values set by a data owner and are processed, so that the node can be decrypted and then the previous layer of nodes are accessed only when an attribute set of an access user can be matched with the attribute trapdoor requirement; the non-leaf nodes belong to a threshold node, and the user needs to meet the minimum attribute set required by the threshold value. In the ABE scheme, the access structure is represented by an access policy tree.
In this regard, the theoretical definition of the CP-ABE algorithm is briefly described, and mainly consists of (Setup, keyGen, encrypt, decrypt) four function algorithms, as shown below:
1) System initialization (PK, MK) ← Setup (1) λ ): and a randomization algorithm obtains a public parameter PK and a master key MK according to the initial parameter lambda.
2) Key generation SK ← KeyGen (MK, S): and obtaining a user private key SK according to the public parameter PK, the master key MK and the user attribute set S.
3) Encryption algorithm CT ← Encrypt (PK, M, Γ): and accessing a structure gamma and a plaintext M according to the public parameter PK, and encrypting the M through A to obtain a ciphertext CT.
4) Decryption algorithm M ← decryption (CT, SK, PK): according to the public parameter PK, the ciphertext CT and the user private key SK, if the user attribute set in the private key can meet the logic requirement of the access structure A, decryption can be performed; otherwise, decryption cannot be performed.
It should be noted that, with the n-bit compressed data homomorphic algorithm, the fully homomorphic encryption can realize the calculation of the encrypted ciphertext, and no key is required to be assigned, and this particularity makes many services have urgent needs for the fully homomorphic technology. In 2009, gentry et al first proposed an ideal lattice-based fully homomorphic encryption scheme meeting the requirements: that is, any operation function f under the homomorphic condition can perform homomorphic operation (addition and multiplication) on the ciphertext, and the plaintext obtained by decrypting the operated ciphertext is equivalent to the result obtained by performing function operation on the original plaintext, so that the scheme is called a fully homomorphic encryption scheme.
Based on the requirements of the scheme, an n-bit compressed data homomorphic algorithm is provided, wherein the initial homomorphic algorithm is obtained by encrypting binary plaintext, namely m = {0,1} of the plaintext. The method uses a bit compression folding concept, as shown in fig. 5, a binarized plaintext is cut and then compressed into a mapping table of 0-255, the defect of increase of binary conversion data is reduced by a character mapping mode, and a plaintext to be encrypted generated by the compression folding mode is smaller than an original plaintext.
And correspondingly carrying out homomorphic encryption according to the cut compression index, wherein secondary compression is carried out, so that the size of a ciphertext generated by homomorphic encryption is greatly reduced. And in order to avoid the problem of noise increase caused by multiple homomorphic operations, a mode switching technology is used for reducing noise and controlling the noise increase in ciphertext.
Generating large prime number integers q and P according to a security parameter lambda, wherein a key private key of P is taken, c is a ciphertext, r is a randomly generated noise integer in the encryption process, k is the bit number of the encryption degree and represents the reduction degree of the encrypted ciphertext [55] . At the moment of satisfying the requirement q>r,p/2>m+2 k Under the condition of r, the following components are obtained:
and (3) encryption algorithm: c = pq +2 k rq+m
The decryption algorithm is as follows: m = (c mod p) mod 2 k
Verifying the fully homomorphic property, and setting up: c. C 1 =m 1 +2 k r 1 q + pq and c 2 =m 2 +2 k r 2 q+pq
Homomorphic addition correctness proves:
Figure BDA0003759938130000161
homomorphic multiplication correctness proof
Figure BDA0003759938130000162
It should be noted that, referring to fig. 6, the Word2Vec technology is a method for training a language model proposed by Google, extracts feature information of vocabulary semantics from a large amount of data, and is widely applied to practical application scenarios or natural language processing learning. The method is characterized in that keywords are tested and analyzed, association of words and text contents is quantized through model training, a document set is converted into a K-dimensional vector, space vector operation is performed on a machine, and calculation can be performed on a vector matrix generated by a model to obtain semantic association matching degree of the document.
The Continuous Bag of Words Model (CBOW) selects a good range of preceding and following phrases and determines the word vector at its center, and the output is the word vector at this selected center. And the operation mode of the Skip-Gram model is opposite, and word probability numerical values in the context corresponding to the word are presumed by inputting a specific keyword to form a feature vector.
The Skip-Gram model is composed of three parts, and the probability of related words in the context of the position is calculated by using the R (x) of the input keywords:
Figure BDA0003759938130000163
the Word2Vec technology trains a model through a CBOW model and Skip-Gram to obtain Word vectors, and the Word vectors can be obtained by performing specific combination on the Word probabilities obtained after training, so that corresponding document vectors are obtained.
In this embodiment, as shown in fig. 7, the computer apparatus includes a plurality of computer apparatuses 2000, in the embodiment, components of the encrypted data retrieval system apparatus may be distributed in different computer apparatuses 2000, and the computer apparatuses 2000 may be smartphones, tablet computers, notebook computers, desktop computers, rack-mounted servers, blade servers, tower servers, or rack-mounted servers (including independent servers, or a server cluster formed by a plurality of servers) that execute programs, and the like. The computer device 2000 of the present embodiment includes at least, but is not limited to: a memory 2001, a processor 2002 communicatively coupled to each other via a system bus. It is noted that fig. 3 only shows the computer device 2000 with the component memories 2001 to processor 2002, but it is to be understood that not all shown components need be implemented, and more or fewer components may be implemented instead.
In this embodiment, the memory 2001 (i.e., a readable storage medium) includes a flash memory, a hard disk, a multimedia card, a card-type memory (e.g., SD or DX memory, etc.), a Random Access Memory (RAM), a Static Random Access Memory (SRAM), a read-only memory (ROM), an electrically erasable programmable read-only memory (EEPROM), a programmable read-only memory (PROM), a magnetic memory, a magnetic disk, an optical disk, and the like. In some embodiments, the memory 2001 may be an internal storage unit of the computer device 2000, such as a hard disk or a memory of the computer device 2000. In other embodiments, the memory 2001 may also be an external storage device of the computer device 2000, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), etc. provided on the computer device 2000. Of course, the memory 2001 may also include both internal and external memory units of the computer device 2000. In this embodiment, the memory 2001 is generally used for storing an operating system and various types of application software installed in the computer device, such as the encrypted data retrieval system apparatus of the embodiment. Further, the memory 2001 may also be used to temporarily store various types of data that have been output or are to be output.
Processor 2002 may be, in some embodiments, a Central Processing Unit (CPU), controller, microcontroller, microprocessor, or other data Processing chip. The processor 2002 generally operates to control the overall operation of the computer device 2000. In this embodiment, the processor 2002 is used to run program codes stored in the memory 2001 or process data. The processors 2002 of the plurality of computer devices 2000 of the computer device of the present embodiment collectively implement the encrypted data retrieval method of the present embodiment when executing the computer program.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a general hardware platform, and certainly can also be implemented by hardware. It will be understood by those skilled in the art that all or part of the processes of the methods of the above embodiments may be implemented by computer programs, which may be stored in a computer-compatible storage medium, and which, when executed, may include processes of the embodiments of the methods described above.
Embodiments of the present application also provide a computer-readable storage medium, such as a flash memory, a hard disk, a multimedia card, a card-type memory (e.g., SD or DX memory, etc.), a Random Access Memory (RAM), a Static Random Access Memory (SRAM), a read-only memory (ROM), an electrically erasable programmable read-only memory (EEPROM), a programmable read-only memory (PROM), a magnetic memory, a magnetic disk, an optical disk, a server, an App application store, etc., on which a computer program is stored, which when executed by a processor implements a corresponding function. The computer-readable storage medium of the present embodiment stores the encrypted data retrieval system apparatus 10 of the embodiment, and when executed by the processor, implements the encrypted data retrieval method of the embodiment.
The encrypted data retrieval system, the encrypted data retrieval method, the computer equipment and the storage medium ensure the safety and reliability of cloud environment, have the searchable encryption performance with reliable, efficient and flexible characteristics, and provide a Word2Vec model technology on the basis of attribute-based encryption, so that the document index with constant length is realized, the calculation cost in the ciphertext retrieval process is reduced, and the efficient and accurate retrieval is realized; the access strategy of the CP-ABE is improved, homomorphic fuzzy is carried out on an access control processing mechanism, sensitive data are hidden, dynamic updating operation on user authority is realized, and an efficient and safe CP-ABE scheme for providing dynamic updating is realized.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner.
The above description is only a preferred embodiment of the present application, and not intended to limit the scope of the present application, and all the equivalent structures or equivalent processes that can be directly or indirectly applied to other related technical fields by using the contents of the specification and the drawings of the present application are also included in the scope of the present application.

Claims (10)

1. An encrypted data retrieval system is characterized by comprising 4 parts, namely a data owner, a data user, an authority authentication center and a cloud server;
the data owner is an original data owner and is used for determining an access strategy, accessing a data encryption strategy and uploading encrypted data to a cloud server;
the data user is used for applying for a ciphertext and decrypting the ciphertext to acquire a plaintext when only one group of attributes meeting the ciphertext access authority is provided;
the authority authentication center is used for performing attribute authentication according to the identity attribute characteristics of the entrusted user;
the cloud server is used for storing the encrypted data, and when a user or a data owner accesses the file, the cloud server operates the stored data according to the application.
2. The encrypted data retrieval system according to claim 1, wherein the data owner is configured to send the encrypted ciphertext set and the corresponding file index vector set to the cloud server, construct an authority control table-document retrieval table at the cloud server, and transmit the set access authority to the authority authentication center;
the data user is used for sending the application search authentication to the authority authentication center, acquiring an authentication result, constructing a search token and sending a cloud server request for searching, wherein the authentication result comprises a private key;
and the cloud server is used for executing search, transmitting a result obtained by using the search table to a data user, and decrypting to obtain plaintext data.
3. The encrypted data retrieval system of claim 2, further comprising a Word2Vec model, the Word2Vec model configured to generate a constant-length document index set based on deep learning to successively train weights of document keywords, the actual search precision and index length of the document index set being adjusted as needed.
4. The encrypted data retrieval system of claim 3, further comprising an access control processing mechanism, wherein the access control processing mechanism is a dynamically updated CP-ABE, and an access structure is used in the CP-ABE to control the access right of a user by setting an attribute set.
5. The encrypted data retrieval system of claim 4, further comprising an initialization algorithm, a key generation algorithm, an encryption algorithm, an index generation algorithm, a token generation algorithm, a search algorithm, a pre-decryption algorithm, and a decryption algorithm.
6. An encrypted data retrieval method based on the encrypted data retrieval system of claim 5, the method comprising:
the owner of the data sets parameters through the authority authentication center and calls the initialization Setup (1) λ ) The function obtains relevant parameters;
performing ciphertext encryption Encrypt () function operation on a local server, generating a corresponding document index for each ciphertext through an Indexgen () function, and building an attribute-document index retrieval table through a set attribute set;
a searching user applies for obtaining a private key from an authority authentication center, and the authority authentication center issues the private key with specified personal identity attribute to the searching user through a KeyGen () function;
a search user generates a search Trapdoor by using a Tracpool () function through related parameters and sends the search Trapdoor to a cloud server;
the cloud server matches the attribute-document index table by calling a Search () function, determines a ciphertext set with top-k sequencing, performs Pre-Decrypt () function operation on the ciphertext through the cloud server, returns an intermediate value to a searching user, and calls a Decrypt () function to perform local calculation to obtain a plaintext.
7. The encrypted data retrieval method according to claim 6, wherein Setup (1) λ ) → (PK, MK): here, an authoritative authentication center AA operates, and a bilinear group G is constructed through a parameter lambda 0 The group order is a prime number p, an
Figure FDA0003759938120000021
Taking a random value eta, setting G as a generator, and bilinear mapping e to G 0 ×G 0 →G r Defining a hash function:
H 0 :{0,1} * →G 0 and H 1 :{0,1} * →G zp In group G zp In the method, three random numbers a, b, c epsilon to G are selected zp And calculating to obtain:
PK={G 0 ,G zp ,e,H 0 ,H 1 ,g,h 1 =g a ,h 2 =g b ,h 3 =g c }
MK={a,b,c}。
8. the encrypted data retrieval method according to claim 7, wherein Setup (a, S) → (PP) Weight ) Here, the operation is performed for the data owner, entering access structure A and attribute set S, where attribute set S requires S ∈ S AA
According to the access structure, an access structure A and a set of attributes S are input, where the set of attributes S requires S ∈ S AA According to the access structure, attribute nodes are distributed to construct an access strategy tree T, and a leaf attribute node set S under a father node of a bottom second layer node Performing weighting and ensuring the leaf node set S node The assigned weights of (A) are all ordered, i.e. S (node,w) ={E node (x),x∈S node };
Has E node (x 1 )>E node (x 2 )>…>E node (x n ),n≤Size(S node ) And the access tree T is divided into weight subtrees T from the second layer w Repeating the previous steps, wherein the generated access strategy tree is a two-layer tree structure; set of subtrees thereof
Figure FDA0003759938120000031
And the path is mapped into a vector, i.e.
Figure FDA0003759938120000032
Wherein index d A representative root node d; final attribute weight parameter set PP W ={E DO (x) X belongs to S }, and combining PP W And sending the information to a limited authentication center.
9. A computer device comprising a plurality of computer devices, each computer device comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the processors of the plurality of computer devices when executing the computer program collectively implement the steps of the method of any one of claims 6 to 8.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method according to any one of claims 6 to 8.
CN202210869384.5A 2022-07-22 2022-07-22 Encrypted data retrieval system, method, computer equipment and storage medium Pending CN115310125A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210869384.5A CN115310125A (en) 2022-07-22 2022-07-22 Encrypted data retrieval system, method, computer equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210869384.5A CN115310125A (en) 2022-07-22 2022-07-22 Encrypted data retrieval system, method, computer equipment and storage medium

Publications (1)

Publication Number Publication Date
CN115310125A true CN115310125A (en) 2022-11-08

Family

ID=83856368

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210869384.5A Pending CN115310125A (en) 2022-07-22 2022-07-22 Encrypted data retrieval system, method, computer equipment and storage medium

Country Status (1)

Country Link
CN (1) CN115310125A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117370962A (en) * 2023-12-08 2024-01-09 中国科学院软件研究所 Safe and efficient biological identification method and system for protecting privacy based on cloud
CN117521164A (en) * 2024-01-08 2024-02-06 南湖实验室 Self-adaptive homomorphic encryption method based on trusted execution environment

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117370962A (en) * 2023-12-08 2024-01-09 中国科学院软件研究所 Safe and efficient biological identification method and system for protecting privacy based on cloud
CN117370962B (en) * 2023-12-08 2024-03-22 中国科学院软件研究所 Safe and efficient biological identification method and system for protecting privacy based on cloud
CN117521164A (en) * 2024-01-08 2024-02-06 南湖实验室 Self-adaptive homomorphic encryption method based on trusted execution environment
CN117521164B (en) * 2024-01-08 2024-05-03 南湖实验室 Self-adaptive homomorphic encryption method based on trusted execution environment

Similar Documents

Publication Publication Date Title
Ge et al. Towards achieving keyword search over dynamic encrypted cloud data with symmetric-key based verification
Li et al. Efficient medical big data management with keyword-searchable encryption in healthchain
Lu Privacy-preserving Logarithmic-time Search on Encrypted Data in Cloud.
Zhang et al. SE-PPFM: A searchable encryption scheme supporting privacy-preserving fuzzy multikeyword in cloud systems
Yuan et al. SEISA: Secure and efficient encrypted image search with access control
US8898478B2 (en) Method for querying data in privacy preserving manner using attributes
WO2022099495A1 (en) Ciphertext search method, system, and device in cloud computing environment
Wang et al. Efficient retrieval over documents encrypted by attributes in cloud computing
Liu et al. Secure multi-label data classification in cloud by additionally homomorphic encryption
CN115310125A (en) Encrypted data retrieval system, method, computer equipment and storage medium
CN109361644B (en) Fuzzy attribute based encryption method supporting rapid search and decryption
CN112332979B (en) Ciphertext search method, system and equipment in cloud computing environment
CN110866135B (en) Response length hiding-based k-NN image retrieval method and system
Varri et al. A scoping review of searchable encryption schemes in cloud computing: taxonomy, methods, and recent developments
CN115309861A (en) Ciphertext retrieval system, method, computer equipment and storage medium
Liu et al. Accurate range query with privacy preservation for outsourced location-based service in IOT
Guo et al. Dynamic multi-keyword ranked search based on bloom filter over encrypted cloud data
WO2018070932A1 (en) System and method for querying an encrypted database for documents satisfying an expressive keyword access structure
Chen et al. Verifiable dynamic ranked search with forward privacy over encrypted cloud data
Jiang et al. An Efficient Symmetric Searchable Encryption Scheme for Cloud Storage.
Varri et al. Practical verifiable multi-keyword attribute-based searchable signcryption in cloud storage
Zhang et al. Encrypted speech retrieval scheme based on multiuser searchable encryption in cloud storage
Zhang et al. Tree‐Based Public Key Encryption with Conjunctive Keyword Search
Fu et al. A Searchable Symmetric Encryption-Based Privacy Protection Scheme for Cloud-Assisted Mobile Crowdsourcing
Ferreira et al. Multimodal indexable encryption for mobile cloud-based applications

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination