CN115913725A - Forward security dynamic searchable encryption method and system based on XOR encryption chain - Google Patents
Forward security dynamic searchable encryption method and system based on XOR encryption chain Download PDFInfo
- Publication number
- CN115913725A CN115913725A CN202211473179.3A CN202211473179A CN115913725A CN 115913725 A CN115913725 A CN 115913725A CN 202211473179 A CN202211473179 A CN 202211473179A CN 115913725 A CN115913725 A CN 115913725A
- Authority
- CN
- China
- Prior art keywords
- cnt
- encryption
- index position
- pseudo
- random value
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Abstract
The invention discloses a forward security dynamic searchable encryption method and system based on an exclusive-or encryption chain, which comprises the steps that a data provider dynamically establishes a searchable security index for a data file; the data user generates a query token according to the keyword w and sends the query token to the cloud server; after receiving the query token, the cloud server decrypts the file identifier of the tail index position according to the query token, then decrypts the file identifier of the next index position according to the query token and the information of the previous index position in sequence based on the XOR encryption chain, and finally sends the file identifier to the data user so that the data user can obtain the data file. The method can dynamically establish the safe searchable index for the data file with extremely low computing overhead and communication overhead, realize forward safe and efficient ciphertext retrieval, simultaneously ensure the confidentiality and forward safety of the data, and can be applied to the cloud computing environment to ensure the confidentiality of the outsourced data.
Description
Technical Field
The invention relates to the technical field of data security of cloud computing, in particular to a forward security dynamic searchable encryption method and system based on an exclusive-or encryption chain.
Background
With the rapid development of cloud computing and big data, more and more enterprises and individuals begin to store own private data into a cloud center, so that not only can the local IT construction cost be greatly saved, but also data can be stored and processed by means of the powerful functions of a cloud computing platform. However, cloud data security issues have been one of the key concerns. As data, once outsourced to the cloud center, will be out of direct physical control of the data owner. Encrypting data is one of the effective ways to protect the confidentiality of data. In an actual cloud platform, cloud service providers such as Amazon and Dropbox also provide corresponding data encryption interfaces for users. However, encrypting data using conventional cryptographic techniques results in the randomized ciphertext no longer possessing computational characteristics in the plaintext environment, such as information retrieval, data sorting, numerical calculations, and so forth. Scientific calculation of how to protect data privacy in a ciphertext environment is a focus of common attention of the industry and academia in recent years. Information retrieval, as one of the most fundamental and important types of data manipulation, has been well studied in the clear text environment. Common encryption technologies such as block cipher destroy the original structure of plaintext data by introducing random keys, so that the conventional information retrieval technology is no longer applicable in a ciphertext environment. If no effective ciphertext-based information retrieval mechanism exists, every time a data user acquires required data from a cloud server, the data user has to download all ciphertext data from the cloud server, decrypt the ciphertext data locally and then retrieve the information. This not only results in impractical communication and computing overhead, but is also clearly counter the original intention of us to use cloud computing services. Searchable encryption is a new type of cryptographic primitive proposed in recent years that enables information retrieval directly on the ciphertext by establishing a secure searchable index for the encrypted data. Early searchable encryption mainly focuses on static data sets, and data providers cannot increase and update cloud data and are not suitable for dynamic application environments of cloud computing. Current searchable encryption technology began to explore dynamic methods that allow data providers to add or delete cloud data with little communication and computing overhead. Since researchers find that file injection attacks are performed on the dynamic searchable encryption scheme, plaintext information of the whole encrypted data can be obtained by adding a very small number of attack file samples, and therefore the original scheme is broken through. Thus, dynamically searchable encryption techniques require forward security against file injection attacks. To achieve this goal, researchers have implemented forward security for dynamically searchable encryption using heavy-weight cryptographic primitives such as trapdoor permutations, pierceable encryption, or temporary keys, but these heavy-weight cryptographic operations or the storage and transfer of large numbers of temporary keys result in high computational or storage communication overhead.
Disclosure of Invention
The technical problems to be solved by the invention are as follows: aiming at the problems in the prior art, the invention provides a forward security dynamic searchable encryption method and system based on an XOR encryption chain, which realize a dynamic, forward security and high-efficiency searchable encryption method, can dynamically add new files with extremely low computation overhead and communication overhead by using an XOR chain-based mode in addition to realize high-efficiency information retrieval on encrypted data, and simultaneously ensure the confidentiality and forward security of updated data.
In order to solve the technical problems, the technical scheme adopted by the invention is as follows:
a forward security dynamic searchable encryption method based on an exclusive-or encryption chain comprises the following steps that a cloud server responds to query operation of a data user:
s101, the cloud server receives a query token aiming at a search keyword w from a data user;
s102, the cloud server is used for storing encrypted file identifiers according to the query token
The searchable security index ST of (2) has the index position of the cursor positioning end asAt the initial cnt-th index position, the file identifier ind of the cnt-th index position is decrypted according to the query token cnt And then sequentially decrypting the file identifier ind of the cnt-1 index position according to the query token and the information of the cnt index position based on the XOR encryption chain from the index position at the tail end cnt-1 Until the file identifier ind of the 1 st index position is decrypted 1 ;
S103, the cloud server decrypts the file identifier ind 1 ~ind cnt Returned to the data user so that the data user can read the file identifier ind 1 ~ind cnt And downloading all data files containing the search keyword w from the cloud server.
Optionally, step S102 includes:
s201, initializing a file identifier set Rest to be null, positioning a cursor to an index position at the tail, and acquiring a first pseudorandom value T of a cnt index position in an XOR encryption chain from a query token cnt And a second pseudo-random value R cnt ;
S202, according to the first pseudo-random value T of the cnt index position cnt Retrieving an index position ST [ T ] in a searchable security index ST cnt ]Is worth deriving an encrypted file identifier
Second pseudo-random value R according to the cnt-th index position cnt Generating a combined encryption string and combining encrypted file identifiers>
Decrypt the file identifier ind cnt Index position ST [ T ] cnt ]Corresponding XOR operation result U cnt And a second pseudo-random value R for the cnt-1 st index position cnt-1 The file identifier ind cnt Adding the set Rest;
s203, according to the first pseudo-random value T of the cnt index position cnt Sum exclusive or operation result U cnt Carrying out XOR operation to obtain a first pseudorandom value T of the cnt-1 th index position cnt-1 ;
S204, the cursor positioning is reversely moved to a new index position, so that the first pseudorandom value T of the cnt-1 th index position cnt-1 And a second pseudo-random value R cnt-1 First pseudo-random value T becoming new cnt-th index position cnt And a second pseudo-random value R cnt (ii) a If the new index position is 0, jumping to step S103; otherwise, go to step S202.
Optionally, in step S202, the encrypted file identifier
Decrypt the file identifier ind cnt Index position ST [ T ] cnt ]Corresponding XOR operation result U cnt And a second pseudo-random value R for the cnt-1 st index position cnt-1 The functional expression of (a) is:
in the above formula, ind cnt Being file identifiers, U cnt As a result of an XOR operation, R cnt-1 A second pseudo-random value for the cnt-1 st index position,
is an XOR operator, is asserted>
For encrypting file identifiers, H (K) w ,R cnt ) According to a first encryption key K w And a second pseudo-random value R for the cnt-th index position cnt Generating a combined encryption string, wherein H is an encryption function, and "←" represents a function mapping relation; the XOR operation in step S203 obtains the first pseudo-random value T of the cnt-1 th index position cnt-1 The functional expression of (a) is:
in the above formula, T cnt-1 Is the first pseudorandom value of the cnt-1 index position, T cnt Is the first pseudo-random value for the cnt-th index position,
for XOR operator, U cnt For the result of the xor operation, "←" represents a function mapping relationship.
Optionally, the method further includes that the data user generates and sends a query token to the cloud server according to the specified search keyword w:
s301, a data user takes a designated keyword w as an index, searches a position CT [ w ] from a keyword index table CT, if the position CT [ w ] is null, the situation that no file containing the keyword w exists in the keyword index table CT is indicated, and the searching process is finished and exits; otherwise, jumping to the step S302;
s302, reading position CT [ w ]]The value of (a) is to obtain the number cnt of files containing the search keyword w, and different first encryption keywords K are respectively generated according to the keyword w w And a second encryption key K' w The file number cnt is respectively added to the first encryption key K w And a second encryption key K' w Encrypting to obtain a first pseudorandom value T of the cnt-th index position cnt And a second pseudo-random value R cnt ;
S303, according to the first encryption keyword K w Index position ST [ T ] cnt ]Corresponding first pseudo-random value T cnt And index position ST [ T cnt ]Corresponding second pseudo-random value R cnt Building a query token (K) w ,R cnt ,T cnt ) And sending to the cloud server.
Optionally, a different first encryption key K is generated in step S302 w And a second encryption key K' w The functional expression of (a) is:
K w ←F(K,w||1),K′ w ←F(K,w||2),
in the above formula, F is an encryption function, K is a preset system master key, w is a search keyword, | | represents string connection; the file number cnt is respectively matched with the first encryption keyKey word K w And a second encryption key K' w The function expression for encryption is:
R cnt ←F(K′ w ,cnt),T cnt ←F(K w ,R cnt ),
in the above formula, F is an encryption function, K w And K' w Is a first encryption key and a second encryption key generated from the keyword w, respectively, "←" represents a function mapping relationship.
Optionally, an encrypted file identifier of the data provider data file f is also included
Uploading to a cloud server, wherein the data file f is represented by a keyword set W, and the processing of any keyword W in the keyword set W by a data provider comprises the following steps:
s401, the data provider takes the keyword w as an index, and searches the position CT [ w ] corresponding to the keyword w from the keyword index table CT]If position CT [ w]If the index position is null, setting the number cnt of files containing the key word w to be 0 initially, and randomly generating a first pseudorandom value T of the index position of the cnt cnt And a second pseudo-random value R cnt Otherwise, different first encryption keywords K are respectively generated according to the keywords w w And a second encryption key K' w The file number cnt is respectively added to the first encryption key K w And a second encryption key K' w Encrypting to obtain a first pseudorandom value T of the cnt-th index position cnt And a second pseudo-random value R cnt ;
S402, the data provider firstly adds the file number cnt +1 and a second encryption key word K' w Generating a second pseudo-random value R for the cnt +1 st index position cnt+1 Then, the second pseudo-random value R of the file number cnt +1 and the index position of the cnt +1 cnt+1 Generating a first pseudorandom value T for the cnt +1 th index position cnt+1 (ii) a A first pseudo-random value T of the cnt-th index position cnt And a first pseudo-random value T of the cnt +1 index position cnt+1 Performing XOR operation to generate XOR operation result U cnt+1 ;
S403, the data provider uses the second pseudo-random value R of the cnt-th index position cnt A second pseudorandom value R for the cnt +1 index position cnt+1 And the result of the XOR operation U cnt+1 Encrypting the k-bit length file identifier ind corresponding to the keyword w into an encrypted file identifier by adopting an encryption function H
S404, the data provider adds 1 to the file number cnt corresponding to the keyword w and stores the file number cnt to the position CT [ w ] in the keyword index table CT]In constructing the update request
And submitting the update request to the cloud server so that the cloud server receives the update request
Then, the encrypted file identifier is ≥ based on the file type>
Saving the search index position ST [ T ] in the searchable security index ST cnt ]In (1).
Optionally, in step S402, the file number cnt +1 and the second encryption key K 'are firstly obtained' w Generating a second pseudorandom value R for the cnt +1 th index position cnt+1 Then, the second pseudo-random value R of the file number cnt +1 and the index position of the cnt +1 cnt+1 Generating a first pseudorandom value T for the cnt +1 th index position cnt+1 The functional expression of (a) is:
R cnt+1 ←F(K′ w ,cnt+1),T cnt+1 ←F(R cnt+1 ,cnt+1),
wherein, F is an encryption function, and "←" represents a function mapping relation;
in step S402, the first pseudo-random value T of the cnt-th index position is determined cnt And a first pseudo-random value T of the cnt +1 index position cnt+1 Performing XOR operation to generate XOR operation result U cnt+1 Function expression ofComprises the following steps:
wherein the content of the first and second substances,
for the xor operator, "←" represents a function mapping relationship.
Optionally, the encryption in step S403 is an encrypted file identifier
The functional expression of (a) is:
in the above formula, K w For the first encryption key, | | represents string concatenation, H (K) w ,R cnt+1 ) Is the first encryption key K w And a second pseudo-random value R corresponding to the number of files cnt +1 cnt+1 With the result of the calculation of the encryption function H,
for the xor operator, "←" indicates a function mapping relationship.
In addition, the invention also provides a forward security dynamic searchable encryption system based on the XOR encryption chain, which comprises a microprocessor and a memory which are connected with each other, wherein the microprocessor is programmed or configured to execute the forward security dynamic searchable encryption method based on the XOR encryption chain.
Furthermore, the present invention also provides a computer readable storage medium having stored therein a computer program for being programmed or configured by a microprocessor to execute the xor-chain based forward secure dynamic searchable encryption method.
Compared with the prior art, the invention mainly has the following advantages:
1. the cloud server is used for storing the encrypted file identifier according to the query token
The searchable security index ST takes the index position at the end of cursor positioning as the initial cnt index position, and the file identifier ind of the cnt index position is decrypted according to the query token cnt And then, from the index position at the tail end, sequentially decrypting the file identifier ind of the cnt-1 index position according to the query token and the information of the cnt index position cnt-1 Until the file identifier ind of the 1 st index position is decrypted 1 The new file is dynamically added by using an XOR chain-based mode with extremely low calculation overhead and communication overhead, the confidentiality and forward security of the updated data can be ensured, the problems of dynamic data addition and information retrieval can be effectively solved, and the security and the high efficiency of the data and the retrieval are ensured.
2. Due to the high efficiency of information retrieval and the dynamic property of information updating, the forward safe dynamic searchable encryption method can be applied to the environment in the cloud computing outsourcing mode, the confidentiality of outsourcing data is ensured in an encryption mode, and the dynamic updating and the high efficiency retrieval on the encrypted data are realized.
Drawings
Fig. 1 is a schematic basic flow chart of a query operation of a cloud server responding to a data user according to the method in the embodiment of the present invention.
FIG. 2 is a model of an application system of the method of an embodiment of the present invention.
Fig. 3 is a schematic diagram of the structure of the xor encryption chain and the searchable security index ST according to the embodiment of the present invention.
FIG. 4 is a schematic view of a complete flow chart of the method according to the embodiment of the present invention.
Detailed Description
As shown in fig. 1, the forward secure dynamic searchable encryption method based on the xor encryption chain in this embodiment includes a query operation of a cloud server responding to a data user:
s101, the cloud server receives a query token aiming at a search keyword w from a data user;
s102, the cloud server is used for storing the encrypted file identifier according to the query token
The searchable security index ST takes the index position at the end of cursor positioning as the initial cnt index position, and the file identifier ind of the cnt index position is decrypted according to the query token cnt And then sequentially decrypting the file identifier ind of the cnt-1 index position according to the query token and the information of the cnt index position based on the XOR encryption chain from the index position at the tail end cnt-1 Until the file identifier ind of the 1 st index position is decrypted 1 ;
S103, the cloud server decrypts the file identifier ind 1 ~ind cnt Returned to the data user so that the data user can read the file identifier ind 1 ~ind cnt And downloading all data files containing the search keyword w from the cloud server. The data file may be a plaintext file or a ciphertext file. For example, in the embodiment, specifically, the ciphertext file is obtained, and generally, in the searchable encryption technology, the data file is encrypted by using a conventional symmetric encryption technology, and the data encryption is not the content concerned here.
Fig. 2 shows an application system model of the forward secure dynamic searchable encryption method based on the xor encryption chain according to this embodiment, which includes three entities, namely, a data provider, a data user (querier), and a cloud computing platform. The step of the front Wen Yun server responding to the query operation of the data user is the process executed by the cloud server in fig. 2.
In this embodiment, step S102 includes:
s201, initializing a file identifier set Rest to be null, positioning a cursor to an index position at the tail, and acquiring a first pseudorandom value T of a cnt index position in an XOR encryption chain from a query token cnt And a second pseudo-random value R cnt ;
S202, according to the first dummy of the cnt index positionRandom value T cnt Retrieving an index position ST T in a searchable security index ST cnt ]Is worth deriving an encrypted file identifier
A second pseudo-random value R according to the cnt-th index position cnt Generates a combined encrypted string and concatenates the encrypted file identifier @>
Decrypting the file identifier ind cnt Index position ST [ T ] cnt ]Corresponding XOR operation result U cnt And a second pseudo-random value R for the cnt-1 st index position cnt-1 The file identifier ind cnt Adding the set Rest;
s203, according to the first pseudo-random value T of the cnt index position cnt Sum exclusive or operation result U cnt Carrying out XOR operation to obtain a first pseudorandom value T of the cnt-1 th index position cnt-1 ;
S204, the cursor positioning is reversely moved to a new index position, so that the first pseudorandom value T of the cnt-1 th index position cnt-1 And a second pseudo-random value R cnt-1 First pseudo-random value T becoming new cnt-th index position cnt And a second pseudo-random value R cnt (ii) a If the new index position is 0, jumping to step S103; otherwise, go to step S202.
Thus, the cloud server receives the query token (K) w ,R cnt ,T cnt ) Then, the file identifiers are acquired step by step from the initial file number cnt until the file number cnt is 0: a first pseudo-random value T at the current cnt-th index position cnt For indexing, an index position ST [ T ] is retrieved in a searchable security index ST cnt ]Is given an encrypted file identifier and is based on the first encryption key K w And a second pseudo-random value R for the cnt-th index position cnt Decrypting to obtain the file identifier corresponding to the current file number cnt and calculating the first pseudorandom value T corresponding to the file number cnt-1 cnt-1 Subtracting 1 from the current file number cnt; will be finallySending the file identifier to the data user; further, in this embodiment, an empty set Rest is initialized first, and is used to store file identifiers (search results) including the search keyword w, the set Rest is placed every time a file identifier is searched, and after the circulation is completed, the file identifiers in the set Rest can be used to obtain all data files including the search keyword w. FIG. 3 is a diagram illustrating the structure of the XOR encryption chain and the searchable security index ST in the embodiment, where the first pseudo-random value T at the 0 th to cnt th index positions 0 ~T cnt And a second pseudo-random value R 0 ~R cnt An exclusive-or encryption chain is formed, the arrow direction at the lower side to the left represents the retrieval process in the searchable security index ST, and the file identifier ind of the cnt-th index position is firstly decrypted according to the query token cnt And then, from the index position at the tail end, sequentially decrypting the file identifier ind of the cnt-1 index position according to the query token and the information of the cnt index position cnt-1 Until the file identifier ind of the 1 st index position is decrypted 1 Thus completing the decryption of the file identifiers ind in turn cnt ~ind 1 The data retrieval process of (1). First pseudo-random value T of any cnt-th index position cnt And a second pseudo-random value R cnt Two chains are formed from small to large according to the number cnt of files of the key w and can be based on the first encryption key K w And a second pseudo-random value R for the cnt-th index position cnt Decrypting to obtain the file identifier corresponding to the current file number cnt and calculating the first pseudorandom value T corresponding to the file number cnt-1 cnt-1 Therefore, a forward security encryption inverted index structure based on the searchable security index ST is formed by the first pseudorandom value and the second pseudorandom value of the cnt index positions, the problems of data dynamic increase and information retrieval can be effectively solved, and the security and the efficiency of data and retrieval are guaranteed.
In this embodiment, in step S202, the encrypted file identifier is used
Decrypt the file identifier ind cnt Index position ST [ T ] cnt ]Corresponding XOR operation result U cnt And a second pseudo-random value R for the cnt-1 st index position cnt-1 The functional expression of (a) is:
in the above formula, ind cnt Being file identifiers, U cnt As a result of an XOR operation, R cnt-1 A second pseudo-random value for the cnt-1 st index position,
is an XOR operator, is asserted>
For encrypting the file identifier, H (K) w ,R cnt ) According to a first encryption key K w And a second pseudo-random value R for the cnt-th index position cnt A generated combined encrypted string, H being an encryption function, "←" representing a function mapping relationship; the XOR operation in step S203 obtains the first pseudo-random value T of the cnt-1 th index position cnt-1 The functional expression of (a) is:
in the above formula, T cnt-1 Is the first pseudo-random value of the cnt-1 st index position, T cnt Is the first pseudo-random value for the cnt-th index position,
for XOR operator, U cnt For the result of the xor operation, "←" represents a function mapping relationship. Because only light-weight XOR encryption operation is adopted and a temporary key does not need to be stored, the method has high retrieval efficiency and low communication storage overhead. In this embodiment, the encryption function H is a pseudo-random function, which can be expressed as:
H:{1,0} k ×{1,0} * →{1,0} 3k ,
the definition domain of the encryption function H is {1,0} k And {1,0} * The value range is {1,0} 3k As a function of (c).
In this embodiment, the data user further generates and sends a query token to the cloud server according to the specified search keyword w:
s301, a data user takes a specified keyword w as an index, retrieves a position CT [ w ] from a keyword index table CT, if the position CT [ w ] is empty, the situation shows that no file containing the keyword w exists in the keyword index table CT, and the searching process is finished and exits; otherwise, jumping to the step S302;
s302, reading position CT [ w ]]The value of (a) is to obtain the number cnt of files containing the search keyword w, and different first encryption keywords K are respectively generated according to the keyword w w And a second encryption key K' w The file number cnt is respectively added to the first encryption key K w And a second encryption key K' w Encrypting to obtain a first pseudorandom value T of the cnt-th index position cnt And a second pseudo-random value R cnt ;
S303, according to the first encryption keyword K w Index position ST [ T ] cnt ]Corresponding first pseudo-random value T cnt And index position ST [ T cnt ]Corresponding second pseudo-random value R cnt Constructing a query token (K) w ,R cnt ,T cnt ) And sending to the cloud server.
In this embodiment, in step S302, different first encryption keywords K are generated w And a second encryption key K' w The functional expression of (a) is:
K w ←F(K,w||1),K′ w ←F(K,w||2),
in the above formula, F is an encryption function, K is a preset system master key, w is a search keyword, | | | represents string concatenation, where the purpose of concatenating 1 and 2 for keyword w is to let w | | |1 and w | | |2 represent two different strings to generate different keys K w And K' w . As an optional implementation manner, in this embodiment, the encryption function FIs a pseudo-random function and can be expressed as:
F:{1,0} k ×{1,0} * →{1,0} k ,
of these, {1,0} k Represents a binary string of length k bits, {1,0} * Represent binary strings of arbitrary length, i.e., field of definition 1,0} k And {1,0} * The value range is {1,0} k Is measured as a function of (c). The difference between the encryption function F and the encryption function H is: the output lengths are different, the output of the encryption function F is a binary string with the length of k bits, and the output of the encryption function H is a binary string with the length of 3k bits. The encryption function F has a domain of {1,0} k And {1,0} * The value range is {1,0} k . Since the cryptographic function F is a pseudo-random function, a cannot distinguish the output of the cryptographic function F from a truly random function R with non-negligible advantage for an arbitrary probabilistic polynomial adversary a: {1,0} * →{1,0} k To output of (c). In the pseudo-random function, {0,1} k Representing the key space, k being a security parameter. In general terms, the system master key K and a string of length x are input, the output is a string of length y, and the string is a random binary string for adversaries. In this embodiment, by inputting a security parameter K that is sufficiently large (for example, 256 bits long), the system master key K is selected from {0,1} k Is obtained by random selection.
In this embodiment, the number of files cnt is respectively set to the first encryption key K w And a second encryption key K' w The function expression for encryption is:
R cnt ←F(K′ w ,cnt),T cnt ←F(K w ,R cnt ),
in the above formula, F is an encryption function, K w And K' w Is a first encryption key and a second encryption key generated from the keyword w, respectively, "←" represents a function mapping relationship.
Referring to FIG. 4, the present embodiment further includes an encrypted file identifier for the data provider data file f
Uploading to a cloud server, wherein a data file f is represented by a keyword set W, and the processing of any keyword W in the keyword set W by a data provider comprises the following steps:
s401, the data provider takes the keyword w as an index, and searches the position CT [ w ] corresponding to the keyword w from the keyword index table CT]If position CT [ w]If the index position is null, setting the number cnt of files containing the key word w to be 0 initially, and randomly generating a first pseudorandom value T of the index position of the cnt cnt And a second pseudo-random value R cnt Otherwise, different first encryption keywords K are respectively generated according to the keywords w w And a second encryption key K' w The file number cnt is respectively added to the first encryption key K w And a second encryption key K' w Encrypting to obtain a first pseudorandom value T of the cnt-th index position cnt And a second pseudo-random value R cnt ;
S402, the data provider firstly adds a file number cnt +1 and a second encryption key word K' w Generating a second pseudorandom value R for the cnt +1 th index position cnt+1 Then, the second pseudo-random value R of the file number cnt +1 and the index position of the cnt +1 cnt+1 Generating a first pseudorandom value T for the cnt +1 th index position cnt+1 (ii) a A first pseudo-random value T of the cnt-th index position cnt And a first pseudo-random value T of the cnt +1 index position cnt+1 Performing XOR operation to generate XOR operation result U cnt+1 ;
S403, the data provider uses the second pseudo-random value R of the cnt-th index position cnt A second pseudorandom value R for the cnt +1 index position cnt+1 And the result of the XOR operation U cnt+1 Encrypting the k-bit length file identifier ind corresponding to the keyword w into an encrypted file identifier by adopting an encryption function H
S404, the data provider adds 1 to the file number cnt corresponding to the keyword w and stores the file number cnt to the position CT [ w ] in the keyword index table CT]In constructing the update request
And submitting the update request to the cloud server so that the cloud server receives the update request>
Then, the encrypted file identifier is combined with the key value>
Saving the search index location ST [ T ] in the searchable security index ST cnt ]In, can be represented as: />
Referring to the arrow to the right in fig. 3, as the number cnt of the files corresponding to the keyword w increases, the encrypted file identifier in the security index ST can be searched
Will correspond to the first pseudo-random value T of the cnt-th index position which is synchronously increased cnt And a second pseudo-random value R cnt But also increases synchronously. In this embodiment, the data provider submits a set W = { W } using a keyword set to the cloud server 1 ,w 2 ,…,w n The data file f represented by (i) may submit a plaintext file or a ciphertext file as needed, for example, the ciphertext file of the data file f is specifically referred to in this embodiment, generally, in a searchable encryption technology, the data file is encrypted by using a conventional symmetric encryption technology, and the data encryption is not content concerned here. The data provider uses the keyword w as an index and retrieves the position CT [ w ] from the keyword index table CT]If position CT [ w]If the index position is null, setting the file number cnt containing the key word w as 0, and randomly generating a first pseudorandom value T of the index position of the cnt cnt (T 0 ) And a second pseudo-random value R cnt (R 0 ) Specifically, in the present embodiment, the numbers are respectively {0,1} k Uniformly and randomly selecting an element as T 0 And R 0 。
In this embodiment, step S402 is performed firstMixing the file number cnt +1 and a second encryption key K' w Generating a second pseudorandom value R for the cnt +1 th index position cnt+1 Then, the second pseudo-random value R of the file number cnt +1 and the index position of the cnt +1 cnt+1 Generating a first pseudorandom value T for the cnt +1 th index position cnt+1 The functional expression of (a) is:
R cnt+1 ←F(K′ w ,cnt+1),T cnt+1 ←F(R cnt+1 ,cnt+1),
wherein, F is an encryption function, and "←" represents a function mapping relation;
in step S402, the first pseudo-random value T of the cnt-th index position is determined cnt And a first pseudo-random value T of the cnt +1 index position cnt+1 Performing XOR operation to generate XOR operation result U cnt+1 The functional expression of (a) is:
wherein the content of the first and second substances,
for the xor operator, "←" represents a function mapping relationship.
In this embodiment, the encryption in step S403 is an encrypted file identifier
The functional expression of (a) is:
in the above formula, K w For the first encryption key, | | represents string concatenation, H (K) w ,R cnt+1 ) Is the first encryption key K w And a second pseudo-random value R corresponding to the number of files cnt +1 cnt+1 With the result of the calculation of the encryption function H,
for the xor operator, "←" represents a function mapping relationship.
In this embodiment, when new data files are dynamically added to the searchable security index ST, all of the query tokens issued prior to the data update operation cannot be used to retrieve these new data files, even if the new data files satisfy the query requirements unless a new query token is issued. The forward security requires that the newly added data file cannot pass through the historical query token and reveal keyword information contained in the newly added data file. In essence, this requires that the query tokens are unlinkable, i.e. the same query key should have different query tokens, ensuring randomness of the query tokens. In the data updating process facing the query token, the method of the embodiment is used for generating a second encryption key K' w Is generated with respect to a certain file number cnt due to the second encryption key K' w The update result is not sent to the cloud server in the whole update process, so the cloud server cannot generate the latest second pseudorandom value R according to the counters 1, 2, … and cnt before update cnt+1 . From the search process we know that there is no second pseudorandom value R cnt+1 The cloud server cannot search for the currently updated data file according to the previously submitted query token. Therefore, the forward security of the method of the embodiment can be ensured.
In summary, in the embodiment, only a lightweight xor encryption operation is used, a searchable encryption method supporting dynamic data updating, forward security and high efficiency is implemented, new files can be dynamically added in an xor chain-based manner with extremely low computation overhead and communication overhead, confidentiality and forward security of updated data are guaranteed, the problems of dynamic data addition and information retrieval can be effectively solved, and security and high efficiency of data and retrieval are guaranteed. Due to the high efficiency of information retrieval and the dynamic property of information updating, the forward secure dynamic searchable encryption method of the embodiment can be applied to a real environment in a cloud computing outsourcing mode, the confidentiality of outsourcing data is ensured in an encryption mode, and the dynamic updating and the high efficiency retrieval on encrypted data are realized.
In addition, the embodiment also provides an exclusive-or encryption chain based forward secure dynamic searchable encryption system, which comprises a microprocessor and a memory which are connected with each other, wherein the microprocessor is programmed or configured to execute the exclusive-or encryption chain based forward secure dynamic searchable encryption method.
Furthermore, the present embodiment also provides a computer-readable storage medium, in which a computer program is stored, the computer program being programmed or configured by a microprocessor to execute the forward secure dynamic searchable encryption method based on an exclusive-or encryption chain.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-readable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein. The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks. These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks. These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above description is only a preferred embodiment of the present invention, and the protection scope of the present invention is not limited to the above embodiments, and all technical solutions belonging to the idea of the present invention belong to the protection scope of the present invention. It should be noted that modifications and embellishments within the scope of the invention may occur to those skilled in the art without departing from the principle of the invention, and are considered to be within the scope of the invention.
Claims (10)
1. A forward security dynamic searchable encryption method based on an exclusive-or encryption chain is characterized by comprising the following steps that a cloud server responds to query operation of a data user:
s101, a cloud server receives a query token aiming at a search keyword w from a data user;
s102, the cloud server is used for storing encrypted file identifiers according to the query token
The searchable security index ST takes the index position at the cursor positioning end as the initial cnt index position, and the file identifier ind of the cnt index position is decrypted according to the query token cnt And then sequentially decrypting the file identifier ind of the cnt-1 index position according to the query token and the information of the cnt index position based on the XOR encryption chain from the index position at the tail end cnt-1 Until the file identifier ind of the 1 st index position is decrypted 1 ;
S103, the cloud server willDecrypted file identifier ind 1 ~ind cnt Returned to the data user so that the data user can read the file identifier ind 1 ~ind cnt And downloading all data files containing the search keyword w from the cloud server.
2. The forward secure dynamic searchable encryption method based on xor encryption chains according to claim 1, wherein step S102 comprises:
s201, initializing a file identifier set Rest to be null, positioning a cursor to an index position at the tail, and acquiring a first pseudo-random value T of a cnt index position in an XOR encryption chain from a query token cnt And a second pseudo-random value R cnt ;
S202, according to the first pseudo-random value T of the cnt index position cnt Retrieving an index position ST [ T ] in a searchable security index ST cnt ]Is worth deriving an encrypted file identifier
Second pseudo-random value R according to the cnt-th index position cnt Generates a combined encrypted string and concatenates the encrypted file identifier @>
Decrypt the file identifier ind cnt Index position ST [ T ] cnt ]Corresponding XOR operation result U cnt And a second pseudo-random value R for the cnt-1 st index position cnt-1 The file identifier ind cnt Adding the set Rest;
s203, according to the first pseudo-random value T of the cnt index position cnt Sum exclusive or operation result U cnt Carrying out XOR operation to obtain a first pseudorandom value T of the cnt-1 th index position cnt-1 ;
S204, the cursor positioning is reversely moved to a new index position, so that the first pseudorandom value T of the cnt-1 th index position cnt-1 And a second pseudo-random value R cnt-1 First pseudo-random value to become new cnt-th index positionT cnt And a second pseudo-random value R cnt (ii) a If the new index position is 0, jumping to step S103; otherwise, go to step S202.
3. The forward secure dynamic searchable encryption method based on xor encryption chain according to claim 2, wherein in step S202, the file identifier is encrypted
Decrypt the file identifier ind cnt Index position ST [ T ] cnt ]Corresponding XOR operation result U cnt And a second pseudo-random value R for the cnt-1 st index position cnt-1 The functional expression of (a) is:
in the above formula, ind cnt Being file identifiers, U cnt As a result of an XOR operation, R cnt-1 A second pseudo-random value for the cnt-1 st index position,
in order to be an exclusive or operator, the operation, device for combining or screening>
For encrypting the file identifier, H (K) w ,R cnt ) According to a first encryption key K w And a second pseudo-random value R for the cnt-th index position cnt Generating a combined encryption string, wherein H is an encryption function, and "←" represents a function mapping relation; the XOR operation in step S203 obtains the first pseudo-random value T of the cnt-1 th index position cnt-1 The functional expression of (a) is:
in the above formula, T cnt-1 Is the first pseudorandom value of the cnt-1 index position, T cnt Is the first pseudo-random value for the cnt-th index position,
for XOR operator, U cnt For the result of the xor operation, "←" represents a function mapping relationship.
4. The forward secure dynamic searchable encryption method based on an exclusive or encryption chain according to claim 1, further comprising the data user generating and sending a query token to a cloud server according to a specified search keyword w:
s301, a data user takes a specified keyword w as an index, retrieves a position CT [ w ] from a keyword index table CT, if the position CT [ w ] is empty, the situation shows that no file containing the keyword w exists in the keyword index table CT, and the searching process is finished and exits; otherwise, jumping to step S302;
s302, reading position CT [ w ]]The value of (a) is to obtain the number cnt of files containing the search keyword w, and different first encryption keywords K are respectively generated according to the keyword w w And a second encryption key K' w The file number cnt is respectively added to the first encryption key K w And a second encryption key K' w Encrypting to obtain a first pseudorandom value T of the cnt-th index position cnt And a second pseudo-random value R cnt ;
S303, according to the first encryption keyword K w Index position ST [ T ] cnt ]Corresponding first pseudo-random value T cnt And index position ST [ T ] cnt ]Corresponding second pseudo-random value R cnt Building a query token (K) w ,R cnt ,T cnt ) And sending to the cloud server.
5. The XOR-chain-based forward secure dynamic searchable encryption method of claim 4, wherein different first encryption keys K are generated in step S302 w And a second encryption key K' w The functional expression of (a) is:
K w ←F(K,w||1),K′ w ←F(K,w||2),
in the above formula, F is an encryption function, K is a preset system master key, w is a search keyword, | | represents string connection; respectively matching the file number cnt to the first encryption key word K w And a second encryption key K' w The function expression for encryption is:
R cnt ←F(K′ w ,cnt),T cnt ←F(K w ,R cnt ),
in the above formula, F is an encryption function, K w And K' w Is a first encryption key and a second encryption key generated from the keyword w, respectively, "←" represents a function mapping relationship.
6. The forward secure dynamic searchable encryption method based on xor encryption chains according to claim 1, further comprising an encrypted file identifier of a data provider data file f
Uploading to a cloud server, wherein the data file f is represented by a keyword set W, and the processing of any keyword W in the keyword set W by a data provider comprises the following steps:
s401, the data provider takes the keyword w as an index, and searches the position CT [ w ] corresponding to the keyword w from the keyword index table CT]If position CT [ w ]]If the index position is null, setting the number cnt of files containing the key word w to be 0 initially, and randomly generating a first pseudorandom value T of the index position of the cnt cnt And a second pseudo-random value R cnt Otherwise, different first encryption keywords K are respectively generated according to the keywords w w And a second encryption key K' w The file number cnt is respectively added to the first encryption key K w And a second encryption key K' w Encrypting to obtain a first pseudorandom value T of the cnt-th index position cnt And a second pseudo-random value R cnt ;
S402, the data provider firstly adds the file number cnt +1 and a second encryption key word K' w Generate the firstSecond pseudo-random value R of cnt +1 index positions cnt+1 Then, the second pseudo-random value R of the file number cnt +1 and the index position of the cnt +1 cnt+1 Generating a first pseudorandom value T for the cnt +1 th index position cnt+1 (ii) a A first pseudo-random value T of the cnt-th index position cnt And a first pseudo-random value T of the cnt +1 index position cnt+1 Performing XOR operation to generate XOR operation result U cnt+1 ;
S403, the data provider uses the second pseudo-random value R of the cnt-th index position cnt A second pseudorandom value R for the cnt +1 index position cnt+1 And the result of the XOR operation U cnt+1 Encrypting the k-bit length file identifier ind corresponding to the keyword w into an encrypted file identifier by adopting an encryption function H
S404, the data provider adds 1 to the file number cnt corresponding to the keyword w and stores the file number cnt to the position CT [ w ] in the keyword index table CT]In constructing the update request
And submitting the update request to the cloud server so that the cloud server receives the update request>
Then, the encrypted file identifier is ≥ based on the file type>
Saving the search index location ST [ T ] in the searchable security index ST cnt ]In (1).
7. The XOR-chain-based forward secure dynamic searchable encryption method of claim 6, wherein in step S402, the file number cnt +1 and the second encryption key K 'are first set forth' w Generating a second pseudo-random value R for the cnt +1 st index position cnt+1 Then, the number of files cnt +1 and the cnt +1 th are indexedSecond pseudo-random value R of position cnt+1 Generating a first pseudorandom value T for the cnt +1 th index position cnt+1 The functional expression of (a) is:
R cnt+1 ←F(K′ w ,cnt+1),T cnt+1 ←F(R cnt+1 ,cnt+1),
wherein, F is an encryption function, and "←" represents a function mapping relation;
in step S402, the first pseudo-random value T of the cnt-th index position is determined cnt And a first pseudo-random value T of the cnt +1 index position cnt+1 Performing XOR operation to generate XOR operation result U cnt+1 The functional expression of (a) is:
wherein the content of the first and second substances,
for the xor operator, "←" represents a function mapping relationship.
8. The forward secure dynamic searchable encryption method based on xor encryption chain as claimed in claim 7, wherein the encryption in step S403 is an encrypted file identifier
The functional expression of (a) is:
in the above formula, K w For the first encryption key, | | represents string concatenation, H (K) w ,R cnt+1 ) For the first encryption key K w And a second pseudo-random value R corresponding to the number of files cnt +1 cnt+1 With the result of the calculation of the encryption function H,
for the xor operator, "←" represents a function mapping relationship.
9. An xor-chain based forward secure dynamically searchable encryption system comprising a microprocessor and a memory interconnected, wherein said microprocessor is programmed or configured to perform the xor-chain based forward secure dynamically searchable encryption method of any one of claims 1-8.
10. A computer-readable storage medium, in which a computer program is stored, wherein the computer program is adapted to be programmed or configured by a microprocessor to perform the exclusive-or encryption chain based forward secure dynamically searchable encryption method according to any one of claims 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211473179.3A CN115913725A (en) | 2022-11-21 | 2022-11-21 | Forward security dynamic searchable encryption method and system based on XOR encryption chain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211473179.3A CN115913725A (en) | 2022-11-21 | 2022-11-21 | Forward security dynamic searchable encryption method and system based on XOR encryption chain |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115913725A true CN115913725A (en) | 2023-04-04 |
Family
ID=86472260
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211473179.3A Pending CN115913725A (en) | 2022-11-21 | 2022-11-21 | Forward security dynamic searchable encryption method and system based on XOR encryption chain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115913725A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116915765A (en) * | 2023-09-12 | 2023-10-20 | 福建慧政通信息科技有限公司 | File downloading management method and system |
-
2022
- 2022-11-21 CN CN202211473179.3A patent/CN115913725A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116915765A (en) * | 2023-09-12 | 2023-10-20 | 福建慧政通信息科技有限公司 | File downloading management method and system |
| CN116915765B (en) * | 2023-09-12 | 2023-12-05 | 福建慧政通信息科技有限公司 | File downloading management method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Ge et al. | Towards achieving keyword search over dynamic encrypted cloud data with symmetric-key based verification | |
| US11537626B2 (en) | Full-text fuzzy search method for similar-form Chinese characters in ciphertext domain | |
| CN110334526B (en) | Forward security searchable encryption storage system and method supporting verification | |
| Du et al. | Privacy-preserving indexing and query processing for secure dynamic cloud storage | |
| US8533489B2 (en) | Searchable symmetric encryption with dynamic updating | |
| Moataz et al. | Constant communication ORAM with small blocksize | |
| Li et al. | A searchable symmetric encryption scheme using blockchain | |
| Salam et al. | Implementation of searchable symmetric encryption for privacy-preserving keyword search on cloud storage | |
| EP2751949A1 (en) | Multiple table tokenization | |
| CN103955537A (en) | Method and system for designing searchable encrypted cloud disc with fuzzy semantics | |
| CN114048448A (en) | Block chain based dynamic searchable encryption method and device | |
| CN108111587B (en) | Cloud storage searching method based on time release | |
| US9946720B1 (en) | Searching data files using a key map | |
| CN103607420A (en) | Safe electronic medical system for cloud storage | |
| CN113254955A (en) | Forward security connection keyword symmetric searchable encryption method, system and application | |
| Rane et al. | Multi-user multi-keyword privacy preserving ranked based search over encrypted cloud data | |
| Handa et al. | A cluster based multi-keyword search on outsourced encrypted cloud data | |
| Peng et al. | LS-RQ: A lightweight and forward-secure range query on geographically encrypted data | |
| CN115913725A (en) | Forward security dynamic searchable encryption method and system based on XOR encryption chain | |
| CN108370312B (en) | Encryption device, search device, computer-readable recording medium, encryption method, and search method | |
| CN105897419B (en) | A kind of multi-user's dynamic keyword word can search for encryption method | |
| CN104794243A (en) | Third-party ciphertext retrieval method based on file name | |
| Nakagawa et al. | Efficient privacy-preserving variable-length substring match for genome sequence | |
| CN113904823B (en) | Attribute-based searchable encryption method and system for constant-level authorization computation complexity | |
| JP6672451B2 (en) | Encrypted search index merge server, encrypted search index merge system, and encrypted search index merge method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |