WO2019178792A1 - Ciphertext search method and system supporting access control - Google Patents

Ciphertext search method and system supporting access control Download PDF

Info

Publication number
WO2019178792A1
WO2019178792A1 PCT/CN2018/079918 CN2018079918W WO2019178792A1 WO 2019178792 A1 WO2019178792 A1 WO 2019178792A1 CN 2018079918 W CN2018079918 W CN 2018079918W WO 2019178792 A1 WO2019178792 A1 WO 2019178792A1
Authority
WO
WIPO (PCT)
Prior art keywords
ciphertext
key
database
search
index
Prior art date
Application number
PCT/CN2018/079918
Other languages
French (fr)
Chinese (zh)
Inventor
张鹏
吴楚欣
刘宏伟
喻建平
Original Assignee
深圳大学
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳大学 filed Critical 深圳大学
Priority to PCT/CN2018/079918 priority Critical patent/WO2019178792A1/en
Publication of WO2019178792A1 publication Critical patent/WO2019178792A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols

Definitions

  • the invention belongs to the technical field of data processing, and in particular relates to a ciphertext search method and system supporting access control.
  • cloud computing enables users to enjoy ubiquitous, convenient and on-demand network access to share configurable computing resource pools with high efficiency and minimal economic overhead.
  • outsourcing sensitive information such as email, personal health records, corporate financial data, government documents, etc.
  • CSP Cloud Service Provider
  • the searchable encryption mechanism performs the search operation of the encrypted data through the keyword query trapdoor, and the cloud server returns the encrypted file set that satisfies the query condition, and the user uses the decrypted file after the client decrypts, thereby ensuring the data confidentiality and the search function simultaneously, and realizing the secure storage.
  • searchable encryption is mainly divided into symmetric searchable encryption and public key searchable encryption.
  • the construction of symmetric searchable encryption is usually based on pseudo-random functions, and has the characteristics of small computational cost, simple algorithm and fast speed.
  • Sun et al. introduced attribute-based encryption to construct a symmetric searchable encryption scheme that implements access control. The scheme first performs a fast search on ciphertext data and then controls the ability of the search user to access data, but the scheme has certain defects.
  • the process of obtaining the search trapdoor requires the data owner to participate, which requires the data owner to be online at all times; on the other hand, each index corresponding to each keyword adopts an access policy, which requires a large amount of implementation. The operation can be guaranteed, which makes the data owner expensive to generate an encrypted database.
  • the technical problem to be solved by the present invention is to provide a ciphertext search method and system for supporting access control, which aims to solve the problem that the prior art requires the data owner to be online in real time when searching, and requires a large number of operations to ensure access control. .
  • a ciphertext search method supporting access control the ciphertext search system includes a client and a cloud server, and the ciphertext search method includes:
  • Step A The client encrypts the file of the database by using a preset symmetric encryption algorithm to obtain an encrypted ciphertext, and builds an index on the encrypted ciphertext according to the file identifier of the file of the database, and encrypts the index to obtain a ciphertext database including an index ciphertext, and sending the encrypted ciphertext and the ciphertext data to a cloud server;
  • Step B The client receives a key ciphertext, a private key, and a search key set input when the user searches, and generates a trapdoor according to the key ciphertext, the private key, and the search keyword set, and the The trapdoor is sent to the cloud server;
  • Step C The cloud server searches, according to the trapdoor, an index ciphertext corresponding to the trapdoor in a ciphertext database;
  • Step D The client decrypts the index ciphertext by using a key, and uploads the decrypted file identifier to the cloud server, so that the cloud server returns the encryption key corresponding to the file identifier. And decrypting the encrypted ciphertext by using a preset symmetric encryption algorithm to obtain a search result;
  • step E the client displays the search result according to a preset display manner.
  • step A includes:
  • the client receives the database and encrypts the file in the database using a pseudo-random function to obtain the encrypted ciphertext.
  • the pseudo-random function is PRF F: ⁇ 0, 1 ⁇ ⁇ ⁇ ⁇ 0, 1 ⁇ ⁇ ⁇ ⁇ 0, 1 ⁇ ⁇ , PRP P: ⁇ 0, 1 ⁇ ⁇ ⁇ ⁇ 0, 1 ⁇ ⁇ ⁇ ⁇ 0,1 ⁇ ⁇ indicates that the ciphertext database is represented by EDB, and the database is represented by DB.
  • Id i ⁇ 0,1 ⁇ ⁇ represents the file identifier
  • the file set Doc ⁇ f 1 ,f 2 ,...,f d ⁇
  • the step A specifically includes:
  • the counter c ⁇ 0 is initialized in a random order, and the index cipher rind ⁇ P(k, id i
  • step B the user pair of the attribute set is S Keyword collection To perform the search, step B specifically includes:
  • the client generates a private key SK ⁇ ABE.KeyGen(MSK,S) according to the attribute S of the user;
  • step C includes:
  • step D includes:
  • the client decrypts the set l of the index ciphertext using the key k, obtains the file identifier id i and the corresponding key r i ; for the rind ⁇ l, calculates (id i
  • Id i sends to the server cloud
  • the embodiment of the invention further provides a ciphertext search system supporting access control, comprising:
  • the client encrypts the file of the database using a preset symmetric encryption algorithm to obtain an encrypted ciphertext, and builds an index on the encrypted ciphertext according to the file identifier of the file of the database, and encrypts the index to obtain the inclusion.
  • Indexing the ciphertext database of the ciphertext sending the encrypted ciphertext and the ciphertext data to the cloud server for inclusion; and receiving the key ciphertext, the private key, and the search keyword set input by the user during the search, according to The key ciphertext, the private key, and the search key set generate a trapdoor, and send the trapdoor to the cloud server;
  • the cloud server is configured to save the encrypted ciphertext and the ciphertext database; and is further configured to retrieve, according to the trapdoor, an index ciphertext corresponding to the trapdoor in a ciphertext database; The identifier looks up the corresponding encrypted ciphertext;
  • the client is further configured to decrypt the index ciphertext by using a key, and upload the decrypted file identifier to the cloud server, so that the cloud server returns an encryption corresponding to the file identifier.
  • the ciphertext decrypts the encrypted ciphertext using a preset symmetric encryption algorithm to obtain a search result, and displays the search result according to a preset display manner.
  • the client is specifically configured to:
  • the pseudo-random function is PRF F: ⁇ 0, 1 ⁇ ⁇ ⁇ ⁇ 0, 1 ⁇ ⁇ ⁇ ⁇ 0, 1 ⁇ ⁇ , PRP P: ⁇ 0, 1 ⁇ ⁇ ⁇ ⁇ 0, 1 ⁇ ⁇ ⁇ ⁇ 0, 1 ⁇ ⁇ indicates that the ciphertext database is represented by EDB, and the database is represented by DB.
  • Id i ⁇ 0,1 ⁇ ⁇ represents the file identifier
  • the file set Doc ⁇ f 1 ,f 2 ,...,f d ⁇
  • the symmetric encryption algorithm SE (Enc, Dec);
  • the counter c ⁇ 0 is initialized in a random order, and the index cipher rind ⁇ P(k, id i
  • the key ciphertext is represented by C
  • the private key is represented by SK
  • the trapdoor is represented by stag, xtoken[1], xtoken[2], . . .
  • a set of the index ciphertext is represented by l, and the cloud server is specifically configured to:
  • the client is also used to:
  • Id i sends to the server cloud
  • the present invention has the beneficial effects that: when detecting the key ciphertext, the private key, and the search key set input when the user searches, the trapdoor is generated according to the trapdoor in the ciphertext. Searching the index ciphertext corresponding to the trapdoor in the database, decrypting the index ciphertext by using a key, obtaining a file identifier, and searching for the corresponding encrypted ciphertext according to the file identifier, and decrypting the encrypted ciphertext to obtain a search result.
  • the attribute base encryption is used to control the ability of the search user to access the data, but the access control is set to the entire database instead of the index, which can greatly reduce the calculation overhead when the data owner encrypts the database, and the user
  • the process of obtaining a search trap does not require data owner participation.
  • the embodiment of the invention solves the data security problem, the efficient ciphertext search and the data access control problem existing in the existing cloud storage service.
  • FIG. 2 is a schematic diagram of total running time of different methods provided by an embodiment of the present invention.
  • FIG. 3 is a schematic diagram of a running time of a ciphertext database initialization according to an embodiment of the present invention
  • FIG. 4 is a schematic diagram of a running time of a trapdoor generation process and an extraction process according to an embodiment of the present invention
  • FIG. 5 is a schematic diagram of a running time of performing a search method according to an embodiment of the present invention.
  • FIG. 6 is a schematic structural diagram of a ciphertext search system supporting access control provided by the prior art.
  • FIG. 1 shows a ciphertext search for supporting access control according to an embodiment of the present invention, including:
  • the client encrypts the file of the database by using a preset symmetric encryption algorithm to obtain an encrypted ciphertext, and builds an index on the encrypted ciphertext according to the file identifier of the file of the database, and encrypts the index to obtain the inclusion. Indexing the ciphertext database of the ciphertext, and sending the encrypted ciphertext and the ciphertext data to the cloud server;
  • the client receives a key ciphertext, a private key, and a search key set input when the user searches, and generates a trapdoor according to the key ciphertext, the private key, and the search keyword set, and the trapdoor Sending the gate to the cloud server;
  • the cloud server searches, according to the trapdoor, an index ciphertext corresponding to the trapdoor in a ciphertext database;
  • the client decrypts the index ciphertext by using a key, and uploads the decrypted file identifier to the cloud server, so that the cloud server returns the encrypted ciphertext corresponding to the file identifier. Decrypting the encrypted ciphertext using a preset symmetric encryption algorithm to obtain a search result;
  • the client displays the search result according to a preset display manner.
  • Ciphertext ct i ⁇ SE.Enc(r i ,f i )(i 1,2,...,d), and upload the encrypted ciphertext to the cloud server.
  • the data needs to be encrypted.
  • the encryption process specifically includes:
  • T an empty array of key set W indexes
  • Iii Define xtag as XSet is an element, calculate And add xtag to XSet;
  • step S101 a set of search keywords for a legitimate user whose attribute set is S is assumed
  • w 1 is the least frequent keyword in the search keyword set.
  • Step S102 specifically includes:
  • Trapdoor generation step TokenGeneration Specifically include:
  • the steps for generating messages include:
  • step S103 the search of the encrypted ciphertext is performed by the cloud server.
  • the cloud server searches in the previously generated ciphertext database EDB. , to obtain the search result, that is, the set of index ciphertext l, the search step Search (stag, (xtoken[1], xtoken[2], ...), EDB) includes:
  • step S104 the search result 1 is decrypted by using the key k to obtain a search result.
  • the decryption process Retrieve (l, k) specifically includes:
  • the user decrypts the search result l with the key k, and obtains the file identifier id i and the corresponding key r i ;
  • the embodiment of the present invention implements the foregoing functions through a client and a cloud server, and the client includes a handheld terminal or a personal computer.
  • the user inputs data to the database through the client, and the client can perform the step of encrypting the database to obtain the ciphertext database.
  • the ciphertext database is sent to the client, or The database is transmitted to the cloud service, and the database is encrypted by the cloud server to obtain a ciphertext database.
  • step S102 it is assumed that a legitimate user whose attribute set is S performs a search keyword set through the client. The search assumes that w 1 is the least frequent keyword in the search keyword set.
  • the user requests the key ciphertext C from the cloud server through the client, and generates a private key SK ⁇ ABE.KeyGen(MSK,S) through the PKG, and the client according to the key ciphertext C, the private key SK, and the search keyword set Generating a trapdoor and sending the trapdoor to the cloud server.
  • the cloud server performs a retrieval step. After the cloud server receives the trapdoor, the cloud server searches the ciphertext data according to the trapdoor to obtain an index key. Text. After the cloud service obtains the encrypted ciphertext, the index ciphertext is sent to the client, and the client performs step S104.
  • step S105 after completing the search step of step S101 to step S104, the client will display the search result according to a preset display manner.
  • the efficiency of the Sun scheme and the embodiment of the present invention are compared by experimental simulation.
  • the computer used in the simulation is 3.60GHz Inter(R)Core(TM)i7-4790CPU and 8.00GB RAM.
  • the operating system used is Windows 7.
  • the programming language is Java, which uses cpabe toolkit and Java. Pairing-Based Cryptography library (JPBC).
  • JPBC Pairing-Based Cryptography library
  • Grouping Database size Number of keywords Number of files per keyword 1 200 10 20 2 800 20 40 3 1500 30 50 4 3000 50 60 5 8000 100 80 6 20000 200 100
  • FIG. 2 shows the total computation time for the Sun scheme and the embodiment of the invention.
  • the total time cost in Sun's solution is much higher than the embodiment of the present invention, and increases exponentially with the increase of the database, and the time cost increases in the process of increasing the database in the embodiment of the present invention. The magnitude is small.
  • the total time cost in FIG. 2 mainly includes a ciphertext database initialization algorithm executed by the data owner, a trapdoor generation step executed by the user's client, and a search step performed by the cloud server, as shown in FIG. 3 and FIG. 4.
  • Figure 5 shows.
  • the time cost of the initialization algorithm of the Sun scheme in FIG. 3 is significantly higher than that of the embodiment of the present invention, and increases almost exponentially with the increase of the database, and the time cost increase of the embodiment of the present invention in the process of increasing the database. Smaller.
  • FIG. 6 shows a search system for supporting access control according to an embodiment of the present invention, including:
  • the client 601 the user encrypts the file of the database by using a preset symmetric encryption algorithm, obtains the encrypted ciphertext, builds an index on the encrypted ciphertext according to the file identifier of the file of the database, and encrypts the index to obtain a ciphertext database including an index ciphertext, the encrypted ciphertext and the ciphertext data are sent to the cloud server 602; and is further configured to receive a key ciphertext, a private key, and a search keyword set input by the user, according to the The key ciphertext, the private key, and the search key set generate a trapdoor, and send the trapdoor to the cloud server 602;
  • the cloud server 602 is configured to save the encrypted ciphertext and the ciphertext database, and is further configured to: retrieve, according to the trapdoor, an index ciphertext corresponding to the trapdoor in a ciphertext database; Find the corresponding encrypted ciphertext;
  • the client 601 is further configured to decrypt the index ciphertext by using a key, and upload the decrypted file identifier to the cloud server, so that the cloud server returns the encryption key corresponding to the file identifier. And decrypting the encrypted ciphertext by using a preset symmetric encryption algorithm to obtain a search result, and displaying the search result according to a preset display manner.
  • client 601 is specifically configured to:
  • the pseudo-random function is PRF F: ⁇ 0, 1 ⁇ ⁇ ⁇ ⁇ 0, 1 ⁇ ⁇ ⁇ ⁇ 0, 1 ⁇ ⁇ , PRP P: ⁇ 0, 1 ⁇ ⁇ ⁇ ⁇ 0, 1 ⁇ ⁇ ⁇ ⁇ 0, 1 ⁇ ⁇ indicates that the ciphertext database is represented by EDB, and the database is represented by DB.
  • Id i ⁇ 0,1 ⁇ ⁇ represents the file identifier
  • the file set Doc ⁇ f 1 ,f 2 ,...,f d ⁇
  • the symmetric encryption algorithm SE (Enc, Dec);
  • the counter c ⁇ 0 is initialized in a random order, and the index cipher rind ⁇ P(k, id i
  • the key ciphertext is represented by C, and the private key is represented by SK.
  • the trapdoor is represented by stag, xtoken[1], xtoken[2], ..., and the client 601 is used to:
  • the set of the index ciphertext is represented by l, and the cloud server 602 is specifically configured to:
  • Client 601 is also used to:
  • Id i sends to the server cloud
  • the embodiment of the present invention further provides a terminal, including a memory, a processor, and a computer program stored on the memory and running on the processor, wherein when the processor executes the computer program, the support shown in FIG. 1 is implemented. Access to each step in the controlled ciphertext search method.
  • the embodiment of the present invention further provides a readable storage medium, wherein the computer program is stored thereon, wherein when the computer program is executed by the processor, the ciphertext search method supporting the access control as shown in FIG. 1 is implemented. Each step in the process.
  • each functional module in each embodiment of the present invention may be integrated into one processing module, or each module may exist physically separately, or two or more modules may be integrated into one module.
  • the above integrated modules can be implemented in the form of hardware or in the form of software functional modules.
  • the integrated modules if implemented in the form of software functional modules and sold or used as separate products, may be stored in a computer readable storage medium.
  • the technical solution of the present invention which is essential or contributes to the prior art, or all or part of the technical solution, may be embodied in the form of a software product stored in a storage medium.
  • a number of instructions are included to cause a computer device (which may be a personal computer, server, or network device, etc.) to perform all or part of the steps of the methods described in various embodiments of the present invention.
  • the foregoing storage medium includes: a U disk, a mobile hard disk, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk, and the like. .

Abstract

A search method supporting access control, comprising: a client encrypting files of a database to obtain encrypted ciphertexts, constructing indices according to file identifiers and encrypting same, so as to obtain a ciphertext database; the client receiving a key ciphertext, a private key and a retrieval keyword set to generate a trap door; a cloud server retrieving a corresponding indexed ciphertext according the trap door; the client using the key to decrypt the indexed ciphertext, uploading the decrypted file identifier onto the cloud server to obtain an encrypted ciphertext, so as to decrypt the encrypted ciphertext, to obtain a search result; the client presenting the search result according to a preset presentation mode. The present invention uses attribute-based encryption to control the ability of a searching user to access data, while setting access control to the overall database instead of indices, thereby enabling calculation overheads taken to encrypt the database by a data owner to be greatly reduced whilst enabling a user to acquire a search trap door without the participation of the data owner.

Description

一种支持访问控制的密文搜索方法及系统Ciphertext search method and system supporting access control 技术领域Technical field
本发明属于数据处理技术领域,尤其涉及一种支持访问控制的密文搜索方法及系统。The invention belongs to the technical field of data processing, and in particular relates to a ciphertext search method and system supporting access control.
背景技术Background technique
云计算的出现,使用户能够享受无处不在,方便和按需的网络访问共享可配置的计算资源池,具有很高的效率和最小的经济开销。尽管云服务具有各种优势,将敏感信息(如电子邮件、个人健康记录、公司财务数据、政府文件等)外包给远程服务器也带来了隐私问题。用户一旦将数据上传到云服务器便失去了对数据的控制权,保存用户数据的云服务提供商CSP(Cloud Service Provider)可以在未经授权的情况下访问用户的敏感信息。所以,云安全已经成为一个挑战,也是决定云存储是否能更广泛应用的先决条件。如何享受云服务带给我们方便的同时,保持数据的隐私性成为目前迫切的问题。The emergence of cloud computing enables users to enjoy ubiquitous, convenient and on-demand network access to share configurable computing resource pools with high efficiency and minimal economic overhead. Despite the advantages of cloud services, outsourcing sensitive information (such as email, personal health records, corporate financial data, government documents, etc.) to remote servers presents privacy concerns. Once the user uploads the data to the cloud server, the user loses control of the data. The cloud service provider CSP (Cloud Service Provider) that stores the user data can access the user's sensitive information without authorization. Therefore, cloud security has become a challenge and a prerequisite for determining whether cloud storage can be more widely used. How to enjoy the cloud service brings us convenience, while maintaining the privacy of data has become an urgent issue.
为了保证用户数据的隐私性,阻止数据被未授权的用户或攻击者所窃取,最常见的方式是用户数据先加密,然后再存储到云服务器中。然而,加密数据已经破坏了明文所具有的搜索功能,面对云服务器当中大量的加密数据,如何有效搜索用户所需的数据已成为当前研究的热点问题。可搜索加密机制通过关键字查询陷门完成加密数据的搜索操作,由云服务器返回满足查询条件的加密文件集,用户在客户端解密后使用,能够同时保障数据保密性与搜索功能,实现安全存储与高效搜索之间的有机统一。In order to ensure the privacy of user data and prevent data from being stolen by unauthorized users or attackers, the most common way is to encrypt the user data and then store it in the cloud server. However, the encrypted data has already destroyed the search function of the plaintext. In the face of a large amount of encrypted data in the cloud server, how to effectively search the data required by the user has become a hot issue in current research. The searchable encryption mechanism performs the search operation of the encrypted data through the keyword query trapdoor, and the cloud server returns the encrypted file set that satisfies the query condition, and the user uses the decrypted file after the client decrypts, thereby ensuring the data confidentiality and the search function simultaneously, and realizing the secure storage. Organic unity with efficient search.
目前,可搜索加密主要分为对称可搜索加密和公钥可搜索加密。对称可搜索加密的构造通常基于伪随机函数,具有计算开销小、算法简单、速度快的特点。Sun等人引入属性基加密构造了一个能实施访问控制的对称可搜索加密方 案,方案先对密文数据执行快速搜索再对搜索用户访问数据的能力进行控制,但方案存在一定的缺陷。一方面,用户获取搜索陷门的过程需要数据拥有者参与,这就要求数据拥有者必须时刻在线;另一方面,每个关键字对应的每一个索引采用一个访问策略,在实现上需要大量的运算才能得以保证,故此导致数据拥有者产生加密数据库时开销很大。Currently, searchable encryption is mainly divided into symmetric searchable encryption and public key searchable encryption. The construction of symmetric searchable encryption is usually based on pseudo-random functions, and has the characteristics of small computational cost, simple algorithm and fast speed. Sun et al. introduced attribute-based encryption to construct a symmetric searchable encryption scheme that implements access control. The scheme first performs a fast search on ciphertext data and then controls the ability of the search user to access data, but the scheme has certain defects. On the one hand, the process of obtaining the search trapdoor requires the data owner to participate, which requires the data owner to be online at all times; on the other hand, each index corresponding to each keyword adopts an access policy, which requires a large amount of implementation. The operation can be guaranteed, which makes the data owner expensive to generate an encrypted database.
发明内容Summary of the invention
本发明所要解决的技术问题在于提供一种支持访问控制的密文搜索方法及系统,旨在解决现有技术在进行搜索时需要数据拥有者实时在线,需要大量的运算才能得以保证访问控制的问题。The technical problem to be solved by the present invention is to provide a ciphertext search method and system for supporting access control, which aims to solve the problem that the prior art requires the data owner to be online in real time when searching, and requires a large number of operations to ensure access control. .
本发明是这样实现的,一种支持访问控制的密文搜索方法,密文搜索系统包括客户端和云服务器,密文搜索方法包括:The present invention is implemented in this way, a ciphertext search method supporting access control, the ciphertext search system includes a client and a cloud server, and the ciphertext search method includes:
步骤A,客户端将数据库的文件使用预置的对称加密算法加密,得到加密密文,根据所述数据库的文件的文件标识符对所述加密密文构建索引,对所述索引进行加密,得到包含索引密文的密文数据库,将所述加密密文和所述密文数据发送至云服务器;Step A: The client encrypts the file of the database by using a preset symmetric encryption algorithm to obtain an encrypted ciphertext, and builds an index on the encrypted ciphertext according to the file identifier of the file of the database, and encrypts the index to obtain a ciphertext database including an index ciphertext, and sending the encrypted ciphertext and the ciphertext data to a cloud server;
步骤B,所述客户端接收用户搜索时输入的密钥密文、私钥和检索关键字集合,根据所述密钥密文、私钥和所述检索关键字集合生成陷门,将所述陷门发送给所述云服务器;Step B: The client receives a key ciphertext, a private key, and a search key set input when the user searches, and generates a trapdoor according to the key ciphertext, the private key, and the search keyword set, and the The trapdoor is sent to the cloud server;
步骤C,所述云服务器根据所述陷门,在密文数据库中检索所述陷门对应的索引密文;Step C: The cloud server searches, according to the trapdoor, an index ciphertext corresponding to the trapdoor in a ciphertext database;
步骤D,所述客户端利用密钥,对所述索引密文进行解密,将解密得到的文件标识符上传到所述云服务器,以使所述云服务器返回所述文件标识符对应的加密密文,使用预置的对称加密算法对所述加密密文进行解密,得到搜索结果;Step D: The client decrypts the index ciphertext by using a key, and uploads the decrypted file identifier to the cloud server, so that the cloud server returns the encryption key corresponding to the file identifier. And decrypting the encrypted ciphertext by using a preset symmetric encryption algorithm to obtain a search result;
步骤E,所述客户端按照预置展示方式展示所述搜索结果。In step E, the client displays the search result according to a preset display manner.
进一步地,所述步骤A包括:Further, the step A includes:
客户端接收数据库,使用伪随机函数对所述数据库中的文件进行加密,得到所述加密密文。The client receives the database and encrypts the file in the database using a pseudo-random function to obtain the encrypted ciphertext.
进一步地,所述伪随机函数以PRF F:{0,1} λ×{0,1} λ→{0,1} λ,PRP P:{0,1} λ×{0,1} λ→{0,1} λ表示,所述密文数据库以EDB表示,所述数据库以DB表示,
Figure PCTCN2018079918-appb-000001
id i∈{0,1} λ表示文件标识符、
Figure PCTCN2018079918-appb-000002
表示id i所包含的关键字集合,关键字集合
Figure PCTCN2018079918-appb-000003
文件集合Doc={f 1,f 2,…,f d},加密文件的密钥集合表示为R={r 1,r 2,…,r d},定义对称加密算法SE=(Enc,Dec),所述步骤A具体包括: Further, the pseudo-random function is PRF F: {0, 1} λ × {0, 1} λ → {0, 1} λ , PRP P: {0, 1} λ × {0, 1} λ → {0,1} λ indicates that the ciphertext database is represented by EDB, and the database is represented by DB.
Figure PCTCN2018079918-appb-000001
Id i ∈{0,1} λ represents the file identifier,
Figure PCTCN2018079918-appb-000002
Represents the set of keywords contained in id i , the set of keywords
Figure PCTCN2018079918-appb-000003
The file set Doc={f 1 ,f 2 ,...,f d }, the key set of the encrypted file is represented as R={r 1 , r 2 ,..., r d }, defining a symmetric encryption algorithm SE=(Enc,Dec The step A specifically includes:
在构建索引之前先用r i将f i加密,得到加密密文ct i←SE.Enc(r i,f i)(i=1,2,…,d); Encrypting f i with r i before constructing the index, to obtain encrypted ciphertext ct i ←SE.Enc(r i ,f i )(i=1,2,...,d);
设定密文访问控制权限,将所述加密密文上传到所述云服务器,所述密文访问控制权限的方案为属性基加密方案ABE=(Setup,Encrypt,KeyGen,Decrypt);The ciphertext access control authority is set, and the encrypted ciphertext is uploaded to the cloud server, and the ciphertext access control permission scheme is an attribute-based encryption scheme ABE=(Setup, Encrypt, KeyGen, Decrypt);
输入系统安全参数λ和全局属性集N,权威机构PKG运行(PK,MSK)←ABE.Setup(1 λ,N); Enter the system security parameter λ and the global attribute set N, the authority PKG runs (PK, MSK) ← ABE.Setup(1 λ , N);
为PRF F随机选择密钥k;Selecting the key k randomly for the PRF F;
定义关键字集合W索引的空数组T;Defining an empty array T of the keyword set W index;
将XSet定义为空集;Define XSet as an empty set;
对于每个w∈W,将t定义为空列表,并计算关键字密文stag←F(k,w);For each w∈W, define t as an empty list and calculate the keyword ciphertext stag←F(k,w);
初始化密钥k 1←F(k,1||w); Initialization key k 1 ←F(k,1||w);
对于DB中的所有id i,以随机顺序初始化计数器c←0,并计算索引密文rind←P(k,id i||r i),加密k 1得z←P(k 1,c),并定义y←rind·z -1,将(rind,y)加到t,定义xtag为XSet的元素,计算
Figure PCTCN2018079918-appb-000004
并将xtag加到XSet,c←c+1,T[stag]←t; For all id i in the DB, the counter c←0 is initialized in a random order, and the index cipher rind←P(k, id i ||r i ) is calculated, and the encryption k 1 is obtained by z←P(k 1 ,c), And define y←rind·z -1 , add (rind, y) to t, define xtag as the element of XSet, calculate
Figure PCTCN2018079918-appb-000004
And add xtag to XSet, c←c+1, T[stag]←t;
计算密文C←ABE.Encrypt(PK,k,Γ),得到EDB=(XSet,T,C),其中Γ为访问策 略。Calculate the ciphertext C←ABE.Encrypt(PK,k,Γ) and get EDB=(XSet,T,C), where Γ is the access policy.
进一步地,以
Figure PCTCN2018079918-appb-000005
表示所述检索关键字集合,
Figure PCTCN2018079918-appb-000006
以C表示所述密钥密文,SK表示所述私钥,以stag,xtoken[1],xtoken[2],…表示所述陷门,所述步骤B中,属性集合为S的用户对关键字集合
Figure PCTCN2018079918-appb-000007
进行检索,则步骤B具体包括: Further,
Figure PCTCN2018079918-appb-000005
Representing the search keyword set,
Figure PCTCN2018079918-appb-000006
The key ciphertext is represented by C, the private key is represented by SK, and the trapdoor is represented by stag, xtoken[1], xtoken[2], ..., in step B, the user pair of the attribute set is S Keyword collection
Figure PCTCN2018079918-appb-000007
To perform the search, step B specifically includes:
所述客户端根据用户的属性S生成私钥SK←ABE.KeyGen(MSK,S);The client generates a private key SK←ABE.KeyGen(MSK,S) according to the attribute S of the user;
根据所述密钥密文和所述私钥计算密钥k;Calculating a key k according to the key ciphertext and the private key;
判断所述用户的属性S满足所述密文数据库的访问策略Γ,若满足,则解密成功k←ABE.Decrypt(C,SK),得到密钥k,若不满足,则解密失败;Determining that the attribute S of the user satisfies the access policy of the ciphertext database. If yes, the decryption succeeds k←ABE.Decrypt(C,SK), and the key k is obtained. If not, the decryption fails;
生成关键字密文stag←F(k,w 1),及生成密钥k 1←F(k,1||w 1); Generating a keyword ciphertext stag←F(k, w 1 ), and generating a key k 1 ←F(k,1||w 1 );
当i=2,…,n,计算陷门元素
Figure PCTCN2018079918-appb-000008
得到所述陷门,即:xtoken[c]←(xtoken[c,2],xtoken[c,3],…,xtoken[c,n])。 When i=2,...,n, calculate the trapdoor element
Figure PCTCN2018079918-appb-000008
The trapdoor is obtained, namely: xtoken[c]←(xtoken[c,2], xtoken[c,3],...,xtoken[c,n]).
进一步地,以l表示所述索引密文的集合,步骤C包括:Further, a set of the index ciphertext is represented by l, and step C includes:
定义l,t为空集;Define l, t is an empty set;
判断等式T[stag]=stag是否成立,若成立,则t=T[stag];否不成立,则返回空集;Determine whether the equation T[stag]=stag is true, if it is established, then t=T[stag]; if not, return an empty set;
对于c=1,2,…,|t|,从t中的第c个元组检索(rind,y),若对于
Figure PCTCN2018079918-appb-000009
则l←l∪rind。 For c=1, 2,...,|t|, retrieve from the c-th tuple in t (rind, y), if
Figure PCTCN2018079918-appb-000009
Then l←l∪rind.
进一步地,所述步骤D包括:Further, the step D includes:
所述客户端使用密钥k解密索引密文的集合l,获取文件标识符id i和相应的密钥r i;对rind∈l,计算(id i||r i)←P -1(k,rind),得到搜索结果(id i,r i); The client decrypts the set l of the index ciphertext using the key k, obtains the file identifier id i and the corresponding key r i ; for the rind ∈ l, calculates (id i ||r i )←P -1 (k , rind), get the search results (id i , r i );
将id i发送给所述云服务器,得到所述云服务器返回的ct i=SE.Enc(r i,f i),用相应的对称密钥r i提取文件f i=SE.Dec(r i,ct i)。 Id i sends to the server cloud, the cloud server returns the obtained ct i = SE.Enc (r i, f i), f i = SE.Dec extract the files with the corresponding symmetric key r i (r i , ct i ).
本发明实施例还提供了一种支持访问控制的密文搜索系统,包括:The embodiment of the invention further provides a ciphertext search system supporting access control, comprising:
客户端,用户将数据库的文件使用预置的对称加密算法加密,得到加密密文,根据所述数据库的文件的文件标识符对所述加密密文构建索引,对所述索 引进行加密,得到包含索引密文的密文数据库,将所述加密密文和所述密文数据发送至云服务器进行包括;还用于接收用户搜索时输入的密钥密文、私钥和检索关键字集合,根据所述密钥密文、私钥和所述检索关键字集合生成陷门,将所述陷门发送给所述云服务器;The client encrypts the file of the database using a preset symmetric encryption algorithm to obtain an encrypted ciphertext, and builds an index on the encrypted ciphertext according to the file identifier of the file of the database, and encrypts the index to obtain the inclusion. Indexing the ciphertext database of the ciphertext, sending the encrypted ciphertext and the ciphertext data to the cloud server for inclusion; and receiving the key ciphertext, the private key, and the search keyword set input by the user during the search, according to The key ciphertext, the private key, and the search key set generate a trapdoor, and send the trapdoor to the cloud server;
所述云服务器,用于保存所述加密密文和所述密文数据库;还用于根据所述陷门,在密文数据库中检索所述陷门对应的索引密文;还用于根据文件标识符查找对应的加密密文;The cloud server is configured to save the encrypted ciphertext and the ciphertext database; and is further configured to retrieve, according to the trapdoor, an index ciphertext corresponding to the trapdoor in a ciphertext database; The identifier looks up the corresponding encrypted ciphertext;
所述客户端,还用于利用密钥,对所述索引密文进行解密,将解密得到的文件标识符上传到所述云服务器,以使所述云服务器返回所述文件标识符对应的加密密文,使用预置的对称加密算法对所述加密密文进行解密,得到搜索结果,按照预置展示方式展示所述搜索结果。The client is further configured to decrypt the index ciphertext by using a key, and upload the decrypted file identifier to the cloud server, so that the cloud server returns an encryption corresponding to the file identifier. The ciphertext decrypts the encrypted ciphertext using a preset symmetric encryption algorithm to obtain a search result, and displays the search result according to a preset display manner.
进一步地,所述客户端具体用于:Further, the client is specifically configured to:
接收数据库,使用伪随机函数对所述数据库中的文件进行加密,得到所述加密密文;Receiving a database, using a pseudo-random function to encrypt a file in the database to obtain the encrypted ciphertext;
所述伪随机函数以PRF F:{0,1} λ×{0,1} λ→{0,1} λ,PRP P:{0,1} λ×{0,1} λ→{0,1} λ表示,所述密文数据库以EDB表示,所述数据库以DB表示,
Figure PCTCN2018079918-appb-000010
id i∈{0,1} λ表示文件标识符、
Figure PCTCN2018079918-appb-000011
表示id i所包含的关键字集合,关键字集合
Figure PCTCN2018079918-appb-000012
文件集合Doc={f 1,f 2,…,f d},加密文件的密钥集合表示为R={r 1,r 2,…,r d},,定义对称加密算法SE=(Enc,Dec); The pseudo-random function is PRF F: {0, 1} λ × {0, 1} λ → {0, 1} λ , PRP P: {0, 1} λ × {0, 1} λ → {0, 1} λ indicates that the ciphertext database is represented by EDB, and the database is represented by DB.
Figure PCTCN2018079918-appb-000010
Id i ∈{0,1} λ represents the file identifier,
Figure PCTCN2018079918-appb-000011
Represents the set of keywords contained in id i , the set of keywords
Figure PCTCN2018079918-appb-000012
The file set Doc={f 1 ,f 2 ,...,f d }, the key set of the encrypted file is expressed as R={r 1 , r 2 ,..., r d }, and the symmetric encryption algorithm SE=(Enc, Dec);
在构建索引之前先用r i将f i加密,得到文件密文ct i←SE.Enc(r i,f i)(i=1,2,…,d); Encrypting f i with r i before constructing the index, and obtaining a file ciphertext ct i ←SE.Enc(r i ,f i )(i=1,2,...,d);
设定访问密文控制权限,将所述加密密文上传到云服务器,所述密文访问控制权限的方案为属性基加密方案ABE=(Setup,Encrypt,KeyGen,Decrypt);Setting the ciphertext control permission to upload the encrypted ciphertext to the cloud server, and the ciphertext access control permission scheme is an attribute-based encryption scheme ABE=(Setup, Encrypt, KeyGen, Decrypt);
输入系统安全参数λ和全局属性集N,权威机构PKG运行(PK,MSK)←ABE.Setup(1 λ,N): Enter the system security parameter λ and the global attribute set N, the authority PKG runs (PK, MSK) ← ABE.Setup(1 λ , N):
为PRF F随机选择密钥k;Selecting the key k randomly for the PRF F;
定义关键字集合W索引的空数组T;Defining an empty array T of the keyword set W index;
将XSet定义为空集;Define XSet as an empty set;
对于每个w∈W,将t定义为空列表,并计算关键字密文stag←F(k,w);For each w∈W, define t as an empty list and calculate the keyword ciphertext stag←F(k,w);
初始化密钥k 1←F(k,1||w); Initialization key k 1 ←F(k,1||w);
对于DB中的所有id i,以随机顺序初始化计数器c←0,并计算索引密文rind←P(k,id i||r i),加密k 1得z←P(k 1,c),并定义y←rind·z -1,将(rind,y)加到t,定义xtag为XSet的元素,计算
Figure PCTCN2018079918-appb-000013
并将xtag加到XSet,c←c+1,T[stag]←t; For all id i in the DB, the counter c←0 is initialized in a random order, and the index cipher rind←P(k, id i ||r i ) is calculated, and the encryption k 1 is obtained by z←P(k 1 ,c), And define y←rind·z -1 , add (rind, y) to t, define xtag as the element of XSet, calculate
Figure PCTCN2018079918-appb-000013
And add xtag to XSet, c←c+1, T[stag]←t;
计算密文C←ABE.Encrypt(PK,k,Γ),得到EDB=(XSet,T,C),其中Γ为访问策略。Calculate the ciphertext C←ABE.Encrypt(PK,k,Γ) and get EDB=(XSet,T,C), where Γ is the access strategy.
进一步地,以
Figure PCTCN2018079918-appb-000014
表示所述检索关键字集合,
Figure PCTCN2018079918-appb-000015
以C表示所述密钥密文,SK表示所述私钥,以stag,xtoken[1],xtoken[2],…表示所述陷门,所述客户端用于: Further,
Figure PCTCN2018079918-appb-000014
Representing the search keyword set,
Figure PCTCN2018079918-appb-000015
The key ciphertext is represented by C, and the private key is represented by SK, and the trapdoor is represented by stag, xtoken[1], xtoken[2], . . .
根据用户的属性S生成私钥SK←ABE.KeyGen(MSK,S);Generate a private key SK←ABE.KeyGen(MSK,S) according to the attribute S of the user;
根据所述密钥密文和所述私钥计算密钥k;判断所述用户的属性S满足所述密文数据库的访问策略Γ,若满足,则解密成功k←ABE.Decrypt(C,SK),得到密钥k,若不满足,则解密失败;Calculating a key k according to the key ciphertext and the private key; determining that the attribute S of the user satisfies an access policy of the ciphertext database, and if yes, decrypting succeeds k←ABE.Decrypt(C,SK ), get the key k, if not, the decryption fails;
生成关键字密文stag←F(k,w 1),及生成密钥k 1←F(k,1||w 1); Generating a keyword ciphertext stag←F(k, w 1 ), and generating a key k 1 ←F(k,1||w 1 );
当i=2,…,n,计算陷门元素
Figure PCTCN2018079918-appb-000016
得到所述陷门,即:xtoken[c]←(xtoken[c,2],xtoken[c,3],…,xtoken[c,n])。 When i=2,...,n, calculate the trapdoor element
Figure PCTCN2018079918-appb-000016
The trapdoor is obtained, namely: xtoken[c]←(xtoken[c,2], xtoken[c,3],...,xtoken[c,n]).
进一步地,以l表示所述索引密文的集合,所述云服务器具体用于:Further, a set of the index ciphertext is represented by l, and the cloud server is specifically configured to:
定义l,t为空集;Define l, t is an empty set;
判断等式T[stag]=stag是否成立,若成立,则t=T[stag];否不成立,则返回空集;Determine whether the equation T[stag]=stag is true, if it is established, then t=T[stag]; if not, return an empty set;
对于c=1,2,…,|t|,从t中的第c个元组检索(rind,y),若对于
Figure PCTCN2018079918-appb-000017
则l←l∪rind; For c=1, 2,...,|t|, retrieve from the c-th tuple in t (rind, y), if
Figure PCTCN2018079918-appb-000017
Then l←l∪rind;
所述客户端还用于:The client is also used to:
使用密钥k解密索引密文的集合l,获取文件标识符id i和相应的密钥r i;对rind∈l,计算(id i||r i)←P -1(k,rind),得到搜索结果(id i,r i); Decrypting the set l of the index ciphertext using the key k, obtaining the file identifier id i and the corresponding key r i ; for rind∈l, calculating (id i ||r i )←P -1 (k,rind), Get the search result (id i , r i );
将id i发送给所述云服务器,得到所述云服务器返回的ct i=SE.Enc(r i,f i),用相应的对称密钥r i提取文件f i=SE.Dec(r i,ct i)。 Id i sends to the server cloud, the cloud server returns the obtained ct i = SE.Enc (r i, f i), f i = SE.Dec extract the files with the corresponding symmetric key r i (r i , ct i ).
本发明与现有技术相比,有益效果在于:本发明实施例当检测到用户搜索时输入的密钥密文、私钥和检索关键字集合时,生成陷门,根据该陷门在密文数据库中搜索该陷门对应的索引密文,利用密钥对该索引密文进行解密,得到文件标识符,并根据文件标识符查找对应的加密密文,对加密密文进行解密得到搜索结果。本发明实施例在实施过程中,采用属性基加密对搜索用户访问数据的能力进行控制,但访问控制设定为整个数据库而非索引,能够大大减少数据拥有者加密数据库时的计算开销,同时用户获取搜索陷门的过程无需数据拥有者参与。本发明实施例解决了现有云存储服务存在的数据安全问题、高效密文搜索以及数据访问控制问题。Compared with the prior art, the present invention has the beneficial effects that: when detecting the key ciphertext, the private key, and the search key set input when the user searches, the trapdoor is generated according to the trapdoor in the ciphertext. Searching the index ciphertext corresponding to the trapdoor in the database, decrypting the index ciphertext by using a key, obtaining a file identifier, and searching for the corresponding encrypted ciphertext according to the file identifier, and decrypting the encrypted ciphertext to obtain a search result. In the implementation process, the attribute base encryption is used to control the ability of the search user to access the data, but the access control is set to the entire database instead of the index, which can greatly reduce the calculation overhead when the data owner encrypts the database, and the user The process of obtaining a search trap does not require data owner participation. The embodiment of the invention solves the data security problem, the efficient ciphertext search and the data access control problem existing in the existing cloud storage service.
附图说明DRAWINGS
图1是现有技术提供的一种支持访问控制的密文搜索方法的流程图;1 is a flowchart of a ciphertext search method for supporting access control provided by the prior art;
图2是本发明实施例提供的不同方法的总运行时间的示意图;2 is a schematic diagram of total running time of different methods provided by an embodiment of the present invention;
图3是本发明实施例提供的密文数据库初始化的运行时间示意图;3 is a schematic diagram of a running time of a ciphertext database initialization according to an embodiment of the present invention;
图4是本发明实施例提供的陷门生成过程与提取过程的运行时间示意图;4 is a schematic diagram of a running time of a trapdoor generation process and an extraction process according to an embodiment of the present invention;
图5是本发明实施例提供的执行搜索方法的运行时间示意图;FIG. 5 is a schematic diagram of a running time of performing a search method according to an embodiment of the present invention; FIG.
图6是现有技术提供的一种支持访问控制的密文搜索系统的结构示意图。FIG. 6 is a schematic structural diagram of a ciphertext search system supporting access control provided by the prior art.
具体实施方式detailed description
为了使本发明的目的、技术方案及优点更加清楚明白,以下结合附图及实施例,对本发明进行进一步详细说明。应当理解,此处所描述的具体实施例仅仅用以解释本发明,并不用于限定本发明。The present invention will be further described in detail below with reference to the accompanying drawings and embodiments. It is understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
图1示出了本发明实施例提供的一种支持访问控制的密文搜索,包括:FIG. 1 shows a ciphertext search for supporting access control according to an embodiment of the present invention, including:
S101,客户端将数据库的文件使用预置的对称加密算法加密,得到加密密文,根据所述数据库的文件的文件标识符对所述加密密文构建索引,对所述索引进行加密,得到包含索引密文的密文数据库,将所述加密密文和所述密文数据发送给云服务器;S101. The client encrypts the file of the database by using a preset symmetric encryption algorithm to obtain an encrypted ciphertext, and builds an index on the encrypted ciphertext according to the file identifier of the file of the database, and encrypts the index to obtain the inclusion. Indexing the ciphertext database of the ciphertext, and sending the encrypted ciphertext and the ciphertext data to the cloud server;
S102,所述客户端接收用户搜索时输入的密钥密文、私钥和检索关键字集合,根据所述密钥密文、私钥和所述检索关键字集合生成陷门,将所述陷门发送给所述云服务器;S102. The client receives a key ciphertext, a private key, and a search key set input when the user searches, and generates a trapdoor according to the key ciphertext, the private key, and the search keyword set, and the trapdoor Sending the gate to the cloud server;
S103,所述云服务器根据所述陷门,在密文数据库中检索所述陷门对应的索引密文;S103. The cloud server searches, according to the trapdoor, an index ciphertext corresponding to the trapdoor in a ciphertext database;
S104,所述客户端利用密钥,对所述索引密文进行解密,将解密得到的文件标识符上传到所述云服务器,以使所述云服务器返回所述文件标识符对应的加密密文,使用预置的对称加密算法对所述加密密文进行解密,得到搜索结果;S104. The client decrypts the index ciphertext by using a key, and uploads the decrypted file identifier to the cloud server, so that the cloud server returns the encrypted ciphertext corresponding to the file identifier. Decrypting the encrypted ciphertext using a preset symmetric encryption algorithm to obtain a search result;
S105,所述客户端按照预置展示方式展示所述搜索结果。S105. The client displays the search result according to a preset display manner.
假设本发明实施例提供的密文搜索系统有n个属性,用N={a 1,a 2,…,a n}表示。{0,1} d由长为d的0,1序列构成,{0,1} *由不定长的0,1序列构成,以λ表示安全参数,G 0表示素数阶为p、生成元为g的双线性群。定义数据库
Figure PCTCN2018079918-appb-000018
其中
Figure PCTCN2018079918-appb-000019
为文件标识符、
Figure PCTCN2018079918-appb-000020
所包含的关键字集合。定义全部关键字集合
Figure PCTCN2018079918-appb-000021
文件集合Doc={f 1,f 2,…,f d}、加密文件的密钥集合为R={r 1,r 2,…,r d}。 It is assumed that the ciphertext search system provided by the embodiment of the present invention has n attributes, which are represented by N={a 1 , a 2 , . . . , a n }. {0,1} d consists of 0,1 sequences of length d, {0,1} * consists of 0,1 sequences of indefinite length, with λ indicating the safety parameter, G 0 means that the prime order is p, and the generator is Bilinear group of g. Definition database
Figure PCTCN2018079918-appb-000018
among them
Figure PCTCN2018079918-appb-000019
As a file identifier,
Figure PCTCN2018079918-appb-000020
The collection of keywords included. Define all keyword collections
Figure PCTCN2018079918-appb-000021
The file set Doc={f 1 , f 2 , . . . , f d }, and the key set of the encrypted file is R={r 1 , r 2 , . . . , r d }.
在本发明实施例中,步骤S101具体包括:为了保障外包文件的机密性,定义对称加密算法SE=(Enc,Dec),数据拥有者在构建索引之前先用r i将f i加密,得到加密密文ct i←SE.Enc(r i,f i)(i=1,2,…,d),并将加密密文上传到云服务器。为了 实施访问控制,数据拥有者在上传数据之前需设定访问控制权限,定义所采用的密文访问控制方案为属性基加密方案ABE=(Setup,Encrypt,KeyGen,Decrypt)。输入搜索系统的安全参数λ和全局属性集N,权威机构PKG运行(PK,MSK)←ABE.Setup(1 λ,N)。定义伪随机函数PRF F:{0,1} λ×{0,1} λ→{0,1} λ,PRP P:{0,1} λ×{0,1} λ→{0,1} λIn the embodiment of the present invention, step S101 specifically includes: in order to ensure the confidentiality of the outsourced file, define a symmetric encryption algorithm SE=(Enc, Dec), and the data owner encrypts f i by using r i to obtain encryption before constructing the index. Ciphertext ct i ←SE.Enc(r i ,f i )(i=1,2,...,d), and upload the encrypted ciphertext to the cloud server. In order to implement access control, the data owner needs to set access control rights before uploading data, and define the ciphertext access control scheme used as the attribute-based encryption scheme ABE=(Setup, Encrypt, KeyGen, Decrypt). Enter the security parameter λ of the search system and the global attribute set N, and the authority PKG runs (PK, MSK) ← ABE.Setup(1 λ , N). Define the pseudo-random function PRF F: {0,1} λ ×{0,1} λ →{0,1} λ , PRP P:{0,1} λ ×{0,1} λ →{0,1} λ .
在本发明实施例中,在根据用户输入的检索关键字集合进行检索之前,需要对数据进行加密,加密的过程具体包括:In the embodiment of the present invention, before the search is performed according to the search keyword set input by the user, the data needs to be encrypted. The encryption process specifically includes:
输入数据库DB,输出密文数据库EDB,密文数据库初始化算法EDBSetup(DB)具体描述如下:Enter the database DB, output the ciphertext database EDB, and the ciphertext database initialization algorithm EDBSetup (DB) is described as follows:
1、为PRF F随机选择密钥k,并将DB表示为
Figure PCTCN2018079918-appb-000022
1. Select the key k randomly for PRF F and denote DB as
Figure PCTCN2018079918-appb-000022
2、将T定义为关键字集合W索引的空数组;2. Define T as an empty array of key set W indexes;
3、将XSet定义为空集;3. Define XSet as an empty set;
4、对于每个w∈W:4. For each w∈W:
a)、将t定义为空列表,并计算关键字密文stag←F(k,w);a), define t as an empty list, and calculate the keyword ciphertext stag←F(k,w);
b)、初始化密钥k 1←F(k,1||w); b), initialization key k 1 ←F(k,1||w);
c)、对于DB中的所有id i,以随机顺序初始化计数器c←0,然后: c), for all id i in the DB, initialize the counter c←0 in random order, then:
i、计算索引密文rind←P(k,id i||r i),加密k 1得z←P(k 1,c),并定义y←rind·z -1i. Calculate the index cipher rind←P(k, id i ||r i ), encrypt k 1 to get z←P(k 1 ,c), and define y←rind·z -1 ;
ii、将(rind,y)加到t;Ii, add (rind, y) to t;
iii、定义xtag为XSet是元素,计算
Figure PCTCN2018079918-appb-000023
并将xtag加到XSet; Iii. Define xtag as XSet is an element, calculate
Figure PCTCN2018079918-appb-000023
And add xtag to XSet;
iv、c←c+1;Iv, c←c+1;
d)、T[stag]←t;d), T[stag]←t;
5、计算密文C←ABE.Encrypt(PK,k,Γ),其中Γ为访问策略;5. Calculate the ciphertext C←ABE.Encrypt(PK,k,Γ), where Γ is the access strategy;
6、输出EDB=(XSet,T,C)。6. Output EDB=(XSet, T, C).
在上述步骤S101中,假设属性集合为S的合法用户用检索关键字集合
Figure PCTCN2018079918-appb-000024
进行搜索,假设w 1为检索关键字集合中频率最小的关键字。根据用户请求的密钥密文C,通过PKG生成私钥SK←ABE.KeyGen(MSK,S); In the above step S101, a set of search keywords for a legitimate user whose attribute set is S is assumed
Figure PCTCN2018079918-appb-000024
To perform a search, assume that w 1 is the least frequent keyword in the search keyword set. Generate a private key SK←ABE.KeyGen(MSK,S) through PKG according to the key ciphertext C requested by the user;
步骤S102具体包括:Step S102 specifically includes:
接收用户输入的C,SK,
Figure PCTCN2018079918-appb-000025
输出陷门stag,xtoken[1],xtoken[2],…; Receive user input C, SK,
Figure PCTCN2018079918-appb-000025
Output trapdoor stag, xtoken[1], xtoken[2],...;
陷门的生成步骤TokenGeneration
Figure PCTCN2018079918-appb-000026
具体包括: Trapdoor generation step TokenGeneration
Figure PCTCN2018079918-appb-000026
Specifically include:
1、计算k←ABE.Decrypt(C,SK)。若用户的属性S满足该密文数据库的访问策略Γ,则成功解密,得到密钥k;否则,返回null;1. Calculate k←ABE.Decrypt(C,SK). If the attribute S of the user satisfies the access policy of the ciphertext database, the user successfully decrypts and obtains the key k; otherwise, returns null;
2、消息(stag,xtoken[1],xtoken[2],…)生成步骤包括:2. The steps for generating messages (stag, xtoken[1], xtoken[2],...) include:
a)、生成关键字密文stag←F(k,w 1); a), generate a keyword ciphertext stag←F(k, w 1 );
b)、生成密钥k 1←F(k,1||w 1); b), generate a key k 1 ←F(k,1||w 1 );
c)、对计数器c=1,2,…直到云服务器停止;c), the counter c = 1, 2, ... until the cloud server stops;
i.对i=2,…,n,计算陷门元素
Figure PCTCN2018079918-appb-000027
i. Calculate the trapdoor element for i=2,...,n
Figure PCTCN2018079918-appb-000027
ii.有xtoken[c]←(xtoken[c,2],xtoken[c,3],…,xtoken[c,n]);Ii. There is xtoken[c]←(xtoken[c,2],xtoken[c,3],...,xtoken[c,n]);
在步骤S103中,通过云服务器执行加密密文的搜索,当步骤S102生成陷门(stag,xtoken[1],xtoken[2],…)后,云服务器在之前生成的密文数据库EDB中搜索,得到搜索结果,即索引密文的集合l,搜索步骤Search(stag,(xtoken[1],xtoken[2],…),EDB)包括:In step S103, the search of the encrypted ciphertext is performed by the cloud server. After the trapdoor (stag, xtoken[1], xtoken[2], ...) is generated in step S102, the cloud server searches in the previously generated ciphertext database EDB. , to obtain the search result, that is, the set of index ciphertext l, the search step Search (stag, (xtoken[1], xtoken[2], ...), EDB) includes:
1、定义l,t为空集;1. Define l, t is an empty set;
2、验证等式T[stag]=stag是否成立,若成立,则t=T[stag];否则,返回null;2. Verify that the equation T[stag]=stag is true. If it is true, then t=T[stag]; otherwise, return null;
3、对于c=1,2,…,|t|;3. For c=1, 2,...,|t|;
a)从t中的第c个元组检索(rind,y);a) retrieved from the c-th tuple in t (rind, y);
b)若对于
Figure PCTCN2018079918-appb-000028
令l←l∪rind。 b) If for
Figure PCTCN2018079918-appb-000028
Let l←l∪rind.
在步骤S104中,利用密钥k对搜索结果l进行解密,得到搜索结果,解密过 程Retrieve(l,k)具体包括:In step S104, the search result 1 is decrypted by using the key k to obtain a search result. The decryption process Retrieve (l, k) specifically includes:
1、用户用密钥k解密搜索结果l,获取文件标识符id i和相应的密钥r i1. The user decrypts the search result l with the key k, and obtains the file identifier id i and the corresponding key r i ;
2、对rind∈l:2. For rind∈l:
a)、计算(id i||r i)←P -1(k,rind); a), calculate (id i ||r i )←P -1 (k,rind);
b)、返回(id i,r i)。 b), return (id i , r i ).
3、将id i发送给云服务器,得到ct i=SE.Enc(r i,f i),用相应的对称密钥r i提取文件f i=SE.Dec(r i,ct i)。 3. Send id i to the cloud server, obtain ct i =SE.Enc(r i ,f i ), and extract the file f i =SE.Dec(r i , ct i ) with the corresponding symmetric key r i .
本发明实施例在具体应用时,通过客户端和云服务器实现上述功能,客户端包括手持终端或者个人电脑等。在步骤S101中,用户通过客户端输入数据至数据库,客户端可以执行对数据库进行加密得到密文数据库的步骤,客户端得到密文数据库后,将该密文数据库发送至客户端,也可以将该数据库传输至云服务,由云服务器进行数据库的加密,得到密文数据库。在步骤S102中,假设属性集合为S的合法用户通过客户端执行对检索关键字集合
Figure PCTCN2018079918-appb-000029
的搜索,假设w 1为检索关键字集合中频率最小的关键字。用户通过客户端从云服务器请求密钥密文C,并通过PKG生成私钥SK←ABE.KeyGen(MSK,S),客户端根据该密钥密文C、私钥SK和检索关键字集合
Figure PCTCN2018079918-appb-000030
生成陷门,并将该陷门发送给云服务器,在步骤S103中,云服务器执行检索步骤,当云服务器接收到陷门后,将根据该陷门在密文数据中进行检索,得到索引密文。云服务得到加密密文后,将该索引密文发送到客户端,由客户端执行步骤S104。在步骤S105中,当完成步骤S101到步骤S104的搜索步骤后,客户端将按照预先设置的展示方式展示该检索结果。 In a specific application, the embodiment of the present invention implements the foregoing functions through a client and a cloud server, and the client includes a handheld terminal or a personal computer. In step S101, the user inputs data to the database through the client, and the client can perform the step of encrypting the database to obtain the ciphertext database. After the client obtains the ciphertext database, the ciphertext database is sent to the client, or The database is transmitted to the cloud service, and the database is encrypted by the cloud server to obtain a ciphertext database. In step S102, it is assumed that a legitimate user whose attribute set is S performs a search keyword set through the client.
Figure PCTCN2018079918-appb-000029
The search assumes that w 1 is the least frequent keyword in the search keyword set. The user requests the key ciphertext C from the cloud server through the client, and generates a private key SK←ABE.KeyGen(MSK,S) through the PKG, and the client according to the key ciphertext C, the private key SK, and the search keyword set
Figure PCTCN2018079918-appb-000030
Generating a trapdoor and sending the trapdoor to the cloud server. In step S103, the cloud server performs a retrieval step. After the cloud server receives the trapdoor, the cloud server searches the ciphertext data according to the trapdoor to obtain an index key. Text. After the cloud service obtains the encrypted ciphertext, the index ciphertext is sent to the client, and the client performs step S104. In step S105, after completing the search step of step S101 to step S104, the client will display the search result according to a preset display manner.
在实际应用中,通过实验仿真比较了Sun方案和本发明实施例的效率。仿真所采用的计算机配置为3.60GHz的Inter(R)Core(TM)i7-4790CPU和8.00GB RAM,所采用的操作系统为Windows 7,所采用的编程语言为Java,其中使用cpabe工具包和Java Pairing-Based Cryptography library(JPBC)。具体地,本实验中采用安然邮件数据库评估方案性能,具体采用表1所示的实验参数分别 进行了六组实验。In practical applications, the efficiency of the Sun scheme and the embodiment of the present invention are compared by experimental simulation. The computer used in the simulation is 3.60GHz Inter(R)Core(TM)i7-4790CPU and 8.00GB RAM. The operating system used is Windows 7. The programming language is Java, which uses cpabe toolkit and Java. Pairing-Based Cryptography library (JPBC). Specifically, in this experiment, the Enron mail database was used to evaluate the performance of the program, and the experimental parameters shown in Table 1 were used to perform six sets of experiments.
表1实验参数Table 1 experimental parameters
分组Grouping 数据库大小Database size 关键字数量Number of keywords 含每个关键字文件数量Number of files per keyword
11 200200 1010 2020
22 800800 2020 4040
33 15001500 3030 5050
44 30003000 5050 6060
55 80008000 100100 8080
66 2000020000 200200 100100
图2显示了Sun方案和本发明实施例总的计算时间。从图2可以看出,Sun的方案中总的时间成本远远高于本本发明实施例,而且随着数据库的增大呈指数增长,而本本发明实施例在数据库增大的过程中时间成本增加幅度较小。Figure 2 shows the total computation time for the Sun scheme and the embodiment of the invention. As can be seen from FIG. 2, the total time cost in Sun's solution is much higher than the embodiment of the present invention, and increases exponentially with the increase of the database, and the time cost increases in the process of increasing the database in the embodiment of the present invention. The magnitude is small.
图2中总的时间成本主要包含由数据拥有者所执行的密文数据库初始化算法、由用户的客户端所执行的陷门生成步骤、由云服务器所执行的搜索步骤,分别如图3、图4、图5所示。图3中Sun方案的初始化算法的时间成本明显高于本发明实施例,而且随着数据库的增大几乎呈指数型增长,而本方案本发明实施例在数据库增大的过程中时间成本增加幅度较小。The total time cost in FIG. 2 mainly includes a ciphertext database initialization algorithm executed by the data owner, a trapdoor generation step executed by the user's client, and a search step performed by the cloud server, as shown in FIG. 3 and FIG. 4. Figure 5 shows. The time cost of the initialization algorithm of the Sun scheme in FIG. 3 is significantly higher than that of the embodiment of the present invention, and increases almost exponentially with the increase of the database, and the time cost increase of the embodiment of the present invention in the process of increasing the database. Smaller.
图4与图5中,Sun方案与本发明实施例的陷门生成步骤、搜索步骤的时间成本几乎相同,都随着数据库的增大都呈线性增长。In FIG. 4 and FIG. 5, the time cost of the trapdoor generation step and the search step of the Sun scheme and the embodiment of the present invention are almost the same, and both increase linearly with the increase of the database.
综上所述,实验结果表明本发明实施例比Sun方案计算效率更高。In summary, the experimental results show that the embodiment of the present invention is more efficient than the Sun scheme.
图6示出了本发明实施例提供的一种支持访问控制的搜索系统,包括:FIG. 6 shows a search system for supporting access control according to an embodiment of the present invention, including:
客户端601,用户将数据库的文件使用预置的对称加密算法加密,得到加密密文,根据所述数据库的文件的文件标识符对所述加密密文构建索引,对所述索引进行加密,得到包含索引密文的密文数据库,将所述加密密文和所述密文数据发送给云服务器602;还用于接收用户搜索时输入的密钥密文、私钥和检索关键字集合,根据所述密钥密文、私钥和所述检索关键字集合生成陷门, 将所述陷门发送给云服务器602;The client 601, the user encrypts the file of the database by using a preset symmetric encryption algorithm, obtains the encrypted ciphertext, builds an index on the encrypted ciphertext according to the file identifier of the file of the database, and encrypts the index to obtain a ciphertext database including an index ciphertext, the encrypted ciphertext and the ciphertext data are sent to the cloud server 602; and is further configured to receive a key ciphertext, a private key, and a search keyword set input by the user, according to the The key ciphertext, the private key, and the search key set generate a trapdoor, and send the trapdoor to the cloud server 602;
云服务器602,用于保存所述加密密文和所述密文数据库;还用于根据所述陷门,在密文数据库中检索所述陷门对应的索引密文;还用于根据文件标识符查找对应的加密密文;The cloud server 602 is configured to save the encrypted ciphertext and the ciphertext database, and is further configured to: retrieve, according to the trapdoor, an index ciphertext corresponding to the trapdoor in a ciphertext database; Find the corresponding encrypted ciphertext;
客户端601,还用于利用密钥,对所述索引密文进行解密,将解密得到的文件标识符上传到所述云服务器,以使所述云服务器返回所述文件标识符对应的加密密文,使用预置的对称加密算法对所述加密密文进行解密,得到搜索结果,按照预置展示方式展示所述搜索结果。The client 601 is further configured to decrypt the index ciphertext by using a key, and upload the decrypted file identifier to the cloud server, so that the cloud server returns the encryption key corresponding to the file identifier. And decrypting the encrypted ciphertext by using a preset symmetric encryption algorithm to obtain a search result, and displaying the search result according to a preset display manner.
进一步地,客户端601具体用于:Further, the client 601 is specifically configured to:
接收数据库,使用伪随机函数对所述数据库中的文件进行加密,得到所述加密密文;Receiving a database, using a pseudo-random function to encrypt a file in the database to obtain the encrypted ciphertext;
所述伪随机函数以PRF F:{0,1} λ×{0,1} λ→{0,1} λ,PRP P:{0,1} λ×{0,1} λ→{0,1} λ表示,所述密文数据库以EDB表示,所述数据库以DB表示,
Figure PCTCN2018079918-appb-000031
id i∈{0,1} λ表示文件标识符、
Figure PCTCN2018079918-appb-000032
表示id i所包含的关键字集合,关键字集合
Figure PCTCN2018079918-appb-000033
文件集合Doc={f 1,f 2,…,f d},加密文件的密钥集合表示为R={r 1,r 2,…,r d},,定义对称加密算法SE=(Enc,Dec); The pseudo-random function is PRF F: {0, 1} λ × {0, 1} λ → {0, 1} λ , PRP P: {0, 1} λ × {0, 1} λ → {0, 1} λ indicates that the ciphertext database is represented by EDB, and the database is represented by DB.
Figure PCTCN2018079918-appb-000031
Id i ∈{0,1} λ represents the file identifier,
Figure PCTCN2018079918-appb-000032
Represents the set of keywords contained in id i , the set of keywords
Figure PCTCN2018079918-appb-000033
The file set Doc={f 1 ,f 2 ,...,f d }, the key set of the encrypted file is expressed as R={r 1 , r 2 ,..., r d }, and the symmetric encryption algorithm SE=(Enc, Dec);
在构建索引之前先用r i将f i加密,得到文件密文ct i←SE.Enc(r i,f i)(i=1,2,…,d); Encrypting f i with r i before constructing the index, and obtaining a file ciphertext ct i ←SE.Enc(r i ,f i )(i=1,2,...,d);
设定访问密文控制权限,将所述加密密文上传到云服务器,所述密文访问控制权限的方案为属性基加密方案ABE=(Setup,Encrypt,KeyGen,Decrypt);Setting the ciphertext control permission to upload the encrypted ciphertext to the cloud server, and the ciphertext access control permission scheme is an attribute-based encryption scheme ABE=(Setup, Encrypt, KeyGen, Decrypt);
输入系统安全参数λ和全局属性集N,权威机构PKG运行(PK,MSK)←ABE.Setup(1 λ,N): Enter the system security parameter λ and the global attribute set N, the authority PKG runs (PK, MSK) ← ABE.Setup(1 λ , N):
为PRF F随机选择密钥k;Selecting the key k randomly for the PRF F;
定义关键字集合W索引的空数组T;Defining an empty array T of the keyword set W index;
将XSet定义为空集;Define XSet as an empty set;
对于每个w∈W,将t定义为空列表,并计算关键字密文stag←F(k,w);For each w∈W, define t as an empty list and calculate the keyword ciphertext stag←F(k,w);
初始化密钥k 1←F(k,1||w); Initialization key k 1 ←F(k,1||w);
对于DB中的所有id i,以随机顺序初始化计数器c←0,并计算索引密文rind←P(k,id i||r i),加密k 1得z←P(k 1,c),并定义y←rind·z -1,将(rind,y)加到t,定义xtag为XSet的元素,计算
Figure PCTCN2018079918-appb-000034
并将xtag加到XSet,c←c+1,T[stag]←t; For all id i in the DB, the counter c←0 is initialized in a random order, and the index cipher rind←P(k, id i ||r i ) is calculated, and the encryption k 1 is obtained by z←P(k 1 ,c), And define y←rind·z -1 , add (rind, y) to t, define xtag as the element of XSet, calculate
Figure PCTCN2018079918-appb-000034
And add xtag to XSet, c←c+1, T[stag]←t;
计算密文C←ABE.Encrypt(PK,k,Γ),得到EDB=(XSet,T,C),其中Γ为访问策略。Calculate the ciphertext C←ABE.Encrypt(PK,k,Γ) and get EDB=(XSet,T,C), where Γ is the access strategy.
进一步地,以
Figure PCTCN2018079918-appb-000035
表示所述检索关键字集合,
Figure PCTCN2018079918-appb-000036
以C表示所述密钥密文,SK表示所述私钥,以stag,xtoken[1],xtoken[2],…表示所述陷门,客户端601用于: Further,
Figure PCTCN2018079918-appb-000035
Representing the search keyword set,
Figure PCTCN2018079918-appb-000036
The key ciphertext is represented by C, and the private key is represented by SK. The trapdoor is represented by stag, xtoken[1], xtoken[2], ..., and the client 601 is used to:
根据用户的属性S生成私钥SK←ABE.KeyGen(MSK,S);Generate a private key SK←ABE.KeyGen(MSK,S) according to the attribute S of the user;
根据所述密钥密文和所述私钥计算密钥k;判断所述用户的属性S满足所述密文数据库的访问策略Γ,若满足,则解密成功k←ABE.Decrypt(C,SK),得到密钥k,若不满足,则解密失败;Calculating a key k according to the key ciphertext and the private key; determining that the attribute S of the user satisfies an access policy of the ciphertext database, and if yes, decrypting succeeds k←ABE.Decrypt(C,SK ), get the key k, if not, the decryption fails;
生成关键字密文stag←F(k,w 1),及生成密钥k 1←F(k,1||w 1); Generating a keyword ciphertext stag←F(k, w 1 ), and generating a key k 1 ←F(k,1||w 1 );
当i=2,…,n,计算陷门元素
Figure PCTCN2018079918-appb-000037
得到所述陷门,即:xtoken[c]←(xtoken[c,2],xtoken[c,3],…,xtoken[c,n])。 When i=2,...,n, calculate the trapdoor element
Figure PCTCN2018079918-appb-000037
The trapdoor is obtained, namely: xtoken[c]←(xtoken[c,2], xtoken[c,3],...,xtoken[c,n]).
进一步地,以l表示所述索引密文的集合,云服务器602具体用于:Further, the set of the index ciphertext is represented by l, and the cloud server 602 is specifically configured to:
定义l,t为空集;Define l, t is an empty set;
判断等式T[stag]=stag是否成立,若成立,则t=T[stag];否不成立,则返回空集;Determine whether the equation T[stag]=stag is true, if it is established, then t=T[stag]; if not, return an empty set;
对于c=1,2,…,|t|,从t中的第c个元组检索(rind,y),若对于
Figure PCTCN2018079918-appb-000038
则l←l∪rind; For c=1, 2,...,|t|, retrieve from the c-th tuple in t (rind, y), if
Figure PCTCN2018079918-appb-000038
Then l←l∪rind;
客户端601还用于: Client 601 is also used to:
使用密钥k解密索引密文的集合l,获取文件标识符id i和相应的密钥r i;对rind∈l,计算(id i||r i)←P -1(k,rind),得到搜索结果(id i,r i); Decrypting the set l of the index ciphertext using the key k, obtaining the file identifier id i and the corresponding key r i ; for rind∈l, calculating (id i ||r i )←P -1 (k,rind), Get the search result (id i , r i );
将id i发送给所述云服务器,得到所述云服务器返回的ct i=SE.Enc(r i,f i),用相应的对称密钥r i提取文件f i=SE.Dec(r i,ct i)。 Id i sends to the server cloud, the cloud server returns the obtained ct i = SE.Enc (r i, f i), f i = SE.Dec extract the files with the corresponding symmetric key r i (r i , ct i ).
本发明实施例还提供了一种终端,包括存储器、处理器及存储在存储器上且在处理器上运行的计算机程序,其特征在于,处理器执行计算机程序时,实现如图1所示的支持访问控制的密文搜索方法中的各个步骤。The embodiment of the present invention further provides a terminal, including a memory, a processor, and a computer program stored on the memory and running on the processor, wherein when the processor executes the computer program, the support shown in FIG. 1 is implemented. Access to each step in the controlled ciphertext search method.
本发明实施例中还提供一种可读存储介质,其上存储有计算机程序,其特征在于,所述计算机程序被处理器执行时,实现如图1所示的支持访问控制的密文搜索方法中的各个步骤。The embodiment of the present invention further provides a readable storage medium, wherein the computer program is stored thereon, wherein when the computer program is executed by the processor, the ciphertext search method supporting the access control as shown in FIG. 1 is implemented. Each step in the process.
另外,在本发明各个实施例中的各功能模块可以集成在一个处理模块中,也可以是各个模块单独物理存在,也可以两个或两个以上模块集成在一个模块中。上述集成的模块既可以采用硬件的形式实现,也可以采用软件功能模块的形式实现。In addition, each functional module in each embodiment of the present invention may be integrated into one processing module, or each module may exist physically separately, or two or more modules may be integrated into one module. The above integrated modules can be implemented in the form of hardware or in the form of software functional modules.
所述集成的模块如果以软件功能模块的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本发明的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的全部或部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本发明各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、磁碟或者光盘等各种可以存储程序代码的介质。The integrated modules, if implemented in the form of software functional modules and sold or used as separate products, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention, which is essential or contributes to the prior art, or all or part of the technical solution, may be embodied in the form of a software product stored in a storage medium. A number of instructions are included to cause a computer device (which may be a personal computer, server, or network device, etc.) to perform all or part of the steps of the methods described in various embodiments of the present invention. The foregoing storage medium includes: a U disk, a mobile hard disk, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk, and the like. .
以上所述仅为本发明的较佳实施例而已,并不用以限制本发明,凡在本发明的精神和原则之内所作的任何修改、等同替换和改进等,均应包含在本发明的保护范围之内。The above is only the preferred embodiment of the present invention, and is not intended to limit the present invention. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present invention should be included in the protection of the present invention. Within the scope.

Claims (10)

  1. 一种支持访问控制的密文搜索方法,其特征在于,密文搜索系统包括客户端和云服务器,密文搜索方法包括:A ciphertext search method for supporting access control, characterized in that the ciphertext search system comprises a client and a cloud server, and the ciphertext search method comprises:
    步骤A,客户端将数据库的文件使用预置的对称加密算法加密,得到加密密文,根据所述数据库的文件的文件标识符对所述加密密文构建索引,对所述索引进行加密,得到包含索引密文的密文数据库,将所述加密密文和所述密文数据发送给云服务器;Step A: The client encrypts the file of the database by using a preset symmetric encryption algorithm to obtain an encrypted ciphertext, and builds an index on the encrypted ciphertext according to the file identifier of the file of the database, and encrypts the index to obtain a ciphertext database including an index ciphertext, and sending the encrypted ciphertext and the ciphertext data to a cloud server;
    步骤B,所述客户端接收用户搜索时输入的密钥密文、私钥和检索关键字集合,根据所述密钥密文、私钥和所述检索关键字集合生成陷门,将所述陷门发送给所述云服务器;Step B: The client receives a key ciphertext, a private key, and a search key set input when the user searches, and generates a trapdoor according to the key ciphertext, the private key, and the search keyword set, and the The trapdoor is sent to the cloud server;
    步骤C,所述云服务器根据所述陷门,在密文数据库中检索所述陷门对应的索引密文;Step C: The cloud server searches, according to the trapdoor, an index ciphertext corresponding to the trapdoor in a ciphertext database;
    步骤D,所述客户端利用密钥,对所述索引密文进行解密,将解密得到的文件标识符上传到所述云服务器,以使所述云服务器返回所述文件标识符对应的加密密文,使用预置的对称加密算法对所述加密密文进行解密,得到搜索结果;Step D: The client decrypts the index ciphertext by using a key, and uploads the decrypted file identifier to the cloud server, so that the cloud server returns the encryption key corresponding to the file identifier. And decrypting the encrypted ciphertext by using a preset symmetric encryption algorithm to obtain a search result;
    步骤E,所述客户端按照预置展示方式展示所述搜索结果。In step E, the client displays the search result according to a preset display manner.
  2. 如权利要求1所述的密文搜索方法,其特征在于,所述步骤A包括:The ciphertext search method according to claim 1, wherein said step A comprises:
    客户端接收数据库,使用伪随机函数对所述数据库中的文件进行加密,得到所述加密密文。The client receives the database and encrypts the file in the database using a pseudo-random function to obtain the encrypted ciphertext.
  3. 如权利要求2所述的密文搜索方法,其特征在于,所述伪随机函数以PRF F:{0,1} λ×{0,1} λ→{0,1} λ,PRP P:{0,1} λ×{0,1} λ→{0,1} λ表示,所述密文数据库以EDB表示,所述数据库以DB表示,
    Figure PCTCN2018079918-appb-100001
    id i∈{0,1} λ表示文件标识符、
    Figure PCTCN2018079918-appb-100002
    表示id i所包含的关键字集合,关键字集合
    Figure PCTCN2018079918-appb-100003
    文件集合Doc={f 1,f 2,…,f d},加密文件的密钥集合表示为R={r 1,r 2,…,r d},定义对称加密算 法SE=(Enc,Dec),所述步骤A具体包括:     A ciphertext search method according to claim 2, wherein said pseudo-random function is PRF F: {0, 1} λ × {0, 1} λ → {0, 1} λ , PRP P: { 0,1} λ ×{0,1} λ →{0,1} λ indicates that the ciphertext database is represented by EDB, and the database is represented by DB.
    Figure PCTCN2018079918-appb-100001
    Id i ∈{0,1} λ represents the file identifier,
    Figure PCTCN2018079918-appb-100002
    Represents the set of keywords contained in id i , the set of keywords
    Figure PCTCN2018079918-appb-100003
    The file set Doc={f 1 ,f 2 ,...,f d }, the key set of the encrypted file is represented as R={r 1 , r 2 ,..., r d }, defining a symmetric encryption algorithm SE=(Enc,Dec The step A specifically includes:
    在构建索引之前先用r i将f i加密,得到加密密文ct i←SE.Enc(r i,f i)(i=1,2,…,d); Encrypting f i with r i before constructing the index, to obtain encrypted ciphertext ct i ←SE.Enc(r i ,f i )(i=1,2,...,d);
    设定密文访问控制权限,将所述加密密文上传到所述云服务器,所述密文访问控制权限的方案为属性基加密方案ABE=(Setup,Encrypt,KeyGen,Decrypt);The ciphertext access control authority is set, and the encrypted ciphertext is uploaded to the cloud server, and the ciphertext access control permission scheme is an attribute-based encryption scheme ABE=(Setup, Encrypt, KeyGen, Decrypt);
    输入系统安全参数λ和全局属性集N,权威机构PKG运行(PK,MSK)←ABE.Setup(1 λ,N); Enter the system security parameter λ and the global attribute set N, the authority PKG runs (PK, MSK) ← ABE.Setup(1 λ , N);
    为PRF F随机选择密钥k;Selecting the key k randomly for the PRF F;
    定义关键字集合W索引的空数组T;Defining an empty array T of the keyword set W index;
    将XSet定义为空集;Define XSet as an empty set;
    对于每个w∈W,将t定义为空列表,并计算关键字密文stag←F(k,w);For each w∈W, define t as an empty list and calculate the keyword ciphertext stag←F(k,w);
    初始化密钥k 1←F(k,1||w); Initialization key k 1 ←F(k,1||w);
    对于DB中的所有id i,以随机顺序初始化计数器c←0,并计算索引密文rind←P(k,id i||r i),加密k 1得z←P(k 1,c),并定义y←rind·z -1,将(rind,y)加到t,定义xtag为XSet的元素,计算
    Figure PCTCN2018079918-appb-100004
    并将xtag加到XSet,c←c+1,T[stag]←t;     For all id i in the DB, the counter c←0 is initialized in a random order, and the index cipher rind←P(k, id i ||r i ) is calculated, and the encryption k 1 is obtained by z←P(k 1 ,c), And define y←rind·z -1 , add (rind, y) to t, define xtag as the element of XSet, calculate
    Figure PCTCN2018079918-appb-100004
    And add xtag to XSet, c←c+1, T[stag]←t;
    计算密文C←ABE.Encrypt(PK,k,Γ),得到EDB=(XSet,T,C),其中Γ为访问策略。Calculate the ciphertext C←ABE.Encrypt(PK,k,Γ) and get EDB=(XSet,T,C), where Γ is the access strategy.
  4. 如权利要求3所述的密文搜索方法,其特征在于,以
    Figure PCTCN2018079918-appb-100005
    表示所述检索关键字集合,
    Figure PCTCN2018079918-appb-100006
    以C表示所述密钥密文,SK表示所述私钥,以stag,xtoken[1],xtoken[2],…表示所述陷门,所述步骤B中,属性集合为S的用户对关键字集合
    Figure PCTCN2018079918-appb-100007
    进行检索,则步骤B具体包括:     A ciphertext search method according to claim 3, wherein
    Figure PCTCN2018079918-appb-100005
    Representing the search keyword set,
    Figure PCTCN2018079918-appb-100006
    The key ciphertext is represented by C, the private key is represented by SK, and the trapdoor is represented by stag, xtoken[1], xtoken[2], ..., in step B, the user pair of the attribute set is S Keyword collection
    Figure PCTCN2018079918-appb-100007
    To perform the search, step B specifically includes:
    所述客户端根据用户的属性S生成私钥SK←ABE.KeyGen(MSK,S);The client generates a private key SK←ABE.KeyGen(MSK,S) according to the attribute S of the user;
    根据所述密钥密文和所述私钥计算密钥k;Calculating a key k according to the key ciphertext and the private key;
    判断所述用户的属性S满足所述密文数据库的访问策略Γ,若满足,则解 密成功k←ABE.Decrypt(C,SK),得到密钥k,若不满足,则解密失败;Determining that the attribute S of the user satisfies the access policy of the ciphertext database. If yes, the decryption succeeds k←ABE.Decrypt(C,SK), and the key k is obtained. If not, the decryption fails;
    生成关键字密文stag←F(k,w 1),及生成密钥k 1←F(k,1||w 1); Generating a keyword ciphertext stag←F(k, w 1 ), and generating a key k 1 ←F(k,1||w 1 );
    当i=2,…,n,计算陷门元素
    Figure PCTCN2018079918-appb-100008
    得到所述陷门,即:xtoken[c]←(xtoken[c,2],xtoken[c,3],…,xtoken[c,n])。     When i=2,...,n, calculate the trapdoor element
    Figure PCTCN2018079918-appb-100008
    The trapdoor is obtained, namely: xtoken[c]←(xtoken[c,2], xtoken[c,3],...,xtoken[c,n]).
  5. 如权利要求4所述的密文搜索方法,其特征在于,以l表示所述索引密文的集合,步骤C包括:The ciphertext search method according to claim 4, wherein the set of the index ciphertext is represented by 1, and the step C comprises:
    定义l,t为空集;Define l, t is an empty set;
    判断等式T[stag]=stag是否成立,若成立,则t=T[stag];否不成立,则返回空集;Determine whether the equation T[stag]=stag is true, if it is established, then t=T[stag]; if not, return an empty set;
    对于c=1,2,…,|t|,从t中的第c个元组检索(rind,y),若对于
    Figure PCTCN2018079918-appb-100009
    则l←l∪rind。     For c=1, 2,...,|t|, retrieve from the c-th tuple in t (rind, y), if
    Figure PCTCN2018079918-appb-100009
    Then l←l∪rind.
  6. 如权利要求5所述的密文搜索方法,其特征在于,所述步骤D包括:The ciphertext search method according to claim 5, wherein the step D comprises:
    所述客户端使用密钥k解密索引密文的集合l,获取文件标识符id i和相应的密钥r i;对rind∈l,计算(id i||r i)←P -1(k,rind),得到搜索结果(id i,r i); The client decrypts the set l of the index ciphertext using the key k, obtains the file identifier id i and the corresponding key r i ; for the rind ∈ l, calculates (id i ||r i )←P -1 (k , rind), get the search results (id i , r i );
    将id i发送给所述云服务器,得到所述云服务器返回的ct i=SE.Enc(r i,f i),用相应的对称密钥r i提取文件f i=SE.Dec(r i,ct i)。 Id i sends to the server cloud, the cloud server returns the obtained ct i = SE.Enc (r i, f i), f i = SE.Dec extract the files with the corresponding symmetric key r i (r i , ct i ).
  7. 一种支持访问控制的密文搜索系统,其特征在于,包括:A ciphertext search system supporting access control, comprising:
    客户端,用户将数据库的文件使用预置的对称加密算法加密,得到加密密文,根据所述数据库的文件的文件标识符对所述加密密文构建索引,对所述索引进行加密,得到包含索引密文的密文数据库,将所述加密密文和所述密文数据发送给云服务器;还用于接收用户搜索时输入的密钥密文、私钥和检索关键字集合,根据所述密钥密文、私钥和所述检索关键字集合生成陷门,将所述陷门发送给所述云服务器;The client encrypts the file of the database using a preset symmetric encryption algorithm to obtain an encrypted ciphertext, and builds an index on the encrypted ciphertext according to the file identifier of the file of the database, and encrypts the index to obtain the inclusion. Indexing the ciphertext database of the ciphertext, sending the encrypted ciphertext and the ciphertext data to the cloud server; and receiving the key ciphertext, the private key, and the search key set input by the user during the search, according to the Generating a ciphertext, a private key, and the set of search keywords to generate a trapdoor, and sending the trapdoor to the cloud server;
    所述云服务器,用于保存所述加密密文和所述密文数据库;还用于根据所述陷门,在密文数据库中检索所述陷门对应的索引密文;还用于根据文件标识符查找对应的加密密文;The cloud server is configured to save the encrypted ciphertext and the ciphertext database; and is further configured to retrieve, according to the trapdoor, an index ciphertext corresponding to the trapdoor in a ciphertext database; The identifier looks up the corresponding encrypted ciphertext;
    所述客户端,还用于利用密钥,对所述索引密文进行解密,将解密得到的文件标识符上传到所述云服务器,以使所述云服务器返回所述文件标识符对应的加密密文,使用预置的对称加密算法对所述加密密文进行解密,得到搜索结果,按照预置展示方式展示所述搜索结果。The client is further configured to decrypt the index ciphertext by using a key, and upload the decrypted file identifier to the cloud server, so that the cloud server returns an encryption corresponding to the file identifier. The ciphertext decrypts the encrypted ciphertext using a preset symmetric encryption algorithm to obtain a search result, and displays the search result according to a preset display manner.
  8. 如权利要求7所述的密文搜索系统,其特征在于,所述客户端具体用于:The ciphertext search system according to claim 7, wherein the client is specifically configured to:
    接收数据库,使用伪随机函数对所述数据库中的文件进行加密,得到所述加密密文;Receiving a database, using a pseudo-random function to encrypt a file in the database to obtain the encrypted ciphertext;
    所述伪随机函数以PRF F:{0,1} λ×{0,1} λ→{0,1} λ,PRP P:{0,1} λ×{0,1} λ→{0,1} λ表示,所述密文数据库以EDB表示,所述数据库以DB表示,
    Figure PCTCN2018079918-appb-100010
    id i∈{0,1} λ表示文件标识符、
    Figure PCTCN2018079918-appb-100011
    表示id i所包含的关键字集合,关键字集合
    Figure PCTCN2018079918-appb-100012
    文件集合Doc={f 1,f 2,…,f d},加密文件的密钥集合表示为R={r 1,r 2,…,r d},,定义对称加密算法SE=(Enc,Dec);     The pseudo-random function is PRF F: {0, 1} λ × {0, 1} λ → {0, 1} λ , PRP P: {0, 1} λ × {0, 1} λ → {0, 1} λ indicates that the ciphertext database is represented by EDB, and the database is represented by DB.
    Figure PCTCN2018079918-appb-100010
    Id i ∈{0,1} λ represents the file identifier,
    Figure PCTCN2018079918-appb-100011
    Represents the set of keywords contained in id i , the set of keywords
    Figure PCTCN2018079918-appb-100012
    The file set Doc={f 1 ,f 2 ,...,f d }, the key set of the encrypted file is expressed as R={r 1 , r 2 ,..., r d }, and the symmetric encryption algorithm SE=(Enc, Dec);
    在构建索引之前先用r i将f i加密,得到文件密文ct i←SE.Enc(r i,f i)(i=1,2,…,d); Encrypting f i with r i before constructing the index, and obtaining a file ciphertext ct i ←SE.Enc(r i ,f i )(i=1,2,...,d);
    设定访问密文控制权限,将所述加密密文上传到云服务器,所述密文访问控制权限的方案为属性基加密方案ABE=(Setup,Encrypt,KeyGen,Decrypt);Setting the ciphertext control permission to upload the encrypted ciphertext to the cloud server, and the ciphertext access control permission scheme is an attribute-based encryption scheme ABE=(Setup, Encrypt, KeyGen, Decrypt);
    输入系统安全参数λ和全局属性集N,权威机构PKG运行(PK,MSK)←ABE.Setup(1 λ,N): Enter the system security parameter λ and the global attribute set N, the authority PKG runs (PK, MSK) ← ABE.Setup(1 λ , N):
    为PRF F随机选择密钥k;Selecting the key k randomly for the PRF F;
    定义关键字集合W索引的空数组T;Defining an empty array T of the keyword set W index;
    将XSet定义为空集;Define XSet as an empty set;
    对于每个w∈W,将t定义为空列表,并计算关键字密文stag←F(k,w);For each w∈W, define t as an empty list and calculate the keyword ciphertext stag←F(k,w);
    初始化密钥k 1←F(k,1||w); Initialization key k 1 ←F(k,1||w);
    对于DB中的所有id i,以随机顺序初始化计数器c←0,并计算索引密文rind←P(k,id i||r i),加密k 1得z←P(k 1,c),并定义y←rind·z -1,将(rind,y)加到t, 定义xtag为XSet的元素,计算
    Figure PCTCN2018079918-appb-100013
    并将xtag加到XSet,c←c+1,T[stag]←t;     For all id i in the DB, the counter c←0 is initialized in a random order, and the index cipher rind←P(k, id i ||r i ) is calculated, and the encryption k 1 is obtained by z←P(k 1 ,c), And define y←rind·z -1 , add (rind, y) to t, define xtag as the element of XSet, calculate
    Figure PCTCN2018079918-appb-100013
    And add xtag to XSet, c←c+1, T[stag]←t;
    计算密文C←ABE.Encrypt(PK,k,Γ),得到EDB=(XSet,T,C),其中Γ为访问策略。Calculate the ciphertext C←ABE.Encrypt(PK,k,Γ) and get EDB=(XSet,T,C), where Γ is the access strategy.
  9. 如权利要求8所述的密文搜索系统,其特征在于,以
    Figure PCTCN2018079918-appb-100014
    表示所述检索关键字集合,
    Figure PCTCN2018079918-appb-100015
    以C表示所述密钥密文,SK表示所述私钥,以stag,xtoken[1],xtoken[2],…表示所述陷门,所述客户端用于:     A ciphertext search system according to claim 8 wherein
    Figure PCTCN2018079918-appb-100014
    Representing the search keyword set,
    Figure PCTCN2018079918-appb-100015
    The key ciphertext is represented by C, and the private key is represented by SK, and the trapdoor is represented by stag, xtoken[1], xtoken[2], . . .
    根据用户的属性S生成私钥SK←ABE.KeyGen(MSK,S);Generate a private key SK←ABE.KeyGen(MSK,S) according to the attribute S of the user;
    根据所述密钥密文和所述私钥计算密钥k;判断所述用户的属性S满足所述密文数据库的访问策略Γ,若满足,则解密成功k←ABE.Decrypt(C,SK),得到密钥k,若不满足,则解密失败;Calculating a key k according to the key ciphertext and the private key; determining that the attribute S of the user satisfies an access policy of the ciphertext database, and if yes, decrypting succeeds k←ABE.Decrypt(C,SK ), get the key k, if not, the decryption fails;
    生成关键字密文stag←F(k,w 1),及生成密钥k 1←F(k,1||w 1); Generating a keyword ciphertext stag←F(k, w 1 ), and generating a key k 1 ←F(k,1||w 1 );
    当i=2,…,n,计算陷门元素
    Figure PCTCN2018079918-appb-100016
    得到所述陷门,即:xtoken[c]←(xtoken[c,2],xtoken[c,3],…,xtoken[c,n])。     When i=2,...,n, calculate the trapdoor element
    Figure PCTCN2018079918-appb-100016
    The trapdoor is obtained, namely: xtoken[c]←(xtoken[c,2], xtoken[c,3],...,xtoken[c,n]).
  10. 如权利要求9所述的密文搜索系统,其特征在于,以l表示所述索引密文的集合,所述云服务器具体用于:The ciphertext search system of claim 9, wherein the set of the index ciphertext is represented by l, and the cloud server is specifically configured to:
    定义l,t为空集;Define l, t is an empty set;
    判断等式T[stag]=stag是否成立,若成立,则t=T[stag];否不成立,则返回空集;Determine whether the equation T[stag]=stag is true, if it is established, then t=T[stag]; if not, return an empty set;
    对于c=1,2,…,|t|,从t中的第c个元组检索(rind,y),若对于
    Figure PCTCN2018079918-appb-100017
    则l←l∪rind;     For c=1, 2,...,|t|, retrieve from the c-th tuple in t (rind, y), if
    Figure PCTCN2018079918-appb-100017
    Then l←l∪rind;
    所述客户端还用于:The client is also used to:
    使用密钥k解密索引密文的集合l,获取文件标识符id i和相应的密钥r i;对rind∈l,计算(id i||r i)←P -1(k,rind),得到搜索结果(id i,r i); Decrypting the set l of the index ciphertext using the key k, obtaining the file identifier id i and the corresponding key r i ; for rind∈l, calculating (id i ||r i )←P -1 (k,rind), Get the search result (id i , r i );
    将id i发送给所述云服务器,得到所述云服务器返回的ct i=SE.Enc(r i,f i),用 相应的对称密钥r i提取文件f i=SE.Dec(r i,ct i)。 Id i sends to the server cloud, the cloud server returns the obtained ct i = SE.Enc (r i, f i), f i = SE.Dec extract the files with the corresponding symmetric key r i (r i , ct i ).
PCT/CN2018/079918 2018-03-22 2018-03-22 Ciphertext search method and system supporting access control WO2019178792A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2018/079918 WO2019178792A1 (en) 2018-03-22 2018-03-22 Ciphertext search method and system supporting access control

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2018/079918 WO2019178792A1 (en) 2018-03-22 2018-03-22 Ciphertext search method and system supporting access control

Publications (1)

Publication Number Publication Date
WO2019178792A1 true WO2019178792A1 (en) 2019-09-26

Family

ID=67986657

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/079918 WO2019178792A1 (en) 2018-03-22 2018-03-22 Ciphertext search method and system supporting access control

Country Status (1)

Country Link
WO (1) WO2019178792A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113037743A (en) * 2021-03-05 2021-06-25 杭州奕锐电子有限公司 Encryption method and system for cloud server file
CN115589293A (en) * 2022-11-24 2023-01-10 北京信安世纪科技股份有限公司 Privacy query method, device and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105743888A (en) * 2016-01-22 2016-07-06 河南理工大学 Agent re-encryption scheme based on keyword research
CN106997384A (en) * 2017-03-24 2017-08-01 福州大学 A kind of semantic ambiguity that can verify that sorts can search for encryption method
US20170264426A1 (en) * 2014-05-16 2017-09-14 Thomson Licensing Method and apparatus for generating shorter signatures almost tightly related to standard assumptions
CN107704768A (en) * 2017-09-14 2018-02-16 上海海事大学 A kind of multiple key classification safety search method of ciphertext

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170264426A1 (en) * 2014-05-16 2017-09-14 Thomson Licensing Method and apparatus for generating shorter signatures almost tightly related to standard assumptions
CN105743888A (en) * 2016-01-22 2016-07-06 河南理工大学 Agent re-encryption scheme based on keyword research
CN106997384A (en) * 2017-03-24 2017-08-01 福州大学 A kind of semantic ambiguity that can verify that sorts can search for encryption method
CN107704768A (en) * 2017-09-14 2018-02-16 上海海事大学 A kind of multiple key classification safety search method of ciphertext

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
SHU, XIAOWEI.: "Parallel Search on Ciphertext Based on Index in Cloud Computing", ELECTRONIC TECHNOLOGY & INFORMATION SCIENCE , CHINA MASTER'S THESES FULL-TEXT DATABASE, 15 February 2018 (2018-02-15), pages 29 - 31 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113037743A (en) * 2021-03-05 2021-06-25 杭州奕锐电子有限公司 Encryption method and system for cloud server file
CN115589293A (en) * 2022-11-24 2023-01-10 北京信安世纪科技股份有限公司 Privacy query method, device and storage medium
CN115589293B (en) * 2022-11-24 2023-03-10 北京信安世纪科技股份有限公司 Privacy query method, device and storage medium

Similar Documents

Publication Publication Date Title
CN108494768B (en) Ciphertext searching method and system supporting access control
WO2022007889A1 (en) Searchable encrypted data sharing method and system based on blockchain and homomorphic encryption
Li et al. Full verifiability for outsourced decryption in attribute based encryption
CN110224986B (en) Efficient searchable access control method based on hidden policy CP-ABE
WO2020133032A1 (en) Multi-user ciphertext search method capable of preventing forgery
WO2018113563A1 (en) Database query method and system having access control function
CN106599719A (en) Ciphertext retrieval method supporting efficient key management
CN108171066A (en) The cross-domain searching method of keyword and system in a kind of medical treatment cloud under secret protection
CN104993931A (en) Multi-user encrypted search method in cloud storage
Guo et al. Enabling privacy-preserving geographic range query in fog-enhanced IoT services
WO2021119542A1 (en) Encrypted search with a public key
Cui et al. Harnessing encrypted data in cloud for secure and efficient image sharing from mobile devices
CN109740378B (en) Security pair index structure resisting keyword privacy disclosure and retrieval method thereof
WO2019178792A1 (en) Ciphertext search method and system supporting access control
Verma Secure client-side deduplication scheme for cloud with dual trusted execution environment
KR101140576B1 (en) Multi?user search system and method of encrypted document
CN107294701B (en) Multidimensional ciphertext interval query device and method with efficient key management
Barouti et al. Symmetrically-private database search in cloud computing
Yan et al. Secure and efficient big data deduplication in fog computing
CN108920968B (en) File searchable encryption method based on connection keywords
CN115459967A (en) Ciphertext database query method and system based on searchable encryption
Jiang et al. A novel privacy preserving keyword search scheme over encrypted cloud data
KR102386717B1 (en) Data access control system based anonymous user attribute and method thereof
CN110851850B (en) Method for realizing searchable encryption system
Wang et al. A Secure Searchable Image Retrieval Scheme with Correct Retrieval Identity

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18910573

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 03/02/2021)

122 Ep: pct application non-entry in european phase

Ref document number: 18910573

Country of ref document: EP

Kind code of ref document: A1