一种支持多用户的公平密文检索方案-《计算机技术与发展》

文章信息/Info

Title:: A Fair Searchable Encryption Scheme Supporting Multiple Users

文章编号:: 1673-629X(2022)10-0100-08

作者:: 崔永杰¹; 2 ; 彭长根¹; 2; 3 ; 丁红发²; 3 ; 许德权¹; 2; 1. 贵州大学计算机科学与技术学院,贵州贵阳 550025;
2. 贵州省公共大数据重点实验室(贵州大学),贵州贵阳 550025;
3. 贵州大学密码学与数据安全研究所,贵州贵阳 550025

Author(s):: CUI Yong-jie1; 2 ; PENG Chang-gen1; 2; 3 ; DING Hong-fa2; 3 ; XU De-quan1; 2; 1. School of Computer Science and Technology,Guizhou University,Guiyang 550025,China;
2. Guizhou Province Key Laboratory of Public Big Data ( Guizhou University) ,Guiyang 550025,China;
3. Institute of Cryptography and Data Security,Guizhou University,Guiy

关键词:: 可搜索加密; 属性加密; 智能合约; 公平交易; 国密算法

Keywords:: searchable encryption; attribute encryption; smart contract; fair transaction; national secret algorithm

分类号:: TP309

DOI:: 10. 3969 / j. issn. 1673-629X. 2022. 10. 017

摘要:: 大量用户将私密数据外包到云服务器上以缓解本地存储压力。为了保障数据的安全性,用户上传至云服务器前通常会执行数据加密处理,最后利用可搜索加密技术实现对密文数据的安全有效检索。然而,现有的方案通信模式通常是一对一的以及存在用户与云服务器间搜索交易的不公平性问题,即用户成功支付服务费后,云服务器并没有向用户返回正确且完整的检索结果。针对上述问题并考虑该场景下支持多用户检索的情况,提出一种基于国密算法的多用户公平可搜索加密方案。利用 CP-ABE 对属性私钥指定树形访问结构,实现密文数据的细粒度访问控制;然后,结合加解密效率高的 SM4 分组算法对数据集进行处理生成密文;最后根据区块链的公平机制以及智能合约自动执行的特点解决云服务器与用户之间的交易公平性问题,并且交易可追踪且不可逆转的特性使方案不需额外验证,从而减少计算开销。实验结果表明,所述方案在安全索引生成阶段耗时均处于毫秒级,对比传统方案具有优势;而且方案内的数据集增多,密文检索的效率并不随着线性增长,具有一定的稳定性。

Abstract:: A large number of users outsource private data to cloud servers to relieve local storage pressure. In order to ensure the security of data,users usually perform data encryption before uploading to the cloud server,and finally use searchable encryption technology to achieve the secure and effective retrieval of ciphertext data. However,the communication mode of the existing solutions is usually one-to-one and there is a problem of unfairness in the search transaction between the user and the cloud server,that is,after the user success fully pays? ?the service fee,the cloud server does not return the correct and complete search result to the user. Aiming at the above problems and considering the support of multi-user retrieval in this scenario,a multi-user fair searchable encryption scheme based on the national secret algorithm is proposed. First,we use CP-ABE to specify a tree access structure for the attribute private key. Then,combined with SM4 grouping algorithm with high encryption and decryption efficiency,the data set is processed to generate ciphertext. Finally,according to the fairness mechanism of the blockchain and feature of automatic execution of smart contracts,the problem of fairness of transactions between cloud servers and users is solved, which guarantees data security based on the traceable and irreversible characteristics of transactions while supporting result verification. Experiment shows that the proposed scheme consumes milliseconds in the security indexgeneration stage,which has advantages compared with traditional schemes. The data set in the scheme increases,and the efficiency of ciphertext retrieval does not increase linearly with certain stability.

相似文献/References:

[1]杨清琳,黄治国,钱文标,等.云计算下支持语义的可搜索加密方法研究[J].计算机技术与发展,2020,30(03):111.[doi:10. 3969 / j. issn. 1673-629X. 2020. 03. 021]
　YANG Qing-lin,HUANG Zhi-guo,QIAN Wen-biao,et al.Research on Searchable Encryption Method with Supporting Semantics in Cloud Computing[J].,2020,30(10):111.[doi:10. 3969 / j. issn. 1673-629X. 2020. 03. 021]
[2]蒋英,陈燕俐,高诗尧.文件分层-属性基多关键字可搜索加密方案[J].计算机技术与发展,2021,31(10):98.[doi:10. 3969 / j. issn. 1673-629X. 2021. 10. 017]
　JIANG Ying,CHEN Yan-li,GAO Shi-yao.File Hierarchy Attribute-based Multi-keyword Searchable Encryption Scheme[J].,2021,31(10):98.[doi:10. 3969 / j. issn. 1673-629X. 2021. 10. 017]
[3]麻付强,徐峥,苏振宇,等.一种基于 LDAP 的属性加密模型[J].计算机技术与发展,2023,33(06):147.[doi:10. 3969 / j. issn. 1673-629X. 2023. 06. 022]
　MA Fu-qiang,XU Zheng,SU Zhen-yu,et al.An Attribute-based Encryption Model with LDAP[J].,2023,33(10):147.[doi:10. 3969 / j. issn. 1673-629X. 2023. 06. 022]

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

文章信息/Info

相似文献/References:

常用功能

导航/Navigate

工具/Tools

统计/Statistics