支持用户撤销的可验证密文检索方案

doi:10.11772/j.issn.1001-9081.2017122938

计算机应用 ›› 2018, Vol. 38 ›› Issue (6): 1640-1643.DOI: 10.11772/j.issn.1001-9081.2017122938

支持用户撤销的可验证密文检索方案

白平¹, 张薇^1,2, 李聪¹, 王绪安^1,2

1. 武警工程大学密码工程学院, 西安 710086;
2. 网络与信息安全武警部队重点实验室, 西安 710086

收稿日期:2017-12-15 修回日期:2018-02-06 出版日期:2018-06-10 发布日期:2018-06-13
通讯作者: 白平
作者简介:白平(1990-),男,内蒙古乌兰察布人,硕士研究生,主要研究方向:密码学;张薇(1976-),女,陕西西安人,教授,博士,主要研究方向:密码学、信息安全;李聪(1990-),男,山东济宁人,硕士研究生,主要研究方向:密码学;王绪安(1981-),男,湖北公安人,副教授,博士,主要研究方向:密码学、信息安全。
基金资助:
国家密码发展基金资助项目（MMJJ20170112）；陕西省自然科学基金资助项目（2016JQ6037）。

Verifiable ciphertext retrieval scheme with user revocation

BAI Ping¹, ZHANG Wei^1,2, LI Cong¹, WANG Xu'an^1,2

1. College of Cryptographic Engineering, Engineering University of the Chinese Armed Police Force, Xi'an Shaanxi 710086, China;
2. Key Laboratory of Network and Information Security of the Chinese Armed Police Force, Xi'an Shaanxi 710086, China

Received:2017-12-15 Revised:2018-02-06 Online:2018-06-10 Published:2018-06-13
Supported by:
This work is partially supported by the National Cryptography Development Fund of China (MMJJ20170112), the Natural Science Foundation of Shaanxi Province (2016JQ6037). BAI Ping, born in 1990, M. S. candidate. His research interests include cryptology.

摘要/Abstract

摘要： 为解决恶意云服务器可能发送错误或者伪造的查询结果给用户，且授权用户可能在检索完成之后将密钥信息私自发送给非授权用户的问题，构造了一种支持用户撤销的可验证密文检索方案。首先，利用加密算法对用户文档加密、对关键词签名；其次，运用搜索算法对需要检索的文档进行检索；最后，运用验证算法和用户撤销算法对检索结果进行验证，以及对未检索文档进行再一次加密保护。分析结果表明，所提方案能够在保证数据完整性的前提下完成精确检索，且通过重加密机制实现了用户撤销，保证了系统的安全性，该方案满足不可区分性选择关键词攻击（IND-CKA）安全。

关键词: 可搜索加密, 多关键词, 可验证检索, 用户撤销, 数据完整性

Abstract: The malicious cloud server may send incorrect or forged query results to the user, and the authorized user may send the key information privately to a non-authorized user after completing the retrieval. In order to solve the problems, a new verifiable ciphertext retrieval scheme with user revocation was constructed. Firstly, an encryption algorithm was used to encrypt the user documents and sign the keywords. Secondly, a searching algorithm was used to retrieve documents that needed to be retrieved. Finally, a verification algorithm and user revocation algorithm were used to verify the retrieval results and encrypt the unretrieved documents again. The analysis results show that, the proposed scheme can complete the accurate retrieval on the premise of guaranteeing the integrity of data, realize the user revocation through re-encryption scheme, and guarantee the security of system. Moreover, the proposed scheme satisfies the security of Indistinguishability-Chosen Keyword Attack (IND-CKA).

Key words: searchable encryption, multi-keyword, verifiable retrieval, user revocation, data integrity

中图分类号:

TP309.7

白平, 张薇, 李聪, 王绪安. 支持用户撤销的可验证密文检索方案[J]. 计算机应用, 2018, 38(6): 1640-1643.

BAI Ping, ZHANG Wei, LI Cong, WANG Xu'an. Verifiable ciphertext retrieval scheme with user revocation[J]. Journal of Computer Applications, 2018, 38(6): 1640-1643.

参考文献

[1] MEZGHANI K, AYADI F. Factors explaning IS managers attitudes toward cloud computhing adoption[J]. International Journal of Technology and Human Interaction, 2016, 12(1):1-20.
[2] CLEAR M, HUGHES A, TEWARI H. Homomorphic encryption with access policies:characterization and new constructions[C]//Proceedings of the 20136th International Conference on Cryptology in Africa, LNCS 7918. Berlin:Springer, 2013:61-87.
[3] KATZ J, SAHAI A, WATERS B. Predicate encryption supporting disjunctions, polynomial equations, and inner products[C]//Proceedings of the 200827th Annual International Conference on Theory and Applications of Cryptographic Techniques:Advances in Cryptology. Berlin:Springer, 2008:146-162.
[4] BONEH D, WATERS B. Conjunctive, subset, and range queries on encrypted data[C]//Proceedings of the 4th Theory of Cryptography Conference, LNCS 4392. Berlin:Springer, 2007:535-554.
[5] BONEH D, FRANKLIN M. Identity-based encryption from the Weil pairing[C]//Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology, LNCS 2139. Berlin:Springer, 2001:213-229.
[6] MIAO Y B, MA J F, LIU Z Q. Revocable and anonymous searchable encryption in multi-user setting[J]. Concurrency and Computation:Practice and Experience, 2016, 28(4):1204-1218.
[7] YONG H H, LEE P J. Public key encryption with conjunctive keyword search and its extension to a multi-user system[C]//Proceedings of the 2007 International Conference on Pairing-based Cryptograhpy, LNCS 4575. Berlin:Springer, 2007:2-22.
[8] WANG P S, WANG H X, PIEPRZYK J. Keyword field-free conjunctive keyword searches on encrypted data and extension for dynamic groups[C]//Proceedings of the 20087th International Conference on Cryptology and Network Security, LNCS 5339. Berlin:Springer, 2008:178-195.
[9] 王尚平,刘利军,张亚玲.可验证的基于词典的可搜索加密方案[J].软件学报,2016,27(5):1301-1308. (WANG S P, LIU L J, ZHANG Y L. Verifiable dictionary-based searchable encryption scheme[J]. Journal of Software, 2016, 27(5):1301-1308.)
[10] LI J W, LI J, CHEN X F, et al. Privacy-preserving data utilization in hybrid clouds [J]. Future Generation Computer Systems, 2014, 30(1): 98-106.
[11] GOLLE P, STADDON J, WATERS B. Secure conjunctive keyword search over encrypted data [C]// Proceedings of the 2004 Second International Conference on Applied Cryptography and Network Security, LNCS 3089. Berlin: Springer, 2004: 31-45.
[12] KERSCHBAUM F. Secure conjunctive keyword searches for unstructured text [C]// Proceedings of the 20115th International Conference on Network and System Security. Piscataway, NJ: IEEE, 2011: 285-289.
[13] CUI B J, LIU Z L, WANG L Y. Key-Aggregate Searchable Encryption (KASE) for group data sharing via cloud storage [J]. IEEE Transactions on Computers, 2016, 65(8): 2374-2385.
[14] PENG Y G, CUI J T, PENG C G, et al. Certificateless public key encryption with keyword search [J]. China Communications, 2014, 11(11): 100-113.
[15] YANG Y, MA M D, LIN B G. Proxy re-encryption conjunctive keyword search against keyword guessing attack[C]// Proceedings of the 2013 Computing, Communications and IT Applications Conference. Piscataway, NJ: IEEE, 2013: 125-130.

支持用户撤销的可验证密文检索方案

Verifiable ciphertext retrieval scheme with user revocation

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

[1]	卿欣艺, 陈玉玲, 周正强, 涂园超, 李涛. 基于中国剩余定理的区块链存储扩展模型[J]. 计算机应用, 2021, 41(7): 1977-1982.
[2]	李秀艳, 刘明曦, 史闻博, 董国芳. 面向资源受限用户的高效动态数据审计方案[J]. 计算机应用, 2021, 41(2): 422-432.
[3]	孙晓玲, 杨光, 沈焱萍, 杨秋格, 陈涛. 基于可拆分倒排索引的可搜索加密方案[J]. 《计算机应用》唯一官方网站, 2021, 41(11): 3288-3294.
[4]	张恩, 侯缨盈, 李功丽, 李会敏, 李钰. 基于错误学习的自适应等级可搜索加密方案[J]. 计算机应用, 2020, 40(1): 148-156.
[5]	李兆斌, 刘泽一, 魏占祯, 韩禹. 基于哈希链的软件定义网络路径安全[J]. 计算机应用, 2019, 39(5): 1368-1373.
[6]	庞晓琼, 严小龙, 陈文俊, 余本国, 聂梦飞. 支持语义扩展的动态多关键词密文排序检索[J]. 计算机应用, 2019, 39(4): 1059-1065.
[7]	戴厚乐, 杨庚, 闵兆娥. 分布式环境下多关键词并行密文检索方案[J]. 计算机应用, 2019, 39(10): 2948-2954.
[8]	白平, 张薇, 王绪安. 云环境下基于运算电路的同态认证方案[J]. 计算机应用, 2018, 38(9): 2543-2548.
[9]	王漫漫, 束永安. 多移动汇聚节点的无线传感网中基于服务质量的能耗[J]. 计算机应用, 2018, 38(3): 758-762.
[10]	曾小飞, 卢建朱, 王洁. 传感器节点相互协作的广播认证[J]. 计算机应用, 2016, 36(8): 2219-2224.
[11]	郑奇斌, 刁兴春, 曹建军, 周星, 许永平. 结合局部敏感哈希的k近邻数据填补算法[J]. 计算机应用, 2016, 36(2): 397-401.
[12]	项文, 杨晓元, 吴立强. 理想格上可撤销的模糊身份加密方案[J]. 计算机应用, 2016, 36(10): 2733-2737.
[13]	李程文, 王晓明. 具有访问权限撤销的外包数据加密方案[J]. 计算机应用, 2016, 36(1): 216-221.
[14]	杨文文马春光黄予洛. 基于分布式认证的完整性保护数据融合方案[J]. 计算机应用, 2014, 34(3): 714-719.
[15]	贾磊王灵矫郭华许亚伟李娟. 基于主机标识协议的增强型分布式移动管理[J]. 计算机应用, 2014, 34(2): 341-345.