计算机应用 ›› 2019, Vol. 39 ›› Issue (10): 2948-2954.DOI: 10.11772/j.issn.1001-9081.2019020376

• 数据科学与技术 • 上一篇    下一篇

分布式环境下多关键词并行密文检索方案

戴厚乐1,2, 杨庚1,2, 闵兆娥1,2   

  1. 1. 南京邮电大学 计算机学院、软件学院, 网络空间安全学院, 南京 210023;
    2. 江苏省大数据安全与智能处理重点实验室, 南京 210023
  • 收稿日期:2019-03-07 修回日期:2019-06-02 发布日期:2019-07-03 出版日期:2019-10-10
  • 通讯作者: 戴厚乐
  • 作者简介:戴厚乐(1994-),男,江苏南京人,硕士研究生,主要研究方向:可搜索加密、并行计算;杨庚(1961-),男,江苏建湖人,教授,博士生导师,博士,主要研究方向:网络与信息安全、分布式与并行计算、大数据隐私保护;闵兆娥(1978-),女,江苏盐城人,教授,博士,主要研究方向:大数据安全。
  • 基金资助:
    国家自然科学基金资助项目(61572263,61502251);江苏省自然科学基金资助项目(BK20161516);江苏省高校自然科学研究项目(14KJB520031)。

Multi-keyword parallel ciphertext retrieval scheme in distributed environment

DAI Houle1,2, YANG Geng1,2, MIN Zhao'e1,2   

  1. 1. School of Computer Science, Nanjing University of Posts and Telecommunications, Nanjing Jiangsu 210023, China;
    2. Jiangsu Key Laboratory of Big Data Security and Intelligent Processing, Nanjing Jiangsu 210023, China
  • Received:2019-03-07 Revised:2019-06-02 Online:2019-07-03 Published:2019-10-10
  • Supported by:
    This work is partially supported by the National Natural Science Foundation of China (61572263, 61502251), the Natural Science Foundation of Jiangsu Province (BK20161516), the Natural Science Research Project of Colleges and Universities in Jiangsu Province (14KJB520031).

摘要: 对于可搜索加密需要均衡数据的安全性和检索效率。针对SSE-1密文检索方案中检索性能低、单关键词检索模式不足和传统单服务器架构中的单机资源局限性等问题,设计并实现了一种多关键词并行密文检索系统。该系统采用不同的索引加密方式提高密文检索性能;通过对密文倒排索引的切分实现倒排索引的分块检索,克服了单机资源的局限性并提高了检索效率;通过结合分布式特点扩展了传统单机检索架构并实现了多关键词的并行检索。实验结果表明,与SSE-1方案相比,在保证密文数据安全性的前提下所提方案能够提高检索、更新等操作的效率,实现多关键词的检索,同时动态扩展系统分布式架构以提高系统负载能力。

关键词: 可搜索加密, 多关键词, 分布式检索, 倒排索引, 索引切分

Abstract: For searchable encryption, balancing the security and retrieval efficiency of data is important. Aiming at the low retrieval performance and the lack of single keyword search mode in SSE-1 ciphertext retrieval scheme, and the problems such as the limitation of single-machine resources in the traditional single-server architecture, a multi-keyword parallel ciphertext retrieval system was designed and implemented. Different index encryption strategies were used to improve the ciphertext retrieval performance. The block search of the inverted index was realized by partitioning the ciphertext inverted index, which solves the limitation of single-machine resources and improves the retrieval efficiency. The traditional single-machine retrieval architecture was extended and the parallel retrieval of multiple keywords was realized by combining the characteristic of distribution. Experimental results show that compared with the SSE-1 scheme, the proposed scheme has the efficiency of retrieval and update operations improved under the premise of ensuring ciphertext data security and realizes multi-keyword retrieval. At the same time, the distributed architecture of the system is dynamically expanded to improve the system load capacity.

Key words: searchable encryption, multi-keyword, distributed search, inverted index, index partition

中图分类号: