计算机应用 ›› 2020, Vol. 40 ›› Issue (1): 148-156.DOI: 10.11772/j.issn.1001-9081.2019060961

• 网络空间安全 • 上一篇    下一篇

基于错误学习的自适应等级可搜索加密方案

张恩1,2, 侯缨盈1,2, 李功丽1,2, 李会敏1,2, 李钰1,2   

  1. 1. 河南师范大学 计算机与信息工程学院, 河南 新乡 453007;
    2. "智慧商务与物联网技术"河南省工程实验室, 河南 新乡 453007
  • 收稿日期:2019-06-10 修回日期:2019-07-28 出版日期:2020-01-10 发布日期:2019-09-27
  • 通讯作者: 张恩
  • 作者简介:张恩(1974-),男,河南新乡人,副教授,博士,CCF会员,主要研究方向:信息安全、密码学;侯缨盈(1993-),女,河南新乡人,硕士研究生,主要研究方向:信息安全、密码学;李功丽(1981-),女,河南信阳人,讲师,博士,主要研究方向:信息安全;李会敏(1996-),女,河南濮阳人,硕士研究生,主要研究方向:信息安全、密码学;李钰(1998-),女,河南安阳人,主要研究方向:信息安全、密码学。
  • 基金资助:
    国家自然科学基金资助项目(U1604156,61772176,61602158);河南省科技攻关计划项目(172102210045,192102210131)。

Adaptive hierarchical searchable encryption scheme based on learning with errors

ZHANG En1,2, HOU Yingying1,2, LI Gongli1,2, LI Huimin1,2, LI Yu1,2   

  1. 1. College of Computer and Information Engineering, Henan Normal University, Xinxiang Henan 453007, China;
    2. Engineering Laboratory of Intelligence Bussiness and Internet of Things of Henan Province, Xinxiang Henan 453007, China
  • Received:2019-06-10 Revised:2019-07-28 Online:2020-01-10 Published:2019-09-27
  • Supported by:
    This work is partially supported by the National Natural Science Foundation of China (U1604156, 61772176, 61602158), the Science and Technology Research Project of Henan Province (172102210045, 192102210131).

摘要: 针对现有分等级可搜索加密方案存在不能有效抵抗量子攻击以及不能灵活添加与删除等级的问题,提出一种基于错误学习的自适应等级可搜索加密(AHSE)方案。首先,利用格的多维特点并基于格上错误学习(LWE)问题,使该方案能有效抵抗量子攻击;其次,构造条件键对用户进行明确的等级划分,使用户只能搜索其所属等级下的文件,实现有效的等级访问控制;同时,设计一种分段式索引结构,其等级能够灵活添加与删除,具有良好的自适应性,可以满足不同粒度访问控制的需求,并且,该方案中所有用户仅共享一张分段式索引表即可实现搜索,从而有效提高搜索效率;最后,理论分析表明,该方案中用户和文件的更新、删除以及等级变动简单、易于操作,适用于动态的加密数据库、云医疗系统等环境。

关键词: 可搜索加密, 错误学习, 分段式索引结构, 条件键控制, 自适应等级

Abstract: To solve the problem that the existing hierarchical searchable encryption scheme cannot effectively resist quantum attack and cannot flexibly add and delete the level, a scheme of Adaptive Hierarchical Searchable Encryption based on learning with errors (AHSE) was proposed. Firstly, the proposed scheme was made to effectively resist the quantum attack by utilizing the multidimensional characteristic of lattices and based on the Learning With Errors (LWE) problem on lattices. Secondly, the condition key was constructed to divide the users into different levels clearly, making the user only able to search the files at his own level, so as to achieve effective level access control. At the same time, a segmented index structure with good adaptability was designed, whose levels could be added and deleted flexibly, meeting the requirements of access control with different granularities. Moreover, all users in this scheme were able to search by only sharing one segmented index table, which effectively improves the search efficiency. Finally, theoretical analysis shows that the update, deletion and level change of users and files in this scheme is simple and easy to operate, which are suitable for dynamic encrypted database, cloud medical system and other dynamic environments.

Key words: searchable encryption, Learning With Error (LWE), segmented index structure, conditional key control, adaptive level

中图分类号: