计算机应用 ›› 2014, Vol. 34 ›› Issue (4): 1019-1024.DOI: 10.11772/j.issn.1001-9081.2014.04.1019

• 计算机安全 • 上一篇    下一篇

单断言的密文区间检索方案的安全分析

古春生1,2,景征骏1,3,李红卫1,于志敏1   

  1. 1. 江苏理工学院 计算机工程学院,江苏 常州 213001;
    2. 中国科学技术大学 计算机科学与技术学院,合肥 230027;
    3. 南京邮电大学 计算机学院,南京 210003
  • 收稿日期:2013-10-12 修回日期:2013-11-21 出版日期:2014-04-01 发布日期:2014-04-29
  • 通讯作者: 古春生
  • 作者简介:古春生(1971-),男,安徽芜湖人,副教授,博士,CCF会员,主要研究方向:密码分析、隐私保护;
    景征骏(1978-),男,江苏丹阳人,讲师,硕士,CCF会员,主要研究方向:数字签名;
    李红卫(1966-),男,山西阳城人,副教授,硕士,CCF会员,主要研究方向:云存储安全;
    于志敏(1973-),男,吉林梅河口人,讲师,硕士,CCF会员,主要研究方向:公钥密码。
  • 基金资助:

    国家自然科学基金资助项目;江苏省高校自然科学研究项目;江苏省普通高校研究生科研创新计划项目;江苏理工学院科研基金资助项目

Security Analysis of Range Query with Single Assertion on Encrypted Data

GU Chunsheng1,2,JING Zhengjun1,3,LI Hongwei1,YU Zhimin1   

  1. 1. School of Computer Engineering, Jiangsu University of Technology, Changzhou Jiangsu 213001, China
    2. School of Computer Science and Technology, University of Science and Technology of China, Hefei Anhui 230027, China
    3. College of Computer, Nanjing University of Posts and Telecommunications, Nanjing Jiangsu 210003, China
  • Received:2013-10-12 Revised:2013-11-21 Online:2014-04-01 Published:2014-04-29
  • Contact: GU Chunsheng
  • Supported by:

    ;The natural science foundation of universities of Jiangsu province;The research fund for the graduate innovation program of Jiangsu province

摘要:

为保护用户数据隐私,用户通常将敏感数据加密后外包存储在半可信的服务器上。为防止泄露用户隐私信息,蔡克等(蔡克,张敏,冯登国.基于单断言的安全的密文区间检索[J].计算机学报, 2011, 34(11):2093-2103)首次提出单断言密文区间检索方案,而之前在密文数据上的区间检索都通过多次断言实现。使用三角函数关系和矩阵理论,通过密文区间索引直接产生敏感数据的排列信息,证明该单断言密文检索方案不是唯密文安全的。为避免这种安全缺陷,通过引入随机元素构造了安全的单断言密文检索改进方案,并分析了改进方案的复杂性。

Abstract:

To protect users' privacy, users often transfer encrypted sensitive data to a semi-trustworthy service provider. Cai et al.(CAI K, ZHANG M, FENG D. Secure range query with single assertion on encrypted data [J]. Chinese Journal of Computers, 2011, 34(11): 2093-2103) first presented the ciphertext-only secure range query scheme with single assertion on encrypted data to prevent information leakage of users' privacy, whereas the previous schemes of range query on encrypted data were implemented through many assertions. Applying principle of trigonometric functions and matrix theory, the rank of the sensitive data was directly generated from protected interval index. Hence, this scheme was not ciphertext-only secure. To avoid this security drawback, a secure improvement scheme was constructed by introducing random element, and its complexity was analyzed.

中图分类号: