高级搜索

留言板

尊敬的读者、作者、审稿人, 关于本刊的投稿、审稿、编辑和出版的任何问题, 您可以本页添加留言。我们将尽快给您答复。谢谢您的支持!

姓名
邮箱
手机号码
标题
留言内容
验证码

支持策略隐藏且密文长度恒定的可搜索加密方案

杨小东 李婷 麻婷春 陈桂兰 王彩芬

downloadPDF
文章导航 > 电子与信息学报  > 2021 >  43(4): 900-907
杨小东, 李婷, 麻婷春, 陈桂兰, 王彩芬. 支持策略隐藏且密文长度恒定的可搜索加密方案[J]. 电子与信息学报, 2021, 43(4): 900-907. doi: 10.11999/JEIT200083
引用本文: 杨小东, 李婷, 麻婷春, 陈桂兰, 王彩芬. 支持策略隐藏且密文长度恒定的可搜索加密方案[J]. 电子与信息学报, 2021, 43(4): 900-907. doi: 10.11999/JEIT200083
shu
Xiaodong YANG, Ting LI, Tingchun MA, Guilan CHEN, Caifen WANG. Searchable Encryption Scheme Supporting Policy Hiding and Constant Ciphertext Length[J]. Journal of Electronics & Information Technology, 2021, 43(4): 900-907. doi: 10.11999/JEIT200083
Citation: Xiaodong YANG, Ting LI, Tingchun MA, Guilan CHEN, Caifen WANG. Searchable Encryption Scheme Supporting Policy Hiding and Constant Ciphertext Length[J]. Journal of Electronics & Information Technology, 2021, 43(4): 900-907. doi: 10.11999/JEIT200083
shu

支持策略隐藏且密文长度恒定的可搜索加密方案

doi: 10.11999/JEIT200083
  • 1.

    西北师范大学计算机科学与工程学院 兰州 730070

  • 2.

    深圳技术大学大数据与互联网学院 深圳 518118

基金项目: 国家自然科学基金(61662069, 61562077),中国博士后科学基金(2017M610817),兰州市科技计划项目(2013-4-22),西北师范大学青年教师科研能力提升计划(NWNU-LKQN-14-7)
详细信息
    作者简介:

    杨小东:男,1981年生,博士,教授,研究方向为代理重签名和云计算安全

    李婷:女,1995年生,硕士生,研究方向为云审计安全

    麻婷春:女,1992年生,硕士生,研究方向为属性加密

    陈桂兰:女,1995年生,硕士生,研究方向为可搜索加密

    王彩芬:女,1963年生,博士,教授,研究方向为信息安全协议与网络安全

    通讯作者:

    杨小东 y200888@163.com

  • 中图分类号: TN918.4

Searchable Encryption Scheme Supporting Policy Hiding and Constant Ciphertext Length

  • 1.

    College of Computer Science and Engineering, Northwest Normal University, Lanzhou 730070, China

  • 2.

    College of Big Data and Internet, Shenzhen Technology University, Shenzhen 518118, China

Funds: The National Natural Science Foundation of China (61662069, 61562077), The Postdoctoral Science Foundation of China (2017M610817), The Science and Technology Project of Lanzhou City (2013-4-22), The Foundation of Northwest Normal University (NWNU-LKQN-14-7)

    摘要
  • 摘要: 属性加密体制是实现云存储中数据灵活访问控制的关键技术之一,但已有的属性加密方案存在密文存储开销过大和用户隐私泄露等问题,并且不能同时支持云端数据的公开审计。为了解决这些问题,该文提出一个新的可搜索属性加密方案,其安全性可归约到q-BDHE问题和CDH问题的困难性。该方案在支持关键词搜索的基础上,实现了密文长度恒定;引入策略隐藏思想,防止攻击者获取敏感信息,确保了用户的隐私性;通过数据公开审计机制,实现了云存储中数据的完整性验证。与已有的同类方案相比较,该方案有效地降低了数据的加密开销、关键词的搜索开销、密文的存储成本与解密开销,在云存储环境中具有较好的应用前景。
    Abstract: The Attribute-Based Encryption (ABE) mechanism is one of the key technologies for implementing flexible access control of data in cloud storage. However, the existing ABE schemes have some problems, such as too much ciphertext storage overhead and user privacy leakage, and unsupported public auditing of cloud data. To solve these problems, a new searchable ABE scheme is proposed, and its security can be reduced to the difficulty of q-BDHE (q –decisional Bilinear Diffie-Hellman Exponent) problem and CDH (Computational Diffie-Hellman) problem. The proposed scheme achieves a constant ciphertext length on the basis of supporting keyword search. By introducing strategies to hide ideas, it prevents attackers from obtaining sensitive information and ensures the privacy of users. And the integrity of the data in cloud storage is verified through data public audit mechanism. Compared with the existing similar schemes, this scheme greatly reduces the data encryption overhead, keyword search overhead, ciphertext storage cost and decryption cost, which has a good application prospect to the cloud storage environment.
    • HTML全文

  • 图  1  系统模型

    下载: 全尺寸图片 幻灯片

    图  2  计算和存储开销对比

    下载: 全尺寸图片 幻灯片

    表  1  计算开销对比

    方案加密开销解密开销关键词搜索开销
    文献[20]$3{T_E}$$({n_d} + 2){T_P} + {n_d}{T_E}$/
    文献[26]$({n_\omega } + 6){T_E}$/$(2{n_s} + 1){T_P} + {T_E}$
    文献[27]$(3{n_\omega } + 4){T_E}$${T_P} + {n_d}{T_E}$$(2{n_s} + 1){T_P} + {n_s}{T_E}$
    本文方案$3{T_E}$$2{T_P}$$3{T_P} + {T_E}$
    下载: 导出CSV

    表  2  存储开销对比

    方案属性权威中心数据拥有者访问用户云服务提供商
    文献[20]$2\left| {{Z_P}} \right|$$(2{n_a} + 1)\left| {{G_1}} \right|$${n_k}\left| {{G_1}} \right|{\rm{ + }}\left| {{Z_p}} \right|$$3\left| {{G_1}} \right| + \left| {{G_T}} \right|$
    文献[26]$({n_\omega } + 2)\left| {{Z_P}} \right|$$({n_a} + 1)\left| {{G_1}} \right|$$(2{n_k} + 1)\left| {{G_1}} \right| + \left| {{Z_P}} \right|$$(2{n_\omega } + 1)\left| {{G_1}} \right| + \left| {{G_T}} \right|$
    文献[27]$\left| {{G_1}} \right| + \left| {{Z_P}} \right|$${n_a}\left| {{G_1}} \right| + \left| {{Z_P}} \right|$$({n_k} + 1)\left| {{G_1}} \right|{\rm{ + }}\left| {{G_T}} \right|$$({n_\omega } + 2)\left| {{G_1}} \right| + \left| {{G_T}} \right|$
    本文方案$({n_\omega } + 2)\left| {{Z_P}} \right|$${n_a}\left| {{G_1}} \right|{\rm{ + }}{n_a}\left| {{G_T}} \right|$${n_k}\left| {{G_1}} \right|{\rm{ + }}\left| {{G_T}} \right|$$2\left| {{G_1}} \right| + \left| {{G_T}} \right|$
    下载: 导出CSV
    • 参考文献(27)
  • ZHANG Jindan, WANG Baocang, HE Debiao, et al. Improved secure fuzzy auditing protocol for cloud data storage[J]. Soft Computing, 2019, 23(10): 3411–3422. doi: 10.1007/s00500-017-3000-1
    ZHANG Yinghui, YANG Menglei, ZHENG Dong, et al. Efficient and secure big data storage system with leakage resilience in cloud computing[J]. Soft Computing, 2018, 22(23): 7763–7772. doi: 10.1007/s00500-018-3435-z
    BETHENCOURT J, SAHAI A, and WATERS B. Ciphertext-policy attribute-based encryption[C]. The 2007 IEEE Symposium on Security and Privacy, Berkeley, USA, 2007: 321–334. doi: 10.1109/SP.2007.11.
    WATERS B. Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization[C]. The 14th International Conference on Practice and Theory in Public Key Cryptography Conference on Public Key Cryptography, Taormina, Italy, 2011: 53–70. doi: 10.1007/978-3-642-19379-8_4.
    ROUSELAKIS Y and WATERS B. Practical constructions and new proof methods for large universe attribute-based encryption[C]. The 2013 ACM SIGSAC Conference on Computer & Communications Security, New York, USA, 2013: 463–474. doi: 10.1145/2508859.2516672.
    CHEUNG L and NEWPORT C. Provably secure ciphertext policy abe[C]. The 14th ACM Conference on Computer and Communications Security, Alexandria, USA, 2007: 456–465. doi: 10.1145/1315245.1315302.
    LAI Junzuo, DENG R H, and LI Yingjiu. Expressive CP-ABE with partially hidden access structures[C]. The 7th ACM Symposium on Information, Computer and Communications Security, New York, USA, 2012: 18–19. doi: 10.1145/2414456.2414465.
    NISHIDE T, YONEYAMA K, and OHTA K. Attribute-based encryption with partially hidden encryptor-specified access structures[C]. The 6th International Conference on Applied Cryptography and Network Security, New York, USA, 2008: 111–129. doi: 10.1007/978-3-540-68914-0_7.
    应作斌, 马建峰, 崔江涛. 支持动态策略更新的半策略隐藏属性加密方案[J]. 通信学报, 2015, 36(12): 178–189. doi: 10.11959/j.issn.1000-436x.2015327

    YING Zuobin, MA Jianfeng, and CUI Jiangtao. Partially policy hidden CP-ABE supporting dynamic policy updating[J]. Journal on Communications, 2015, 36(12): 178–189. doi: 10.11959/j.issn.1000-436x.2015327
    PHUONG T V X, YANG Guomin, and SUSILO W. Hidden ciphertext policy attribute-based encryption under standard assumptions[J]. IEEE transactions on Information Forensics and Security, 2016, 11(1): 35–45. doi: 10.1109/TIFS.2015.2475723
    XU Runhua and LANG Bo. A CP-ABE scheme with hidden policy and its application in cloud computing[J]. International Journal of Cloud Computing, 2015, 4(4): 279–298. doi: 10.1504/IJCC.2015.074224
    ZHOU Zhibin, HUANG Dijiang, and WANG Zhijie. Efficient privacy-preserving ciphertext-policy attribute based-encryption and broadcast encryption[J]. IEEE Transactions on Computers, 2015, 64(1): 126–138. doi: 10.1109/TC.2013.200
    LAI Junzuo, DENG R H, and LI Yingjiu. Fully secure cipertext-policy hiding CP-ABE[C]. The 7th International Conference on Information Security Practice and Experience, Guangzhou, China, 2011: 24–39. doi: 10.1007/978-3-642-21031-0_3.
    EMURA K, MIYAJI A, NOMURA A, et al. A ciphertext-policy attribute-based encryption scheme with constant ciphertext length[C]. The 5th International Conference on Information Security Practice and Experience, Xi’an, China, 2009: 13–23. doi: 10.1007/978-3-642-00843-6_2.
    HERRANZ J, LAGUILLAUMIE F, and RÀFOLS C. Constant size ciphertexts in threshold attribute-based encryption[C]. The 13th International Conference on Practice and Theory in Public Key Cryptography, Paris, France, 2010: 19–34. doi: 10.1007/978-3-642-13013-7_2.
    GE Aijun, ZHANG Rui, CHEN Cheng, et al. Threshold ciphertext policy attribute-based encryption with constant size ciphertexts[C]. The 17th Australasian Conference on Information Security and Privacy, Wollongong, Australia, 2012: 336–349. doi: 10.1007/978-3-642-31448-3_25.
    ZHANG Yinghui, ZHENG Dong, CHEN Xiaofeng, et al. Computationally efficient ciphertext-policy attribute-based encryption with constant-size ciphertexts[C]. The 8th International Conference on Provable Security, Hong Kong, China, 2014: 259–273. doi: 10.1007/978-3-319-12475-9_18.
    安立峰, 范运东, 付钰. 支持策略隐藏且固定密文长度的属性基加密方案[J]. 通信技术, 2018, 51(1): 156–164. doi: 10.3969/j.issn.1002-0802.2018.01.028

    AN Lifeng, FAN Yundong, and FU Yu. Attribute-based encryption scheme with hidden policy and constant length ciphertext[J]. Communications Technology, 2018, 51(1): 156–164. doi: 10.3969/j.issn.1002-0802.2018.01.028
    KUMAR G S and KRISHNA A S. Privacy Sustaining Constant Length Ciphertext-policy Attribute-based Broadcast Encryption[M]. WANG J, REDDY G, PRASAD V, et al. Soft Computing and Signal Processing. Singapore: Springer, 2019: 313–324.
    赵志远, 朱智强, 王建华, 等. 属性可撤销且密文长度恒定的属性基加密方案[J]. 电子学报, 2018, 46(10): 2391–2399. doi: 10.3969/j.issn.0372-2112.2018.10.012

    ZHAO Zhiyuan, ZHU Zhiqiang, WANG Jianhua, et al. Attribute-based encryption with attribute revocation and constant-size ciphertext[J]. Acta Electronica Sinica, 2018, 46(10): 2391–2399. doi: 10.3969/j.issn.0372-2112.2018.10.012
    SUSILO W, YANG Guomin, GUO Fuchun, et al. Constant-size ciphertexts in threshold attribute-based encryption without dummy attributes[J]. Information Sciences, 2018, 429: 349–360. doi: 10.1016/j.ins.2017.11.037
    孙瑾, 王小静, 王尚平, 等. 支持属性撤销的可验证多关键词搜索加密方案[J]. 电子与信息学报, 2019, 41(1): 53–60. doi: 10.11999/JEIT180237

    SUN Jin, WANG Xiaojing, WANG Shangping, et al. Verifiable multi-keyword search encryption scheme with attribute revocation[J]. Journal of Electronics &Information Technology, 2019, 41(1): 53–60. doi: 10.11999/JEIT180237
    牛淑芬, 谢亚亚, 杨平平, 等. 加密邮件系统中基于身份的可搜索加密方案[J]. 电子与信息学报, 2020, 42(7): 1803–1810. doi: 10.11999/JEIT190578

    NIU Shufen, XIE Yaya, YANG Pingping, et al. Identity-based searchable encryption scheme for encrypted email system[J]. Journal of Electronics &Information Technology, 2020, 42(7): 1803–1810. doi: 10.11999/JEIT190578
    BELGUITH S, KAANICHE N, LAURENT M, et al. Phoabe: Securely outsourcing multi-authority attribute based encryption with policy hidden for cloud assisted IOT[J]. Computer Networks, 2018, 133: 141–156. doi: 10.1016/j.comnet.2018.01.036
    苏金树, 曹丹, 王小峰, 等. 属性基加密机制[J]. 软件学报, 2011, 22(6): 1299–1315. doi: 10.3724/SP.J.1001.2011.03993

    SU Jinshu, CAO Dan, WANG Xiaofeng, et al. Attribute-based encryption schemes[J]. Journal of Software, 2011, 22(6): 1299–1315. doi: 10.3724/SP.J.1001.2011.03993
    QIU Shuo, LIU Jiqiang, SHI Yanfeng, et al. Hidden policy ciphertext-policy attribute-based encryption with keyword search against keyword guessing attack[J]. Science China Information Sciences, 2017, 60(5): 052105. doi: 10.1007/s11432-015-5449-9
    刘振华, 周佩琳, 段淑红. 支持关键词搜索的属性代理重加密方案[J]. 电子与信息学报, 2018, 40(3): 683–689. doi: 10.11999/JEIT170448

    LIU Zhenhua, ZHOU Peilin, and DUAN Shuhong. Attribute-based proxy re-encryption scheme with keyword search[J]. Journal of Electronics &Information Technology, 2018, 40(3): 683–689. doi: 10.11999/JEIT170448
    • 相关文章
    • 施引文献
  • 资源附件(0)
  • 加载中
图(2) / 表(2)
计量
  • 文章访问数:  1120
  • HTML全文浏览量:  349
  • PDF下载量:  90
  • 被引次数: 0
出版历程
  • 收稿日期:  2020-01-20
  • 修回日期:  2021-10-21
  • 网络出版日期:  2020-11-16
  • 刊出日期:  2021-04-20

目录

    /

    返回文章
    返回

    Copyright © 2018《电子与信息学报》编辑部 京ICP备20021838号-8

    中国科学院电子学研究所,北京市2702信箱,邮编:100190

    电话:010-58887066传真:021-64253812Email:jeit@mail.ie.ac.cn

    本系统由 北京仁和汇智信息技术有限公司 开发    百度统计