摘要:
在存储服务中,可搜索加密方案使得用户能够有选择地访问其密文数据,同时还能确保用户搜索数据的机密性。基于连接关键词(即多个关键词的布尔组合)的可搜索加密方案因其更高的搜索精度在安全存储服务中有着重要的应用价值。目前已有的基于连接关键词的可搜索加密方案存在诸如连接关键词的陷门太大、搜索效率不高及不支持多用户等问题。该文采用授权用户和存储服务器先后对关键词加密的方式提出了一个高效的基于连接关键词的可搜索加密方案,使得授权用户能够利用连接关键词的陷门搜索加密文档。在确定性Diffie-Hellman问题假设下,证明了方案的安全性。通过与现有方案相比较,提出的方案在通信和计算代价,即搜索陷门大小、关键词加密和搜索的速度等方面的综合效率得到提高。此外,提出的方案支持多用户,即能够动态地增加和撤销用户,使得用户能够直接在存储服务器上进行数据共享。
Abstract:
In storage service, searchable encryption scheme allows users to access their cipher data selectively, and meanwhile ensures the confidentiality of search data. Since possessing higher search accuracy, conjunctive keyword (namely Boolean combination of multiple keywords) searchable encryption scheme enjoys greater significance in secure storage service application. However, there are some flaws in existing searchable encryption schemes, such as the size of the trapdoor of conjunctive keyword is too large, the search efficiency is slow and there is no support for multiple users search, etc. In this paper, an efficient conjunctive keyword searchable encryption scheme is proposed based on the method that the keywords are encrypted by authorized users and storage server successively,in which authorized users are allowed to search encrypted documents with the trapdoor generated by conjunctive keyword. The scheme is provable secure in the decisional Diffie-Hellman assumption. Compared with the existing schemes, the overall efficiency of the proposed scheme in computation and communication cost, including the size of trapdoor, the speed of keyword encryption and searching, is improved. Moreover, the proposed scheme also supports multiple users, that is, users can be added or revoked dynamically, by this way, and users can share data directly in storage server.