基于无证书密码体制的多用户密文检索方案  被引量：3

作　　者：杨小东 陈桂兰 李婷 刘瑞 赵晓斌 YANG Xiaodong;CHEN Guilan;LI Ting;LIU Rui;ZHAO Xiaobin(College of Computer Science and Engineering,Northwest Normal University,Lanzhou 730070,China;Gansu Anxin Information Security Technology Co.,Ltd.,Lanzhou 730000,China)

机构地区：[1]西北师范大学计算机科学与工程学院,兰州730070 [2]甘肃安信信息安全技术有限公司,兰州730000

出　　处：《计算机工程》2020年第9期129-135,共7页Computer Engineering

基　　金：国家自然科学基金(61662069,61262057,61562077);兰州市科技计划项目(2013-4-22);西北师范大学青年教师科研能力提升计划(NWNU-LKQN-14-7)。

摘　　要：可搜索加密技术能保障云端数据的机密性和隐私性,在云存储环境中具有广泛的应用前景。然而,现有可搜索加密方案存在计算开销大、安全性低和不支持多用户密文检索等不足。为此,通过引入无证书密码体制提出一种新的多用户密文检索方案。在该方案中,用户的完整私钥由部分私钥和秘密值两部分组成,能够解决传统密码体制的证书管理问题和基于身份密码体制的密钥托管问题。此外,数据拥有者在加密关键字时无需指定访问用户的身份,方案同时支持多用户的密文检索,并可通过授权列表实现访问用户的加入与撤销等功能。分析结果表明,该方案满足密文索引不可区分性和陷门不可区分性,在关键字加密、陷门生成及关键字检索等阶段具有较高的计算性能。Searchable encryption technology has broad application prospects in cloud storage environment,which can protect the confidentiality and privacy of cloud data.However,existing searchable encryption schemes face problems such as excessive computational overhead,low security,and lack of support for multi-user ciphertext retrieval.In order to solve these problems,a multi-user ciphertext retrieval scheme based on certificateless cryptosystem is proposed.The user’s final private key consists of part of the private key and secret value,which effectively solves the certificate management problem of the traditional cryptosystem and the key escrow problem based on the identity cryptosystem.In addition,the data owner does not need to specify the identity of the accessing user when encrypting the keyword.The scheme supports ciphertext retrieval by multiple users,and implements functions such as joining and revoking access users through an authorization list.The analysis results show that the scheme satisfies the indistinguishability of ciphertext index and the indistinguishability of trapdoors.Compared with similar schemes,it has higher computational performance in terms of keyword encryption,trapdoor generation and keyword retrieval.

关 键 词：云存储 可搜索加密 无证书密码体制 多用户密文检索 困难问题假设 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]