一种支持动态可验证的密文检索方案  被引量：3

作　　者：杜瑞忠 王一[1,2] 田俊峰 DU Ruizhong;WANG Yi;TIAN Junfeng(School of Cyber Scurity and Computer,Hebei University,Baoding 071002,China;Key Laboratory on High Trusted Information System in Hebei Province,Hebei University,Baoding 071002,China)

机构地区：[1]河北大学网络空间安全与计算机学院,河北保定071002 [2]河北大学河北省高可信信息系统重点实验室,河北保定071002

出　　处：《西安电子科技大学学报》2022年第1期35-46,共12页Journal of Xidian University

基　　金：国家自然科学基金(61972073);河北省自然科学基金重点资助项目(F2019201290);河北省自然科学基金(F2018201153)。

摘　　要：针对搜索结果缺乏正确性验证和数据更新时产生的隐私泄露问题,提出一种支持动态可验证的密文检索方案。首先根据索引产生聚合消息认证码,将索引与聚合消息认证码进行加密后上传到区块链中,通过智能合约返回给用户搜索结果,解决恶意服务器返回结果不正确问题;其次,引入版本指针用来指向更新状态,使得每次更新状态下关键字产生的陷门不同,从而保证数据更新时不会泄露任何信息,并且巧妙地利用以太坊自身特性,将以太坊中外部账户地址与公钥进行匹配,对授权信息加密后发送交易,实现了数据拥有者对用户的授权访问控制。安全分析表明,本方案除满足自适应安全外,还满足前向和后向安全,可以很好地保护加密数据的安全性。实验结果表明,此方案减少了索引生成以及验证时间,并具有高效的搜索效率。Aiming at the problem of privacy leakage caused by the lack of correctness verification of search results and data update,this paper proposes a Support dynamic and verifiable scheme for ciphertext retrieval.First,the AMAC is generated according to the index,the index and the AMAC are encrypted and uploaded to the blockchain,and the search results are returned to the user through the smart contract to solve the problem of incorrect results returned by the malicious server.Second,the version pointer is introduced to point to the update state,so that the trapdoor generated by the keyword in each update state is different,so as to ensure that no information is leaked when the data is updated.And this paper cleverly uses Ethereum's own characteristics to match the EOA in Ethereum with the public key,encrypt the authorization information and send the transaction,and realize the authorization access control of the data owner to the user.Finally,the security analysis shows that this scheme not only satisfies the self-adaptive security,but also meets the forward and backward security,and can well protect the security of encrypted data.Experimental results show that this solution reduces index generation and verification time,and is highly efficient in search.

关 键 词：搜索加密 区块链 前向安全 后向安全 访问控制 

分 类 号：TP301.6[自动化与计算机技术—计算机系统结构]