安全性增强的无证书可搜索公钥加密方案  被引量：8

作　　者：张瑞瑞 牛宏侠 ZHANG Ruirui;NIU Hongxia(School of Key Lab of Opt-Electronic Technology and Intelligent Control of Ministry of Education,Lanzhou Jiaotong University,Lanzhou 730070,Gansu,China;School of Automation&Electrical Engineering,Lanzhou Jiaotong University,Lanzhou 730070,Gansu,China;Gansu Provincial Key Laboratory of Traffic Information Engineering and Control,Lanzhou 730070,Gansu,China)

机构地区：[1]兰州交通大学光电技术与智能控制教育部重点实验室,甘肃兰州730070 [2]兰州交通大学自动化与电气工程学院,甘肃兰州730070 [3]甘肃省高原交通信息工程及控制重点实验室,甘肃兰州730070

出　　处：《微电子学与计算机》2022年第6期89-98,共10页Microelectronics & Computer

基　　金：国家自然科学基金(61863024);甘肃省科技引导计划(2020-61-14);甘肃省高等学校科研项目(2017A-026)。

摘　　要：随着云计算的飞速发展,如何利用云服务器进行数据的安全存储成为相关领域的研究热点问题.云存储可以在节省本地管理成本的同时,增强存储数据的可访问性和可用性,但也会面临数据隐私泄露的风险,从而威胁数据安全.而用户将文件加密后上传又会面临如何在云端对加密数据进行有效搜索的问题.应运而生的可搜索加密技术不仅能高效检索出访问者所需的数据,而且保障了用户信息的隐私性和数据的安全性.针对传统可搜索加密方案中存在的密钥验证、证书管理和交易不透明等问题,提出了一种安全性增强的无证书可搜索公钥加密方案.首先引入密钥生成中心,在保障搜索性的同时避免证书管理和密钥托管问题;其次在对密文进行有效搜索的基础上增强了方案的安全性;接着通过智能合约确保数据使用者和数据所有者之间交易的可追溯性与透明性;最后在随机预言模型下证明了此方案可抵御离线关键字猜测攻击.与其他无证书可搜索加密方案对比可得,本方案结合智能合约不仅提升了方案的安全性和交易的可靠性,而且在检索时间和方案拓展性方面也具有一定的优势.With the rapid development of cloud computing,how to use cloud server for secure storage of data has become a hot research issue in related fields.The cloud storage system improves the accessibility and availability of stored data while saving local management costs.However,it also risks data privacy leakage and threatens data security.After uploading encrypted files,users will face the problem of how to search the encrypted data effectively in the cloud.Searchable encryption technology can not only efficiently retrieve the data required by visitors,but also ensure the privacy of user information and data security.A certificateless searchable public key encryption scheme with enhanced security is proposed to solve the problems of key verification,certificate management and transaction opacity in traditional searchable encryption schemes.Firstly,the key generation center is introduced to avoid certificate management and key escrow while ensuring search.Secondly,the security of the scheme is enhanced on the basis of effective ciphertext search.Smart contracts ensure traceability and transparency of transactions between data users and data owners.Finally,it is proved that the scheme can resist the offline keyword guessing attack under the random prediction model.Compared with other certificateless searchable encryption schemes,this scheme combined with smart contract not only improves the security and transaction reliability of the scheme,but also has certain advantages in terms of retrieval time and scheme scalability.

关 键 词：云存储 可搜索加密 无证书 智能合约 关键字猜测攻击 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]