智能合约辅助下满足前后向安全的动态可搜索加密方案  被引量：3

作　　者：丁晓晖 曹素珍 王彩芬 DING Xiaohui;CAO Suzhen;WANG Caifen(College of Computer Science and Engineering,Northwest Normal University,Lanzhou 730070,China;College of Big Data and Internet,Shenzhen Technology University,Shenzhen,Guangdong 518118,China)

机构地区：[1]西北师范大学计算机科学与工程学院,兰州730070 [2]深圳技术大学大数据与互联网学院,广东深圳518118

出　　处：《计算机工程》2022年第7期141-150,共10页Computer Engineering

基　　金：国家自然科学基金(61662069,61662071)。

摘　　要：动态可搜索加密过程易受文件注入攻击和信息泄露导致的信息滥用攻击,同时现有基于公钥密码体制构造的动态可搜索加密方案往往涉及大量双线性对运算,不能满足实际应用的效率要求。通过引入智能合约,提出一种满足前后向安全的动态可搜索加密方案。以智能合约取代传统的搜索服务器进行关键字陷门匹配测试,解决传统搜索服务器必须满足诚实且好奇的设定问题,在此过程中避免大量使用双线性对运算,而是只执行一些简单的哈希操作,从而提升密文数据搜索阶段的计算效率。该方案满足前向安全性和后向安全性,即旧的搜索陷门不能用于搜索更新后的文件,且后续搜索不会泄露已删除文件所对应的索引信息。分析结果表明,与现有公钥密码体制下的动态可搜索加密方案相比,该方案在安全性和计算效率方面更具优势,适用于大数据通信环境。The dynamic searchable encryption process is vulnerable to file injection attacks and information abuseattacks caused by information leakage. Furthermore,the existing dynamic searchable encryption schemes based on public key cryptosystem often involve a large number of bilinear pairings,which are inefficient with respect to practical applications.Through the introduction of Smart Contract(SC),a dynamic searchable encryption scheme with forward and backward security is proposed. The keyword trapdoor matching test is carried out by replacing the traditional search server with SC,which solves the setting problem of honesty and curiosity that a traditional search server must pass.Furthermore,it avoids the extensive use of bilinear pairings in this process;to the contrary,it only performs some simple hashing operations to improve the computational efficiency of the ciphertext data search phase. The scheme meets the forward and backward securities:namely,the old search trapdoor cannot be used to search the updated files,and the subsequent search will not disclose the index information corresponding to the deleted files. The analysis results show that,compared with existing dynamic searchable encryption schemes under the public key cryptosystem,this scheme offers some advantages in security and computational efficiency,and it is more suitable for the big data communication environment.

关 键 词：前向安全性 后向安全性 动态可搜索加密 智能合约 公钥密码体制 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]