一个具有前向安全和后向安全的可验证多关键字可搜索加密方案  被引量：2

作　　者：宋翔飞 王化群 SONG Xiang-Fei;WANG Hua-Qun(School of Computer,Nanjing University of Posts and Telecommunications,Nanjing 210046)

机构地区：[1]南京邮电大学计算机学院,南京210046

出　　处：《计算机学报》2023年第4期727-742,共16页Chinese Journal of Computers

基　　金：国家自然科学基金(62272238)的资助.

摘　　要：随着现代社会软硬件技术的快速发展,云计算技术对于客户端的数据存储和计算提供了巨大的帮助,为用户节省了大量成本.而在存储的同时,用户可以通过可搜索加密(SE,Searchable Encryption)技术,对存储数据进行加密搜索,同时确保数据的安全性和搜索隐私性.本方案使用公钥加密实现了数据拥有者和数据使用者之间的多关键字可搜索加密,数据使用者搜索时以出现频率最少的关键字作为主关键字进行加密搜索,并且云服务器对每个索引密文只需要一次计算即可得到准确的多关键字搜索结果,最大程度降低了无关文件的访问,节约了大量时间成本.而在存储和搜索过程中,我们认为云服务器是诚实且好奇的系统,它会诚实地为用户存储数据,并正确执行存储和计算过程,但是其会对存储的数据产生好奇感,即窥探用户的数据,并且对每次的搜索结果很感兴趣.为减少多关键字可搜索加密方案的信息泄露,提高安全性,提出的方案具有前向安全和后向安全的特性,在动态更新时为每次更新的状态创建一种隐式结构,使得云服务器只需要保存最新一次的更新状态就能保证对所有数据进行搜索,并且每个更新状态只保存前一次更新状态的信息,实现了前向安全性;通过将每次对文件的更新操作以密文方式存储,使服务器无法分辨插入和删除的文件,确保了方案的后向安全性.在可搜索加密过程中,云服务器可能会因为需要减少算力和带宽消耗而返回不完整的密文,所以需要对云服务器返回密文的完整性进行验证,相对于传统方案中使用第三方可信机构进行密文完整性的验证,本方案采用区块链中的智能合约进行验证.当搜索结束时为了确保密文的完整性,要求云服务器将密文及认证签名发送至智能合约触发验证算法进行完整性验证.根据安全性分析,本文方案可以抵抗关键字猜测攻击,�With the rapid development of software and hardware technology in modern society,cloud computing technology provides great help for data storage and calculation on the client side,and saves a lot of costs for users.At the same time,users can use Searchable Encryption(SE)technology to encrypt and search the stored data,while ensuring data security and search privacy.This scheme uses public key encryption to realize multi-keyword searchable encryption between data owner and data user.When data user searches,the keyword with the least frequency is used as the main keyword to encrypt and search,and the cloud server only needs to calculate each index ciphertext once to get accurate multi-keyword search results,which minimizes the access to irrelevant files.It saves a lot of time cost.In the process of storage and search,we think that the cloud server is an honest and curious system.It will store data for us honestly and perform the storage and calculation process correctly,but it will be curious about the stored data,that is,snoop on our data and be interested in our search results each time.In order to reduce the information leakage of the multi-keyword searchable encryption scheme and improve the security,the proposed scheme has the characteristics of forward security and backward security,and creates an implicit structure for each updated state during the dynamic update,so that the cloud server only needs to save the latest updated state to ensure that all the data can be searched.And each updated state only saved the information of the previous updated state,which achieved forward security.By storing each update operation to the file in the form of ciphertext,the server can not distinguish between inserted and deleted files,which ensures the backward security of the scheme.In the process of searchable encryption,the cloud server may return incomplete ciphertext due to the need to reduce computing power and bandwidth consumption.At this time,it is necessary to verify the integrity of the ciphertext returned by the

关 键 词：可搜索加密 智能合约 前向安全 后向安全 多关键字 可验证 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]