西安电子科技大学学报 ›› 2022, Vol. 49 ›› Issue (1): 35-46.doi: 10.19665/j.issn1001-2400.2022.01.004

• 隐私计算与数据安全专题 • 上一篇    下一篇

一种支持动态可验证的密文检索方案

杜瑞忠1,2(),王一1,2(),田俊峰1,2()   

  1. 1.河北大学 网络空间安全与计算机学院,河北 保定 071002
    2.河北大学 河北省高可信信息系统重点实验室,河北 保定 071002
  • 收稿日期:2020-12-15 出版日期:2022-02-20 发布日期:2022-04-27
  • 通讯作者: 王一
  • 作者简介:杜瑞忠(1975—),男,教授,博士,E-mail: drzh@hbu.edu.cn;|田俊峰(1964—),男,教授,博士,E-mail: tjf@hbu.cn
  • 基金资助:
    国家自然科学基金(61972073);河北省自然科学基金重点资助项目(F2019201290);河北省自然科学基金(F2018201153)

Support dynamic and verifiable scheme for ciphertext retrieval

DU Ruizhong1,2(),WANG Yi1,2(),TIAN Junfeng1,2()   

  1. 1. School of Cyber Scurity and Computer,Hebei University,Baoding 071002,China
    2. Key Laboratory on High Trusted Information System in Hebei Province,Hebei University,Baoding 071002,China
  • Received:2020-12-15 Online:2022-02-20 Published:2022-04-27
  • Contact: Yi WANG

摘要:

针对搜索结果缺乏正确性验证和数据更新时产生的隐私泄露问题,提出一种支持动态可验证的密文检索方案。首先根据索引产生聚合消息认证码,将索引与聚合消息认证码进行加密后上传到区块链中,通过智能合约返回给用户搜索结果,解决恶意服务器返回结果不正确问题;其次,引入版本指针用来指向更新状态,使得每次更新状态下关键字产生的陷门不同,从而保证数据更新时不会泄露任何信息,并且巧妙地利用以太坊自身特性,将以太坊中外部账户地址与公钥进行匹配,对授权信息加密后发送交易,实现了数据拥有者对用户的授权访问控制。安全分析表明,本方案除满足自适应安全外,还满足前向和后向安全,可以很好地保护加密数据的安全性。实验结果表明,此方案减少了索引生成以及验证时间,并具有高效的搜索效率。

关键词: 搜索加密, 区块链, 前向安全, 后向安全, 访问控制

Abstract:

Aiming at the problem of privacy leakage caused by the lack of correctness verification of search results and data update,this paper proposes a Support dynamic and verifiable scheme for ciphertext retrieval.First,the AMAC is generated according to the index,the index and the AMAC are encrypted and uploaded to the blockchain,and the search results are returned to the user through the smart contract to solve the problem of incorrect results returned by the malicious server.Second,the version pointer is introduced to point to the update state,so that the trapdoor generated by the keyword in each update state is different,so as to ensure that no information is leaked when the data is updated.And this paper cleverly uses Ethereum's own characteristics to match the EOA in Ethereum with the public key,encrypt the authorization information and send the transaction,and realize the authorization access control of the data owner to the user.Finally,the security analysis shows that this scheme not only satisfies the self-adaptive security,but also meets the forward and backward security,and can well protect the security of encrypted data.Experimental results show that this solution reduces index generation and verification time,and is highly efficient in search.

Key words: searchable encryption, blockchain, forward security, backward security, access control

中图分类号: 

  • TP301.6