西安电子科技大学学报 ›› 2024, Vol. 51 ›› Issue (4): 151-169.doi: 10.19665/j.issn1001-2400.20240205

• 计算机科学与技术 & 网络空间安全 • 上一篇    下一篇

多用户环境的区块链可搜索加密方案

翟社平1,2(), 张瑞婷1(), 杨锐1(), 曹永强1()   

  1. 1.西安邮电大学 计算机学院,陕西 西安 710121
    2.西安邮电大学 陕西省网络数据分析与智能处理重点实验室,陕西 西安 710121
  • 收稿日期:2023-11-23 出版日期:2024-08-20 发布日期:2024-03-08
  • 通讯作者: 张瑞婷(2000—),女,西安邮电大学硕士研究生,E-mail:18691729079@163.com
  • 作者简介:翟社平(1971—),男,教授,E-mail:zhaisheping@xupt.edu.cn
    杨锐(1976—),女,讲师,E-mail:290934920@qq.com
    曹永强(2000—),男,西安邮电大学硕士研究生,E-mail:2310380836@qq.com
  • 基金资助:
    国家自然科学基金(61373116);工业和信息化部通信软科学项目(2018-R-26);陕西省重点研发项目(2022GY-038);陕西省教育厅科学研究项目(18JK0697);陕西省教育厅科学研究计划项目(18JK0697);陕西省社会科学基金(2016N008);西安市社会科学规划基金(17X63);西安邮电大学研究生创新基金(CXJJYL2022036)

Blockchain searchable encryption scheme for multi-user environment

ZHAI Sheping1,2(), ZHANG Ruiting1(), YANG Rui1(), CAO Yongqiang1()   

  1. 1. School of Computer Science and Technology,Xi’an University of Posts and Telecommunications,Xi’an 710121,China
    2. Shaanxi Key Laboratory of Network Data Analysis and Intelligent Processing,Xi’an University of Posts and Telecommunications,Xi’an 710121,China
  • Received:2023-11-23 Online:2024-08-20 Published:2024-03-08

摘要:

如何在失去明文原有特性的加密数据上执行搜索,并实现数据共享,是可搜索加密技术研究的重点问题。针对传统非对称可搜索加密方案中存在的难以支持多用户多关键词搜索、半诚实第三方搜索服务、授权管理中心化的问题,提出了一种基于区块链的多用户环境可搜索加密方案。首先,将传统非对称可搜索加密方案与条件广播代理重加密技术相结合,通过为用户组加密密文、验证用户授权和为满足条件的用户重加密搜索结果,从而实现多用户环境下秘密数据的安全搜索与可控共享;其次,在联盟链上调用智能合约执行多关键词密文搜索,降低半诚实的第三方不实搜索风险,并采用改进的算法选举共识节点轮换担任授权管理者,减少传统中心权威机构单点故障或遭受恶意攻击等威胁;最后,通过分析方案的安全性、正确性等,证明方案能有效改进传统方案中存在的问题。相关仿真结果显示,与现有可搜索加密方案相比,文中方案在保证数据搜索隐私性方面具有明显优势,同时计算开销相对较低。

关键词: 可搜索加密, 条件广播代理重加密, 区块链, 共识算法

Abstract:

How to perform search and realize data sharing on encrypted data that have lost the original features of a plaintext is the key issue in the research on searchable encryption technology.In view of the problems existing in traditional asymmetric searchable encryption schemes,it is difficult to support multi-user multi-keyword search,semi-honest third-party search service,and centralized authorization management,so this paper proposes a searchable encryption scheme for multi-user environment based on blockchain.First,the traditional asymmetric searchable encryption scheme is combined with conditional broadcast proxy re-encryption technology.By encrypting the ciphertext for user groups,verifying user authorization and re-encrypting search results for users meeting the conditions,the secure search and controllable sharing of secret data is realized in multi-user environment.Second,smart contracts are called on the alliance chain to perform multi-keyword ciphertext search,thus reducing the risk of semi-honest third-party false search,and the improved PBFT algorithm is used to elect consensus nodes to rotate as authorization managers,thereby reducing the threat of single point failure or malicious attacks of traditional central authorities.Finally,by analyzing the security and correctness of the scheme,it is shown that the scheme can effectively improve the problems existing in the traditional scheme.Simulation shows that compared with the existing searchable encryption schemes,the proposed scheme has obvious advantages in ensuring the privacy of data search,with the computing cost relatively low.

Key words: searchable encryption, conditional broadcast proxy re-encryption, blockchain, consensus algorithm

中图分类号: 

  • TP309