支持灵活访问控制的多关键字搜索加密方案

doi:10.19665/j.issn1001-2400.2022.01.006

Abstract

Abstract:

In most searchable encryption schemes,the cloud server would compare the trapdoor with all secure indexes in the database during the search operation,which will cause excessive overhead.To address this problem,an efficient multi-keyword search encryption scheme supporting flexible access control is proposed.Before the sensitive data is encrypted and uploaded to the cloud server,it is clustered using the k-means to get several segmentation clusters,each of which would be given a different index through the Latent Dirichlet Allocation.In the search phase,the cloud server finds the cluster with the highest correlation through the Jaccard distance between the key set in the trapdoor and each cluster index,and searches the matched clusters in order to reduce the comparisons between the trapdoor and the index.And then the cloud server obtains the file list using the B+ tree-based data structure to improve the search efficiency.In addition,the scheme achieves encrypted file sharing by combining the broadcast encryption mechanism,which allows users to search for keywords in the authorized file subset,and takes the keyword set of each cluster as the user access rights.The performance comparison and experimental analysis show that a constant size of the user private key would be provided,and the communication cost and storage cost are independent of the number of authorized users,with the precision of search reaching about 90%.

Key words: searchable encryption, k-means clustering algorithm, broadcast encryption, access control

CLC Number:

TP309.7

YAN Xixi,ZHAO Qiang,TANG Yongli,LI Yingying,LI Jingran. Multi-keyword search encryption scheme supporting flexible access control[J].Journal of Xidian University, 2022, 49(1): 55-66.

Figures/Tables 7

References 16

[1]	SONG D X, WAGNER D, PERRIG A. Practical Techniques for Searches on Encrypted Data[C]// 2000 IEEE Symposium on Security and Privacy.Piscataway:IEEE, 2000:44-55.
[2]	GOH E J. Secure Indexes[EB/OL]. [2021-02-20]. https://www.researchgate.net/publication/2889193_Secure_Indexes.
[3]	LIU X, YANG G, MU Y, et al. Multi-User Verifiable Searchable Symmetric Encryption for Cloud Storage[J]. IEEE Transactions on Dependable and Secure Computing, 2018(99):1.
[4]	DAI H, DAI X, YI X, et al. Semantic-Aware Multi-Keyword Ranked Search Scheme over Encrypted Cloud Data[J]. Journal of Network and Computer Applications, 2019, 147:102442. doi: 10.1016/j.jnca.2019.102442
[5]	FU S, ZHANG Q, JIA N, et al. A Privacy-Preserving Fuzzy Search Scheme Supporting Logic Query over Encrypted Cloud Data[J/OL]. [2021-03-01].DOI: 10.1007/s11036-019-01493-3. doi: 10.1007/s11036-019-01493-3
[6]	GAGAN, KRISHNAC R,HANDA R. Dynamic Cluster based Privacy-Preserving Multi-Keyword Search over Encrypted Cloud Data[C/OL]. [2021-03-05].DOI: 10.1109/CONFLUENCE.2016.7508104. doi: 10.1109/CONFLUENCE.2016.7508104
[7]	ZHU X, CHEN C, TIAN X, et al. HCSF:A Hierarchical Clustering Algorithm based on Swarm Intelligence and Fuzzy Logic for Ciphertext Search[C/OL]. [2021-03-06]. DOI: 10.1109/ICIEA.2015.7334127. doi: 10.1109/ICIEA.2015.7334127
[8]	MANASRAH A M, NASIR M A, SALEM M. A Privacy-Preserving Multi-Keyword Search Approach in Cloud Computing[J]. Soft Computing, 2020, 24(8):5609-5631. doi: 10.1007/s00500-019-04033-z
[9]	闫玺玺, 刘媛, 李子臣, 等. 策略半隐藏且支持更新的多机构属性加密方案[J]. 西安电子科技大学学报, 2018, 45(2):122-128.
	YAN Xixi, LIU Yuan, LI Zichen, et al. Multi-Authority Attribute-Based Encryption Scheme with Policy Semi-Hidden and Dynamic Updating[J]. Journal of Xidian University, 2018, 45(2):122-128.
[10]	于金霞, 何旭, 闫玺玺. 机构可验证的密文策略属性基加密方案[J]. 西安电子科技大学学报, 2019, 46(4):49-57.
	YU Jinxia, HE Xu, YAN Xixi. Ciphertext-Policy Attribute-Based Encryption Scheme with Verifiability on Authority[J]. Journal of Xidian University, 2019, 46(4):49-57.
[11]	王荣荣. 基于属性的可搜索加密方案研究与实现[D]. 西安: 西安电子科技大学, 2018.
[12]	DU L, LI K, LIU Q, et al. Dynamic Multi-Client Searchable Symmetric Encryption with Support for Boolean Queries[J]. Information Sciences, 2020, 506:234-257. doi: 10.1016/j.ins.2019.08.014
[13]	KIAYIAS A, OKSUZ O, RUSSELL A, et al. Efficient Encrypted Keyword Search for Multi-User Data Sharing[C]// European Symposium on Research in Computer Security.Heidelberg:Springer, 2016:173-195
[14]	PASUPULETI S K, RAMALINGAM S, BUYYA R. An Efficient and Secure Privacy-Preserving Approach for Outsourced Data of Resource Constrained Mobile Devices in Cloud Computing[J/OL]. [2021-03-10].DOI: 10.1016/j.jnca.2015.11.023. doi: 10.1016/j.jnca.2015.11.023
[15]	崔海涛, 李玲娟. 基于Jaccard和LPA的社团划分算法[J]. 南京邮电大学学报:自然科学版, 2019, 39(6):79-85.
	CUI Haitao, LI Lingjuan. Community Division Algorithm Based on Jaccard Similarity Algorithm and LPA[J]. Journal of Nanjing University of Posts and Telecommunication:Natural Sicence Edition, 2019, 39(6):79-85.
[16]	ZHU X, DAI H, YI X, et al. MUSE:An Efficient and Accurate Verifiable Privacy-Preserving Multikeyword Text Search over Encrypted Cloud Data[J]. Security & Communication Networks, 2017, 2017:1-17.

方案	关键词类型	查询类型	访问控制	多客户端	陷门与索引对比方式
文献[8]	多关键词	排名关键字搜索	×	×	部分对比
文献[13]	单关键词		√	√	全部对比
文中的方案	多关键词	排名关键字搜索	√	√	部分对比

方案	加密	解密	陷门	验证
文献[8]	3M+2X	(2n+5)M+2E+X	t(H+E)
文献[13]	2P+11E+(j+4)M	2P+jM	8M+13E	6P+jM
文中的方案	2P+11E+(j+4)M	2P+jM	t(H+E)	6P+jM

Multi-keyword search encryption scheme supporting flexible access control

RichHTML

PDF (PC)

Like

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 7

References 16

Related Articles 15

Metrics

Comments

Recommended 10

[1]	WANG Kaiwen,WANG Shulan,WANG Haiyan,DING Yong. Top-k multi-keyword ciphertext retrieval scheme supporting attribute revocation [J]. Journal of Xidian University, 2022, 49(1): 26-34.
[2]	DU Ruizhong,WANG Yi,TIAN Junfeng. Support dynamic and verifiable scheme for ciphertext retrieval [J]. Journal of Xidian University, 2022, 49(1): 35-46.
[3]	LI Han,ZHANG Chen,HUANG Hejiao,GUO Yu. Algorithm for encrypted search with forward secure updates and verification [J]. Journal of Xidian University, 2020, 47(5): 48-56.
[4]	MA Zhuoran, MA Jianfeng, MIAO Yinbin, SUN Cong. State transition-based access control model in the UAV network [J]. Journal of Xidian University, 2018, 45(6): 44-50.
[5]	YANG Hongyu;NING Yuguang. Cloud platform dynamic risk access control model [J]. Journal of Xidian University, 2018, 45(5): 80-88.
[6]	MIAO Yinbin;MA Jianfeng;ZHANG Junwei;LIU Zhiquan. Efficient verifiable multi-keyword search over encrypted data [J]. Journal of Xidian University, 2017, 44(4): 18-23+68.
[7]	WU Qiying;MA Jianfeng;LI Hui;MIAO Yinbin. Certificateless conjunctive keyword search over encrypted data [J]. Journal of Xidian University, 2017, 44(3): 55-60.
[8]	LI Haoxing;LI Fenghua;SONG Chenggen;SU Mang;LIU Xin. Public key encryption with multi-keywords search [J]. J4, 2015, 42(5): 20-25.
[9]	CHEN Qingli;ZHANG Zhiyong;XIANG Fei;WANG Jian. Research on the access control model for multimedia social networks [J]. J4, 2014, 41(6): 181-187.
[10]	ZHANG Hongbin;PEI Qingqi;WANG Chao;WANG Meihua. Sensing insider threat based on access vectors [J]. J4, 2014, 41(1): 110-115.
[11]	WANG Yequn;YE Xiangyang;QI Yunjun;HUANG Guoce;ZHANG Hengyang. Adaptive mechanism for the frequency hopping MAC [J]. J4, 2013, 40(5): 78-85.
[12]	SUN Jin;HU Yupu. Fully secure attribute-based broadcast encryption [J]. J4, 2012, 39(4): 23-28+154.
[13]	REN Fang1;MA Jianfeng1,2;HAO Xuanwen1. Attribute-based access control scheme for the perceptive layer of the Internet of Things [J]. J4, 2012, 39(2): 66-72.
[14]	LIU Yun;PEI Qing-qi. Access control scheme in a wireless sensor network [J]. J4, 2010, 37(3): 507-512+528.
[15]	YANG Chen;MA Wen-ping;WANG Xin-mei. ID-based Group Key Distribution Scheme with Dynamic Joining [J]. J4, 2007, 34(7): 14-17.