基于区块链的多用户环境中公钥可搜索加密方案

doi:10.11959/j.issn.1000-436x.2021130

通信学报 ›› 2021, Vol. 42 ›› Issue (10): 140-152.doi: 10.11959/j.issn.1000-436x.2021130

所属专题：区块链

基于区块链的多用户环境中公钥可搜索加密方案

郑东, 朱天泽, 郭瑞

西安邮电大学网络空间安全学院，陕西西安 710121

修回日期:2021-05-18 出版日期:2021-10-25 发布日期:2021-10-01
作者简介:郑东（1964- ），男，山西翼城人，博士，西安邮电大学教授、博士生导师，主要研究方向为密码学理论和网络安全
朱天泽（1997- ），男，河南郑州人，西安邮电大学硕士生，主要研究方向为云计算安全
郭瑞（1984- ），男，河南洛阳人，博士，西安邮电大学副教授、硕士生导师，主要研究方向为云计算安全、区块链中的隐私保护技术
基金资助:
国家重点研发计划基金资助项目(2017YFB0802000);国家自然科学基金资助项目(62072369);国家自然科学基金资助项目(62072371);国家自然科学基金资助项目(61802303);国家自然科学基金资助项目(61772418);陕西省重点研发计划基金资助项目(2020ZDLGY08-04);陕西省重点研发计划基金资助项目(2019KW-053);陕西省创新能力支持计划基金资助项目(2020KJXX-052);陕西省创新能力支持计划基金资助项目(2017KJXX-47);陕西省自然科学基金资助项目(2019JQ-866);陕西省自然科学基金资助项目(2018JZ6001);陕西省教育厅科研基金资助项目(19JK0803);青海省基础研究计划基金资助项目(2020-ZJ-701)

Public key searchable encryption scheme in blockchain-enabled multi-user environment

Dong ZHENG, Tianze ZHU, Rui GUO

College of Cyberspace Security, Xi’an University of Posts and Telecommunications, Xi’an 710121, China

Revised:2021-05-18 Online:2021-10-25 Published:2021-10-01
Supported by:
The National Key Research and Development Program of China(2017YFB0802000);The National Nat-ural Science Foundation of China(62072369);The National Nat-ural Science Foundation of China(62072371);The National Nat-ural Science Foundation of China(61802303);The National Nat-ural Science Foundation of China(61772418);The Key Research and Develop-ment Program of Shaanxi Province(2020ZDLGY08-04);The Key Research and Develop-ment Program of Shaanxi Province(2019KW-053);The Innovation Capability Support Plan of Shaanxi Province(2020KJXX-052);The Innovation Capability Support Plan of Shaanxi Province(2017KJXX-47);The Natural Science Foundation of Shaanxi Province(2019JQ-866);The Natural Science Foundation of Shaanxi Province(2018JZ6001);The Scientific Research Project of Shaanxi Provincial Department of Education(19JK0803);The Basic Research Program of Qinghai Province(2020-ZJ-701)

摘要/Abstract

摘要：

为了满足多用户环境中数据安全共享的需求，提出了一种支持一对多模式的公钥可搜索加密方案。具体地，数据拥有者执行一次加密算法可以指定多位用户对密文进行检索，实现更加灵活的密文数据共享。此外，还设计了具体的文件加密密钥传递算法，确保用户在检索到密文后能够正确解密并获取明文。结合区块链技术，利用智能合约执行检测算法保证了检索结果的正确性。在安全性方面，基于判定性双线性 Diffie-Hellman 假设和修改的判定性双线性 Diffie-Hellman 假设，证明了在随机谕言机模型下所提方案满足密文关键词不可区分性和陷门信息不可区分性的安全要求，并且可以抵御内部关键词猜测攻击。最后，使用 jPBC 密码库对所提方案与现有相关方案进行仿真模拟，测试结果表明所提方案具有较高的计算效率。

关键词: 可搜索加密, 多用户环境, 密文安全共享, 区块链, 智能合约

Abstract:

In order to meet the needs of data security sharing in multi-user environment, a public key searchable encryption scheme supporting one-to-many mode was proposed.Specifically, the data owner could specify multiple users to retrieve the ciphertext by executing the encryption algorithm once, so as to achieve more flexible sharing of ciphertext data.In addition, the specific file encryption key transfer algorithm was designed to ensure that the user could decrypt and obtain the plaintext correctly after retrieving the ciphertext.Combined with the blockchain technology, the smart contract execution detection algorithm was used to ensure the correctness of the retrieval results.In terms of security, based on the decisional bilinear Diffie-Hellman hypothesis and the modified bilinear Diffie-Hellman hypothesis, it was proved that the proposed scheme satisfies the security requirements of keyword indistinguishability and trapdoor information indistinguishability under the random oracle model, and could resist the internal keyword guessing attack.Finally, the proposed scheme and the existing related schemes were simulated by using jPBC cryptolibrary, and the test results show that the proposed scheme has high computational efficiency.

Key words: searchable encryption, multi-user environment, ciphertext secure sharing, blockchain, smart contract

中图分类号:

TP309

郑东, 朱天泽, 郭瑞. 基于区块链的多用户环境中公钥可搜索加密方案[J]. 通信学报, 2021, 42(10): 140-152.

Dong ZHENG, Tianze ZHU, Rui GUO. Public key searchable encryption scheme in blockchain-enabled multi-user environment[J]. Journal on Communications, 2021, 42(10): 140-152.

图/表 10

图1

图2

图3

图4

图5

图6

图7

图8

图9

图10

参考文献 30

[1]	SONG D X , WAGNER D , PERRIG A . Practical techniques for searches on encrypted data[C]// Proceeding 2000 IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 2000: 44-55.
[2]	BONEH D , DI CRESCENZO G , OSTROVSKY R ,et al. Public key encryption with keyword search[C]// Advances in Cryptology - EUROCRYPT 2004. Berlin:Springer, 2004: 506-522.
[3]	BAEK J , SAFAVI-NAINI R , SUSILO W . Public key encryption with keyword search revisited[C]// Computational Science and Its Applications – ICCSA 2008. Berlin:Springer, 2008: 1249-1259.
[4]	FANG L M , SUSILO W , GE C P ,et al. A secure channel free public key encryption with keyword search scheme without random oracle[C]// Cryptology and Network Security. Berlin:Springer, 2009: 248-258.
[5]	FANG L M , WANG J D , GE C P ,et al. Decryptable public key encryption with keyword search schemes[J]. International Journal of Digital Content Technology and Its Applications, 2010,4(9): 141-150.
[6]	BYUN J W , RHEE H S , PARK H A ,et al. Off-line keyword guessing attacks on recent keyword search schemes over encrypted data[C]// Secure Data Management. Berlin:Springer, 2006: 75-83.
[7]	YAU W C , HENG S H , GOI B M . Off-line keyword guessing attacks on recent public key encryption with keyword search schemes[C]// Autonomic and Trusted Computing. Berlin:Springer, 2008: 100-105.
[8]	RHEE H S , SUSILO W , KIM H J . Secure searchable public key encryption scheme against keyword guessing attacks[J]. IEICE Electronics Express, 2009,6(5): 237-243.
[9]	TANG Q , CHEN L Q . Public-key encryption with registered keyword search[C]// Public Key Infrastructures,Services and Applications. Berlin:Springer, 2010: 163-178.
[10]	RHEE H S , PARK J H , SUSILO W ,et al. Trapdoor security in a searchable public-key encryption scheme with a designated tester[J]. Journal of Systems and Software, 2010,83(5): 763-771.
[11]	QIN B D , CHEN Y , HUANG Q ,et al. Public-key authenticated encryption with keyword search revisited:security model and constructions[J]. Information Sciences, 2020,516: 515-528.
[12]	ABDALLA M , BELLARE M , CATALANO D ,et al. Searchable encryption revisited:consistency properties,relation to anonymous IBE,and extensions[J]. Journal of Cryptology, 2008,21(3): 350-391.
[13]	RHEE H S , PARK J H , LEE D H . Generic construction of designated tester public-key encryption with keyword search[J]. Information Sciences, 2012,205: 93-109.
[14]	EMURA K , MIYAJI A , RAHMAN M S ,et al. Generic constructions of secure-channel free searchable encryption with adaptive security[J]. Security and Communication Networks, 2015,8(8): 1547-1560.
[15]	SUZUKI T , EMURA K , OHIGASHI T . A generic construction of integrated secure-channel free PEKS and PKE and its application to EMRs in cloud storage[J]. Journal of Medical Systems, 2019,43(5): 128.
[16]	王少辉, 韩志杰, 肖甫 ,等. 指定测试者的基于身份可搜索加密方案[J]. 通信学报, 2014,35(7): 22-32.
	WANG S H , HAN Z J , XIAO F ,et al. Identity-based searchable encryption scheme with a designated tester[J]. Journal on Communications, 2014,35(7): 22-32.
[17]	MA M M , HE D B , KUMAR N ,et al. Certificateless searchable public key encryption scheme for industrial Internet of Things[J]. IEEE Transactions on Industrial Informatics, 2018,14(2): 759-767.
[18]	牛淑芬, 谢亚亚, 杨平平 ,等. 加密邮件系统中基于身份的可搜索加密方案[J]. 电子与信息学报, 2020,42(7): 1803-1810.
	NIU S F , XIE Y Y , YANG P P ,et al. Identity-based searchable encryption scheme for encrypted email system[J]. Journal of Electronics＆ Information Technology, 2020,42(7): 1803-1810.
[19]	杨宁滨, 周权, 许舒美 . 无配对公钥认证可搜索加密方案[J]. 计算机研究与发展, 2020,57(10): 2125-2135.
	YANG N B , ZHOU Q , XU S M . Public-key authenticated encryption with keyword search without pairings[J]. Journal of Computer Research and Development, 2020,57(10): 2125-2135.
[20]	CURTMOLA R , GARAY J , KAMARA S ,et al. Searchable symmetric encryption:improved definitions and efficient constructions[J]. Journal of Computer Security, 2011,19(5): 895-934.
[21]	杜瑞忠, 谭艾伦, 田俊峰 . 基于区块链的公钥可搜索加密方案[J]. 通信学报, 2020,41(4): 114-122.
	DU R Z , TAN A L , TIAN J F . Public key searchable encryption scheme based on blockchain[J]. Journal on Communications, 2020,41(4): 114-122.
[22]	张玉磊, 文龙, 王浩浩 ,等. 多用户环境下无证书认证可搜索加密方案[J]. 电子与信息学报, 2020,42(5): 1094-1101.
	ZHANG Y L , WEN L , WANG H H ,et al. Certificateless authentication searchable encryption scheme for multi-user[J]. Journal of Electronics ＆ Information Technology, 2020,42(5): 1094-1101.
[23]	王文明, 施重阳, 王英豪 ,等. 基于区块链技术的交易及其安全性研究[J]. 信息网络安全, 2019(5): 1-9.
	WANG W M , SHI C Y , WANG Y H ,et al. Research on transaction and security based on blockchain technology[J]. Netinfo Security, 2019(5): 1-9.
[24]	马春光, 安婧, 毕伟 ,等. 区块链中的智能合约[J]. 信息网络安全, 2018(11): 8-17.
	MA C G , AN J , BI W ,et al. Smart contract in blockchain[J]. Netinfo Security, 2018(11): 8-17.
[25]	ZHANG A Q , LIN X D . Towards secure and privacy-preserving data sharing in e-health systems via consortium blockchain[J]. Journal of Medical Systems, 2018,42(8): 140.
[26]	高梦婕, 王化群 . 基于区块链的可搜索医疗数据共享方案[J]. 南京邮电大学学报(自然科学版), 2019,39(6): 94-103.
	GAO M J , WANG H Q . Blockchain-based searchable medical data sharing scheme[J]. Journal of Nanjing University of Posts and Telecommunications (Natural Science Edition), 2019,39(6): 94-103.
[27]	LI H G , ZHANG F G , HE J J . A searchable symmetric encryption scheme using blockchain[J]. arXiv Preprint,arXiv:1711.01030, 2017.
[28]	LI H G , TIAN H B , ZHANG F ,et al. Blockchain-based searchable symmetric encryption scheme[J]. Computers ＆ Electrical Engineering, 2019,73: 32-45.
[29]	CHEN L X , LEE W K , CHANG C C ,et al. Blockchain based searchable encryption for electronic health record sharing[J]. Future Generation Computer Systems, 2019,95: 420-429.
[30]	牛淑芬, 刘文科, 陈俐霞 ,等. 基于联盟链的可搜索加密电子病历数据共享方案[J]. 通信学报, 2020,41(8): 204-214.
	NIU S F , LIU W K , CHEN L X ,et al. Electronic medical record data sharing scheme based on searchable encryption via consortium blockchain[J]. Journal on Communications, 2020,41(8): 204-214.

基于区块链的多用户环境中公钥可搜索加密方案

Public key searchable encryption scheme in blockchain-enabled multi-user environment

在线阅读

PDF下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 10

参考文献 30

相关文章 15

Metrics

推荐阅读 0

[1]	张海波, 曹钰坤, 刘开健, 王汝言. 车联网中基于区块链的分布式信任管理方案[J]. 通信学报, 2023, 44(5): 148-157.
[2]	刘雪娇, 钟强, 夏莹杰. 基于双层分片区块链的车联网跨信任域高效认证方案[J]. 通信学报, 2023, 44(5): 213-223.
[3]	冯涛, 陈李秋, 方君丽, 石建明. 基于本地化差分隐私和属性基可搜索加密的区块链数据共享方案[J]. 通信学报, 2023, 44(5): 224-233.
[4]	夏莹杰, 朱思雨, 刘雪娇. 区块链架构下具有条件隐私的车辆编队跨信任域高效群组认证研究[J]. 通信学报, 2023, 44(4): 111-123.
[5]	蒋丽, 谢胜利, 田辉. 面向数字孪生边缘网络的区块链分片及资源自适应优化机制[J]. 通信学报, 2023, 44(3): 12-23.
[6]	戴千一, 张斌, 郭松, 徐开勇. 基于多分类器集成的区块链网络层异常流量检测方法[J]. 通信学报, 2023, 44(3): 66-80.
[7]	经普杰, 王良民, 董学文, 张玉书, 王骞, Muhammad Sohail. 分层跨链结构：一种面向区块链系统监管的可行架构[J]. 通信学报, 2023, 44(3): 93-104.
[8]	刘雪娇, 曹天聪, 夏莹杰. 区块链架构下高效的车联网跨域数据安全共享研究[J]. 通信学报, 2023, 44(3): 186-197.
[9]	黄冬艳, 李琨. 多地址的时间型区块链隐蔽通信方法研究[J]. 通信学报, 2023, 44(2): 148-159.
[10]	杨亚涛, 刘德莉, 刘培鹤, 曾萍, 肖嵩. BFV-Blockchainvoting：支持BFV全同态加密的区块链电子投票系统[J]. 通信学报, 2022, 43(9): 100-111.
[11]	冯霞, 崔凯平, 谢晴晴, 王良民. VANET中基于区块链的分布式匿名认证方案[J]. 通信学报, 2022, 43(9): 134-147.
[12]	李雷孝, 杜金泽, 林浩, 高昊昱, 杨艳艳, 高静. 区块链网络隐蔽信道研究进展[J]. 通信学报, 2022, 43(9): 209-223.
[13]	熊礼治, 朱蓉, 付章杰. 基于交易构造和转发机制的区块链网络隐蔽通信方法[J]. 通信学报, 2022, 43(8): 176-187.
[14]	杜瑞忠, 张添赫, 石朋亮. 基于区块链且支持数据共享的密文策略隐藏访问控制方案[J]. 通信学报, 2022, 43(6): 168-178.
[15]	杜瑞忠, 张玉晴, 李明月. 基于双向索引的高效连接关键字查询动态可搜索加密方案[J]. 通信学报, 2022, 43(5): 123-132.