轻量级可搜索医疗数据共享方案

doi:10.11959/j.issn.1000-436x.2022090

通信学报 ›› 2022, Vol. 43 ›› Issue (5): 110-122.doi: 10.11959/j.issn.1000-436x.2022090

轻量级可搜索医疗数据共享方案

殷新春¹^,², 王梦宇³^,⁴, 宁建廷¹

¹ 扬州大学信息工程学院，江苏扬州 225127
² 扬州大学广陵学院，江苏扬州 225128
³ 福建师范大学计算机与网络空间安全学院，福建福州 350007
⁴ 中国科学院信息安全国家重点实验室，北京 100093

修回日期:2022-03-19 出版日期:2022-05-25 发布日期:2022-05-01
作者简介:殷新春（1962- ），男，江苏泰州人，博士，扬州大学教授、博士生导师，主要研究方向为密码学、软件质量保障、高性能计算等
王梦宇（1997- ），男，江苏邳州人，扬州大学硕士生，主要研究方向为属性基加密、信息安全等
宁建廷（1988- ），男，浙江龙游人，博士，福建师范大学教授、博士生导师，主要研究方向为应用密码学与数据安全、区块链与机器学习安全、隐私保护技术等
基金资助:
国家自然科学基金资助项目(62032005);国家自然科学基金资助项目(61972094);福建省自然科学基金资助项目(2020J02016)

Lightweight searchable medical data sharing scheme

Xinchun YIN¹^,², Mengyu WANG³^,⁴, Jianting NING¹

¹ College of Information Engineering, Yangzhou University, Yangzhou 225127, China
² Guangling College of Yangzhou University, Yangzhou 225128, China
³ College of Computer and Cyber Security, Fujian Normal University, Fuzhou 350007, China
⁴ State Key Laboratory of Information Security, Chinese Academy of Sciences, Beijing 100093, China

Revised:2022-03-19 Online:2022-05-25 Published:2022-05-01
Supported by:
The National Natural Science Foundation of China(62032005);The National Natural Science Foundation of China(61972094);The Natural Science Foundation of Fujian Province(2020J02016)

摘要/Abstract

摘要：

支持策略隐藏和关键字搜索的属性基加密方案在医疗场景中具有良好的应用前景。然而，现有的此类方案大多不支持大属性域或采用“与门”结构，限制了访问控制的可扩展性和灵活性，并且许多方案无法抵抗离线字典猜测攻击。此外，属性基加密涉及大量的双线性配对运算，对于计算资源受限的用户设备来说使用非常不便。提出一种轻量级可搜索医疗数据共享方案。该方案在支持关键字搜索和策略隐藏的基础上采用大属性域和线性秘密共享结构，提高了访问控制的可扩展性和灵活性；采用Intel SGX技术对数据进行重加密，实现抗离线字典猜测攻击；将解密计算开销降低到恒定的常数级，适用于计算资源受限的用户设备。最后证明了所提方案具备选择明文不可区分安全性并且可以抵抗离线字典猜测攻击。

关键词: 轻量级, 策略隐藏, 关键字搜索, 属性基加密, 大属性域, 离线字典猜测攻击

Abstract:

The attribute-based encryption scheme supporting policy hiding and keyword search had a good application prospect in medical scenarios.However, most of the existing schemes did not support large attribute university or adopt the ＆quot;AND gate＆quot; structure, which limited their scalability and flexibility of access control, and many schemes could not resist offline dictionary guessing attacks.In addition, attribute-based encryption involved a large number of bilinear pairing operations, which was inconvenient for user equipment with limited computing resources.A lightweight searchable medical data sharing scheme was proposed.Based on the support for keyword search and policy hiding, a large attribute university and a linear secret sharing structure were adopted to improve the scalability and flexibility of access control.The Intel SGX was used to re-encrypt data to achieve anti-offline dictionary guessing attack.The computational overhead of decryption was reduced to a constant level, which was suitable for user equipment with limited computing resources.Finally, it is proved that the proposed scheme has the security of selecting plaintext indistinguishable and can resist offline dictionary guessing attacks.

Key words: lightweight, policy hiding, keyword search, attribute-based encryption, large attribute university, offline dictionary guessing attack

中图分类号:

TP309

殷新春, 王梦宇, 宁建廷. 轻量级可搜索医疗数据共享方案[J]. 通信学报, 2022, 43(5): 110-122.

Xinchun YIN, Mengyu WANG, Jianting NING. Lightweight searchable medical data sharing scheme[J]. Journal on Communications, 2022, 43(5): 110-122.

图/表 13

图1

表1

符号定义"

参数	含义
p	大素数
G ,G_T	p阶循环群
g	群G 的生成元
e	双线性映射
Z_p	p阶整数群
$Λ = ((M_{l \times n}, ρ), π)$	$M_{l \times n}$ 为访问矩阵，ρ为属性名映射，π为属性值映射
$S = {c_{i}, v_{i}}$	c _i为属性名，v_i为属性值
$H : {0, 1}^{*} \to G$	将字符映射为群G 元素的哈希函数
$H_{1} : {0, 1}^{*} \to Z_{p}$	将字符映射为群Z_p元素的哈希函数

表1

表2

表3

表4

计算开销比较"

方案	Setup	Encrypt	Recrypt	KeyGen	TokenGen	Search	Decrypt
Zhang等方案	$5 E_{1} + E_{T}$	$(5 I + 5) E_{1} + E_{T}$	—	$(2 n + 4) E_{1}$	—	—	$(2 n + 1) P + n E_{T}$
Wang等方案	$(\sum_{i = 1}^{n} n_{i} + 2) E_{1} + E_{2} + 2 E_{T}$	$(4 I + 1) E_{1} + 2 E_{T}$	—	$(2 n) E_{2} + E_{T}$	$(2 n + 1) E_{2}$	$(2 n + 1) P + E_{T}$	$(2 n + 1) P + E_{T}$
Miao等方案	$(\sum_{i = 1}^{n} n_{i} + 1) E_{1} + E_{T}$	$(2 d + 2 I + 2) E_{1} + 3 E_{T}$	—	$(2 n + d + 4) E_{1} + E_{T}$	$(2 n + 1) E_{1}$	$(2 n + 1) P + E_{T}$	$3 P + d E_{1} + d E_{T}$
本文方案	$3 E_{1} + E_{T}$	$(3 I + 3) E_{1} + E_{T} + P$	IE₁	$(n + 4) E_{1}$	$(n + 2) E_{1}$	$(2 n + 1) P + n E_{T}$	$4 P + E_{1} + E_{T}$

表4

图2

表5

图3

图4

图5

图6

图7

表6

存储开销"

方案	系统公钥	系统主密钥	私钥	搜索令牌	密文与索引
Zhang等方案	$7 \| G_{1} \| + \| G_{T} \|$	$5 \| Z_{p} \| + \| G_{1} \|$	$(2 n + 4) \| G_{1} \|$	—	$(3 I + 4) \| G_{1} \| + \| G_{T} \|$
Wang等方案	$\begin{array}{l} (\sum_{i = 1}^{n} n_{i} + 4) \| G_{1} \| + 3 \| G_{2} \| + \\ 2 \| G_{T} \| + \| Z_{p} \| \end{array}$	$(\sum_{i = 1}^{n} n_{i} + 3) \| Z_{p} \|$	$2 n \| G_{2} \| + \| Z_{p} \|$	$(2 n + 1) \| G_{2} \| + \| Z_{p} \|$	$(4 I + 1) \| G_{1} \| + \| G_{T} \|$
Miao等方案	$(\sum_{i = 1}^{n} n_{i} + 2) \| G_{1} \| + \| G_{T} \|$	$(\sum_{i = 1}^{n} n_{i} + 2) \| Z_{p} \|$	$\begin{array}{l} (2 n + d + 3) \| G_{1} \| + \\ \| G_{T} \| + (d + 2) \| Z_{p} \| \end{array}$	$(2 n + 1) \| G_{1} \| + \| Z_{p} \|$	$(2 I + d + 2) \| G_{1} \| + 2 \| G_{T} \|$
本文方案	$5 \| G_{1} \| + \| G_{T} \|$	$6 \| Z_{p} \|$	$(n + 4) \| G_{1} \| + \| Z_{p} \|$	$(n + 2) \| G_{1} \|$	$(2 I + 2) \| G_{1} \| + 2 \| G_{T} \|$

表6

参考文献 23

[1]	WANG H J , NING J T , HUANG X Y ,et al. Secure fine-grained encrypted keyword search for E-healthcare cloud[J]. IEEE Transactions on Dependable and Secure Computing, 2021,18(3): 1307-1319.
[2]	WANG H J , DONG X L , CAO Z F . Multi-value-independent ciphertext-policy attribute based encryption with fast keyword search[J]. IEEE Transactions on Services Computing, 2020,13(6): 1142-1151.
[3]	SONG D X , WAGNER D , PERRIG A . Practical techniques for searches on encrypted data[C]// Proceeding of 2000 IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 2000: 44-55.
[4]	KAMARA S , PAPAMANTHOU C , ROEDER T . Dynamic searchable symmetric encryption[C]// Proceedings of 2012 ACM Conference on Computer and Communications Security. New York:ACM Press, 2012: 965-976.
[5]	CURTMOLA R , GARAY J , KAMARA S ,et al. Searchable symmetric encryption:improved definitions and efficient constructions[J]. Journal of Computer Security, 2011,19(5): 895-934.
[6]	JIANG P , MU Y , GUO F C ,et al. Secure-channel free keyword search with authorization in manager-centric databases[J]. Computers ＆ Security, 2017,69: 50-64.
[7]	WANG H J , DONG X L , CAO Z F ,et al. Secure key-aggregation authorized searchable encryption[J]. Science China Information Sciences, 2019,62(3): 1-3.
[8]	SAHAI A , WATERS B . Fuzzy identity-based encryption[C]// Annual International Conference on the Theory and Applications of Cryptographic Techniques. Berlin:Springer, 2005: 457-473.
[9]	GOYAL V , PANDEY O , SAHAI A ,et al. Attribute-based encryption for fine-grained access control of encrypted data[C]// Proceedings of the 13th ACM Conference on Computer and Communications Security. New York:ACM Press, 2006: 89-98.
[10]	BETHENCOURT J , SAHAI A , WATERS B . Ciphertext-policy attribute-based encryption[C]// Proceedings of 2007 IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 2007: 321-334.
[11]	ZHENG Q J , XU S H , ATENIESE G . VABKS:verifiable attribute-based keyword search over outsourced encrypted data[C]// Proceedings of IEEE Conference on Computer Communications. Piscataway:IEEE Press, 2014: 522-530.
[12]	SUN W H , YU S C , LOU W J ,et al. Protecting your right:verifiable attribute-based keyword search with fine-grained owner-enforced search authorization in the cloud[J]. IEEE Transactions on Parallel and Distributed Systems, 2016,27(4): 1187-1198.
[13]	NISHIDE T , YONEYAMA K , OHTA K . Attribute-based encryption with partially hidden encryptor-specified access structures[C]// International Conference on Applied Cryptography and Network Security. Berlin:Springer, 2008: 111-129.
[14]	LAI J Z , DENG R H , LI Y J . Expressive CP-ABE with partially hidden access structures[C]// Proceedings of the 7th ACM Symposium on Information,Computer and Communications Security. New York:ACM Press, 2012: 18-19.
[15]	CUI H , DENG R H , WU G W ,et al. An efficient and expressive ciphertext-policy attribute-based encryption scheme with partially hidden access structures[C]// International Conference on Provable Security. Berlin:Springer, 2016: 19-38.
[16]	QIU S , LIU J Q , SHI Y F ,et al. Hidden policy ciphertext-policy attribute-based encryption with keyword search against keyword guessing attack[J]. Science China Information Sciences, 2016,60(5): 1-12.
[17]	WANG S P , GAO T T , ZHANG Y L . Searchable and revocable multi-data owner attribute-based encryption scheme with hidden policy in cloud storage[J]. PLoS One, 2018,13(11): 1.
[18]	MIAO Y , LIU X , CHOO K K R ,et al. Privacy-preserving attribute-based keyword search in shared multi-owner setting[J]. IEEE Transactions on Dependable and Secure Computing, 2019,18(3): 1080-1094.
[19]	ZHANG Z S , ZHANG W , QIN Z G . A partially hidden policy CP-ABE scheme against attribute values guessing attacks with online privacy-protective decryption testing in IoT assisted cloud computing[J]. Future Generation Computer Systems, 2021,123: 181-195.
[20]	MIAO Y B , MA J F , LIU X M ,et al. VMKDO:verifiable multi-keyword search over encrypted cloud data for dynamic data-owner[J]. Peer-to-Peer Networking and Applications, 2018,11(2): 287-297.
[21]	SHINDE S , CHUA Z L , NARAYANAN V ,et al. Preventing page faults from telling your secrets[C]// Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security. New York:ACM Press, 2016: 317-328.
[22]	NING J T , HUANG X Y , SUSILO W ,et al. Dual access control for cloud-based data storage and sharing[J]. IEEE Transactions on Dependable and Secure Computing, 2022,19(2): 1036-1048.
[23]	FISCH B , VINAYAGAMURTHY D , BONEH D ,et al. IRON:functional encryption using intel SGX[C]// Proceedings of 2017 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2017: 765-782.

方案	F1	F2	F3	F4	F5	F6
Zhang等方案	×	√	LSSS	√	√	×
Wang等方案	√	×	与门	×	×	×
Miao等方案	√	×	与门	×	×	×
本文方案	√	√	LSSS	√	√	√

类型	时间/ms
E₁	11.03
E₂	11.23
E_T	0.83
P	6.49

方案	Setup/ms	Encrypt/ms	ReEncrypt/ms	KeyGen/ms	TokenGen/ms	Search/ms	Decrypt/ms	整体开销/ms
Zhang等方案	57.6	2 905.2	—	1 173.9	—	—	694	—
Wang等方案	2 885	2 264.9	—	1 118.8	1 133.6	669.5	652	8 676.7
Miao等方案	2 776.9	1 186.4	—	1 186.8	1 151.2	652.4	31.6	7 001.5
本文方案	35	1 738.4	560.1	618.5	589.3	700.8	38.1	4 280.2

方案	系统公钥	系统主密钥	私钥	搜索令牌	密文与索引
Zhang等方案	$7 \| G_{1} \| + \| G_{T} \|$	$5 \| Z_{p} \| + \| G_{1} \|$	$(2 n + 4) \| G_{1} \|$	—	$(3 I + 4) \| G_{1} \| + \| G_{T} \|$
Wang等方案	$\begin{array}{l} (\sum_{i = 1}^{n} n_{i} + 4) \| G_{1} \| + 3 \| G_{2} \| + \\ 2 \| G_{T} \| + \| Z_{p} \| \end{array}$	$(\sum_{i = 1}^{n} n_{i} + 3) \| Z_{p} \|$	$2 n \| G_{2} \| + \| Z_{p} \|$	$(2 n + 1) \| G_{2} \| + \| Z_{p} \|$	$(4 I + 1) \| G_{1} \| + \| G_{T} \|$
Miao等方案	$(\sum_{i = 1}^{n} n_{i} + 2) \| G_{1} \| + \| G_{T} \|$	$(\sum_{i = 1}^{n} n_{i} + 2) \| Z_{p} \|$	$\begin{array}{l} (2 n + d + 3) \| G_{1} \| + \\ \| G_{T} \| + (d + 2) \| Z_{p} \| \end{array}$	$(2 n + 1) \| G_{1} \| + \| Z_{p} \|$	$(2 I + d + 2) \| G_{1} \| + 2 \| G_{T} \|$
本文方案	$5 \| G_{1} \| + \| G_{T} \|$	$6 \| Z_{p} \|$	$(n + 4) \| G_{1} \| + \| Z_{p} \|$	$(n + 2) \| G_{1} \|$	$(2 I + 2) \| G_{1} \| + 2 \| G_{T} \|$

轻量级可搜索医疗数据共享方案

Lightweight searchable medical data sharing scheme

在线阅读

PDF下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 13

参考文献 23

相关文章 15

Metrics

推荐阅读 0

[1]	刘雪娇, 曹天聪, 夏莹杰. 区块链架构下高效的车联网跨域数据安全共享研究[J]. 通信学报, 2023, 44(3): 186-197.
[2]	刘帅, 关杰, 胡斌, 马宿东. 基于MILP的轻量级密码算法ACE的差分分析[J]. 通信学报, 2023, 44(1): 39-48.
[3]	王振宇, 郭阳, 李少青, 侯申, 邓丁. 面向轻量级物联网设备的高效匿名身份认证协议设计[J]. 通信学报, 2022, 43(7): 49-61.
[4]	杜瑞忠, 张添赫, 石朋亮. 基于区块链且支持数据共享的密文策略隐藏访问控制方案[J]. 通信学报, 2022, 43(6): 168-178.
[5]	蒋梓龙, 金晨辉. Saturnin算法的不可能差分分析[J]. 通信学报, 2022, 43(3): 53-62.
[6]	李玮, 汪梦林, 谷大武, 李嘉耀, 蔡天培, 徐光伟. 轻量级密码算法TWINE的唯密文故障分析[J]. 通信学报, 2021, 42(3): 135-149.
[7]	张炳, 文峥, 赵宇轩, 王苧, 任家东. 双粒度轻量级漏洞代码切片方法评估模型[J]. 通信学报, 2021, 42(11): 233-241.
[8]	张嘉伟, 马建峰, 马卓, 李腾. 云计算中基于时间和隐私保护的可撤销可追踪的数据共享方案[J]. 通信学报, 2021, 42(10): 81-94.
[9]	闫宏强,王琳杰. 物联网中认证技术研究[J]. 通信学报, 2020, 41(7): 213-222.
[10]	谢敏,李嘉琪,田峰. FeW的差分故障攻击[J]. 通信学报, 2020, 41(4): 143-149.
[11]	闫玺玺,何旭,刘涛,叶青,于金霞,汤永利. 抗密钥委托滥用的可追踪属性基加密方案[J]. 通信学报, 2020, 41(4): 150-161.
[12]	谢绒娜,李晖,史国振,郭云川. 基于属性轻量级可重构的访问控制策略[J]. 通信学报, 2020, 41(2): 112-122.
[13]	闫玺玺,原笑含,汤永利,陈艳丽. 基于区块链且支持验证的属性基搜索加密方案[J]. 通信学报, 2020, 41(2): 187-198.
[14]	赵羽,杨洁,刘淼,孙金龙,桂冠. 面向视频监控基于联邦学习的智能边缘计算技术[J]. 通信学报, 2020, 41(10): 109-115.
[15]	武小年,李迎新,韦永壮,孙亚平. GRANULE和MANTRA算法的不可能差分区分器分析[J]. 通信学报, 2020, 41(1): 94-101.