基于双向索引的高效连接关键字查询动态可搜索加密方案

doi:10.11959/j.issn.1000-436x.2022099

通信学报 ›› 2022, Vol. 43 ›› Issue (5): 123-132.doi: 10.11959/j.issn.1000-436x.2022099

基于双向索引的高效连接关键字查询动态可搜索加密方案

杜瑞忠¹^,², 张玉晴¹, 李明月³

¹ 河北大学网络空间安全与计算机学院，河北保定 071000
² 河北省高可信信息系统重点实验室，河北保定 071000
³ 南开大学计算机学院，天津 300071

修回日期:2021-11-17 出版日期:2022-05-25 发布日期:2022-05-01
作者简介:杜瑞忠（1975- ），男，河北献县人，博士，河北大学教授、博士生导师，主要研究方向为可信计算与网络安全
张玉晴（1997- ），女，河北廊坊人，河北大学硕士生，主要研究方向为可信计算与信息安全
李明月（1993- ），女，河北阜平人，南开大学博士生，主要研究方向为信息安全、可搜索加密等
基金资助:
国家自然科学基金资助项目(61972073);河北省自然科学基金重点资助项目(F2019201290);河北省自然科学基金资助项目(F2018201153)

Efficient dynamic searchable encryption scheme for conjunctive queries based on bidirectional index

Ruizhong DU¹^,², Yuqing ZHANG¹, Mingyue LI³

¹ School of Cyberspace Security and Computer Science, Hebei University, Baoding 071000, China
² Hebei Provincial Key Laboratory of High Trusted Information System, Baoding 071000, China
³ Computer College, Nankai University, Tianjin 300071, China

Revised:2021-11-17 Online:2022-05-25 Published:2022-05-01
Supported by:
The National Natural Science Foundation of China(61972073);The Natural Science Foundation of Hebei Province(F2019201290);The Natural Science Foundation of Hebei Province(F2018201153)

摘要/Abstract

摘要：

为了解决现有动态可搜索加密方案更新过程操作复杂、信息泄露以及查询方式单一等问题，提出了一种前向安全和后向安全的高效连接关键字查询动态可搜索加密方案——BPC-DSSE方案。该方案利用位图索引构建了双向索引结构来简化动态更新过程，并通过具有加法同态性质的对称加密隐藏访问模式。同时，由于添加和删除操作均通过模加法完成，可通过隐藏更新类型减少更新过程的泄露。此外，为了解决现有方案查询方式不灵活的问题，引入内积匹配算法实现了高效的连接关键字查询。安全分析表明，BPC-DSSE方案实现了前向安全以及Type-I^-的后向安全。仿真结果表明，相对于其他连接关键字查询的方案，BPC-DSSE方案具有更高的更新、查询效率。

关键词: 动态对称可搜索加密, 连接关键字查询, 前向安全, 后向安全

Abstract:

To solve the problems of complicated operation, information leakage, and inflexible query method in the update process of existing dynamic searchable encryption scheme, an efficient dynamic searchable encryption scheme (named BPC-DSSE) for conjunctive query with forward and backward privacy was proposed.A bitmap index was used to construct a bidirectional index structure to simplify the dynamic update process, and the access pattern was hidden through symmetric encryption with homomorphic addition.At the same time, since the addition and deletion operations were completed by modulo addition, the leakage of the update process could be reduced by hiding the update type.Security analysis shows that the BPC-DSSE scheme achieves forward and Type-I^- backward privacy.The simulation results show that the BPC-DSSE scheme has higher update and retrieval efficiency than other conjunctive query schemes.

Key words: dynamic searchable symmetric encryption, conjunctive query, forward privacy, backward privacy

中图分类号:

TP309

杜瑞忠, 张玉晴, 李明月. 基于双向索引的高效连接关键字查询动态可搜索加密方案[J]. 通信学报, 2022, 43(5): 123-132.

Ruizhong DU, Yuqing ZHANG, Mingyue LI. Efficient dynamic searchable encryption scheme for conjunctive queries based on bidirectional index[J]. Journal on Communications, 2022, 43(5): 123-132.

图/表 8

表1

表2

图1

图2

表3

不同方案的性能对比"

方案	查询	更新	前向安全	后向安全	查询类型	客户端存储	交互轮数
Moneta^[10]	$Õ ({log}^{2} N)$	$Õ (a_{w} log N + {log}^{3} N)$	√	Type-I	单关键字	O(1)	3
Orion^[12]	O(log²N)	O(log²N)	√	Type-I	单关键字	O(1)	O(logN)
Horus^[12]	O(log²N)	O(n_wlogd_wlogN+log²\|W\|)	√	Type-III	单关键字	O(1)	O(logd_w)
SD_a[13]	O(logN)	O(a_w+logN)	√	Type-II	单关键字	O(1)	1
VBTree^[20]	O(n\|Upd(w₁)\|\|D\|)	O(HT)	√	×	连接关键字	O(\|W\|)	1
FBDSSE-CQ^[21]	O(n\|Upd(w₁)\|)	O(1)	√	Type-C	连接关键字	O(\|W\|)	1
ODXT^[22]	O(n\|Upd(w₁)\|)	O(1)	√	Type-II	连接关键字	O(\|W\|logN)	1
BPC-DSSE	O(\|Upd(w₁)\|)	O(1)	√	Type-I	连接关键字	O(1)	2

表3

图3

图4

图5

参考文献 23

[1]	董晓蕾, 周俊, 曹珍富 . 可搜索加密研究进展[J]. 计算机研究与发展, 2017,54(10): 2107-2120.
	DONG X L , ZHOU J , CAO Z F . Research advances on secure searchable encryption[J]. Journal of Computer Research and Development, 2017,54(10): 2107-2120.
[2]	SONG D X , WAGNER D , PERRIG A . Practical techniques for searches on encrypted data[C]// Proceedings of IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 2000: 44-55.
[3]	吴志强, 李肯立, 郑蕙 . 高效可扩展的对称密文检索架构[J]. 通信学报, 2017,38(8): 79-93.
	WU Z Q , LI K L , ZHENG H . Efficient and scalable architecture for searchable symmetric encryption[J]. Journal on Communications, 2017,38(8): 79-93.
[4]	杜瑞忠, 谭艾伦, 田俊峰 . 基于区块链的公钥可搜索加密方案[J]. 通信学报, 2020,41(4): 114-122.
	DU R Z , TAN A L , TIAN J F . Public key searchable encryption scheme based on blockchain[J]. Journal on Communications, 2020,41(4): 114-122.
[5]	KAMARA S , PAPAMANTHOU C , ROEDER T . Dynamic searchable symmetric encryption[C]// Proceedings of the 2012 ACM Conference on Computer and Communications Security. New York:ACM Press, 2012: 965-976.
[6]	STEFANOV E , PAPAMANTHOU C , SHI E . Practical dynamic searchable encryption with small leakage[C]// Proceedings 2014 Network and Distributed System Security Symposium. Virginia:the Internet Society, 2014: 72-75.
[7]	BOST R , MINAUD B , OHRIMENKO O . Forward and backward private searchable encryption from constrained cryptographic primitives[C]// Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2017: 1465-1482.
[8]	CASH D , GRUBBS P , PERRY J ,et al. Leakage-abuse attacks against searchable encryption[C]// Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2015: 668-679.
[9]	ZHANG Y P , KATZ J , PAPAMANTHOU C . All your queries are belong to us:the power of file-injection attacks on searchable encryption[R]. IACR Cryptology EPrint Archive, 2016.
[10]	BOST R , . ∑oφo?:forward secure searchable encryption[C]// Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2016: 1143-1154.
[11]	SUN S F , YUAN X L , LIU J K ,et al. Practical backward-secure searchable encryption from symmetric puncturable encryption[C]// Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2018: 763-780.
[12]	CHAMANI J G , PAPADOPOULOS D , PAPAMANTHOU C ,et al. New constructions for forward and backward private symmetric searchable encryption[C]// Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2018: 1038-1055.
[13]	RIZOMILIOTIS P , GRITZALIS S . Simple forward and backward private searchable symmetric encryption schemes with constant number of roundtrips[C]// Proceedings of the 2019 ACM SIGSAC Conference on Cloud Computing Security Workshop. New York:ACM Press, 2019: 141-152.
[14]	黄珂 . 前向和后向安全的动态对称可搜索加密方案的研究[D]. 上海:华东师范大学, 2019.
	HUANG K . Research on forward and backward security of dynamic symmetric searchable encryption scheme[D]. Shanghai:East China Normal University, 2019.
[15]	SARDAR L , RUJ S . FSPVDSSE:a forward secure publicly verifiable dynamic SSE scheme[C]// International Conference on Provable Security. Berlin:Springer, 2019: 355-371.
[16]	ZUO C , SUN S F , LIU J K ,et al. Dynamic searchable symmetric encryption with forward and stronger backward privacy[C]// European Symposium on Research in Computer Security. Berlin:Springer, 2019: 283-303.
[17]	ZUO C , SUN S F , LIU J K ,et al. Forward and backward private DSSE for range queries[J]. IEEE Transactions on Dependable and Secure Computing, 2022,19(1): 328-338.
[18]	CASH D , JARECKI S , JUTLA C ,et al. Highly-scalable searchable symmetric encryption with support for Boolean queries[C]// Annual Cryptology Conference. Berlin:Springer, 2013: 353-373.
[19]	LAI S Q , PATRANABIS S , SAKZAD A ,et al. Result pattern hiding searchable encryption for conjunctive queries[C]// Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2018: 745-762.
[20]	WU Z Q , LI K L . VBTree:forward secure conjunctive queries over encrypted data for cloud computing[J]. The VLDB Journal, 2019,28(1): 25-46.
[21]	ZUO C , SUN S , LIU J K ,et al. Forward and backward private dynamic searchable symmetric encryption for conjunctive queries[R]. IACR Cryptology EPrint Archive, 2020.
[22]	PATRANABIS S , MUKHOPADHYAY D . Forward and backward private conjunctive searchable symmetric encryption[C]// Proceedings 2021 Network and Distributed System Security Symposium. Virginia:the Internet Society, 2021:doi.org/10.14722/ndss.2021.23116.
[23]	FU Z J , WU X L , GUAN C W ,et al. Toward efficient multi-keyword fuzzy search over encrypted outsourced data with accuracy improvement[J]. IEEE Transactions on Information Forensics and Security, 2016,11(12): 2706-2716.

参数	含义
λ	安全参数
F	安全的伪随机函数
n	位串的长度
W	关键字空间
f_i	第i个文件（1≤i≤n）
DB	数据库
EDB	加密数据库
ST_c	当前的搜索令牌
CT	存储当前搜索令牌ST_c和更新的次数c
bs	位图索引对应的位串
E	加密后的位串
Sum_E	加密后的位串的和
sk	一次性安全密钥
Sum_sk	一次性安全密钥的和

基于双向索引的高效连接关键字查询动态可搜索加密方案

Efficient dynamic searchable encryption scheme for conjunctive queries based on bidirectional index

在线阅读

PDF下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 8

参考文献 23

相关文章 11

Metrics

推荐阅读 0

后向安全	当前匹配关键字w的文件	文件插入时间	w更新总次数	w更新时间	插入后被删除文档的插入删除时间
Type-I	√	√	√	—	—
Type-II	√	√	√	√	—
Type-III	√	√	√	√	√
Type-I^-	√	—	√	√	—

[1]	梁艳,张筱,郑志明. 基于无证书群签名方案的电子现金系统[J]. 通信学报, 2016, 37(5): 184-190.
[2]	魏江宏,刘文芬,胡学先. 前向安全的密文策略基于属性加密方案[J]. 通信学报, 2014, 35(7): 38-45.
[3]	魏江宏，刘文芬，胡学先. 前向安全的密文策略基于属性加密方案[J]. 通信学报, 2014, 35(7): 5-45.
[4]	陆阳，李继国. 标准模型下前向安全公钥加密方案的新构造[J]. 通信学报, 2014, 35(2): 5-39.
[5]	陆阳,李继国. 标准模型下前向安全公钥加密方案的新构造[J]. 通信学报, 2014, 35(2): 33-39.
[6]	刘亚丽,秦小麟,殷新春,李博涵. 基于模m的n方根的前向安全数字签名方案的分析与改进[J]. 通信学报, 2010, 31(6): 82-88.
[7]	芦殿军,张秉儒,赵海兴. 基于多项式秘密共享的前向安全门限签名方案[J]. 通信学报, 2009, 30(1): 45-49.
[8]	汪小芬,陈原,肖国镇. 基于身份的认证密钥协商协议的安全分析与改进[J]. 通信学报, 2008, 29(12): 16-21.
[9]	赵佳,刘吉强,韩臻,沈昌祥. 具有时间限制的动态秘密共享方案[J]. 通信学报, 2008, 29(11A): 1-6.
[10]	冯涛,马建峰. 基于单向累加器的移动ad hoc网络组密钥管理方案[J]. 通信学报, 2007, 28(11A): 103-106.
[11]	王晓明,陈火炎,符方伟. 前向安全的代理签名方案[J]. 通信学报, 2005, 26(11): 38-41.