支持用户撤销的多关键字密文查询方案

doi:10.11959/j.issn.1000-436x.2017094

Abstract

Abstract:

A mu1ti-keyword search over encrypted data was proposec1 with fi1e-1eve1 access authorization and data user revocation scheme through emp1oying ciphertext-po1icy attribute-based encryption（CP-ABE）.The scheme supports fi1e-1eve1 access authorization in the mu1ti-owner mu1ti-user settings，which means that data users cou1d on1y gain the authorized fi1es encrypted by different data owners with different keys.Moreover，the scheme cou1d achieve data user revocation.Forma1 security ana1ysis shows that the proposed scheme cou1d resist the chosen keyword attack in random orac1e.Moreover，the experimenta1 study over rea1-wor1d dataset demonstrates its efficiency and feasibi1ity in practice.

Key words: searchab1e encryption, fi1e-1eve1 access authorization, user revocation, mu1ti-keyword

CLC Number:

TN918.4

Qi-ying WU,Jian-feng MA,Hui LI,Jun-wei ZHANG,Qi JIANG,Yin-bin MIAO. Multi-keyword search over encrypted data with user revocation[J]. Journal on Communications, 2017, 38(8): 183-193.

Figures/Tables 10

符号	定义
$W = {w_{1}, \cdot \cdot \cdot, w_{m}}$	给定的关键字集
$W' = (w'_{1}, \cdot \cdot \cdot, w'_{l})$	查询关键字集
$D = {d_{1}, \dots, d_{p}}$	文件集合
T	访问结构
$T_{W^{'}}$	查询陷门值
I	索引值
C′	返回密文集
tk	授权令牌
Cph	授权密文
Atts	数据用户的属性集合
Ts	访问树叶子节点属性集合

算法	方案
算法	ABKS-UR	本文方案
Init	$3 \| N \| E + E_{T} + P$	$4 E + E_{T} + P$
KeyGen	$(2 \| N \| + 1) E + 2 E_{T}$	$(2 \| S \| + 3) E + \| S \| H_{1}$
Enc	$(\| N \| + 1) E + E_{T}$	$(2 \| N \| + m + 6) E + \| N \| H_{1} + E_{T}$
Trap	$(2 \| N \| + 1) E$	$(2 \| S \| + l + 4) E$
Search	$(\| N \| + 1) E + E_{T}$	$2 \| S \| E + E_{T} + 5 P$
Audit		$3 \| R \| P$
Dec		$\| R \| (P + E_{T})$

References 17

[1]	JIANG Q , MA J F , WEI F S . On the security of a privacy-aware authentication scheme for distributed mobile cloud computing services[J]. IEEE Systems Journal, 2017,PP(99): 1-4.
[2]	JIANG Q , KHAN M K , LU X ,et al. A privacy preserving three-factor authentication protocol for e-health clouds[J]. Journal of Supercomputing, 2016,72(10): 3826-3849.
[3]	SONG D X , WAGNER D , PERRIG A . Practical techniques for searches on encrypted data[C]// IEEE Symposium on Security and Privacy. 2000: 44-55.
[4]	BONEH D , DI C G , OSTROVSKY R ,et al. Public key encryption with keyword search[C]// International Conference on the Theory and Applications of Cryptographic Techniques. 2004: 506-522.
[5]	LI J , WANG Q , WANG C ,et al. Fuzzy keyword search over encrypted data in cloud computing[C]// The 29th IEEE International Conference on Computer Communications. 2010: 1-5.
[6]	CHEN R , MU Y , YANG G ,et al. Dual-server public-key encryption with keyword search for secure cloud storage[J]. IEEE Transactions on Information Forensics and Security, 2016,11(4): 789-798.
[7]	MIAO Y , MA J , WEI F ,et al. VCSE:verifiable conjunctive keywords search over encrypted data without secure-channel[J]. Peer-to-Peer Networking and Applications, 2016: 1-13.
[8]	LI H , LIU D , JIA K ,et al. Achieving authorized and ranked multi-keyword search over encrypted cloud data[C]// IEEE International Conference on Communications. 2015: 7450-7455.
[9]	BETHENCOURT J , SAHAI A , WATERS B . Ciphertext-policy attribute-based encryption[C]// IEEE Symposium on Security and Privacy. 2007: 321-334.
[10]	GOYAL V , PANDEY O , SAHAI A ,et al. Attribute-based encryption for fine-grained access control of encrypted data[C]// The 13th ACM conference on Computer and communications security. 2006: 89-98.
[11]	ZHENG Q , XU S , ATENIESE G . VABKS:verifiable attribute-based keyword search over outsourced encrypted data[C]// IEEE Conference on Computer Communications. 2014: 522-530.
[12]	LIU Z , WENG J , LI J ,et al. Cloud-based electronic health record system supporting fuzzy keyword search[J]. Soft Computing, 2015: 1-13.
[13]	MIAO Y , LIU J , MA J . Fine-grained searchable encryption over encrypted data in multi-clouds[C]// The 10th International Conference on Wireless Algorithms,Systems,and Applications. 2015: 407-416.
[14]	QIAN H , LI J , ZHANG Y ,et al. Privacy-preserving personal health record using multi-authority attribute-based encryption with revocation[J]. International Journal of Information Security. 2014,14(6): 1-11.
[15]	YANG Y . Attribute-based data retrieval with semantic keyword search for e-health cloud[J]. Journal of Cloud Computing. 2015,4(1): 1-6.
[16]	LI M , YU S , CAO N ,et al. Authorized private keyword search over encrypted data in cloud computing[C]// International Conference on Distributed Computing Systems. 2011: 383-392.
[17]	SUN W , YU S , LOU W ,et al. Protecting your right:verifiable attribute-based keyword search with fine-grained owner-enforced search authorization in the Cloud[J]. IEEE Transactions on Parallel and Distributed Systems, 2016,27(4): 1187-1198.

Metrics

Recommended 0

No Suggested Reading articles found!

方案	属性撤销	多关键字	文件级访问授权
Zheng等^[11]方案	不支持	不支持	不支持
Qian等^[14]方案	支持	不支持	不支持
Yang等^[15]方案	支持	支持	不支持
本文方案	支持	支持	支持

Multi-keyword search over encrypted data with user revocation

RichHTML

PDF

Knowledge

Cited

Abstract

Cite this article

share this article

Figures/Tables 10

References 17

Related Articles 4

Metrics

Recommended 0

[1]	Jiawei ZHANG, Jianfeng MA, Zhuo MA, Teng LI. Time-based and privacy protection revocable and traceable data sharing scheme in cloud computing [J]. Journal on Communications, 2021, 42(10): 81-94.
[2]	Xiaodong YANG,Yutong LI,Jinli WANG,Tingchun MA,Caifen WANG. Revocable identity-based proxy re-signature scheme in the standard model [J]. Journal on Communications, 2019, 40(5): 153-162.
[3]	Zhi-qiang WU,Ken-li LI,Hui ZHENG. Efficient and scalable architecture for searchable symmetric encryption [J]. Journal on Communications, 2017, 38(8): 79-93.
[4]	. New user revocation approach based on intermediate agency for cloud data access control [J]. Journal on Communications, 2015, 36(11): 92-101.