云环境下安全的可验证多关键词搜索加密方案

doi:10.11959/j.issn.1000-436x.2021054

Abstract

Abstract:

Due to the advantages of cloud computing, such as virtualization and high scalability, individuals and enterprises are willing to outsource local data storage and computing to cloud servers.However, encryption breaks the linkability between the data.Although searchable encryption (SE) enables cloud servers to provide retrieval services of the encrypted data for data owners, cloud servers who are untrusted, may tamper and delete data, or learn information of the newly added encrypted files with previous trapdoors.Besides, single-keyword search inevitably incurs many unrelated results, resulting in a waste of bandwidth and computing resources.To address the problems above, an efficient and verifiable multi-keyword search encryption scheme was proposed, which could not only supported multiple-keyword search, but also realized the privacy of search pattern and forward security of the outsourced files.In the meanwhile, it also ensured the integrity check of the outsourced data.Through rigorous security verification, the proposed scheme was proved to be secure under the standard mode, and could resist offline keyword guesswork attack (KGA) on untrusted cloud servers.Finally, by comparing the efficiency and performance with the recent three searchable encryption schemes, the experimental results show that the proposed scheme has the best comprehensive performance in terms of function and efficiency among the four schemes.

Key words: cloud computing, q-ABDHE security assumption, multi-keyword search, security proof

CLC Number:

TP309

Jianhong ZHANG, Menglong WU, Jing WANG, Pei LIU, Zhengtao JIANG, Changgen PENG. Secure and verifiable multi-keyword searchable encryption scheme in cloud[J]. Journal on Communications, 2021, 42(4): 139-149.

Figures/Tables 7

References 19

[1]	AMBRUST M , FOX A , JOSEPH A D ,et al. Above the clouds:a berkeley view of cloud computing[R]. California:University of California,UCB/EECS-2009-28, 2009.
[2]	MELL P M , GRANCE T . The NIST definition of cloud computing[R]. National Institute of Standards and Technology, 2011.
[3]	JULISCH K , HALL M . Security and control in the cloud[J]. Information Security Journal:A Global Perspective, 2010,19(6): 299-309.
[4]	冯登国, 张敏, 张妍 ,等. 云计算安全研究[J]. 软件学报, 2011,22(1): 71-83.
	FENG D G , ZHANG M , ZHANG Y ,et al. Study on cloud computing security[J]. Journal of Software, 2011,22(1): 71-83.
[5]	TANG Y , LEE P P C , LUI J C S ,et al. Secure overlay cloud storage with access control and assured deletion[J]. IEEE Transactions on Dependable and Secure Computing, 2012,9(6): 903-916.
[6]	SONG D X , WAGNER D , PERRIG A . Practical techniques for searches on encrypted data[C]// Proceeding 2000 IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 2000: 44-55.
[7]	BONEH D , CRESCENZO G , OSTROVSKY R ,et al. Public key encryption with keyword search[C]// International Conference on the Theory and Applications of Cryptographic Techniques. Berlin:Springer, 2004: 506-522.
[8]	GOLLE P , STADDON J , WATERS B . Secure conjunctive keyword search over encrypted data[C]// Proceedings of the 2nd International Conference on Applied Cryptography and Network Security. Berlin:Springer, 2004: 31-45.
[9]	BALLARD L , KAMARA S , MONROSE F . Achieving efficient conjunctive keyword searches over encrypted data[C]// Proceedings of the 7th International Conference on Information and Communications Security. Berlin:Springer, 2005: 414-426
[10]	RYU E K , TAKAGI T . Efficient conjunctive keyword-searchable encryption[C]// Proceedings of 21st International Conference on Advanced Information Networking and Applications Workshops. Piscataway:IEEE Press, 2007: 409-414.
[11]	CAO N , WANG C , LI M ,et al. Privacy-preserving multi-keyword ranked search over encrypted cloud data[C]// Proceedings of IEEE INFOCOM. Piscataway:IEEE Press, 2011: 829-837.
[12]	SHACHAM H , WATERS B . Compact proofs of retrievability[J]. Journal of Cryptology, 2013,26(3): 442-483.
[13]	GUO L F , LU B , LI X Y ,et al. A verifiable proxy Re-encryption with keyword search without random oracle[C]// 2013 Ninth International Conference on Computational Intelligence and Security. Piscataway:IEEE Press, 2013: 474-478.
[14]	YANG Y , MA M D . Conjunctive keyword search with designated tester and timing enabled proxy Re-encryption function for E-health clouds[J]. IEEE Transactions on Information Forensics and Security, 2016,11(4): 746-759.
[15]	MIAO Y B , MA J F , LIU X M ,et al. VMKDO:Verifiable multi-keyword search over encrypted cloud data for dynamic data-owner[J]. Peer-to-Peer Networking and Applications, 2018,11(2): 287-297.
[16]	WANG G J , YUE F S , LIU Q . A secure self-destructing scheme for electronic data[J]. Journal of Computer and System Sciences, 2013,79(2): 279-290.
[17]	GUO Y , ZHANG C , JIA X H . Verifiable and forward-secure encrypted search using blockchain techniques[C]// IEEE International Conference on Communications. Piscataway:IEEE Press, 2020: 1321-1329.
[18]	BASERI Y , HAFID A , CHERKAOUI S . Privacy preserving fine-grained location-based access control for mobile cloud[J]. Computers ＆ Security, 2018,73: 249-265.
[19]	MIAO Y B , MA J F , LIU X M ,et al. Lightweight fine-grained search over encrypted data in fog computing[J]. IEEE Transactions on Services Computing, 2019,12(5): 772-785.

Metrics

Recommended 0

No Suggested Reading articles found!

符号	描述
F₀	首次外包的文件集
F_i	第i次插入的文件集
F_i={F_i1,…,F_in}	包含n个文件的外包文件集F_i
FID_i={FID_i1,…,FID_in}	文件名称集FID_i
C_i={C_i1,…,C_in}	文件集F_i对应的密文集合
Sig _i={sig _i1,…,sig _in}	数据拥有者对文件F_i的签名集
I_i={I_i1,…,I_in}	加密文件的索引集
θ	数据拥有者的哈希密钥

算法	文献[13]方案	文献[14]方案	文献[15]方案	本文所提方案
KeyGen	4E	3E	2E	2E
Enc	(2m+1)nE+mnP	(m+5)nE+2nP	(mn+5 n+2n)E+n H₁+3P	(mn+5 n+2n)E+n H₁+2P
Trapdoor	(2l+2)E+H₁	(l+3)E	2E	(l+3)E
Search	(l+1)E+H₁+lP	(l+4)E+(l+2)P	2P+3E+lM	2P+2E+lM
Verify	?	?	(d+1)E+dH₁+2P	(d+1)E+dH₁+2P
security	yes	yes	no	yes
search model	leak	leak	leak	anonymity
forward security	no	no	no	yes

Secure and verifiable multi-keyword searchable encryption scheme in cloud

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 7

References 19

Related Articles 15

Metrics

Recommended 0

[1]	Ling MA, Qiliang FAN, Ting XU, Guanchen GUO, Shenglin ZHANG, Yongqian SUN, Yuzhi ZHANG. Scheduling framework based on reinforcement learning in online-offline colocated cloud environment [J]. Journal on Communications, 2023, 44(6): 90-102.
[2]	Huaqun WANG, Zhe LIU, Debiao HE, Jiguo LI. Identity-based provable data possession scheme for multi-source IoT terminal data in public cloud [J]. Journal on Communications, 2021, 42(7): 52-60.
[3]	Ruiqi LI, Chunfu JIA, Yafei WANG. Multi-key homomorphic proxy re-encryption scheme based on NTRU and its application [J]. Journal on Communications, 2021, 42(3): 11-22.
[4]	Jiawei ZHANG, Jianfeng MA, Zhuo MA, Teng LI. Time-based and privacy protection revocable and traceable data sharing scheme in cloud computing [J]. Journal on Communications, 2021, 42(10): 81-94.
[5]	Wenjuan WANG, Xuehui DU, Dibin SHAN. Construction method of attack scenario in cloud environment based on dynamic probabilistic attack graph [J]. Journal on Communications, 2021, 42(1): 1-17.
[6]	Youliang TIAN,Qin LUO. Verifiable multi-keyword search scheme based on improved Merkle-Tree authentication method [J]. Journal on Communications, 2020, 41(9): 118-129.
[7]	Na WANG,Kun ZHENG,Junsong FU,Jian LI. Method of ciphertext retrieval in mobile edge computing based on block segmentation [J]. Journal on Communications, 2020, 41(7): 95-102.
[8]	Lindong ZHAO,Wenqin ZHUANG,Jianxin CHEN,Liang ZHOU. Hierarchical task offloading in heterogeneous cellular network:modeling and optimization [J]. Journal on Communications, 2020, 41(4): 34-44.
[9]	Bing LIANG,Wen JI. Multiuser computation offloading for edge-cloud collaboration using submodular optimization [J]. Journal on Communications, 2020, 41(10): 25-36.
[10]	SU Mingfeng,WANG Guojun,LI Renfa. Multidimensional QoS cloud computing resource scheduling method based on stakeholder perspective [J]. Journal on Communications, 2019, 40(6): 102-115.
[11]	CHEN Xingshu,HUA Qiang,WANG Yitong,GE Long,ZHU Yi. Research on low-rate DDoS attack of SDN network in cloud environment [J]. Journal on Communications, 2019, 40(6): 210-222.
[12]	Wanliang WANG, Zelin ZANG, Guoqi CHEN, Hangyao TU, Yule WANG, Linyan LU. Research on optimal two element exchange algorithm for large scale cloud computing server scheduling problem [J]. Journal on Communications, 2019, 40(5): 180-191.
[13]	Tian WANG,Xuewei SHEN,Hao LUO,Baisheng CHEN,Guojun WANG,Weijia JIA. Research progress of trusted sensor-cloud based on fog computing [J]. Journal on Communications, 2019, 40(3): 170-181.
[14]	Xinfeng HE,Junfeng TIAN,Fanming LIU. Survey on trusted cloud platform technology [J]. Journal on Communications, 2019, 40(2): 154-163.
[15]	Zhiqiang ZHU,Renhao LIN,Cuiyun HU. Openstack authentication protocol based on digital certificate [J]. Journal on Communications, 2019, 40(2): 188-196.