云存储中可验证完整性的可搜索加密协议
|
摘要
为了提高可搜索加密的实用性,构造了一个可以实现云存储数据完整性验证的可搜索加密系统,并利用多文件可恢复证明方法构造了一个安全协议,实现了云存储环境下多类型文件完整性验证的可搜索加密,最后给出了协议的安全性证明。相比于同类协议在可搜索加密的安全性与数据安全审计的效率方面有所提高和改善。
In order to improve the practicability of the searchable encryption,a searchable encryption(SE) system which can verify the integrity of the searched data in the cloud is constructed.And a secure protocol uses multi-file proofs of retrievability as the building block to achieve the verifiable integrity of searchable encryption on multi-type files.Compared with the existing work,the proposed protocol improves the security and reduces the computational overhead.
In order to improve the practicability of the searchable encryption,a searchable encryption(SE) system which can verify the integrity of the searched data in the cloud is constructed.And a secure protocol uses multi-file proofs of retrievability as the building block to achieve the verifiable integrity of searchable encryption on multi-type files.Compared with the existing work,the proposed protocol improves the security and reduces the computational overhead.
引文
[1]KAMARA S,LAUTER K.Cryptographic cloud storage[C]//International Conference on Financial Cryptography and Data Security.Berlin:Springer,2010:136-149.
[2]SONG D X,WAGNER D,PERRRIG A.Practical techniques for searches on encrypted data[C]//Security and Privacy,2000.[S.l.]:IEEE,2000:44-55.
[3]GOH E J.Secure indexes[EB/OL].https://eprint.iacr.org/2003/216.pdf
[4]CHANG Y C,MITZENMACHER M.Privacy preserving keyword searches on remote encrypted data[C]//International Conference on Applied Cryptography and Network Security.Berlin:Springer,2005:442-455.
[5]CURTMOLA R,GARAYJ,KAMARA S,et al.Searchable symmetric encryption:improved definitions and efficient construc tions[J].Journal of Computer Security,2011,19(5):895-934.
[6]BONEH D,CRESCENZO D G,OSTROVSKY R,et al.Public key encryption with keyword search[C]//International Conference on the Theory and Applications of Cryptographic Techniques.Berlin:Springer,2004:506-522.
[7]ABDALLA M,BELLARE M,CATALANO D,et al.Searchable encryption revisited:consistency properties,relation to anonymous IBE,and extensions[C]//Annual International Cryptology Conference.Berlin:Springer,2005:205-222.
[8]BONEH D,FRANKLIN M.Identity-based encryption from the Weil pairing[C]//Annual International Cryptology Conference.Berlin:Springer,2001:213-229.
[9]SAHAI A,WATERS B.Fuzzy identity-based encryption[J].Lecture Notes in Computer Science,2004,3494:457-473.
[10]WANG H,ZHENG Z,WU L,et al.New directly revocable attribute-based encryption scheme and its application in cloud storage environment[J].Cluster Computing,2017,20(3):2385-2392.
[11]LI J,ZHANG Y,CHEN X,et al.Secure attribute-based data sharing for resource-limited users in cloud computing[J].Computers&Security,2018,72:1-12.
[12]ZHU B,SUN J,QIN J,et al.Fuzzy matching:multi-authority attribute searchable encryption without central authority[J].Soft Computing,2017:1-10.
[13]HAN F,QIN J,ZHAO H,et al.A general transformation from KP-ABE to searchable encryption[J].Future Generation Computer Systems,2014,30:107-115.
[14]韩斐.基于属性的可搜索加密协议研究[D].济南:山东大学,2015.HAN Fei.Research on attribute based searchable encryption[D].Jinan:Shandong University,2015.
[15]HAN F,QIN J,HU J.Secure searches in the cloud:a survey[J].Future Generation Computer Systems,2016,62:66-75.
[16]MENG R,ZHOU Y,NING J,et al.An efficient key-policy attribute-based searchable encryption in prime-order groups[C]//International Conference on Provable Security.Cham:Springer,2017:39-56.
[17]CHAUDHARI P,DAS M L.On the security of a searchable anonymous attribute based encryption[C]//International Conference on Mathematics and Computing.Singapore:Springer,2017:16-25.
[18]LI F,WU C,YUAN X,et al.Multi-keyword ranked fuzzy search over encrypted data in cloud supporting dynamic update[J].Journal of Computational and Theoretical Nanoscience,2016,13(12):9705-9709.
[19]LI X,CUI Y,ZHOU M,et al.Efficient multi-keyword fuzzy search on encrypted data in cloud storage[C]//Information Science and Control Engineering(ICISCE)[S.l.]:IEEE,2017:288-294.
[20]CHAI Q,GONG G.Verifiable symmetric searchable encryption for semi-honest-but-curious cloud servers[C]//Communications(ICC)[S.l.]:IEEE,2012:917-922.
[21]ZHENG Q,XU S,ATENIESE G.VABKS:verifiable attribute-based keyword search over outsourced encrypted data[C]//Infocom,2014 proceedings IEEE.[S.l.]:IEEE,2014:522-530.
[22]ATENIESE G,BURNS R,CURTMOLA R,et al.Provable data possession at untrusted stores[C]//Proceedings of the 14th ACM conference on Computer and Communications Security.[S.l.]:ACM,2007:598-609.
[23]ATENIESE G,DI PIETRO R,MANCINI L V,et al.Scalable and efficient provable data possession[C]//Proceedings of the 4th International Conference on Security and Privacy in Communication Netowrks.[S.l.]:ACM,2008:9.
[24]CURTMOLA R,KHAN O,BURNS R.Robust remote data checking[C]//Proceedings of the 4th ACM International Workshop on Storage Security and Survivability.[S.l.]:ACM,2008:63-68.
[25]ERWAY C C,KPCA,PAPAMANTHOU C,et al.Dynamic provable data possession[C]//ACM Coference on Computer and Communications Security.New York:ACM,2009:213-222.
[26]WANG C,WANG Q,REN K,et al.Privacy-preserving public auditing for data storage security in cloud computing[C]//Infocom,2010 Proceedings Ieee.[S.l.]:IEEE,2010:1-9.
[27]WANG B,LI B,LI H.Oruta:Privacy-preserving public auditing for shared data in the cloud[J].IEEE Transactions on Cloud Computing,2014,2(1):43-56.
[28]WU Y,JIANG Z L,WANG X,et al.Dynamic data operations with deduplication in privacy-preserving public auditing for secure cloud storage[C]//2017 IEEE International Conference on Computational Science and Engineering(CSE)and IEEEInternational Conference on Embedded and Ubiquitous Computing(EUC).[S.l.]:IEEE,2017,1:562-567.
[29]SUGUAN M,SHALINIE S M.Privacy preserving auditing protocol for remote data storage[J].Cluster Computing,2018:1-8.
[30]WANG Q,WANG C,LI J,et al.Enabling public verifiability and data dynamics for storage security in cloud computing[C]//European Symposium on Research in Computer Security.Berlin:Springer,2009:355-370.
[31]DANIEL E,VASANTHI N A.A cost effective dynamic auditing scheme for outsourced data storage in cloud environment[C]//Innovations in Green Energy and Healthcare Technologies(IGEHT)[S.l.]:IEEE,2017:1-5.
[32]XIANG T,LI X,CHEN F,et al.Achieving verifiable,dynamic and efficient auditing for outsourced database in cloud[J].Journal of Parallel and Distributed Computing,2018,112:97-107.
[33]GRITTI C,SUSILO W,PLANTARD T.Efficient dynamic provable data possession with public verifiability and data privacy[C]//Australasian Conference on Information Security and Privacy.Cham:Springer,2015:395-412.
[34]JUELS A,KALISKI JR B S.PORs:proofs of retrievability for large files[C]//Proceedings of the 14th ACM Conference on Computer and Communications Security.[S.l.]:ACM,2007:584-597.
[35]SHACHAM H,WATERS B.Compact proofs of retrievability[C]//International Conference on the Theory and Application of Cryptology and Information Security.Berlin:Springer,2008:90-107.
[36]BOWERS K D,JUELS A,OPREA A.HAIL:a high-availability and integrity layer for cloud storage[C]//Proceedings of the 16th ACM Conference on Computer and Communications Security.[S.l.]:ACM,2008:187-198.
[37]WANG Q,WANG C,LI J,et al.Enabling public verifiability and data dynamics for storage security in cloud computing[C]//European Symposium on Research in Computer Security.Berlin:Springer,2009:355-370.
[38]WANG B,HONG X.Multi-file proofs of retrievability for cloud storage auditing[EB/OL].https://eprint.iacr.org/2013/348.pdf
[39]GOLDWASSER S,MICALI S,RIVEST R L.A digital signature scheme secure against adaptive chosen-message attacks[J].SIAM Journal on Computing,1988,17(2):281-308.
[40]SUN W,WANG B,CAO N,et al.Privacy-preserving multi-keyword text search in the cloud supporting similarity-based ranking[C]//Proceedings of the 8th ACM SIGSAC Symposium on Information,Computer and Communications Security.[S.l.]:ACM,2013:71-82.
[41]ZHANG R,XUE R,YU T,et al.PVSAE:a public verifiable searchable encryption service framework for outsourced encrypted data[C]//Web Services(ICWS),2016 IEEE International Conference on.[S.l.]:IEEE,2016:428-435.
[2]SONG D X,WAGNER D,PERRRIG A.Practical techniques for searches on encrypted data[C]//Security and Privacy,2000.[S.l.]:IEEE,2000:44-55.
[3]GOH E J.Secure indexes[EB/OL].https://eprint.iacr.org/2003/216.pdf
[4]CHANG Y C,MITZENMACHER M.Privacy preserving keyword searches on remote encrypted data[C]//International Conference on Applied Cryptography and Network Security.Berlin:Springer,2005:442-455.
[5]CURTMOLA R,GARAYJ,KAMARA S,et al.Searchable symmetric encryption:improved definitions and efficient construc tions[J].Journal of Computer Security,2011,19(5):895-934.
[6]BONEH D,CRESCENZO D G,OSTROVSKY R,et al.Public key encryption with keyword search[C]//International Conference on the Theory and Applications of Cryptographic Techniques.Berlin:Springer,2004:506-522.
[7]ABDALLA M,BELLARE M,CATALANO D,et al.Searchable encryption revisited:consistency properties,relation to anonymous IBE,and extensions[C]//Annual International Cryptology Conference.Berlin:Springer,2005:205-222.
[8]BONEH D,FRANKLIN M.Identity-based encryption from the Weil pairing[C]//Annual International Cryptology Conference.Berlin:Springer,2001:213-229.
[9]SAHAI A,WATERS B.Fuzzy identity-based encryption[J].Lecture Notes in Computer Science,2004,3494:457-473.
[10]WANG H,ZHENG Z,WU L,et al.New directly revocable attribute-based encryption scheme and its application in cloud storage environment[J].Cluster Computing,2017,20(3):2385-2392.
[11]LI J,ZHANG Y,CHEN X,et al.Secure attribute-based data sharing for resource-limited users in cloud computing[J].Computers&Security,2018,72:1-12.
[12]ZHU B,SUN J,QIN J,et al.Fuzzy matching:multi-authority attribute searchable encryption without central authority[J].Soft Computing,2017:1-10.
[13]HAN F,QIN J,ZHAO H,et al.A general transformation from KP-ABE to searchable encryption[J].Future Generation Computer Systems,2014,30:107-115.
[14]韩斐.基于属性的可搜索加密协议研究[D].济南:山东大学,2015.HAN Fei.Research on attribute based searchable encryption[D].Jinan:Shandong University,2015.
[15]HAN F,QIN J,HU J.Secure searches in the cloud:a survey[J].Future Generation Computer Systems,2016,62:66-75.
[16]MENG R,ZHOU Y,NING J,et al.An efficient key-policy attribute-based searchable encryption in prime-order groups[C]//International Conference on Provable Security.Cham:Springer,2017:39-56.
[17]CHAUDHARI P,DAS M L.On the security of a searchable anonymous attribute based encryption[C]//International Conference on Mathematics and Computing.Singapore:Springer,2017:16-25.
[18]LI F,WU C,YUAN X,et al.Multi-keyword ranked fuzzy search over encrypted data in cloud supporting dynamic update[J].Journal of Computational and Theoretical Nanoscience,2016,13(12):9705-9709.
[19]LI X,CUI Y,ZHOU M,et al.Efficient multi-keyword fuzzy search on encrypted data in cloud storage[C]//Information Science and Control Engineering(ICISCE)[S.l.]:IEEE,2017:288-294.
[20]CHAI Q,GONG G.Verifiable symmetric searchable encryption for semi-honest-but-curious cloud servers[C]//Communications(ICC)[S.l.]:IEEE,2012:917-922.
[21]ZHENG Q,XU S,ATENIESE G.VABKS:verifiable attribute-based keyword search over outsourced encrypted data[C]//Infocom,2014 proceedings IEEE.[S.l.]:IEEE,2014:522-530.
[22]ATENIESE G,BURNS R,CURTMOLA R,et al.Provable data possession at untrusted stores[C]//Proceedings of the 14th ACM conference on Computer and Communications Security.[S.l.]:ACM,2007:598-609.
[23]ATENIESE G,DI PIETRO R,MANCINI L V,et al.Scalable and efficient provable data possession[C]//Proceedings of the 4th International Conference on Security and Privacy in Communication Netowrks.[S.l.]:ACM,2008:9.
[24]CURTMOLA R,KHAN O,BURNS R.Robust remote data checking[C]//Proceedings of the 4th ACM International Workshop on Storage Security and Survivability.[S.l.]:ACM,2008:63-68.
[25]ERWAY C C,KPCA,PAPAMANTHOU C,et al.Dynamic provable data possession[C]//ACM Coference on Computer and Communications Security.New York:ACM,2009:213-222.
[26]WANG C,WANG Q,REN K,et al.Privacy-preserving public auditing for data storage security in cloud computing[C]//Infocom,2010 Proceedings Ieee.[S.l.]:IEEE,2010:1-9.
[27]WANG B,LI B,LI H.Oruta:Privacy-preserving public auditing for shared data in the cloud[J].IEEE Transactions on Cloud Computing,2014,2(1):43-56.
[28]WU Y,JIANG Z L,WANG X,et al.Dynamic data operations with deduplication in privacy-preserving public auditing for secure cloud storage[C]//2017 IEEE International Conference on Computational Science and Engineering(CSE)and IEEEInternational Conference on Embedded and Ubiquitous Computing(EUC).[S.l.]:IEEE,2017,1:562-567.
[29]SUGUAN M,SHALINIE S M.Privacy preserving auditing protocol for remote data storage[J].Cluster Computing,2018:1-8.
[30]WANG Q,WANG C,LI J,et al.Enabling public verifiability and data dynamics for storage security in cloud computing[C]//European Symposium on Research in Computer Security.Berlin:Springer,2009:355-370.
[31]DANIEL E,VASANTHI N A.A cost effective dynamic auditing scheme for outsourced data storage in cloud environment[C]//Innovations in Green Energy and Healthcare Technologies(IGEHT)[S.l.]:IEEE,2017:1-5.
[32]XIANG T,LI X,CHEN F,et al.Achieving verifiable,dynamic and efficient auditing for outsourced database in cloud[J].Journal of Parallel and Distributed Computing,2018,112:97-107.
[33]GRITTI C,SUSILO W,PLANTARD T.Efficient dynamic provable data possession with public verifiability and data privacy[C]//Australasian Conference on Information Security and Privacy.Cham:Springer,2015:395-412.
[34]JUELS A,KALISKI JR B S.PORs:proofs of retrievability for large files[C]//Proceedings of the 14th ACM Conference on Computer and Communications Security.[S.l.]:ACM,2007:584-597.
[35]SHACHAM H,WATERS B.Compact proofs of retrievability[C]//International Conference on the Theory and Application of Cryptology and Information Security.Berlin:Springer,2008:90-107.
[36]BOWERS K D,JUELS A,OPREA A.HAIL:a high-availability and integrity layer for cloud storage[C]//Proceedings of the 16th ACM Conference on Computer and Communications Security.[S.l.]:ACM,2008:187-198.
[37]WANG Q,WANG C,LI J,et al.Enabling public verifiability and data dynamics for storage security in cloud computing[C]//European Symposium on Research in Computer Security.Berlin:Springer,2009:355-370.
[38]WANG B,HONG X.Multi-file proofs of retrievability for cloud storage auditing[EB/OL].https://eprint.iacr.org/2013/348.pdf
[39]GOLDWASSER S,MICALI S,RIVEST R L.A digital signature scheme secure against adaptive chosen-message attacks[J].SIAM Journal on Computing,1988,17(2):281-308.
[40]SUN W,WANG B,CAO N,et al.Privacy-preserving multi-keyword text search in the cloud supporting similarity-based ranking[C]//Proceedings of the 8th ACM SIGSAC Symposium on Information,Computer and Communications Security.[S.l.]:ACM,2013:71-82.
[41]ZHANG R,XUE R,YU T,et al.PVSAE:a public verifiable searchable encryption service framework for outsourced encrypted data[C]//Web Services(ICWS),2016 IEEE International Conference on.[S.l.]:IEEE,2016:428-435.