完全隐藏策略的基于属性可搜索加密方案
|
摘要
目前基于属性可搜索加密方案(ATT-PEKS)虽然解决了关键词密文只能被唯一用户搜索的限制,实现了加密数据的多用户共享,但是却没有隐藏访问策略,访问策略一旦被好奇且不可信赖的服务器攻击者获取到,就可能会造成机密信息的泄露。为了解决此问题,提出了完全隐藏策略的基于属性可搜索加密方案,并给出了具体的算法构造,使得方案不仅具有多用户数据共享的优势,还实现了访问策略的完全隐藏。对此方案进行了安全性以及性能分析,证明了方案具有在属性集合模型下的抗攻击性安全,还能保证索引和关键词明文的机密性。在性能方面使用较少的运算量就可以实现隐藏访问策略和加密数据共享两大功能。
The current attribute-based public encryption with keyword search( ATT-PEKS) solves the problem that the keyword ciphertext can only be uniquely searched by the user to enable multi-user share of encrypted data,but it does not hide the access structure. Once the access structure is obtained by unreliable servers attackers,it may be exposed to confidential information. Therefore,in order to solve this problem,this paper proposed an attribute-based public encryption scheme with keyword search that completely hided the access structure,which not only preserved the advantages of ATT-PEKS to realize multiuser data sharing,but also realized the complete concealment of the access structure that prevented the policy information leaking. At last,this paper analyzed the security and performance of the scheme. The simulation result proves that the scheme has the anti-attack security under the attribute set model,and also ensures the confidentiality of the index and the key words. The use of less computing power in terms of performance can achieve hidden access policies and encrypt data sharing two functions.
The current attribute-based public encryption with keyword search( ATT-PEKS) solves the problem that the keyword ciphertext can only be uniquely searched by the user to enable multi-user share of encrypted data,but it does not hide the access structure. Once the access structure is obtained by unreliable servers attackers,it may be exposed to confidential information. Therefore,in order to solve this problem,this paper proposed an attribute-based public encryption scheme with keyword search that completely hided the access structure,which not only preserved the advantages of ATT-PEKS to realize multiuser data sharing,but also realized the complete concealment of the access structure that prevented the policy information leaking. At last,this paper analyzed the security and performance of the scheme. The simulation result proves that the scheme has the anti-attack security under the attribute set model,and also ensures the confidentiality of the index and the key words. The use of less computing power in terms of performance can achieve hidden access policies and encrypt data sharing two functions.
引文
[1] Song D,Wagner D,Perrig A. Practical techniques for searches on encrypted data[C]//Proc of IEEE Symposium on Security&Privacy. Washington DC:IEEE Computer Society,2000:44-55.
[2] Boneh D,Crescenzo G D,Ostrovsky R,et al. Public key encryption with keyword search[C]//Proc of International Conference on Theory and Applications of Cryptographic Techniques. Berlin:Springer,2004:506-522.
[3] Park D J,Kim K,Lee P J. Public key encryption with conjunctive field keyword search[C]//Proc of International Conference on Information Security Applications. Berlin:Springer-Verlag,2004:73-86.
[4] Cao Ning,Wang Cong,Li Ming,et al. Privacy-preserving multi-keyword ranked search over encrypted cloud data[J]. IEEE Trans on Parallel&Distributed Systems,2011,25(1):222-233.
[5]马明军,杨亚涛,王培东,等.基于属性的可认证搜索加密方案[J].计算机工程与设计,2016,37(2):358-362.(Ma Mingjun,Yang Yatao,Wang Peidong,et al. Attribute-based encryption scheme with authenticated search[J]. Computer Engineering and Design,2016,37(2):358-362.)
[6] Sahai A,Waters B. Fuzzy identity-based encryption[C]//Proc of Annual International Conference on Theory and Applications of Cryptographic Techniques. Berlin:Springer,2005:457-473.
[7]房梁,殷丽华,郭云川,等.基于属性的访问控制关键技术研究综述[J].计算机学报,2017,40(7):1680-1698.(Fang Liang,Yin Lihua,Guo Yunchuan,et al. A survey of key technologies in attributebased access control scheme[J]. Chinese Journal of Computers,2017,40(7):1680-1698.)
[8]田野,彭彦彬,杨玉丽,等.无线体域网中基于属性加密的数据访问控制方案[J].计算机应用研究,2015,32(7):2163-2167.(Tian Ye,Peng Yanbin,Yang Yuli,et al. Attribute-based encryption access control scheme in wireless body area networks[J]. Application Research of Computers,2015,32(7):2163-2167.)
[9]李双,徐茂智.基于属性的可搜索加密方案[J].计算机学报,2014,37(5):1017-1024.(Li Shuang,Xu Maozhi. Attribute-based public encryption with keyword search[J]. Chinese Journal of Computers,2014,37(5):1017-1024.)
[10]王海斌,陈少真.隐藏访问结构的基于属性加密方案[J].电子与信息学报,2012,34(2):457-461.(Wang Haibin,Chen Shaozhen. Attribute-based encryption with hidden access structures[J].Journal of Electronics&Information Technology,2012,34(2):457-461.)
[11]解理,任艳丽.隐藏访问结构的高效基于属性加密方案[J].西安电子科技大学学报:自然科学版,2015,42(3):97-102.(Xie Li,Ren Yanli. Efficient attribute-based encryption with hidden access structures[J]. Journal of Xidian University:Natural Science,2015,42(3):97-102.)
[12]刘雪艳,郑等凤.基于素数群完全隐藏访问策略的CP-ABE方案[J].计算机工程,2016,42(10):140-145.(Liu Xueyan,Zheng Dengfeng. CP-ABE scheme based on prime group with fully hidden access structure[J]. Computer Engineering,2016,42(10):140-145.)
[2] Boneh D,Crescenzo G D,Ostrovsky R,et al. Public key encryption with keyword search[C]//Proc of International Conference on Theory and Applications of Cryptographic Techniques. Berlin:Springer,2004:506-522.
[3] Park D J,Kim K,Lee P J. Public key encryption with conjunctive field keyword search[C]//Proc of International Conference on Information Security Applications. Berlin:Springer-Verlag,2004:73-86.
[4] Cao Ning,Wang Cong,Li Ming,et al. Privacy-preserving multi-keyword ranked search over encrypted cloud data[J]. IEEE Trans on Parallel&Distributed Systems,2011,25(1):222-233.
[5]马明军,杨亚涛,王培东,等.基于属性的可认证搜索加密方案[J].计算机工程与设计,2016,37(2):358-362.(Ma Mingjun,Yang Yatao,Wang Peidong,et al. Attribute-based encryption scheme with authenticated search[J]. Computer Engineering and Design,2016,37(2):358-362.)
[6] Sahai A,Waters B. Fuzzy identity-based encryption[C]//Proc of Annual International Conference on Theory and Applications of Cryptographic Techniques. Berlin:Springer,2005:457-473.
[7]房梁,殷丽华,郭云川,等.基于属性的访问控制关键技术研究综述[J].计算机学报,2017,40(7):1680-1698.(Fang Liang,Yin Lihua,Guo Yunchuan,et al. A survey of key technologies in attributebased access control scheme[J]. Chinese Journal of Computers,2017,40(7):1680-1698.)
[8]田野,彭彦彬,杨玉丽,等.无线体域网中基于属性加密的数据访问控制方案[J].计算机应用研究,2015,32(7):2163-2167.(Tian Ye,Peng Yanbin,Yang Yuli,et al. Attribute-based encryption access control scheme in wireless body area networks[J]. Application Research of Computers,2015,32(7):2163-2167.)
[9]李双,徐茂智.基于属性的可搜索加密方案[J].计算机学报,2014,37(5):1017-1024.(Li Shuang,Xu Maozhi. Attribute-based public encryption with keyword search[J]. Chinese Journal of Computers,2014,37(5):1017-1024.)
[10]王海斌,陈少真.隐藏访问结构的基于属性加密方案[J].电子与信息学报,2012,34(2):457-461.(Wang Haibin,Chen Shaozhen. Attribute-based encryption with hidden access structures[J].Journal of Electronics&Information Technology,2012,34(2):457-461.)
[11]解理,任艳丽.隐藏访问结构的高效基于属性加密方案[J].西安电子科技大学学报:自然科学版,2015,42(3):97-102.(Xie Li,Ren Yanli. Efficient attribute-based encryption with hidden access structures[J]. Journal of Xidian University:Natural Science,2015,42(3):97-102.)
[12]刘雪艳,郑等凤.基于素数群完全隐藏访问策略的CP-ABE方案[J].计算机工程,2016,42(10):140-145.(Liu Xueyan,Zheng Dengfeng. CP-ABE scheme based on prime group with fully hidden access structure[J]. Computer Engineering,2016,42(10):140-145.)