CN105871543A - Attribute-based multi-keyword ciphertext retrieval method under background of multiple data owners - Google Patents
Attribute-based multi-keyword ciphertext retrieval method under background of multiple data owners Download PDFInfo
- Publication number
- CN105871543A CN105871543A CN201610188151.3A CN201610188151A CN105871543A CN 105871543 A CN105871543 A CN 105871543A CN 201610188151 A CN201610188151 A CN 201610188151A CN 105871543 A CN105871543 A CN 105871543A
- Authority
- CN
- China
- Prior art keywords
- represent
- node
- ciphertext
- index
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/045—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses an attribute-based multi-keyword ciphertext retrieval method under the background of multiple data owners and mainly solves a problem that the existing technology only supports single-keyword ciphertext retrieval. A technical scheme of the method comprises the following steps that a searchable encryption technology and an encryption strategy based on the ciphertext attribute are combined, and a keyword set index is established under the scene of multiple data owners according to access structures of the data owners and a keyword set of the ciphertext; a data user generates a trap door according to a query keyword set; and the data user utilizes the trap door to realize multi-keyword query of the ciphertext. According to the method, the load of local data storage and management of the data owners is relieved, and the method supports the data user to carry out multi-keyword precise query on the ciphertext and can be used for realizing fine-grained access control and safe and efficient retrieval of the ciphertext data under the cloud storage background.
Description
Technical field
The invention belongs to technical field of cryptology, be specifically related to data encryption, access control and searching ciphertext technology, can
For realizing fine-granularity access control, the safety of ciphertext data and efficient retrieval under cloud storage background.
Background technology
Popular along with cloud computing technology, increasing enterprise customer and individual by their local datastore to " sincere
Real but curiosity " cloud server is to enjoy real-time, high-quality application from configurable computer resource sharing pond
And service.Therefore, data storage service becomes one of most basic service in cloud computing application, and cloud storage service decreases this
The burden of ground storage management, it is to avoid expense in software and hardware facilities and personnel's maintenance, but Cloud Server cannot be rented to cloud
Family confirms that it has believable storage capacity.Cloud storage brings huge facility to cloud tenant, and improve data and service can
By property and reliability, but the most inevitably bring the risk that data-privacy reveals simultaneously.
In cloud storage, the most compromised for ensureing the privacy of data, encryption storage is the most original method.Cloud tenant is to bright
After literary composition data encryption, upload to cloud server CSP with ciphertext form.Although data encryption system can ensure data safety,
But the data of ciphertext form are while hiding Sensitive data content, data file is also made to lose the ability being retrieved.
In this case, if cloud tenant requires to look up certain document in ciphertext data set, then need to download whole ciphertext data
Collect and decipher, it is clear that this mode can cause great network overhead and computing cost.For an above-mentioned difficult problem, the most most popular
One of solution is namely based on the encryption SE technology that can search for of keyword, and this retrieval technique permission user had by keyword
Optionally retrieve data file, substantially increase recall precision.
And the safety developing into searching ciphertext technology of cloud storage proposes new requirement, evoke sending out of cipher theory
Exhibition.Come from this, a kind of can realize being suggested based on encryption attribute ABE technology of fine-granularity access control.Encryption attribute agreement
Encryption attribute agreement CP-ABE of Ciphertext policy and encryption attribute agreement KP-ABE of key strategy can be divided into.Define from both
From the point of view of, CP-ABE agreement is substantially better than KP-ABE agreement, this is because in CP-ABE agreement, encipherer solves without specifying certain
Close person is as unique deciphering person, and is dependent on one group of attribute and an access control policy, if the community set of cloud tenant
The access control policy specified, then the private key decrypting ciphertext that cloud tenant can generate can be met according to property set;This agreement simultaneously
There is enough flexibilities, it is possible to realize the access privilege control of cloud tenant at multi-user scene.Therefore, based on attribute search
Rope encryption technology achieves the secrecy of data and shares and fine-grained access control function.
Although the existing encryption technology that can search for achieves the searching ciphertext of single keyword, but this mechanism can produce huge
Big computing cost and the incoherent ciphertext of return, thus waste substantial amounts of bandwidth and calculate resource.Based on this, design is supported many
The searching ciphertext technology of keyword is particularly important.On the one hand, multiple key search statement can be pin-pointed to required
Document ciphertext;On the other hand good user's search experience is provided the user.And existing based on attribute can search for encryption
Technology can only support single key search, the most not yet considers to there is multiple data owner's scene.More complicated in order to be applicable to
Application scenarios and meet the more application demand of cloud tenant, expand to can search for by attribute encryption technology the most safely and efficiently
It encipherment scheme is the key point of cryptographic algorithm design.
Summary of the invention
Present invention aims to the defect of above-mentioned prior art, propose a kind of base under many data owners background
In the multiple key cipher text retrieval method of attribute, with under more complicated multiple-user retrieval application scenarios, reduce the calculating of retrieval
Expense, accurately carries out multiple key searching ciphertext.
For achieving the above object, the cryptography scheme that the present invention uses includes:
(1) system initialization: third party's trusted servers TTS generates PKI pk, master key mk and conventional encryption algorithm
Symmetric key Φ;
(2) private key generates: third party's trusted servers TTS is according to the property set S of data user DU, master key mk, PKI
The access structure P of pk and data owner DO generates private key sk;
(3) index is set up: data owner DO symmetric key Ф encrypted document, generates ciphertext C, then according to accessing knot
Structure P and set of keywords W are that index I set up by document, finally ciphertext C and index I are uploaded to Cloud Server CSP;
(4) trapdoor generates: data user DU generates trapdoor T according to key word of the inquiry collection W', and trapdoor T submits to cloud clothes
Business device CSP;
(5) cipher text searching: trapdoor T and index I is mated, close for the document meeting matching condition by Cloud Server CSP
Collected works RC is sent to data user DU.
Present invention have the advantage that
(1) present invention can support query on several keys under many data owners share the application scenarios of data, can be quickly
Document ciphertext needed for location.
(2) ciphertext index constructed in the present invention and access structure, can alleviate the burden of local datastore management, real
Existing fine-granularity access control.
(3) present invention uses the encryption attribute strategy of ciphertext on the basis of can search for encryption technology, can resist keyword
Guessing attack and guarantee keyword privacy.
(4) method that the present invention provides has feasibility in actual application scenarios.
To sum up, the present invention uses the encryption attribute strategy of ciphertext on the basis of can search for encryption technology, gathers around in many data
Under the person's of having scene, data user initiates query on several keys request, can be accurately positioned required ciphertext document, reduces local number
According to the expense of storage management, and method can resist keyword guessing attack.
Accompanying drawing explanation
Fig. 1 is the actual scene figure of the present invention;
Fig. 2 be the present invention realize general flow chart;
Fig. 3 is the system initialization sub-process figure in the present invention;
Fig. 4 is the sub-process figure generating private key in the present invention;
Fig. 5 is to set up index in the present invention and generate the schematic diagram of ciphertext;
Fig. 6 is the schematic diagram generating trapdoor in the present invention;
Fig. 7 is the sub-process figure searching for ciphertext in the present invention.
Detailed description of the invention
With reference to Fig. 1, the present invention is as a example by individual health record PHR storage system, and this actual scene includes four entities: can
Letter third party TTS, Cloud Server CSP, multiple data owner DO and data user DU.Trusted third party TTS generates PKI
Pk, private key sk and symmetric key Φ;Cloud Server CSP is used for storing data ciphertext;Multiple data owner DO, such as patient
It is responsible for encrypted document and creates index;Data user DU, such as doctor may search for ciphertext.
With reference to Fig. 2, the present invention is multiple key searching ciphertext based on attribute under many data owners background, and it realizes step
Suddenly include the following:
Step 1, system initialization
Reference Fig. 3, being implemented as follows of this step:
(1a) third party's trusted servers TTS, is calculated PKI pk=according to overall situation common parameter Q and property set U
(G1,G2,e,h1,h2, q, g, X, Y, Z), master key mk=(α, beta, gamma) and symmetric key Φ, this symmetric key Φ are by passing
System symmetric encipherment algorithm is calculated;Wherein G1Being q rank addition cyclic groups, g is G1Generation unit, G2It is q factorial method cyclic group, e
It is bilinear map G1×G1→G2, h1Representing will set { 0,1}*It is mapped to G1Hash function, h2Representing will set { 0,1}*Reflect
It is mapped to ZqHash function, ZqBeing q rank integer items, X represents the first intermediate variable: X=gα, Y represents the second intermediate variable: Y=gβ, Z represents the 3rd intermediate variable: Z=gγ, α represents the first random number: α ∈ Zq, β represents the second random number β ∈ Zq, γ represents
Three random numbers: γ ∈ Zq;
(1b) PKI and symmetric key are sent to data owner and data user by third party's trusted servers TTS;
(1c) third party's trusted servers TTS this locality preserves PKI and master key.
Step 2, generates private key
With reference to Fig. 4, being accomplished by of this step
(2a) data user DU submits property set S to third party's trusted servers TTS;
(2b) data owner DO is that document D specifies access structure P, this access structure P to be a kind of tree structures, in tree
Each node includes multinomial and threshold value:
(2b1) it is that root node r chooses multinomial qr(v) and threshold value krV (), wherein v is independent variable, as independent variable v=0
Time, qr(0)=r2, threshold value krScope 1≤the k of (v)r(v)≤numr, numrRepresent root node r child node number;
(2b2) it is that non-leaf nodes x chooses multinomial qx(v) and threshold value kx(v), multinomial qxV () meets following bar
Part:
dx(v)=kx(v)-1,
qx(0)=qparent(x)(index(x));
Wherein dxV () represents qxThe degree of polynomial of (v), and as independent variable v=0, qx(0)=qparent(x)(index
(x)), parent (x) represents the father node of node x, and index (x) represents the order of parent (x) child node, threshold value kx(v)
Scope 1≤kx(v)≤numx, numxRepresent node x child node number;
(2b3) it is that leaf node chooses multinomial qy(v) and threshold value ky(v), wherein multinomial qy(v)=S, threshold value
ky(v)=1;
(2c) whether third party's trusted servers TTS checking property set S meets data owner DO and refers at index setting up
Fixed access structure P:
If being unsatisfactory for, then it is assumed that this data user is illegal, terminate;
If meeting, then third party's trusted servers TTS will be calculated private key: sk=(π, { λj,μj})j∈S;
Wherein π represents the 4th intermediate variable: π=g(αγ-r)/β, λjRepresent the 5th intermediate variable:μjRepresent
6th intermediate variable:R represents the 4th random number: r ∈ Zq, rjRepresent the 5th random number: rj∈Zq, attribute j ∈ S;
(2d) the data user DU that this private key is sent to by third party's trusted servers TTS.
Step 3, sets up index
With reference to Fig. 5, being accomplished by of this step
(3a) every record d in document D is set up set of keywords W by data owner DO respectivelydWith key word index I:
Wd={ w1,...,wi,...,wm,
I={I1,...,Ii,...,Im};
Wherein wiRepresent set of keywords WdI-th keyword, i ∈ 1 ..., m}, m represent the quantity of set of keywords;IiTable
Show the keyword w of correspondenceiIndex, if IiValue be not 0, represent record d contain keyword wi;Otherwise, there is not this pass in expression
Key word wi;
(3b) data owner DO with PKI pk to set of keywords WdIt is encrypted as:Wherein δiExpression is public
Key pk cryptography key word wiAfter ciphertext, Represent the 7th intermediate variable: Represent in the middle of the 8th
Variable: Represent the 9th intermediate variable:r1Represent the 6th random number: r1∈Zq, r2Represent that the 7th is random
Number: r2∈Zq;
(3c) data owner DO leaf node attribute in public key encryption access structure P: { δy,θy}y∈ln, wherein δyTable
Show the tenth intermediate variable:θyRepresent the 11st intermediate variable:Att (y) represents leaf knot
The property value of point, ln represents that leafy node set, y represent the leaf node in ln, qy(0) represent that leaf node multinomial is from becoming
Value when measuring 0;
(3d) data owner DO uploads to Cloud Server CSP index I and document ciphertext C, wherein indexesC=EncΦ(d), wherein EncΦD record d is added by () expression symmetric key Φ
Close.
Step 4, generates trapdoor
With reference to Fig. 6, being accomplished by of this step
(4a) data user DU submits key word of the inquiry collection W'={w to1',...,wj',...,wt', wherein wj' represent be
Jth key word of the inquiry in key word of the inquiry collection W', j ∈ 1 ..., t}, t represent W' key word of the inquiry collection quantity;
(4b) data user DU according to key word of the inquiry collection W', private key sk and property set S calculate generate trapdoor: T=(S,
T1,T2,T3,{λj',μj'}j∈S), wherein T1Represent the 13rd intermediate variable:S represents the 8th random number:
s∈Zq, T2Represent the 14th intermediate variable: T2=gsγ, T3Represent the 15th intermediate variable: T3=πs, λj' represent in the middle of the 16th
Variable:μj' expression the 17th intermediate variable:
(4c) data user DU submits trapdoor T to Cloud Server CSP.
Step 5, cipher text searching
With reference to Fig. 7, being accomplished by of this step
(5a) data user submits to property value S and trapdoor T to Cloud Server CSP;
(5b) the most satisfied access structure P specified of the property value S of Cloud Server CSP checking data user:
If being unsatisfactory for, representing that user is illegal, terminating;
If data user property value S meets access structure P, then perform step (5c);
(5c) intermediate quantity D of root node is calculated according to recursive algorithmr;
(5c1) leaf node intermediate quantity is calculated:Wherein qy(0) table
Leaf node multinomial q when showing independent variable v=0yThe value of (v);
(5c2) root node intermediate quantity is calculated:If access structure P only has two-layer, now child node
Intermediate quantity DxEqual to leafy node intermediate quantity Dy, can solveTerminate recurrence;Otherwise to DxCall and pass
Pushing-typeContinue to solve, during until recurrence is to the father node of leaf node, can solveTerminate recurrence;Wherein operatorI table index (x), ψxRepresent x node
Random child node set, | ψx|=kx(v), | ψx| represent set ψxSize, j be set ψxIn element;OperatorX' is the child node of node x, ψx'Represent the random child node set of x' node, | ψx'|=kx'
(v), | ψx'| represent set ψx'Size;
(5d) according to intermediate quantity D of root noderObtain following two expression formulas:
First expression formula:
Second expression formula:
(5e) Cloud Server CSP judges whether trapdoor T and index I mates, and i.e. judges
Whether set up:
If equation is unequal, then terminate;
If equation is equal, Cloud Server CSP sends inquiry ciphertext to the data user meeting matching condition.
Above description is only example of the present invention, does not constitute any limitation of the invention.Obviously for this
For the professional in field, after understanding present invention and principle, all may be before without departing substantially from the principle of the invention, structure
Put, carry out correction and the improvement of algorithm, but these corrections based on inventive algorithm and improvement are wanted in the right of the present invention
Within seeking protection domain.
Claims (7)
1. multiple key cipher text retrieval method based on attribute under more than data owner background, including:
(1a) system initialization: third party's trusted servers TTS generates the right of PKI pk, master key mk and conventional encryption algorithm
Claim key Φ;
(1b) private key generates: third party's trusted servers TTS according to the property set S of data user DU, master key mk, PKI pk with
And the access structure P of data owner DO generates private key sk;
(1c) index is set up: data owner DO symmetric key Φ encrypted document, generates ciphertext C, then according to access structure P
It is that index I set up by document with set of keywords W, finally ciphertext C and index I is uploaded to Cloud Server CSP;;
(1d) trapdoor generates: data user DU generates trapdoor T according to key word of the inquiry collection W', and trapdoor T is submitted to cloud service
Device CSP;
(1e) cipher text searching: trapdoor T and index I is mated, the document ciphertext collection meeting matching condition by Cloud Server CSP
RC is sent to data user DU.
Method the most according to claim 1, wherein in step (1a), PKI pk, master key mk are expressed as follows:
Pk=(G1,G2,e,h1,h2, q, g, X, Y, Z),
Mk=(α, β, γ);
Wherein G1Being q rank addition cyclic groups, g is G1Generation unit, G2Being q factorial method cyclic group, e is bilinear map G1×G1→
G2, h1Representing will set { 0,1}*It is mapped to G1Hash function, h2Representing will set { 0,1}*It is mapped to ZqHash function, Zq
Being q rank integer items, X represents the first intermediate variable: X=gα, Y represents the second intermediate variable: Y=gβ, Z represents the 3rd intermediate variable:
Z=gγ, α represents the first random number: α ∈ Zq, β represents the second random number β ∈ Zq, γ represents the 3rd random number: γ ∈ Zq。
Method the most according to claim 1, the wherein foundation of access structure P and the generation of private key sk in step (1b), press
Following steps are carried out:
(1b1) access structure P is a kind of tree structure, and each node in tree includes multinomial and threshold value;Select for root node r
Take multinomial qr(v) and threshold value kr(v), wherein v is independent variable, as independent variable v=0, qr(0)=r2, threshold value kr(v)
Scope 1≤kr(v)≤numr, numrRepresent root node r child node number;
(1b2) it is that non-leaf nodes x chooses multinomial qx(v) and threshold value kx(v), multinomial qxV () meets following condition:
dx(v)=kx(v)-1,
qx(0)=qparent(x)(index(x));
Wherein dxV () represents qxThe degree of polynomial of (v), and as independent variable v=0, qx(0)=qparent(x)(index (x)),
Parent (x) represents the father node of node x, and index (x) represents the order of parent (x) child node, threshold value kxThe model of (v)
Enclose 1≤kx(v)≤numx, numxRepresent node x child node number;
(1b3) it is that leaf node chooses multinomial qy(v) and threshold value ky(v), wherein multinomial qy(v)=S, threshold value ky(v)
=1;
(1b4) expression formula of private key is as follows:
Sk=(π, { λj,μj})j∈S;
Wherein π represents the 4th intermediate variable: π=g(αγ-r)/β, λjRepresent the 5th intermediate variable:μjRepresent the 6th
Intermediate variable:R represents the 4th random number: r ∈ Zq, rjRepresent the 5th random number: rj∈Zq, attribute j ∈ S.
Method the most according to claim 1, wherein sets up index I and generates ciphertext C, entering as follows in step (1c)
OK:
(1c1) every record d in document D is set up set of keywords W by data owner DO respectivelydWith key word index I:
Wd={ w1,...,wi,...,wm,
I={I1,...,Ii,...,Im};
Wherein wiRepresent set of keywords WdI-th keyword, i ∈ 1 ..., m}, m represent the quantity of set of keywords;IiIt is right to represent
The keyword w answerediIndex, if IiValue be not 0, represent record d contain keyword wi;Otherwise, there is not this keyword in expression
wi;
(1c2) data owner DO with PKI pk to set of keywords WdIt is encrypted as:
Wherein δiRepresent with PKI pk cryptography key word wiAfter ciphertext, Represent the 7th intermediate variable: Represent the 8th intermediate variable: Represent the 9th intermediate variable:r1Represent the 6th random number:
r1∈Zq, r2Represent the 7th random number: r2∈Zq;
(1c3) in data owner DO public key encryption access structure P, leaf node attribute is:
{δy,θy}y∈ln;
Wherein δyRepresent the tenth intermediate variable:θyRepresent the 11st intermediate variable:att
Y () represents the property value of leafy node, ln represents leafy node set, and y represents the leaf node in ln, qy(0) leaf is represented
Node multinomial independent variable takes value when 0;
(1c4) data owner DO generation index I is:
(1c5) ciphertext C of data owner DO encryption is: C=EncΦ(d), wherein EncΦ(d) expression with symmetric key Φ to note
Record d is encrypted.
Method the most according to claim 1, the wherein generation of trapdoor T in step (1d), carry out as follows:
(1d1) data user DU submission key word of the inquiry collection:
W'={w1',...,wj',...,wt'};
Wherein wj' represent it is jth key word of the inquiry in key word of the inquiry collection W', j ∈ 1 ..., t}, t represent W' inquiry key
Word collection quantity;
(1d2) data user DU calculates according to key word of the inquiry collection W', private key sk and property set S and generates trapdoor:
T=(S, T1,T2,T3,{λj',μj'}j∈S);
Wherein T1Represent the 13rd intermediate variable:S represents the 8th random number: s ∈ Zq, T2Represent the 14th
Intermediate variable: T2=gsγ, T3Represent the 15th intermediate variable: T3=πs, λj' expression the 16th intermediate variable:μj'
Represent the 17th intermediate variable:j∈S。
Method the most according to claim 1, wherein mates, as follows trapdoor T and index I in step (1e)
Carry out:
(1e1), after Cloud Server CSP gets data user's inquiry request, whether the property set S of checking data user meets refers to
Fixed access structure P, if being unsatisfactory for, terminates inquiry;
If (1e2) data user's property set S meets access structure P, then calculate intermediate quantity D of root node according to recursive algorithmr:
(1e3) according to intermediate quantity D of root noderObtain following two expression formulas:
First expression formula:
Second expression formula:
(1e4) Cloud Server CSP judges trapdoor T=(S, T1,T2,T3,{λj',μj'}j∈S) and indexWhether mate, i.e. judgeWhether become
Vertical, if equation is unequal, then terminate;If equation is equal, Cloud Server CSP sends inquiry to the data user meeting matching condition
Ciphertext.
Method the most according to claim 6, the wherein centre being calculated root node by recursive algorithm described in step (1e2)
Amount Dr, carry out as follows:
(1e21) leaf node intermediate quantity is calculated:Wherein qy(0) represent certainly
Leaf node multinomial q during variable v=0yThe value of (v);
(1e22) root node intermediate quantity is calculated:If access structure P only has two-layer, now in child node
Area of a room DxEqual to leafy node intermediate quantity Dy, can solveTerminate recurrence;Otherwise to DxCall recursion
FormulaContinue to solve, during until recurrence is to the father node of leaf node, can solveTerminate recurrence;Wherein operatorI table index (x), ψxRepresent x node
Random child node set, | ψx|=kx(v), | ψx| represent set ψxSize, j be set ψxIn element;OperatorX' is the child node of node x, ψx'Represent the random child node set of x' node, | ψx'|=kx'
(v), | ψx'| represent set ψx'Size.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610188151.3A CN105871543B (en) | 2016-03-29 | 2016-03-29 | Multiple key cipher text retrieval method under more data owner's backgrounds based on attribute |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610188151.3A CN105871543B (en) | 2016-03-29 | 2016-03-29 | Multiple key cipher text retrieval method under more data owner's backgrounds based on attribute |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105871543A true CN105871543A (en) | 2016-08-17 |
CN105871543B CN105871543B (en) | 2019-02-15 |
Family
ID=56626398
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610188151.3A Active CN105871543B (en) | 2016-03-29 | 2016-03-29 | Multiple key cipher text retrieval method under more data owner's backgrounds based on attribute |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105871543B (en) |
Cited By (27)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106559422A (en) * | 2016-11-10 | 2017-04-05 | 西安电子科技大学 | Multidimensional ciphertext interval query method based on key agreement |
CN106657059A (en) * | 2016-12-21 | 2017-05-10 | 哈尔滨工业大学深圳研究生院 | Database query method and system having access control function |
CN107291851A (en) * | 2017-06-06 | 2017-10-24 | 南京搜文信息技术有限公司 | Ciphertext index building method and its querying method based on encryption attribute |
CN107395568A (en) * | 2017-06-21 | 2017-11-24 | 西安电子科技大学 | A kind of cipher text retrieval method of more data owner's certifications |
CN107958163A (en) * | 2017-12-07 | 2018-04-24 | 江苏大学 | Real-time dynamic data secure storage management system based on cloud platform |
CN108156140A (en) * | 2017-12-13 | 2018-06-12 | 西安电子科技大学 | A kind of multiple key that numerical attribute is supported to compare can search for encryption method |
CN108599937A (en) * | 2018-04-20 | 2018-09-28 | 西安电子科技大学 | A kind of public key encryption method that multiple key can search for |
CN109086615A (en) * | 2018-08-03 | 2018-12-25 | 上海海事大学 | A kind of support multiple key search public key encryption method of anti-keyword guessing attack |
CN109299804A (en) * | 2018-11-19 | 2019-02-01 | 安徽师范大学 | Medical appointment registration system with doctor's function of search |
CN109740362A (en) * | 2019-01-03 | 2019-05-10 | 中国科学院软件研究所 | A kind of ciphertext index generation and search method and system based on entropy coding |
CN109981736A (en) * | 2019-02-22 | 2019-07-05 | 南京理工大学 | A kind of dynamic public audit method for supporting user and Cloud Server to trust each other |
CN110222081A (en) * | 2019-06-08 | 2019-09-10 | 西安电子科技大学 | Data cryptogram search method based on fine granularity sequence under multi-user environment |
CN110224986A (en) * | 2019-05-07 | 2019-09-10 | 电子科技大学 | It is a kind of that access control method efficiently can search for based on hiding strategy CP-ABE |
CN110427771A (en) * | 2019-06-25 | 2019-11-08 | 西安电子科技大学 | What a kind of search modes were hidden can search for encryption method, Cloud Server |
CN111027084A (en) * | 2019-12-09 | 2020-04-17 | 湖南大学 | Fine-grained authorized keyword security query method based on attribute-based encryption |
CN111177787A (en) * | 2020-01-02 | 2020-05-19 | 西北工业大学 | Attribute-based connection keyword searching method in multi-data owner environment |
CN107948146B (en) * | 2017-11-20 | 2020-07-17 | 武汉科技大学 | Connection keyword retrieval method based on attribute encryption in hybrid cloud |
CN111444140A (en) * | 2020-03-24 | 2020-07-24 | 东南大学 | CPBE-based file ciphertext fast searching method |
CN111556048A (en) * | 2020-04-26 | 2020-08-18 | 山东师范大学 | Attribute-based secure communication method and system supporting ciphertext mode matching |
CN111614470A (en) * | 2020-05-27 | 2020-09-01 | 贵州大学 | Verifiable multi-keyword search method based on improved Merkle-Tree authentication method |
CN111930688A (en) * | 2020-09-23 | 2020-11-13 | 西南石油大学 | Method and device for searching secret data of multi-keyword query in cloud server |
CN112100649A (en) * | 2020-08-06 | 2020-12-18 | 华南理工大学 | Multi-keyword searchable encryption method and system supporting Boolean access control strategy |
CN112311781A (en) * | 2020-10-23 | 2021-02-02 | 西安电子科技大学 | Encryption method with safe forward and backward direction and recoverable keyword shielding |
CN112380553A (en) * | 2020-11-25 | 2021-02-19 | 华南理工大学 | Multi-key searchable encryption method and system based on attribute access control structure |
CN114244498A (en) * | 2021-12-06 | 2022-03-25 | 国网河南省电力公司电力科学研究院 | Dynamic searchable public key encryption method with forward security |
CN115174568A (en) * | 2022-06-23 | 2022-10-11 | 南京信息工程大学 | Attribute-based ciphertext retrieval method |
CN116910788A (en) * | 2023-08-15 | 2023-10-20 | 广州粤建三和软件股份有限公司 | Searchable encryption management method and device for service data and storage medium |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103944711A (en) * | 2014-02-17 | 2014-07-23 | 国家超级计算深圳中心 | Cloud storage ciphertext retrieval method and system |
CN104363215A (en) * | 2014-11-04 | 2015-02-18 | 河海大学 | Encryption method and system based on attributes |
CN104780161A (en) * | 2015-03-23 | 2015-07-15 | 南京邮电大学 | Searchable encryption method supporting multiple users in cloud storage |
CN104852801A (en) * | 2015-02-13 | 2015-08-19 | 陕西师范大学 | Searchable public key encryption method |
-
2016
- 2016-03-29 CN CN201610188151.3A patent/CN105871543B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103944711A (en) * | 2014-02-17 | 2014-07-23 | 国家超级计算深圳中心 | Cloud storage ciphertext retrieval method and system |
CN104363215A (en) * | 2014-11-04 | 2015-02-18 | 河海大学 | Encryption method and system based on attributes |
CN104852801A (en) * | 2015-02-13 | 2015-08-19 | 陕西师范大学 | Searchable public key encryption method |
CN104780161A (en) * | 2015-03-23 | 2015-07-15 | 南京邮电大学 | Searchable encryption method supporting multiple users in cloud storage |
Non-Patent Citations (1)
Title |
---|
WENHAI SUN∗†: "Protecting Your Right: Attribute-based Keyword Search with Fine-grained Owner-enforced Search Authorization in the Cloud", 《IEEE INFOCOM 2014-IEEE CONFERENCE ON COMPUTER COMMUNICATIONS》 * |
Cited By (38)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106559422A (en) * | 2016-11-10 | 2017-04-05 | 西安电子科技大学 | Multidimensional ciphertext interval query method based on key agreement |
CN106559422B (en) * | 2016-11-10 | 2019-04-23 | 西安电子科技大学 | Multidimensional ciphertext interval query method based on key agreement |
WO2018113563A1 (en) * | 2016-12-21 | 2018-06-28 | 哈尔滨工业大学深圳研究生院 | Database query method and system having access control function |
CN106657059A (en) * | 2016-12-21 | 2017-05-10 | 哈尔滨工业大学深圳研究生院 | Database query method and system having access control function |
CN107291851A (en) * | 2017-06-06 | 2017-10-24 | 南京搜文信息技术有限公司 | Ciphertext index building method and its querying method based on encryption attribute |
CN107291851B (en) * | 2017-06-06 | 2020-11-06 | 南京搜文信息技术有限公司 | Ciphertext index construction method based on attribute encryption and query method thereof |
CN107395568A (en) * | 2017-06-21 | 2017-11-24 | 西安电子科技大学 | A kind of cipher text retrieval method of more data owner's certifications |
CN107948146B (en) * | 2017-11-20 | 2020-07-17 | 武汉科技大学 | Connection keyword retrieval method based on attribute encryption in hybrid cloud |
CN107958163A (en) * | 2017-12-07 | 2018-04-24 | 江苏大学 | Real-time dynamic data secure storage management system based on cloud platform |
CN108156140A (en) * | 2017-12-13 | 2018-06-12 | 西安电子科技大学 | A kind of multiple key that numerical attribute is supported to compare can search for encryption method |
CN108156140B (en) * | 2017-12-13 | 2020-10-30 | 西安电子科技大学 | Multi-keyword searchable encryption method supporting numerical value attribute comparison |
CN108599937A (en) * | 2018-04-20 | 2018-09-28 | 西安电子科技大学 | A kind of public key encryption method that multiple key can search for |
CN108599937B (en) * | 2018-04-20 | 2020-10-09 | 西安电子科技大学 | Multi-keyword searchable public key encryption method |
CN109086615A (en) * | 2018-08-03 | 2018-12-25 | 上海海事大学 | A kind of support multiple key search public key encryption method of anti-keyword guessing attack |
CN109299804A (en) * | 2018-11-19 | 2019-02-01 | 安徽师范大学 | Medical appointment registration system with doctor's function of search |
CN109740362A (en) * | 2019-01-03 | 2019-05-10 | 中国科学院软件研究所 | A kind of ciphertext index generation and search method and system based on entropy coding |
CN109981736A (en) * | 2019-02-22 | 2019-07-05 | 南京理工大学 | A kind of dynamic public audit method for supporting user and Cloud Server to trust each other |
CN109981736B (en) * | 2019-02-22 | 2021-09-21 | 南京理工大学 | Dynamic public auditing method supporting mutual trust of user and cloud server |
CN110224986A (en) * | 2019-05-07 | 2019-09-10 | 电子科技大学 | It is a kind of that access control method efficiently can search for based on hiding strategy CP-ABE |
CN110222081A (en) * | 2019-06-08 | 2019-09-10 | 西安电子科技大学 | Data cryptogram search method based on fine granularity sequence under multi-user environment |
CN110222081B (en) * | 2019-06-08 | 2022-04-19 | 西安电子科技大学 | Data ciphertext query method based on fine-grained sequencing in multi-user environment |
CN110427771A (en) * | 2019-06-25 | 2019-11-08 | 西安电子科技大学 | What a kind of search modes were hidden can search for encryption method, Cloud Server |
CN111027084A (en) * | 2019-12-09 | 2020-04-17 | 湖南大学 | Fine-grained authorized keyword security query method based on attribute-based encryption |
CN111177787A (en) * | 2020-01-02 | 2020-05-19 | 西北工业大学 | Attribute-based connection keyword searching method in multi-data owner environment |
CN111177787B (en) * | 2020-01-02 | 2022-12-06 | 西北工业大学 | Attribute-based connection keyword searching method in multi-data owner environment |
CN111444140A (en) * | 2020-03-24 | 2020-07-24 | 东南大学 | CPBE-based file ciphertext fast searching method |
CN111556048A (en) * | 2020-04-26 | 2020-08-18 | 山东师范大学 | Attribute-based secure communication method and system supporting ciphertext mode matching |
CN111556048B (en) * | 2020-04-26 | 2022-04-01 | 山东师范大学 | Attribute-based secure communication method and system supporting ciphertext mode matching |
CN111614470A (en) * | 2020-05-27 | 2020-09-01 | 贵州大学 | Verifiable multi-keyword search method based on improved Merkle-Tree authentication method |
CN112100649A (en) * | 2020-08-06 | 2020-12-18 | 华南理工大学 | Multi-keyword searchable encryption method and system supporting Boolean access control strategy |
CN111930688A (en) * | 2020-09-23 | 2020-11-13 | 西南石油大学 | Method and device for searching secret data of multi-keyword query in cloud server |
CN112311781B (en) * | 2020-10-23 | 2021-11-12 | 西安电子科技大学 | Encryption method with safe forward and backward direction and recoverable keyword shielding |
CN112311781A (en) * | 2020-10-23 | 2021-02-02 | 西安电子科技大学 | Encryption method with safe forward and backward direction and recoverable keyword shielding |
CN112380553A (en) * | 2020-11-25 | 2021-02-19 | 华南理工大学 | Multi-key searchable encryption method and system based on attribute access control structure |
CN114244498A (en) * | 2021-12-06 | 2022-03-25 | 国网河南省电力公司电力科学研究院 | Dynamic searchable public key encryption method with forward security |
CN115174568A (en) * | 2022-06-23 | 2022-10-11 | 南京信息工程大学 | Attribute-based ciphertext retrieval method |
CN116910788A (en) * | 2023-08-15 | 2023-10-20 | 广州粤建三和软件股份有限公司 | Searchable encryption management method and device for service data and storage medium |
CN116910788B (en) * | 2023-08-15 | 2024-06-11 | 广州粤建三和软件股份有限公司 | Searchable encryption management method and device for service data and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN105871543B (en) | 2019-02-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105871543A (en) | Attribute-based multi-keyword ciphertext retrieval method under background of multiple data owners | |
CN107634829A (en) | Encrypted electronic medical records system and encryption method can search for based on attribute | |
Xue et al. | An attribute-based controlled collaborative access control scheme for public cloud storage | |
Thwin et al. | Blockchain‐based access control model to preserve privacy for personal health record systems | |
US10050968B2 (en) | Method, apparatus, and system for access control of shared data | |
CN104883254B (en) | Towards the ciphertext access control system and its access control method of cloud computing platform | |
WO2016197680A1 (en) | Access control system for cloud storage service platform and access control method therefor | |
CN112765650A (en) | Attribute-based searchable encryption block chain medical data sharing method | |
CN106559422B (en) | Multidimensional ciphertext interval query method based on key agreement | |
CN107395568A (en) | A kind of cipher text retrieval method of more data owner's certifications | |
CN104468615A (en) | Data sharing based file access and permission change control method | |
CN110866135B (en) | Response length hiding-based k-NN image retrieval method and system | |
CN111147508B (en) | Searchable attribute-based encryption method for resisting keyword guessing attack | |
CN111143471A (en) | Ciphertext retrieval method based on block chain | |
CN106612169A (en) | Safe data sharing method in cloud environment | |
CN109740364A (en) | The cipher text searching method based on attribute of controllable search permission | |
Kaushik et al. | Multi-user attribute based searchable encryption | |
Huang et al. | Privacy-preserving media sharing with scalable access control and secure deduplication in mobile cloud computing | |
CN107294701A (en) | The multidimensional ciphertext interval query device and querying method managed with efficient key | |
CN105790929B (en) | Access control method in a kind of encryption environment that rule-based redundancy is eliminated | |
CN108763940B (en) | Secret sharing based verifiable database encryption retrieval method and system | |
CN109740383A (en) | A kind of secret protection control method calculating medical system towards mist | |
CN107360252A (en) | A kind of Data Access Security method that isomery cloud domain authorizes | |
CN116663046A (en) | Private data sharing and retrieving method, system and equipment based on blockchain | |
CN108632257B (en) | Method and system for acquiring encrypted health record supporting hierarchical search |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |