CN111027084A - Fine-grained authorized keyword security query method based on attribute-based encryption - Google Patents
Fine-grained authorized keyword security query method based on attribute-based encryption Download PDFInfo
- Publication number
- CN111027084A CN111027084A CN201911247754.6A CN201911247754A CN111027084A CN 111027084 A CN111027084 A CN 111027084A CN 201911247754 A CN201911247754 A CN 201911247754A CN 111027084 A CN111027084 A CN 111027084A
- Authority
- CN
- China
- Prior art keywords
- data
- key
- attribute
- keyword
- access control
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 43
- 238000004364 calculation method Methods 0.000 claims abstract description 9
- 238000013475 authorization Methods 0.000 claims abstract description 7
- 230000008569 process Effects 0.000 claims description 14
- 125000004122 cyclic group Chemical group 0.000 claims description 2
- 239000000126 substance Substances 0.000 claims description 2
- 238000013507 mapping Methods 0.000 abstract description 2
- 238000011160 research Methods 0.000 description 5
- 238000002474 experimental method Methods 0.000 description 4
- 238000013500 data storage Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 230000008859 change Effects 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/14—Details of searching files based on file metadata
- G06F16/148—File search processing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Databases & Information Systems (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Data Mining & Analysis (AREA)
- Library & Information Science (AREA)
- Storage Device Security (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses a keyword security query method based on fine-grained authorization of attribute-based encryption in cloud computing, discloses a method applied to the field of cloud computing security and searchable encryption, and aims at the requirements on data searchability, confidentiality and fine-grained access control in the current cloud computing and the problems of the existing searchable encryption scheme based on attribute-based encryption: the method can not simultaneously support three judgment modes (an AND gate, an OR gate AND a threshold gate) AND has large calculation cost, AND an attribute-based encryption-based fine-grained authorization keyword security query method is constructed by utilizing an access control tree AND bilinear mapping, so that the judgment of the AND gate, the OR gate AND the threshold gate can be realized, AND the time cost can meet the practical application.
Description
Technical Field
The invention belongs to the field of cloud computing security and searchable encryption, and mainly relates to a fine-grained authorized keyword security query method based on attribute-based encryption in cloud computing.
Background
In recent years, with the rapid development of the internet industry and the continuous maturity of technologies such as the internet of things, the industry 4.0, machine intelligence and the like, the value of data is continuously highlighted, and the comprehensive treatment, value creation and data-based mode innovation of the data are also widely regarded. The proposal of the concept of cloud computing provides powerful support for the data storage use in the big data era. Currently, storing data in the cloud has become an important choice for various companies, government agencies, and even individuals.
The data storage in the cloud provides great convenience for users, and means that the data owner loses direct control over the data. Attacks by malicious users, improper management by cloud service providers, etc., can cause problems with the confidentiality, authenticity, and integrity of data. Therefore, how to ensure the security of data becomes an important research topic in cloud computing. Data encryption is an important way to ensure that data information is not leaked, and searchability is also an important guarantee for data use. In order to ensure the confidentiality and the searchability of data, the cryptographic primitive of 'searchable encryption' is firstly proposed in 2000, and the keyword search is completed on the ciphertext. The traditional searchable encryption can realize that a data user obtains a ciphertext file stored at a cloud server end by a data owner through keyword retrieval in a ciphertext environment, and the specific process is as follows: the data owner encrypts the data file and stores the data file into the cloud server, and the cloud server can search the keywords according to the trapdoor submitted by the data user and return the data file containing the keywords to the data user submitting the trapdoor. This traditional searchable encryption sees all data consumers as an equivalent group, with the same range of data they can access. However, for a data owner, the data stored at the cloud server may contain various kinds of data, and it is desirable that different kinds of data are provided for different user groups to be retrieved, that is, different user groups should have different data access rights. Taking a school as an example, if the whole school is regarded as an owner of school data, and staff members in different departments are regarded as data users, the access rights of the staff members in different rooms and different levels should be different, for example, for a scientific research project, a teacher who is a principal of the project should only have access to all file contents related to the project of the teacher and not have access to project information of other teachers; the college manager in charge of scientific research management of the college can check the basic information of all teacher projects of the college but cannot check the specific financial information; financial personnel at the financial department should have access to all teachers' scientific funding usage and project contracts but not to access the earlier declared materials for the project; teachers in different departments of the scientific research institute need to access various materials of examination and approval projects in the local department to complete examination and approval of the scientific research projects from application to acceptance, but cannot access the examination and approval projects in other departments, and under the condition, the access authority of the teachers needs to be determined according to the attributes of positions, departments and the like of data users. The scheme is characterized in that an access strategy is set in a secret key (ciphertext), the ciphertext (secret key) is attached with a corresponding attribute, and fine-grained access is realized through matching of the attribute and the access strategy. In recent years, many researchers have studied searchable encryption based on attribute-based encryption, while achieving fine-grained access control AND searchability, but some current schemes still have problems such as inability to support AND gates, OR gates AND threshold gates at the same time, OR inability to be applied to reality due to too much computational overhead.
Disclosure of Invention
The invention aims at the requirements of data searchability, confidentiality and fine-grained access control in the current cloud computing and the problems of the existing searchable encryption scheme based on attribute-based encryption: the method can not simultaneously support three judgment modes (an AND gate, an OR gate AND a threshold gate) AND has large calculation cost, AND an attribute-based encryption-based fine-grained authorization keyword security query method is constructed by utilizing an access control tree AND bilinear mapping, so that the judgment of the AND gate, the OR gate AND the threshold gate can be realized, AND the time cost can meet the practical application.
A fine-grained authorized keyword security query method based on attribute-based encryption comprises the following steps:
step 1: the data owner generates a public key and a system key based on the security parameters.
Data owner non-zero element set from p-order integer group
Randomly selects two elements α and generates a common parameter PK and two key sets sk using the randomly selected elements1And sk2To obtain a secret key
As follows:
wherein the content of the first and second substances,
is a cyclic multiplicative group with two orders both being large prime numbers p, g being
E is a bilinear map and satisfies e:
H1,H2representing two cryptographic hash functions, where H1Indicating that a string of arbitrary length is mapped to
An element of (1), H2Indicating that a string of arbitrary length is mapped to
One element of (1).
Step 2: the data owner encrypts the keywords and the data file and uploads them to the cloud server.
The specific process of the data owner in the whole process of encrypting the keywords w and the data file and uploading the encrypted keywords w and the data file to the cloud server is as follows:
1) the data owner encrypts the data file containing the keywords in the retrieval list by using a common symmetric encryption algorithm (such as AES, the key is k);
2) the data owner bases the keyword w on H1Is mapped as
One element of (1), noted as H1(w);
3) Data owner computing
Is obtained as
An element;
4) the data owner uses a bilinear map e and a key γ ═ r1,r2H, coding
To obtain
At the same time obtain
By epsilonγ(w) an encrypted key obtained by encrypting with the key γ;
5) the data owner defines an access control tree T for each key wwFine grained query of authorized keywords is realized, so that only the attributes of data users meet the access control tree T corresponding to the keywordswThen, the user can request data using the keyword: the data owner defines an access control tree T for each key wwAnd the access control tree T is sequentially arranged from the root node to the leaf nodewEach node x of (a) selects a polynomial qx,qxIs the threshold (threshold) of node x minus 1. For the root node R, a number is randomly selected to satisfy
So that the selected polynomial qRSatisfy qR(0) S, for other nodes, the selected polynomial qxSatisfy qx(0)=qp(x) (index (x)). Data owner based on encryption key epsilonγ(w) further constructing a data structure containing access control tree information while efficiently and effectively detecting a match with an authorized data user's submitted request trapdoor:
6) data structure CT constructed by data owner and containing key word information and access control tree information and capable of effectively and effectively detecting whether request trapdoor submitted by data user is matched with key wordwAnd the encrypted files containing the keyword w form an index table together, and the index table and the encrypted data file are uploaded to the cloud server together.
And step 3: the data owner distributes attributes and keys for the data users newly added into the data query system, and the control of the data access authority of the data users is realized.
The process of the data owner distributing the access authority to the data user newly added to the data query system is as follows:
(1) the data owner defines a set of attribute sets S for the data consumer and generates a key corresponding to S
Wherein r, raSet of non-zero elements all integer groups
And each attribute a in S corresponds to one ra。
(2) The data owner sends the key k of the encrypted file, the key gamma of the encrypted keyword, the attribute set S and SK generated according to S to the data user;
and 4, step 4: when a data consumer wants to search all documents containing a certain keyword w, the data consumer generates a trapdoor tr (w) for w.
The process of the data consumer generating the trapdoor of the keyword w is as follows:
1) the data user bases the keyword w on H1Is mapped as
One element of (1), noted as H1(w);
2) Data user slave
Randomly selecting an element lambda to obtain two random group elements
And gλ;
3) Data consumer usage gamma encryption
And gλFinally obtaining the trapdoor of the keyword w
And 5: the server submits a trapdoor Tr (w) to the cloud server according to a data user and keywords w stored in the server0Encrypted data CTw0Comparing, and returning the used keyword w/w if the matching is successful0Encrypted data file of (2), refusal number if matching is unsuccessfulAccording to the visit of the user, the whole process is ended.
Trapdoor Tr (w) submitted by user at server end and key word encrypted data CT stored in serverw0The process of obtaining the data file by comparison is as follows:
1) for w in server0Access control tree T for use in encryptionw0And each leaf node x in the tree, wherein the attribute related to x is represented by a ═ attr (x), and if the attribute a belongs to the attribute owned by the data user, namely a ∈ S, calculation is carried out
Otherwise, set Fx=⊥。
2) For the
Upper non-leaf node x according to threshold k of the nodexArbitrarily select kxEach node z forms a node of size kxNode x child node set SxWherein each node z satisfies F z1. At this time, Lagrange interpolation calculation is used
Wherein i is index (z),
is a Lagrange coefficient, if there is no such set of nodes, then F is definedx=⊥;
3) Computing an access control tree from bottom to top in accordance with the method of 2)
All non-leaf nodes in (1) up to the root node R, if FR⊥, the attribute of the data consumer is not satisfied with the access controlTreeing, i.e. without search key w by data consumer0The right of (1); if it is not
The server side continues to execute 4);
4) server side pass judgment
If yes, determining that w is w0Whether or not this is true. If w ═ w0If yes, the data user obtains the used containing key word w/w according to the information of the index list0The encrypted data file of (1); otherwise, it represents w0Not the keyword the data user inquires, continue to compare the next keyword in the index table, go back to 1). If all the keywords in the index have been compared and all the keywords in the index table are not matched with the query keywords, the data user is prompted that the file containing the keyword does not exist and step 6 is not executed any more.
Step 6: the data user can use the symmetric key k to decrypt the encrypted data file acquired from the server locally, and then the required data file can be acquired.
The key word security query method based on the attribute-based encryption and the fine-grained authorization provided by the invention is based on the idea of attribute encryption, combines the realization of a searchable encryption scheme, and realizes two breakthroughs from the two aspects of an attribute judgment mode and time overhead. On one hand, the invention provides a scheme which can realize the judgment of an AND gate, an OR gate AND a threshold gate on the attribute strategy at the same time; on the other hand, the time overhead of the scheme provided by the invention can meet the practical application. Based on the above two improvements, the Scheme has more advantages in an application system with complex attribute policy compared with the traditional searchable encryption Scheme, the searchable encryption Scheme implemented based on the Linear Secrecy Sharing Scheme (LSSS), and the searchable encryption established based on the combined Order bilinear-Order Group (pair-Order Group). The method is suitable for a system which needs to realize convenient file retrieval in cloud computing and simultaneously ensures that keywords and file information are not leaked.
Drawings
FIG. 1 is an overall flow diagram of the process of the present invention;
FIG. 2 is a diagram illustrating the time overhead for constructing a security index as the number of index keys changes when the number of data files is 2000 in an example;
FIG. 3 is a time overhead for constructing a security index as the number of data files changes, for an example index key number of 400;
FIG. 4 is a graph of the time overhead of trapdoor generation as a function of number of query keys in an example;
FIG. 5 is a graph illustrating the time overhead of a security query as a function of the number of index keys for an example data file of 2000;
FIG. 6 is a time overhead of a security query as a function of the number of data files, for an example index key number of 400;
the symbols in the figures are as follows:
LN number of leaf nodes in Access control Tree
a number of attributes
Detailed Description
The method of the present invention is further explained with reference to the drawings and the examples. The data of this embodiment includes 2000 files randomly elected from Request For Comments (RFC) and 600 index keys generated by a social WordFreequery Counter. RFC is a series of numbered software files related to Internet related information, and Hermetic Word Frequency Counter is a piece of software that counts the Frequency of occurrence of different words in a document. The environment realized by the embodiment is as follows: the operating system is Ubuntu 16.04, the GPU is 3.60-GHz Intelcore (TM) i7-7700, and the RAM is a server side of 8 GB; and the operating system is Windows 7, the GPU is 2.3-GHz Intelcore (TM) i5-6200U, and the RAM is a 4GB client. In addition, we realized the present invention by means of Java Pairing-based cryptography Library (JPBC).
A key word security query method based on attribute-based encryption and fine-grained authorization is disclosed, the work flow of which is shown in figure 1, and the method specifically comprises the following stages:
stage one: initializing a system: the data owner generates the public parameter PK and the system key sk according to actual needs1And sk2。
We generate a symmetric prime order bilinear group (i.e. Type a curve in JPBC) by JPBC. In this process only the bit length rBit of the medium order p needs to be specified and
and
the bit length qBit of the order of (1) can be obtained
The appropriate value can be selected according to the safety requirement and the performance requirement of the system. In this embodiment, let us say H1Is composed of
Let H2For the probabilistic algorithmic encoding proposed by Kobliz, the string information is mapped to
Of (1). Thus we obtain
Namely PK.
While we utilize JPBC slave
Method for randomly selecting elements to obtain two random numbers α0,β0And using the randomly selected elements to generate a common parameter PK and two key sets sk1And sk2Finally, the key is obtained
As follows:
and a second stage: and the data user uploads the data file to the cloud server.
In this embodiment, the specific implementation process is as follows:
the method comprises the following steps: a certain number of data files are selected from 2000 data files randomly selected from Request For Comments (RFC) and serve as data files uploaded to a cloud server by a data user.
In order to evaluate the relationship between the time overhead for constructing the security index and the time overhead for security query and the number of the data files, 200, 400, 600, …, 1800, and 2000 data files are sequentially selected as the data files of the cloud server uploaded by the data owner, and the time overhead for constructing the security index and the security query when the number of the keywords of different file numbers is 400 is measured.
Step two: the data owner obtains the keyword set of 2000 data files selected by the data owner by using a Hermetic Word Frequency Counter, and selects a certain number of keywords as keywords for constructing an index list according to experimental needs.
In this embodiment, in order to evaluate the relationship between the time overhead for constructing the security index and the time overhead for the security query and the number of the index keywords, 100, 200, …, 500, and 600 keywords are sequentially selected as the index keywords, and the time overhead for constructing the security index and the security query when the number of the different index keywords is 2000 is determined.
Step three: the data owner uses the symmetric encryption algorithm AES (key k)0) Encrypting the selected data file;
step four: for all keywords in the keyword set KS, data use firstly bases the keyword w on H1Is mapped as
One element of (1), noted as H1(w),Then calculate
Is obtained as
An element; then using the bilinear map e and the key γ ═ r1,r2H, coding
To obtain
At the same time obtain
The encrypted key obtained by encryption using the key γ is denoted by ∈ γ (w).
Step five: the data owner defines an access control tree T for each key wwFine grained query of authorized keywords is realized, so that only the attributes of data users meet the access control tree T corresponding to the keywordswThen, the user can request data using the keyword: the data owner defines an access control tree T for each key wwAnd the access control tree T is sequentially arranged from the root node to the leaf nodewEach node x of (a) selects a polynomial qx,,qxThe order of (c) is the threshold (threshold) of node x minus 1. For the root node R, a number is randomly selected to satisfy
So that the selected polynomial qRSatisfy qR(0) S, for other nodes, the selected polynomial qxSatisfy qx(0)=qp(x) (index (x)). Data owner based on encryption key epsilonγ(w) further constructing a data structure containing access control tree information while efficiently and effectively detecting a match with an authorized data user's submitted request trapdoor:
in order to evaluate the relationship between the time overhead for constructing the security index and the number of leaf nodes in the key access control tree, in this embodiment, when the time overhead for constructing the security index when the number of the key is 400 is measured for different file numbers and the time overhead for constructing the security index when the number of the key is 2000 is measured for different index numbers, the access control trees with the number of the leaf nodes of 5,10, and 15 are respectively constructed, and three sets of experiments are completed.
Step six: the data structure CT constructed by the data owner and containing the key word information and the access control tree information can realize the efficient and effective detection of whether the request trapdoor submitted by the data user is matched with the key wordwAnd the encrypted files containing the keyword w form an index table together, and the index table and the encrypted data file are uploaded to the cloud server together.
And a third stage: data user obtains data access authority from data owner
The method comprises the following steps: the data owner defines a set of attribute sets S for the data consumer and generates a key corresponding to S
Wherein r, raSet of non-zero elements all integer groups
And each attribute a in S corresponds to one ra。
In this embodiment, to evaluate the relationship between the time overhead for generating the trapdoor and the number of the attributes of the data user and the relationship between the time overhead for security query and the number of the attributes of the data user, when the time overhead for generating the trapdoor is determined as a function of the query keyword, the time overhead for security query is determined as a function of the number of the data files when the number of the keywords is 400, and the time overhead for security query is determined as a function of the number of the index keywords when the number of the data files is 2000, the number of the attributes of the data user is respectively set to be 5,10, and 15 (corresponding to the access control tree whose number of leaf nodes is 5,10, and 15), and three sets of experiments are completed.
Step two: key k for data owner to encrypt file0The key gamma of the encryption key, the attribute set S and the SK generated according to S are sent to the data user.
And a fourth stage: the data owner retrieves the required data file from the server.
The method comprises the following steps: the client (data user) will need to inquire the keyword w1According to H1Is mapped as
One element of (1), noted as H1(w1) Then from
Randomly selecting an element lambda to obtain two random group elements
And gλFollowed by gamma encryption
And gλFinally, the keyword w is obtained1Trapdoor
In this embodiment, in order to evaluate the relationship between the time overhead for generating the trapdoor and the number of the query keywords, the time overhead for generating the trapdoor is sequentially determined when the query keywords are 1 to 10.
Step two: after receiving the trapdoor Tr (w) submitted by the user, the server compares the keywords w in the index table0Access control tree T for use in encryptionw0With SK in client submitted trapdoor: first, for w0Access control tree T for use in encryptionw0If the attribute a represented by the leaf node x is the attribute owned by the client data user, i.e. a belongs to S, then the calculation is carried out
Otherwise, set Fx⊥, then for
Upper non-leaf node x according to threshold k of the nodexArbitrarily select kxEach node z forms a node of size kxNode x child node set SxWherein each node z satisfies FzWhen 1, lagrange interpolation is used for calculation
Wherein i is index (z),
is a Lagrange coefficient, if there is no such set of nodes, then F is definedx⊥, the server end can finally calculate F of the root node R in the order of bottom-up calculationR. If FR⊥, the attribute of the data consumer does not satisfy the access control tree, i.e. the data consumer does not have the query keyword w0The right of (1); if it is not
Indicate the keyword w0Access control tree Tw for use in encryption0Matching with SK in trapdoor submitted by client, the data user has right to inquire the key word.
Step three: server side pass judgment
If it is true, determine w1=w0Whether or not this is true. If w ═ w0If yes, the data user obtains the used containing key word w/w according to the information of the index list0The encrypted data file of (1); otherwise, it represents w0If not, the next keyword in the index table is continuously compared with the keyword searched by the data user, and the step two of the stage is returned. If all the keywords in the index are compared and all the keywords in the index table are not matched with the query keywords, prompting the data user that no file containing the keywords exists and not executing the next step.
Step four: after receiving the encrypted data file, the data user uses the symmetric key k locally0And decrypting the encrypted data file acquired from the server side to acquire the required data file.
In this embodiment, we evaluate the time overhead of the present invention by recording the time to construct the security index, the time to generate the trapdoor, and the time to search for security in different cases.
Regarding the time overhead of constructing the security index, we find that the time overhead increases with the number of leaf nodes in the access control tree and also increases with the number of index keys, but the number of data files has no obvious relationship with the time overhead. Specific results are shown in fig. 2 and 3.
With respect to the time overhead for generating trapdoors, we find that the time overhead for encrypting query keys grows linearly as the number of keys increases, with the specific result shown in FIG. 4.
In order to evaluate the effectiveness of implementing the security query in the encrypted data, the keywords and the encrypted documents are represented in an inverted index data structure, and the trapdoors in our experiment satisfy all the access control trees, so the effectiveness of the test can be improved, and the experimental result shows that the query time is increased linearly with the increase of the number of the keywords, but the number of the files has little influence on the query algorithm, and the specific result is shown in fig. 5 and fig. 6.
Through experiments, the time overhead of constructing the safety index, the time overhead of generating the trap door and the time overhead of safety search in the invention are found to be changed along with the change of certain factors, but in general, the time overhead of each stage of the invention does not influence the practical application. The method can realize the judgment of the AND gate, the OR gate AND the threshold value gate on the attribute judgment strategy, AND has important significance for complex attribute strategies possibly existing in a real system. Therefore, the method provided by the invention has practical significance.
Claims (6)
1. A fine-grained authorized keyword security query method based on attribute-based encryption is characterized by comprising the following steps:
1) the data owner generates a public key and a system key according to the security parameters;
2) the data owner initially encrypts the keys in the data file (key gamma), encrypts the data file containing the keys in the search list using a commonly used symmetric encryption algorithm (key k), and defines an access control tree T for each key wwAnd further encrypting the key word to construct a data structure CT containing key word information and access control tree information and capable of efficiently and effectively detecting whether the request trapdoor submitted by the authorized data user is matched with the request trapdoorw;
3) Ct of data ownerwAnd the encrypted files containing the keyword w form an inverted index table, and the inverted index table and the encrypted data file are uploaded to the cloud server together;
4) when a new data user wants to enter the system to inquire data, a data owner defines a group of attribute sets S for the data user according to the authority of the data user to access the data and generates a key SK corresponding to the S, and the data owner sends a key k of an encrypted file, a key gamma of an encrypted keyword, the attribute sets S and the SK generated according to the S to the data user;
5) when a data user wants to search all documents containing a certain keyword w, the data user generates a trapdoor Tr (w) of w;
6) a trapdoor Tr (w) submitted by a data user to a cloud server, and the cloud server stores the Tr (w) and the CT stored in a server-side index listw0Comparing the data with the attribute of the data user to determine whether the attribute satisfies the access control number tw0And w ═ w0If yes, returning the used contained keyword w/w if the matching is successful0If all the keywords in the index table are not matched with the query keywords, the encrypted data file prompts a data user that the file containing the keywords does not exist and the subsequent operation is not executed.
7) The user locally decrypts the encrypted data file acquired from the server side by using the key k.
2. The key word security query method based on the attribute-based encryption fine-grained authorization of claim 1, wherein the specific implementation process of generating the public parameter and the system key according to the security parameter by the data owner comprises: the data owner determines the common parameter PK according to the security requirement while working from the non-zero element set of the p-order integer group
Randomly selects two elements α to generate two key sets sk1And sk2Specifically, the following are shown:
wherein the content of the first and second substances,
is a cyclic multiplicative group with two orders both being large prime numbers p, g being
E is a bilinear map and satisfies e:
H1,H2representing two cryptographic hash functions, where H1Indicating that a string of arbitrary length is mapped to
An element of (1), H2Indicating that a string of arbitrary length is mapped to
One element of (1).
3. The fine-grained authorized keyword security query method based on attribute-based encryption according to claim 1, wherein a data owner primarily encrypts keywords in a data file and determines an access control tree for each keyword to obtain CTwThe specific implementation process comprises the following steps:
1) the data owner bases the keyword w on H1Is mapped as
One element of (1), noted as H1(w);
2) Data owner computing
Is obtained as
An element;
3) the data owner uses a bilinear map e and a key γ ═ r1,r2H, coding
To obtain
At the same time obtain
By epsilonγ(w) an encrypted key obtained by encrypting with the key γ;
4) the data owner defines an access control tree T for each key wwFine grained query of authorized keywords is realized, so that only the attributes of data users meet the access control tree T corresponding to the keywordswThen, the user can request data using the keyword: the data owner defines an access control tree T for each key wwAnd the access control tree T is sequentially arranged from the root node to the leaf nodewEach node x of (a) selects a polynomial qx,,qxThe order of (c) is the threshold (threshold) of node x minus 1. For the root node R, a number is randomly selected to satisfy
So that the polynomial q selected for that nodeRSatisfy qR(0) S, for other nodes, the selected polynomial qxSatisfy qx(0)=qp(x) (index (x)). Data owner based on encryption key epsilonγ(w) further constructing a data structure containing access control tree information while efficiently and effectively detecting a match with an authorized data user's submitted request trapdoor:
4. the fine-grained authorized keyword security query method based on attribute-based encryption according to claim 1, wherein the data owner generates the key according to the attribute S of the data user
Wherein r, raSet of non-zero elements all integer groups
And each attribute a in S corresponds to one ra。
5. The key word security query method based on attribute-based encryption and fine-grained authorization of claim 1, wherein the specific implementation process of trapdoor (trapdoor) generation of the key word w comprises:
1) the data user bases the keyword w on H1Is mapped as
One element of (1), noted as H1(w);
2) Data user slave
Randomly selecting an element lambda to obtain two random group elements
And gλ;
3) Data consumer usage gamma encryption
And gλFinally obtaining the trapdoor of the keyword w
6. The fine-grained authorized keyword security query method based on attribute-based encryption as claimed in claim 1, wherein the server side compares the key trapdoor Tr (w) submitted by the data user with the key trapdoors Tr (w) stored in the server-side index list
The specific implementation process for comparison comprises:
1) for w in server0Access control tree T for use in encryptionw0And each leaf node x in the tree, wherein the attribute related to x is represented by a ═ attr (x), and if the attribute a belongs to the attribute owned by the data user, namely a ∈ S, calculation is carried out
Otherwise, set Fx=⊥。
2) For the
Upper non-leaf node x according to threshold k of the nodexArbitrarily select kxEach node z forms a node of size kxNode x child node set SxWherein each node z satisfies Fz1. At this time, Lagrange interpolation calculation is used
Wherein i is index (z),
is a Lagrange coefficient, if there is no such set of nodes, then F is definedx=⊥;
3) Computing an access control tree from bottom to top in accordance with the method of 2)
All non-leaf nodes in (1) up to the root node R, if FR⊥, the attribute of the data consumer does not satisfy the access control tree, i.e. the data consumer does not have the query keyword w0The right of (1); if it is not
The server side continues to execute 4);
4) server side pass judgment
If yes, determining that w is w0Whether or not this is true. If w ═ w0If yes, the data user can obtain the used w/w containing key word according to the information of the index list0If not, represents w0The next keyword in the index table is compared continuously instead of the keyword searched by the data user.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911247754.6A CN111027084A (en) | 2019-12-09 | 2019-12-09 | Fine-grained authorized keyword security query method based on attribute-based encryption |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911247754.6A CN111027084A (en) | 2019-12-09 | 2019-12-09 | Fine-grained authorized keyword security query method based on attribute-based encryption |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111027084A true CN111027084A (en) | 2020-04-17 |
Family
ID=70204778
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911247754.6A Pending CN111027084A (en) | 2019-12-09 | 2019-12-09 | Fine-grained authorized keyword security query method based on attribute-based encryption |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111027084A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112737924A (en) * | 2020-12-28 | 2021-04-30 | 杭州趣链科技有限公司 | Encrypted mail filtering method based on pairing |
| CN114826703A (en) * | 2022-04-11 | 2022-07-29 | 江苏大学 | Block chain-based data search fine-grained access control method and system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105871543A (en) * | 2016-03-29 | 2016-08-17 | 西安电子科技大学 | Attribute-based multi-keyword ciphertext retrieval method under background of multiple data owners |
| WO2018070932A1 (en) * | 2016-10-14 | 2018-04-19 | Huawei International Pte. Ltd. | System and method for querying an encrypted database for documents satisfying an expressive keyword access structure |
| CN108156140A (en) * | 2017-12-13 | 2018-06-12 | 西安电子科技大学 | A kind of multiple key that numerical attribute is supported to compare can search for encryption method |
| CN109981643A (en) * | 2019-03-26 | 2019-07-05 | 长沙学院 | A kind of inquiry authorization of fine granularity can search for encryption method and system |
-
2019
- 2019-12-09 CN CN201911247754.6A patent/CN111027084A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105871543A (en) * | 2016-03-29 | 2016-08-17 | 西安电子科技大学 | Attribute-based multi-keyword ciphertext retrieval method under background of multiple data owners |
| WO2018070932A1 (en) * | 2016-10-14 | 2018-04-19 | Huawei International Pte. Ltd. | System and method for querying an encrypted database for documents satisfying an expressive keyword access structure |
| CN108156140A (en) * | 2017-12-13 | 2018-06-12 | 西安电子科技大学 | A kind of multiple key that numerical attribute is supported to compare can search for encryption method |
| CN109981643A (en) * | 2019-03-26 | 2019-07-05 | 长沙学院 | A kind of inquiry authorization of fine granularity can search for encryption method and system |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112737924A (en) * | 2020-12-28 | 2021-04-30 | 杭州趣链科技有限公司 | Encrypted mail filtering method based on pairing |
| CN114826703A (en) * | 2022-04-11 | 2022-07-29 | 江苏大学 | Block chain-based data search fine-grained access control method and system |
| CN114826703B (en) * | 2022-04-11 | 2024-04-05 | 江苏大学 | Block chain-based data search fine granularity access control method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Ge et al. | Towards achieving keyword search over dynamic encrypted cloud data with symmetric-key based verification | |
| Jarecki et al. | Outsourced symmetric private information retrieval | |
| Bösch et al. | A survey of provably secure searchable encryption | |
| Singh et al. | Data privacy protection mechanisms in cloud | |
| US10235335B1 (en) | Systems and methods for cryptographically-secure queries using filters generated by multiple parties | |
| Peng et al. | An efficient ranked multi-keyword search for multiple data owners over encrypted cloud data | |
| Raykova et al. | Secure anonymous database search | |
| WO2022099495A1 (en) | Ciphertext search method, system, and device in cloud computing environment | |
| CN111143471B (en) | Ciphertext retrieval method based on blockchain | |
| US8607350B2 (en) | Sovereign information sharing service | |
| Chaudhari et al. | Keysea: Keyword-based search with receiver anonymity in attribute-based searchable encryption | |
| Asharov et al. | Tight tradeoffs in searchable symmetric encryption | |
| CN112332979B (en) | Ciphertext search method, system and equipment in cloud computing environment | |
| Huang et al. | FSSR: Fine-grained EHRs sharing via similarity-based recommendation in cloud-assisted eHealthcare system | |
| Tian et al. | Privacy preserving query processing on secret share based data storage | |
| Köhler et al. | Confidential database-as-a-service approaches: taxonomy and survey | |
| Padhya et al. | BTG-RKASE: Privacy Preserving Revocable Key Aggregate Searchable Encryption with Fine-grained Multi-delegation & Break-The-Glass Access Control. | |
| CN111027084A (en) | Fine-grained authorized keyword security query method based on attribute-based encryption | |
| Varri et al. | Practical verifiable multi-keyword attribute-based searchable signcryption in cloud storage | |
| Hacıgümüş et al. | Search on encrypted data | |
| Barouti et al. | Symmetrically-private database search in cloud computing | |
| CN113904823B (en) | Attribute-based searchable encryption method and system for constant-level authorization computation complexity | |
| Zhang et al. | Multi-user and keyword-based searchable encryption scheme | |
| Guo et al. | Privacy preserving weighted similarity search scheme for encrypted data | |
| Loh et al. | A multi-client DSSE scheme supporting range queries |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20200417 |
|
| WD01 | Invention patent application deemed withdrawn after publication |