CN115603934A - Multi-user searchable encryption method and device based on block chain - Google Patents
Multi-user searchable encryption method and device based on block chain Download PDFInfo
- Publication number
- CN115603934A CN115603934A CN202210486546.7A CN202210486546A CN115603934A CN 115603934 A CN115603934 A CN 115603934A CN 202210486546 A CN202210486546 A CN 202210486546A CN 115603934 A CN115603934 A CN 115603934A
- Authority
- CN
- China
- Prior art keywords
- data
- key
- access
- intelligent contract
- index
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 40
- 238000012795 verification Methods 0.000 claims abstract description 58
- 239000013598 vector Substances 0.000 claims description 50
- 230000014509 gene expression Effects 0.000 claims description 41
- 239000011159 matrix material Substances 0.000 claims description 15
- 238000010200 validation analysis Methods 0.000 claims description 13
- 238000012544 monitoring process Methods 0.000 claims description 4
- 238000005516 engineering process Methods 0.000 abstract description 8
- 238000013475 authorization Methods 0.000 abstract description 6
- 230000006870 function Effects 0.000 description 70
- 238000004422 calculation algorithm Methods 0.000 description 8
- RTZKZFJDLAIYFH-UHFFFAOYSA-N Diethyl ether Chemical compound CCOCC RTZKZFJDLAIYFH-UHFFFAOYSA-N 0.000 description 6
- 238000004364 calculation method Methods 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 3
- 238000007792 addition Methods 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 238000012217 deletion Methods 0.000 description 2
- 230000037430 deletion Effects 0.000 description 2
- 230000036541 health Effects 0.000 description 2
- 241000969130 Atthis Species 0.000 description 1
- 230000009471 action Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 208000030533 eye disease Diseases 0.000 description 1
- 238000002372 labelling Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012856 packing Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The application relates to a multi-user searchable encryption method and device based on a block chain. The method is based on the Etheng technology, an access control intelligent contract and a searchable encryption intelligent contract are constructed, and by enabling a ciphertext to be related to an access strategy and a secret key to be related to the attribute of a data user, only the data user with the attribute meeting the access strategy can search the ciphertext, so that fine-grained access control is realized, and authorization management of the data user is greatly facilitated; the data owner respectively stores the encrypted file and the encrypted key in the interplanetary file system and the key management system, and stores the encrypted file index in the block chain, so that the file and index information of the user are difficult to tamper, the security of key management is guaranteed, and the data privacy of the user is protected; the attribute and access strategy of the user, the verification of the access strategy of the user and the operation record related to the search are all recorded on the tamper-proof blockchain, and the method can be used for providing global verification and anonymous tracing.
Description
Technical Field
The present application relates to the field of network information security technologies, and in particular, to a block chain-based multi-user searchable encryption method and apparatus.
Background
With the rapid development of the internet, a big data age has come. As more and more data is generated in daily life, cloud storage technologies are emerging, such as amazon storage service in china and the tennessee cloudson. However, with the advent of cloud storage applications, users find that when data is outsourced to the cloud, they cannot directly control the data, resulting in significant challenges for privacy and security of the users. Therefore, the data needs to be encrypted before being packaged, so that the content of the data cannot be known by other people except the data uploader and the authorized retriever even if the data is obtained. However, downloading redundant and unnecessary files results in wasted network bandwidth, and decryption and querying consume a large amount of computational overhead, which is obviously overly cumbersome and expensive. Since cloud servers typically have computing capabilities, it is desirable to search through the server. However, cloud servers are typically "honest and curious" and searching after decryption of the server clearly exposes the privacy of the user to the server, which may cause serious damage to the data security of the user. To solve these problems, searchable encryption has been introduced.
In a practical complex and diverse network environment, not all servers are honest but curious, and the searchable encryption service based on blockchains can greatly eliminate potential malicious server threats. The blockchain is a decentralized platform, has no server role, and each client is a point-to-point network node. When a node wants to process a transaction, its behavior must be confirmed by all other nodes before action can be taken. Compared with the pyramid C/S structure, the P2P network of the block chain can provide more robust and practical service for users.
Supporting searchable encryption of blockchains delivers computing processes that would otherwise be performed on the server to a decentralized, transparent blockchain system, thereby eliminating the potential threat of data intrusion by malicious servers. In the traditional Searchable Encryption (SE), user information is stored in a cloud center server, and search is performed after encryption of query content and information content in a database, so that security risks in traditional plaintext search can be solved, but hidden dangers of information loss or malicious tampering still exist. Based on the outstanding performance of the blockchain in terms of data security and non-falsification, some achievements have been made in the search encryption aspect based on the blockchain in recent years, but the performance is not ideal in a multi-user environment, for example, if a data user (data user, DU) wants to search, it needs to keep online communication with a data owner (data owner, DO) in advance, which costs a lot, chen et al propose a search encryption scheme for EHR, but DO not support dynamic update; jiang et al propose a hidden authorization access control scheme, which can solve the problem of large amount of division between data owners and data users due to online communication, but in the scheme, DO will make a trapdoor for DU in advance, then encrypt it with ECC public key corresponding to DU, and finally pack the encrypted authorization content into a transaction, so that the size of the encrypted authorization content will be increased by times, resulting in more gas overhead when uploading to a block chain.
Disclosure of Invention
In view of the foregoing, it is desirable to provide a block chain-based multi-user searchable encryption method and apparatus.
A blockchain based multi-user searchable encryption method applied to a system comprising a blockchain and a data owner, a plurality of data users joining the blockchain, the method comprising:
initializing security parameters and constructing access control intelligent contracts and searchable encryption intelligent contracts.
The data owner uploads the symmetric key and the data file encrypted by the symmetric key to a key management system and an interplanetary file system respectively, and a keyword dictionary and an index of the encrypted file are generated;
and the data owner obtains a new key word index according to the symmetric key, the key word dictionary and the index, and uploads the new key word index to the block chain through a searchable encryption intelligent contract.
The data owner builds an access strategy vector and an attribute expression list locally according to the attribute of an authorized data user, uploads the access strategy vector and the attribute expression list to a block chain, and generates a unique identifier of each access strategy.
And the data user verifies the self attribute through the access control intelligent contract to generate a verification code.
And the data user obtains the keyword index of the encrypted file according to the verification code and the searchable encrypted intelligent contract, and inquires in the interplanetary file system according to the keyword index of the encrypted file to obtain the corresponding encrypted file.
And the data user obtains the symmetric key from the key management system through transaction information verification, and decrypts the encrypted file by using the symmetric key to obtain a plaintext file.
In one embodiment, initializing security parameters and constructing access control intelligent contracts and searchable encryption intelligent contracts, wherein the access control intelligent contracts comprise: an add function of the access policy, a delete function of the access policy, a query function of the access policy, and a verify function of the access policy.
In one embodiment, initializing security parameters and constructing access control smart contracts and searchable encrypted smart contracts, wherein the searchable encrypted smart contracts include: a key generation function, a dictionary data adding function, a dictionary data deleting function and a dictionary data searching function; the key generation function takes the security parameters as input and outputs the public keys added, deleted and searched.
In one embodiment, the data owner obtains a new key index according to the symmetric key, the key dictionary and the index, and uploads the new key index to the blockchain through the searchable encryption smart contract, including:
and the data owner inputs the symmetric key, the key dictionary and the index into a local SetupDB function to obtain a new key index.
And uploading the key word index to the block chain by the data owner through the searchable encryption intelligent contract.
In one embodiment, the data owner locally builds an access policy vector and attribute expression list according to the attributes of authorized data users, uploads the access policy vector and attribute expression list to the block chain, and generates a unique identifier for each access policy includes:
the data owner determines an access policy formula based on the attributes of authorized data users.
And the data owner obtains an access strategy vector and an attribute expression list according to the access strategy formula and the secret.
And uploading the access policy vector and the attribute expression list to a block chain by the data owner, setting access policies through an access control intelligent contract, and generating a unique identifier of each access policy.
In one embodiment, the data owner obtains the access policy vector and the attribute expression list according to the access policy formula and the secret, and the method includes:
the data owner adopts a linear secret sharing scheme to construct an access strategy matrix according to an access strategy formula and the secret; the secrets are internal parameters of access control smart contracts and searchable encryption smart contracts that are set by the data owner prior to contract deployment.
The data owner multiplies the access strategy matrix and the secret sharing column vector to obtain an access strategy vector, and an attribute expression list is determined according to the access strategy matrix; the attribute expression list consists of all attributes in the access policy.
In one embodiment, the validation code comprises a valid validation code and an invalid validation code; the data user verifies the self attribute through the access control intelligent contract to generate a verification code, and the method comprises the following steps:
and uploading the self attribute to the block chain by the data user, and matching the self attribute of the data user with the attribute expression list uploaded by the data provider through a verification function of an access strategy of the access control intelligent contract.
If the matching condition is satisfied, a valid passcode and timestamp are generated.
If the matching condition is not satisfied, an invalid verification code is generated.
In one embodiment, the data user obtains the key word index of the encrypted file according to the verification code and the searchable encryption intelligent contract, and queries in the interplanetary file system according to the key word index of the encrypted file to obtain the corresponding encrypted file, including:
the data user selects the public keys of the dictionary data adding function, the dictionary data deleting function and the dictionary data searching function, uploads the verification code, all the public keys, the timestamp and the keyword to the block chain, and obtains the identifier list of the encrypted file through the dictionary data searching function capable of searching the encrypted intelligent contract.
And the data user decrypts the identifier list through the public key of the dictionary data adding function to obtain the key word index of the related encrypted file, and queries the key word index in the interplanetary file system to obtain the corresponding encrypted file.
In one embodiment, the dictionary data search function includes the specific steps of:
and after receiving the parameters transmitted by the data user, freely constructing a lookup token according to the public key of the dictionary data adding function, the public key of the dictionary data deleting function, the public key of the dictionary data searching function and the keywords.
And calling a searchable and encrypted intelligent contract by using the search token and the verification code as parameters, and constructing a new verification code according to the secret, the address of the data user and the timestamp.
When the new authentication code is equal to the authentication code, outputting an identifier list of the encrypted file.
Returning a null value when the new captcha is not equal to the captcha.
A multi-user searchable encryption apparatus based on blockchains, the apparatus comprising: the system comprises a block chain, an intelligent contract module, an interplanetary file system and a key management system; the intelligent contract module comprises an access control intelligent contract module and a searchable encryption intelligent contract module.
The block chain is developed by adopting an Etheng as a bottom platform.
The access control intelligent contract module and the searchable encryption intelligent contract module are constructed and deployed by a data owner.
The key management system is used for managing keys and monitoring transactions on a blockchain.
And the interplanetary file system is used for storing the encrypted file decrypted by the data owner by using the symmetric key.
The data owner respectively uploads the symmetric key and the encrypted file encrypted by the symmetric key to the key management system and the interplanetary file system, and a keyword dictionary and an index of the encrypted file are generated; the data owner obtains a new keyword index according to the symmetric key, the keyword dictionary and the index, and uploads the new keyword index to the block chain through the searchable encryption intelligent contract module; the data owner locally constructs an access policy vector and an attribute expression list according to the attribute of an authorized data user, uploads the access policy vector and the attribute expression list to a block chain through an access control intelligent contract module, and generates a unique identifier of each access policy.
A data user verifies the self attribute through the access control intelligent contract module, uploads the obtained verification code to the searchable encryption intelligent contract module for key word index search, and inquires in an interplanetary file system according to the key word index of the obtained encrypted file to obtain a corresponding encrypted file; and the data user obtains the symmetric key from the key management system through transaction information verification, and decrypts the encrypted file by using the symmetric key to obtain a plaintext file.
According to the multi-user searchable encryption method and device based on the block chain, an access control intelligent contract and a searchable encryption intelligent contract are constructed based on the Ethenhouse technology, on the premise that centralization and safety are guaranteed, by enabling a ciphertext to be related to an access strategy and enabling a secret key to be related to the attribute of a data user, only the data user with the attribute meeting the access strategy can perform ciphertext search, fine-grained access control is achieved, and authorization management of the data user is greatly facilitated; the data owner stores the encrypted file and the corresponding encrypted key in the interplanetary file system and the key management system respectively, and stores the encrypted file index on the block chain through encryption, so that the file and index information of a user are difficult to tamper, the security of key management is guaranteed, and the data privacy of the user is protected; the attribute and access strategy of the user, the verification of the access strategy of the user and the operation record related to the search are all recorded on the tamper-proof blockchain, and the method can be used for providing global verification and anonymous tracing.
Drawings
FIG. 1 is a block chain based multi-user searchable encryption methodology in one embodiment;
FIG. 2 is a flow diagram illustrating a multi-user searchable encryption method based on blockchains in one embodiment;
FIG. 3 is a block diagram of the construction of an LSSS matrix of the access policy formula in one embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more clearly understood, the present application is further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of and not restrictive on the broad application.
The invention sets an access control intelligent contract (ACC) on the Ethernet to verify the attribute of the data user.
The method is suitable for realizing fine granularity and practical searchable encryption scenes under the multi-user setting of the data user. For example: xiaoming is a patient in Shanghai who has a particular eye disease. He encrypts his own Electronic Health Record (EHR) and uploads it to the electronic medical data server. At the same time he wants to share his electronic health record EHR with ophthalmologists in three hospitals in beijing, such as hospital a, hospital B and hospital C, but does not want any other person or institution to obtain information about him. In addition, he does not want the hidden malicious server to pass wrong or incomplete records to the ophthalmologist. In this case, the xiaoming not only restricts the shared objects of his EHR, but also requires avoiding operations on a centralized server.
In the scenario we mention, xiaoming will first perform symmetric encryption and upload the encrypted electronic medical record EHR ciphertext and symmetric key to the interplanetary file system (or cloud database) and Key Management Server (KMS), respectively. Then, she/he calls an access control intelligent contract ACC and authenticates an attribute formula [ shanghai and (hospital a, hospital B, hospital C) and ophthalmologist ], encrypts keywords in the EHR to obtain a word representative data, and uploads the word representative data to the block chain by calling a searchable encryption intelligent contract. When a data consumer wants to query by keyword, s/he must first call the ACC, encapsulate her/his attribute information in the transaction, and upload to obtain the authentication code. The search can only obtain correct results if the validation code and the key parameters satisfy the conditions preset by the contract. After the data user obtains the identification of the corresponding document, the ciphertext document can be actively downloaded from the cloud database or the interplanetary file system, and meanwhile, the transaction information is transmitted to the KMS for checking. After confirming that the transaction information is correct, the KMS will send the corresponding symmetric key over a secure channel (e.g., SSH). A schematic diagram of the multi-user searchable encryption method based on a block chain in the present invention is shown in fig. 1.
In one embodiment, as shown in fig. 2, a block chain-based multi-user searchable encryption method is provided, which is applied to a system comprising a block chain and a data owner joining the block chain, a plurality of data users, and the method comprises the following steps:
step 200: initializing security parameters and constructing access control intelligent contracts and searchable encryption intelligent contracts.
The block chain in the invention uses Ether workshop as the bottom platform. Etherhouses are a completely new open blockchain platform built on the concept of blockchains and blockchain assets. It allows anyone to build and run decentralized applications on the platform by using blockchain technology. Briefly, the etherhouse technology is a blockchain technology plus an intelligent contract. Smart contracts, once created on an ether house, can be automatically executed without the involvement of an intermediary and nobody can prevent them from running. The intelligent contract on the Etherhouse can control various digital assets on the block chain and carry out complex algorithm and operation.
The access control intelligence contract and the searchable encryption intelligence contract are data owners deployed on the blockchain. The access control smart contract and the searchable encryption smart contract are written using the solidity language.
The access control intelligent contract can realize the following functions: the data owner sets an access policy on the block chain according to the attribute of the authorized data user, and only the data user which meets the attribute set by the data owner can search the data on the block chain.
Searchable encryption smart contracts enable more flexible searchable encryption. The data owner is allowed to be offline freely after indexing, a data user can customize a search token to search, the data user downloads a corresponding ciphertext from a cloud database after obtaining a file tag, and meanwhile, a transaction of calling a contract is handed to the KMS for verification.
Step 202: and the data owner uploads the symmetric key and the data file encrypted by the symmetric key to the key management system and the interplanetary file system respectively and generates a keyword dictionary and an index of the encrypted file.
Specifically, the data owner randomly selects a symmetric key K, and encrypts the plaintext data file F τ by using the symmetric key to obtain an encrypted file C τ, C τ = Enc (F τ), where Enc () is a symmetric encryption algorithm and may be a DES encryption algorithm or an AES encryption algorithm.
The Inter-satellite File System (IPFS) is a global-oriented peer-to-peer distributed version File System.
And the key management system is used for managing keys and monitoring transactions on the blockchain.
The data owner performs a symmetric encryption (e.g., DES algorithm or AES algorithm) on each document in the database before performing other operations. Because of the efficiency of symmetric encryption, the data owner may encrypt each document with a different symmetric key DB And its corresponding keys are uploaded to the interplanetary file system and trusted KMS.
Step 204: and the data owner obtains a new keyword index according to the symmetric key, the keyword dictionary and the index, and uploads the new keyword index to the block chain through the searchable encryption intelligent contract.
Specifically, the data owner takes the symmetric key K, all keywords KW, and the secret s as inputs, calls a local SetupDB function, and outputs the corresponding index EDB. And calling an adding function of dictionary data of the searchable encryption intelligent contract by the data owner, and uploading the keyword index to the block chain.
The data owner is allowed to freely go off-line after the index is constructed, the method is flexible, the performance is stable and efficient, and the calculation overhead and the system complexity are reduced.
Step 206: and the data owner locally constructs an access strategy vector and an attribute expression list according to the attribute of the authorized data user, uploads the access strategy vector and the attribute expression list to the block chain, and generates a unique identifier of each access strategy.
Specifically, the data owner uploads the access policy vector to the EtherhouseMu, attribute expression list att l And (3) calling an interface function of the access control intelligent contract by using parameters: setting access policies by adding functions of the access policies, uploading the access policies to a block chain, and obtaining unique identifiers ID corresponding to each access policy AC The data owner being identified by a unique identifier ID AC Policies can be flexibly deleted and previously added policies queried.
The data owner establishes an access policy matrix through a linear secret-sharing scheme (LSSS), performs inner product calculation with a secret sharing column vector constructed by a secret value s, and then transmits a calculation result as an access control vector to a block chain.
Step 208: and the data user verifies the self attribute through the access control intelligent contract to generate a verification code.
Specifically, the data consumer invokes the ACC's access policy validation function and ATT his/her own attributes DU As input, upload to block chain, ACC first adds attribute owned by DU and att uploaded by DO l A comparison is made. If it meets the matching condition (i.e. the access policy), the secret s can be successfully reconstructed and the verification code VC = I (s | msg. Finally, the ACC takes VC and timestamp as its output of state, which is publicly known. Note that if ATT DU The matching condition (access policy) is not satisfied, VC will also be output. However, the first component to generate this VC is not the secret s, but another number. So in this case VC is not valid in the dictionary data search function.
In order to realize the search, a data user firstly calls an access control contract by using the attribute of the data user, only the data user meeting the access strategy can obtain an effective verification code, and then the corresponding file is searched and obtained through the verification code.
Step 210: and the data user obtains the keyword index of the encrypted file according to the verification code and the searchable encrypted intelligent contract, and inquires in the interplanetary file system according to the keyword index of the encrypted file to obtain the corresponding encrypted file.
Specifically, a data user calls a dictionary data search function capable of searching the encrypted intelligent contract, and (VC, timestamp, K, KA, KD and kw) is used as input and uploaded to a block chain, the function firstly judges whether I (s, msg. Sender, timestamp) is equal to VC or not, if yes, a keyword matching search process is carried out, and if not, an identifier list R of a related encrypted file is directly output to be empty. The data user decrypts the identifier list R of the encrypted file through the public key K to obtain the key index of the file, and then queries the key index in the interplanetary file system IPFS to obtain the corresponding encrypted file C tau. K, KA and KD are public keys of the dictionary data adding function, the dictionary data deleting function and the dictionary data searching function respectively, and are obtained by inputting security parameters into the key generating function by a data owner.
Step 212: and the data user obtains the symmetric key from the key management system through transaction information verification, and decrypts the encrypted file by using the symmetric key to obtain a plaintext file.
Specifically, the data consumer obtains the symmetric key K from the key management system KMS through the transaction information verification, and decrypts the encrypted file C τ using the symmetric key K to obtain the plaintext file F τ, F τ = Dec (C τ), where Dec is a symmetric decryption algorithm.
In the multi-user searchable encryption method based on the block chain, an access control intelligent contract and a searchable encryption intelligent contract are constructed based on the Etheng technology, on the premise of ensuring decentralization and safety, by enabling a ciphertext to be related to an access strategy and enabling a secret key to be related to the attribute of a data user, only the data user with the attribute meeting the access strategy can perform ciphertext search, fine-grained access control is realized, and authorization management of the data user is greatly facilitated; the data owner stores the encrypted file and the corresponding encrypted key in the interplanetary file system and the key management system respectively, and stores the encrypted file index on the block chain through encryption, so that the file and index information of a user are difficult to tamper, the security of key management is guaranteed, and the data privacy of the user is protected; the attribute of the user and the establishment of the access strategy, the verification of the user access strategy and the operation record related to the search are all recorded on the tamper-proof block chain, and the method can be used for providing global verification and anonymous tracing.
In one embodiment, the access control intelligence contract of step 200 comprises: an add function of the access policy, a delete function of the access policy, a query function of the access policy, and a verify function of the access policy.
Specifically, the adding function of the access policy, the deleting function of the access policy, the querying function of the access policy, and the verifying function of the access policy are interface functions of the access control intelligent contract.
Add function of access policy: addAccess policy (μ, att) l ,ID AC ) It is run by the data owner by uploading parameters to the ether house: access policy vector μ and attribute expression list att l ACC is invoked to set access policy AC A unique identifier representing the access policy for each addition from which the data owner can flexibly delete policies and query previously added policies.
Deletion function of access policy: delAccessPolicy (ID) AC ) ACC is called and run by DO, according to ID of access policy AC Deleting the corresponding access policy vector mu and attribute expression list att l 。
Query function of access policy: (mu, att) l )←QuaryAccessPolicy(ID AC ) ID run by DO, according to access policy AC Calling corresponding access strategy vector mu and attribute expression list att l 。
Verification function of access policy: (VC, timeamp) ← Attributes verification (ATT) DU ) There is a data consumer running to invoke ACC and will have his/her own attributes ATT DU As input, upload to blockchain. The ACC first associates the attributes owned by the data consumer with the att uploaded by the data owner l If it meets the matching condition (i.e., the access policy), the secret s can be successfully reconstructed and the verification code VC = I (s | msger is the address of the data consumer and timestamp is the timestamp parameter generated by the smart contract. Finally, the ACC takes VC and timestamp as its output of state, which is publicly known. Note that if ATT DU Not satisfying the matching condition (access policy) VC will also be output, however, the first component to generate this VC is not the secret value s, but another number. So in this case VC is not valid in the dictionary data search function.
The access control intelligent contract further comprises: access policy acquisition function, (μ, att) l ) Oid ← GetACCESS policy (ATT, s), which is run locally by DO, the data owner outputs the access policy vector μ and the attribute expression list ATT with the secret value s and the access policy formula ATT as inputs l 。
In one embodiment, the searchable encrypted smart contract of step 200 includes: a key generation function, a dictionary data adding function, a dictionary data deleting function and a dictionary data searching function; the key generation function is a public key that takes security parameters as input and outputs additions, deletions and searches.
Wherein adding and deleting respectively denote adding/deleting dictionary types stored on the etherhouses.
Data key generation function: (K, K) A ,K D )←GenerateKey({0,1} λ ). It is run by the data owner to generate three keys. It takes a security parameter lambda as input and outputs the key of the dictionary data adding function, the dictionary data deleting function and the dictionary data searching function. The key generated in the algorithm is public.
Dictionary data search function: it is run by the data user, calls the searchable encryption intelligent contract and sends (VC, timestamp, K) A ,K D KW) as input, up to the tile chain. It will first determine if I (s, msg. Sender, timestamp) is equal to VC, if true, then go to keyword matching search process, otherwise directly output the identifier list R of the relevant encrypted document as null.
Notably, in the present invention, searchable encryption intelligence contracts are deployed by the data owner. Before deployment, the data owner needs to set the secret s as an internal parameter of the contract. Since the contract written by identity will eventually be compiled into binary script code, the amount of secret s is known only to the data owner.
In one embodiment, step 204 comprises: the data owner inputs the symmetric key, the keyword dictionary and the index into a local SetupDB function to obtain a new keyword index; the data owner uploads the key index to the blockchain via a searchable encrypted smart contract.
Specifically, the SetupDB function is: (EDB) ← SetupDB (K, KW, s), which is run locally by DO, the data owner takes a symmetric key K, all keywords KW, and secrets as inputs, through calculation, a corresponding index EDB is finally output, and then the data owner calls a searchable encryption intelligence contract to upload the index to a blockchain.
In one embodiment, step 206 includes the following specific steps:
step 300: the data owner determines an access strategy formula according to the attribute of an authorized data user;
step 302: and the data owner obtains an access policy vector and an attribute expression list according to the access policy formula and the secret.
Specifically, the secret is set by the owner of the data.
Step 304: the data owner uploads the access policy vectors and the attribute expression list to the blockchain, sets the access policies through an access control intelligence contract, and generates a unique identifier for each access policy.
In one embodiment, step 302 includes: the data owner adopts a linear secret sharing scheme to construct an access strategy matrix according to an access strategy formula and the secret; secrets are internal parameters of access control smart contracts and searchable encryption smart contracts that are set by the data owner prior to contract deployment; the data owner multiplies the access strategy matrix and the secret sharing column vector to obtain an access strategy vector, and an attribute expression list is determined according to the access strategy matrix; the attribute expression list consists of all the attributes in the access policy.
Specifically, in a scheme for attribute-based access control, a boolean formula representing attributes is converted into a linear secret sharing scheme matrix. The method comprises the following steps:
1) Considering the Boolean formula as an access tree, wherein the internal nodes are AND gates and OR gates, and the leaf nodes correspond to attributes;
2) Marking the root node of the tree with a vector v = (1) (a vector of length 1) and then marking each node along the various levels of the tree with a vector determined by the vector assigned to its parent node;
3) The vector for each leaf node is filled to n lengths (which is the vector length for the longest leaf node), with l attributes meaning that there are l leaf nodes (i.e., l vectors). Finally, these vectors are combined into an LSSS matrix M l×n 。
If the parent node is an OR gate, marked by vector v, then we mark it with the child nodes given to it. If the parent node is an AND gate marked by vector v, then we mark its left child node with vector v | |1 and its right child with vector (0, \8230; -1), whose length is the same as that of the left child node.
After completing the labeling of each leaf node, we can construct the corresponding LSSS matrix. For example, we consider the access policy formula ATT to be (W1 or W2) and W3 and W4, and the LSSS matrix can be constructed as shown in FIG. 3.
In one embodiment, the validation code comprises a valid validation code and an invalid validation code; step 208 includes: the data user uploads the self attribute to the block chain, and the self attribute of the data user is matched with an attribute expression list uploaded by a data provider through a verification function of an access strategy of an access control intelligent contract; if the matching condition is met, generating a valid verification code and a timestamp; if the matching condition is not satisfied, an invalid verification code is generated.
In one embodiment, step 210 includes: the data user selects the public keys of the dictionary data adding function, the dictionary data deleting function and the dictionary data searching function, uploads the verification code, all the public keys, the timestamp and the keyword to the block chain, and obtains an identifier list of the encrypted file through the dictionary data searching function capable of searching the encrypted intelligent contract; and the data user decrypts the identifier list through the public key of the dictionary data adding function to obtain the key word index of the related encrypted file, and queries the key word index in the interplanetary file system to obtain the corresponding encrypted file.
In one embodiment, the dictionary data search function includes the specific steps of: after receiving parameters transmitted by a data user, freely constructing a lookup token according to the public key of the dictionary data adding function, the public key of the dictionary data deleting function, the public key of the dictionary data searching function and the keywords; calling the searchable encrypted intelligent contract by using the search token and the verification code as parameters, and constructing a new verification code according to the secret, the address of the data user and the timestamp; when the new verification code is equal to the verification code, outputting an identifier list of the encrypted file; when the new verification code is not equal to the verification code, a null value is returned.
It should be understood that, although the steps in the flowchart of fig. 1 are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and described, and may be performed in other orders, unless explicitly stated otherwise. Moreover, at least a portion of the steps in fig. 1 may include multiple sub-steps or multiple stages that are not necessarily performed at the same time, but may be performed at different times, and the order of performance of the sub-steps or stages is not necessarily sequential, but may be performed in turn or alternately with other steps or at least a portion of the sub-steps or stages of other steps.
Attribute-based access control has a concise and flexible mathematical expression capability, and many mature efforts have been made for reference. In the access control intelligent contract of the present invention, the data owner first constructs locally the access policy vector μ and the attribute expression list att l Then the two are combinedThe miners on the block chain pack the new transactions into blocks, and the qualified blocks are uplinked according to the POW consensus mechanism. As a contract deployer, the data owner may add and delete access policies by invoking the ACC. To authenticate a data consumer, the data consumer only needs to upload the attribute set ATT DU And with attribute expression list att submitted by data owner l And (4) matching. In this step, an initial value a =0 is set. For each attribute submitted by the data consumer, att is associated with l If it meets the match requirement, A = A + μ i . If the attribute of the data consumer (i.e. ATT) DU ) Belonging to the validation set S, it can finally get a = S and construct the validation verification code from a, the address of the data consumer and the block timestamp.
In the searchable encryption stage, a data user can freely construct a search token searchtoken and call a searchable encryption intelligent contract together with a verification code as a parameter; the present invention also uses multiple plaintext packing methods to construct dictionary-type data. To protect confidentiality, we cannot exceed the security parameter by the length of the data bits encrypted at a time, so if the length of the identifier is len, then p ≦ λ/len.
In one embodiment, there is provided a block chain-based multi-user searchable encryption apparatus comprising: the system comprises a block chain, an intelligent contract module, an interplanetary file system and a key management system; the intelligent contract module comprises an access control intelligent contract module and a searchable encryption intelligent contract module;
block chains are developed using Etherns as the underlying platform.
The access control intelligent contract module and the searchable encryption intelligent contract module are constructed and deployed by the data owner.
And the key management system is used for managing keys and monitoring transactions on the blockchain.
And the interplanetary file system is used for storing the encrypted file decrypted by the data owner by using the symmetric key.
The data owner uploads the symmetric key and the encrypted file encrypted by the symmetric key to the key management system and the interplanetary file system respectively, and generates a keyword dictionary and an index of the encrypted file; the data owner obtains a new keyword index according to the symmetric key, the keyword dictionary and the index, and uploads the new keyword index to the block chain through the searchable encryption intelligent contract module; and the data owner locally constructs an access policy vector and an attribute expression list according to the attribute of the authorized data user, uploads the access policy vector and the attribute expression list to the block chain through the access control intelligent contract module, and generates a unique identifier of each access policy.
The data user verifies the self attribute through the access control intelligent contract module, uploads the obtained verification code to the searchable encryption intelligent contract module for keyword index search, and inquires in the interplanetary file system according to the keyword index of the obtained encrypted file to obtain a corresponding encrypted file; and the data user obtains the symmetric key from the key management system through transaction information verification, and decrypts the encrypted file by using the symmetric key to obtain a plaintext file.
The technical features of the above embodiments can be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the above embodiments are not described, but should be considered as the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present patent shall be subject to the appended claims.
Claims (10)
1. A block chain-based multi-user searchable encryption method applied to a system comprising a block chain and a data owner joining the block chain, a plurality of data users, the method comprising:
initializing security parameters, and constructing an access control intelligent contract and a searchable encryption intelligent contract;
the data owner uploads the symmetric key and the data file encrypted by the symmetric key to a key management system and an interplanetary file system respectively, and a keyword dictionary and an index of the encrypted file are generated;
the data owner obtains a new keyword index according to the symmetric key, the keyword dictionary and the index, and uploads the new keyword index to a block chain through a searchable encryption intelligent contract;
the data owner builds an access policy vector and an attribute expression list locally according to the attribute of an authorized data user, uploads the access policy vector and the attribute expression list to a block chain, and generates a unique identifier of each access policy;
the data user verifies the self attribute through the access control intelligent contract to generate a verification code;
a data user obtains a keyword index of an encrypted file according to the verification code and the searchable encryption intelligent contract, and inquires in an interplanetary file system according to the keyword index of the encrypted file to obtain a corresponding encrypted file;
and the data user obtains the symmetric key from the key management system through transaction information verification, and decrypts the encrypted file by using the symmetric key to obtain a plaintext file.
2. The method of claim 1, wherein security parameters are initialized and access control smart contracts and searchable encryption smart contracts are constructed, wherein the access control smart contracts include: an add function of the access policy, a delete function of the access policy, a query function of the access policy, and a verify function of the access policy.
3. The method of claim 1, wherein security parameters are initialized, and access control intelligent contracts and searchable encryption intelligent contracts are constructed, wherein the searchable encryption intelligent contracts include: a key generation function, a dictionary data adding function, a dictionary data deleting function and a dictionary data searching function; the key generation function takes the security parameters as input and outputs the public keys added, deleted and searched.
4. The method of claim 2, wherein the data owner obtains a new key index from the symmetric key, the key dictionary, and the index, and uploads the new key index to the blockchain via a searchable encryption intelligence contract, comprising:
inputting the symmetric key, the keyword dictionary and the index into a local SetupDB function by a data owner to obtain a new keyword index;
and uploading the key word index to the block chain by the data owner through the searchable encryption intelligent contract.
5. The method of claim 1, wherein the data owner locally constructs a list of access policy vectors and attribute expressions based on attributes of authorized data consumers and uploads the access policy vectors and the list of attribute expressions to a blockchain, and wherein generating a unique identifier for each access policy comprises:
the data owner determines an access strategy formula according to the attribute of an authorized data user;
the data owner obtains an access strategy vector and an attribute expression list according to the access strategy formula and the secret;
the data owner uploads the access policy vectors and the attribute expression list to a blockchain, sets access policies through an access control intelligence contract, and generates a unique identifier for each access policy.
6. The method of claim 5, wherein the data owner obtains a list of access policy vectors and attribute expressions from the access policy formula and the secret, comprising:
the data owner adopts a linear secret sharing scheme to construct an access strategy matrix according to an access strategy formula and the secret; the secrets are internal parameters of access control smart contracts and searchable encryption smart contracts that are set by data owners prior to contract deployment;
the data owner multiplies the access strategy matrix and the secret sharing column vector to obtain an access strategy vector, and an attribute expression list is determined according to the access strategy matrix; the attribute expression list is composed of all attributes in the access policy.
7. The method of claim 2, wherein the validation code comprises a valid validation code and an invalid validation code;
the data user verifies the self attribute through the access control intelligent contract to generate a verification code, and the method comprises the following steps:
the data user uploads the self attribute to the block chain, and the self attribute of the data user is matched with the attribute expression list uploaded by the data provider through a verification function of an access strategy of an access control intelligent contract;
if the matching condition is met, generating a valid verification code and a timestamp;
if the matching condition is not satisfied, an invalid verification code is generated.
8. The method of claim 3, wherein the data user obtains the key index of the encrypted file according to the verification code and the searchable encrypted intelligent contract, and queries the interplanetary file system according to the key index of the encrypted file to obtain the corresponding encrypted file, comprising:
the data user selects the public keys of the dictionary data adding function, the dictionary data deleting function and the dictionary data searching function, uploads the verification code, all the public keys, the timestamp and the keyword to the block chain, and obtains an identifier list of the encrypted file through the dictionary data searching function capable of searching the encrypted intelligent contract;
and the data user decrypts the identifier list through the public key of the dictionary data adding function to obtain the key word index of the related encrypted file, and queries the key word index in the interplanetary file system to obtain the corresponding encrypted file.
9. The method according to claim 3, wherein said dictionary data search function comprises the specific steps of:
after receiving parameters transmitted by a data user, freely constructing a lookup token according to the public key of the dictionary data adding function, the public key of the dictionary data deleting function, the public key of the dictionary data searching function and the keywords;
calling a searchable encrypted intelligent contract by using the search token and the verification code as parameters, and constructing a new verification code according to the secret, the address of a data user and the timestamp;
outputting a list of identifiers of encrypted files when the new authentication code is equal to the authentication code
Returning a null value when the new verification code is not equal to the verification code.
10. A block chain based multi-user searchable encryption apparatus, comprising: the system comprises a block chain, an intelligent contract module, an interplanetary file system and a key management system; the intelligent contract module comprises an access control intelligent contract module and a searchable encryption intelligent contract module;
the block chain is developed by adopting an Etheng as a bottom platform;
the access control intelligent contract module and the searchable encryption intelligent contract module are constructed and deployed by a data owner;
the key management system is used for managing keys and monitoring transactions on the blockchain;
the interplanetary file system is used for storing an encrypted file decrypted by a data owner by using a symmetric key;
the data owner respectively uploads the symmetric key and the encrypted file encrypted by the symmetric key to the key management system and the interplanetary file system, and a keyword dictionary and an index of the encrypted file are generated; the data owner obtains a new keyword index according to the symmetric key, the keyword dictionary and the index, and uploads the new keyword index to the block chain through the searchable encryption intelligent contract module; the method comprises the steps that a data owner locally constructs an access policy vector and an attribute expression list according to the attribute of an authorized data user, uploads the access policy vector and the attribute expression list to a block chain through an access control intelligent contract module, and generates a unique identifier of each access policy;
the data user verifies the self attribute through the access control intelligent contract module, uploads the obtained verification code to the searchable encryption intelligent contract module for keyword index search, and inquires in the interplanetary file system according to the keyword index of the obtained encrypted file to obtain a corresponding encrypted file; and the data user obtains the symmetric key from the key management system through transaction information verification, and decrypts the encrypted file by using the symmetric key to obtain a plaintext file.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210486546.7A CN115603934B (en) | 2022-05-06 | 2022-05-06 | Multi-user searchable encryption method and device based on block chain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210486546.7A CN115603934B (en) | 2022-05-06 | 2022-05-06 | Multi-user searchable encryption method and device based on block chain |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115603934A true CN115603934A (en) | 2023-01-13 |
| CN115603934B CN115603934B (en) | 2024-04-19 |
Family
ID=84841947
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210486546.7A Active CN115603934B (en) | 2022-05-06 | 2022-05-06 | Multi-user searchable encryption method and device based on block chain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115603934B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116455596A (en) * | 2023-02-16 | 2023-07-18 | 广东顺德电力设计院有限公司 | Virtual power plant data security protection method based on consensus mechanism |
| CN116910788A (en) * | 2023-08-15 | 2023-10-20 | 广州粤建三和软件股份有限公司 | Searchable encryption management method and device for service data and storage medium |
| CN117729040A (en) * | 2023-12-22 | 2024-03-19 | 中国人民解放军国防科技大学 | Verifiable astronomical line safety inquiry method and system |
| CN117896066A (en) * | 2024-03-18 | 2024-04-16 | 成都理工大学 | Double-chain architecture-based searchable encryption method capable of verifying multi-user authorization cross-domain |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2019153813A1 (en) * | 2018-02-07 | 2019-08-15 | 华南理工大学 | Full-text fuzzy retrieval method for similar chinese characters in ciphertext domain |
| CN111143471A (en) * | 2019-12-27 | 2020-05-12 | 北京工业大学 | Ciphertext retrieval method based on block chain |
| CN112765650A (en) * | 2021-01-05 | 2021-05-07 | 西安电子科技大学 | Attribute-based searchable encryption block chain medical data sharing method |
| US20210176221A1 (en) * | 2018-12-27 | 2021-06-10 | Silver Rocket Data Technology (Shanghai) Co., Ltd | Data Transmission Method and System, Platform and Storage Medium |
| CN113194078A (en) * | 2021-04-22 | 2021-07-30 | 西安电子科技大学 | Cloud-supported privacy protection sequencing multi-keyword search encryption method |
-
2022
- 2022-05-06 CN CN202210486546.7A patent/CN115603934B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2019153813A1 (en) * | 2018-02-07 | 2019-08-15 | 华南理工大学 | Full-text fuzzy retrieval method for similar chinese characters in ciphertext domain |
| US20210176221A1 (en) * | 2018-12-27 | 2021-06-10 | Silver Rocket Data Technology (Shanghai) Co., Ltd | Data Transmission Method and System, Platform and Storage Medium |
| CN111143471A (en) * | 2019-12-27 | 2020-05-12 | 北京工业大学 | Ciphertext retrieval method based on block chain |
| CN112765650A (en) * | 2021-01-05 | 2021-05-07 | 西安电子科技大学 | Attribute-based searchable encryption block chain medical data sharing method |
| CN113194078A (en) * | 2021-04-22 | 2021-07-30 | 西安电子科技大学 | Cloud-supported privacy protection sequencing multi-keyword search encryption method |
Non-Patent Citations (2)
| Title |
|---|
| 刘格昌;***;: "基于可搜索加密的区块链数据隐私保护机制", 计算机应用, no. 2, 30 December 2019 (2019-12-30) * |
| 孟领航: "区块链的交易安全和隐私保护关键技术研究", 《优秀博士论文》, 15 January 2022 (2022-01-15) * |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116455596A (en) * | 2023-02-16 | 2023-07-18 | 广东顺德电力设计院有限公司 | Virtual power plant data security protection method based on consensus mechanism |
| CN116910788A (en) * | 2023-08-15 | 2023-10-20 | 广州粤建三和软件股份有限公司 | Searchable encryption management method and device for service data and storage medium |
| CN116910788B (en) * | 2023-08-15 | 2024-06-11 | 广州粤建三和软件股份有限公司 | Searchable encryption management method and device for service data and storage medium |
| CN117729040A (en) * | 2023-12-22 | 2024-03-19 | 中国人民解放军国防科技大学 | Verifiable astronomical line safety inquiry method and system |
| CN117896066A (en) * | 2024-03-18 | 2024-04-16 | 成都理工大学 | Double-chain architecture-based searchable encryption method capable of verifying multi-user authorization cross-domain |
| CN117896066B (en) * | 2024-03-18 | 2024-05-28 | 成都理工大学 | Double-chain architecture-based searchable encryption method capable of verifying multi-user authorization cross-domain |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115603934B (en) | 2024-04-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN115603934B (en) | Multi-user searchable encryption method and device based on block chain | |
| Salam et al. | Implementation of searchable symmetric encryption for privacy-preserving keyword search on cloud storage | |
| CN114826703B (en) | Block chain-based data search fine granularity access control method and system | |
| CN101401341A (en) | Secure data parser method and system | |
| KR20100062013A (en) | Method for data encryption and method for data search using conjunctive keyword | |
| CN108632385B (en) | Time sequence-based cloud storage privacy protection method for multi-branch tree data index structure | |
| Sun et al. | Research on logistics information blockchain data query algorithm based on searchable encryption | |
| Tang et al. | A secure and trustworthy medical record sharing scheme based on searchable encryption and blockchain | |
| CN113515759A (en) | Block chain-based power terminal data access control method and system | |
| CN115314321B (en) | Searchable encryption method based on block chain without need of secure channel | |
| CN114036240A (en) | Multi-service provider private data sharing system and method based on block chain | |
| CN115473715B (en) | Forward secure ciphertext equivalent test public key encryption method, device, system and medium | |
| Ma et al. | CP‐ABE‐Based Secure and Verifiable Data Deletion in Cloud | |
| CN106326666A (en) | Health record information management service system | |
| JP6879311B2 (en) | Message transmission system, communication terminal, server device, message transmission method, and program | |
| CN114598472A (en) | Conditional-hidden searchable agent re-encryption method based on block chain and storage medium | |
| Li et al. | Secure and temporary access delegation with equality test for cloud-assisted IoV | |
| CN113132345B (en) | Agent privacy set intersection method with searchable function | |
| CN113836571A (en) | Method and system for matching positions of medical data owning terminals based on cloud and block chains | |
| CN116800398A (en) | SSE and blockchain-based supply chain information ciphertext searchable system | |
| CN116611083A (en) | Medical data sharing method and system | |
| Luo et al. | Accountable data sharing scheme based on blockchain and SGX | |
| Jiang et al. | A novel privacy preserving keyword search scheme over encrypted cloud data | |
| CN110851850B (en) | Method for realizing searchable encryption system | |
| Huang et al. | A Secure and IoT-Enabled Data Sharing System Based on IPFS and IOTA Blockchain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |