摘要
针对云服务器上用户信息的隐私问题,提出一种基于属性代理重加密技术与容错机制相结合的方案。该方案将用户存储的数据分为文件和文件的安全索引,将其分别进行加密后存储在不同的云服务器上。首先,利用倒排序结构构造文件的安全索引,并使用模糊提取器对关键字进行预处理,用户可以通过该安全索引进行容错的多关键字搜索;其次,设置访问控制树对解密密钥重加密,实现权限管理,即实现数据在云端的有效共享;最后,通过Complex Triple Diffle-Hellman难题证明该方案生成的系统主密钥是安全的,因此该方案在云环境下也是安全的。与已有的方案的对比分析表明,该方案可减少密钥重加密、解密等的计算量,同时通过加入容错处理机制提高了数据检索的效率。
Aiming at the privacy of user information stored in the cloud server problem,a scheme based on property broker re-encryption and fault-tolerant mechanism was proposed.This scheme mainly divides the data stored by users into files and the security index of files,encrypts them separately and then stores them on different cloud servers.Firstly,the security index of file is constructed by using the inverted structure and the keywords are preprocessed by using the fuzzy extractor,so the users can search multi-keywords with fault tolerance through the security index.Secondly,the access control tree is used for re-encryption of decryption key to realize right management,namely,the effective sharing of data in cloud.Finally,the scheme is proved to be secure in cloud environment through Complex Triple Diffie-Hellman problem,proving that the system master key generated by this scheme is secure.Compared with the existing schemes,it is shown that the scheme can reduce the computational complexity of key re-encryption and decryption,and the fault-tolerant mechanism improves the efficiency of data retrieval.
作者
刘新宇
李浪
肖斌斌
LIU Xin-yu;LI Lang;XIAO Bing-bing(College of Computer Science and Technology,Hengyang Normal University,Hengyang,Hunan 421002,China;College of Information Science and Technology,Jinan University,Guangzhou 510632,China)
出处
《计算机科学》
CSCD
北大核心
2018年第7期162-166,196,共6页
Computer Science
基金
国家自然科学基金资助项目(61572174)
湖南省教育厅资助科研项目(15A029)基金资助
关键词
重加密技术
容错机制
多关键字
访问控制树
模糊提取器
Re-encryption technology
Fault-tolerant mechanism
Multiple keywords
Access control tree
Fuzzy extractors
