摘要
大多数可搜索加密方案仅支持对单关键词集的搜索,且数据使用者不能迅速对云服务器返回的密文进行有效性判断,同时考虑到云服务器具有较强的计算能力,可能会对关键词进行猜测,且没有对数据使用者的身份进行验证。针对上述问题,该文提出一个对数据使用者身份验证的抗关键词猜测的授权多关键词可搜索加密方案。方案中数据使用者与数据属主给授权服务器进行授权,从而验证数据使用者是否为合法用户;若验证通过,则授权服务器利用授权信息协助数据使用者对云服务器返回的密文进行有效性检测;同时数据使用者利用服务器的公钥和伪关键词对关键词生成陷门搜索凭证,从而保证关键词的不可区分性。同时数据属主在加密时,利用云服务器的公钥、授权服务器的公钥以及数据使用者的公钥,可以防止合谋攻击。最后在随机预言机模型下证明了所提方案的安全性,并通过仿真实验验证,所提方案在多关键词环境下具有较好的效率。
Most existing searchable encryption schemes only support the search for keyword sets,and the data users can not quickly identify the file keyword information returned by the server.Meanwhile,considering the server has strong computing power,it may judge keyword information from single keywords and the identity of the data consumer is not verified.In this paper,the data user and data owner are delegated server to verify whether the data ueer is a legitimate user;if legal,the delegated server can detect the validity of the return ciphertext with data user.The data user uses the server public key,keywords and pseudo-keywords to generate trapdoor,in order to ensure the indistinguishable of the keywords,a delegated multi-keyword searchable encryption scheme is designed,which is resistant to keyword guessing of data user authentication.Meanwhile,when the data owner encrypts,the public key of the cloud server,the delegated server,and the data user can be used to prevent collusion attacks.In the random oracle model the security of the proposed scheme is proved.The experiment results show that the scheme is efficient under the multi-keyword environment.
作者
曹素珍
郎晓丽
刘祥震
张玉磊
王斐
CAO Suzhen;LANG Xiaoli;LIU Xiangzhen;ZHANG Yulei;WANG Fei(College of Computer Science and Engineering,Northwest Normal University,Lanzhou 730070,China)
出处
《电子与信息学报》
EI
CSCD
北大核心
2019年第9期2180-2186,共7页
Journal of Electronics & Information Technology
基金
国家自然科学基金(61662071,61662069,61462077)
甘肃省高等学校科研项目(2017A-003,2018A-207)~~
关键词
可搜索加密
抗关键词猜测
授权验证
多关键词搜索
数据使用者身份验证
Searchable encryption
Keyword guessing attack
Delegate verification
Multi-keyword search
Data user verification
