摘要
随着云计算技术的快速发展和广泛应用,云环境中的数据安全问题成为用户关注的焦点。为了保障数据隐私,用户将隐私数据加密后上传至云服务器。然而,如何从多个云服务器中的海量加密数据里检索到包含特定信息的密文是富有挑战性的。传统的可搜索加密方案无法直接应用于多云环境的密文数据检索中。基于属性的加密技术为密文关键词检索提供了一种新的解决思路,但是,现有的相关方案存在仅支持单个或连接关键词检索、访问控制策略不灵活、检索效率低、计算和存储开销大以及无法有效适用于多云环境等问题。因此,文中提出了一种多云环境中基于属性加密的高效多关键词检索方案(MRAM)。MRAM基于高性能的密文策略的属性加密算法,实现了任意密文多关键词检索,细粒度的访问控制,并且通过引入检索服务器有效支持多云环境中高效准确的密文检索。安全分析表明,MRAM能够实现安全索引机密性、检索陷门机密性、抗共谋攻击等重要安全特性,性能评估验证了MRAM相较于已有的方案,在安全索引生成、检索陷门生成和检索阶段具有更低的计算开销,且安全索引和检索陷门的存储开销也更小。
With the rapid development and wide application of cloud computing technology,data security issues in the cloud environment have become the focus of users’attention.To ensure data privacy,users encrypt the private data and upload it to the cloud server.Nevertheless,it is challenging to retrieve ciphertext containing specific information from massive encrypted data of multiple cloud servers.Traditional searchable encryption schemes cannot be directly applied to ciphertext data retrieval in the multi-cloud environment.The attribute-based encryption provides a new solution for ciphertext keyword retrieval.However,the existing related schemes have some problems,such as only supporting single or conjunctive keyword retrieval,inflexible access control policy,low retrieval efficiency,large calculation and storage overhead,and not applying to the multi-cloud environment effectively.Therefore,this paper proposed an efficient Multi-keyword Retrieval scheme based on Attribute encryption in the Multi-cloud environment(MRAM).MRAM is based on the high-performance ciphertext-policy attribute-based encryption algorithm,and realizes multi-keyword ciphertext retrieval and fine-grained access control.By introducing a retrieval server,MRAM effectively supports efficient and accurate ciphertext retrieval in multi-cloud environment.Security analysis shows that MRAM can achieve important security features such as security index confidentiality,trapdoor confidentiality,and resistance to collusion attacks.The performance evaluation verifies that MRAM has lower computational overhead in the secure index generation,trapdoor generation,and retrieval stages compared with existing solutions,and the storage overhead of the secure index and trapdoor is also smaller.
作者
何亨
蒋俊君
冯可
李鹏
徐芳芳
HE Heng;JIANG Jun-jun;FENG Ke;LI Peng;XU Fang-fang(School of Computer Science and Technology,Wuhan University of Science and Technology,Wuhan 430065,China;Hubei Province Key Laboratory of Intelligent Information Processing and Real-time Industrial System,Wuhan 430065,China)
出处
《计算机科学》
CSCD
北大核心
2021年第S02期576-584,共9页
Computer Science
基金
国家自然科学基金项目(61602351,61802286)
湖北省自然科学基金(2018CFB424)
湖北省教育厅科学研究计划(B2019009)。
关键词
多云环境
属性加密
多关键词检索
密文检索
访问控制
Multi-cloud environment
Attribute-based encryption
Multi-keyword retrieval
Ciphertext retrieval
Access control policy
