高效的可验证无证书可搜索加密方案

doi:10.11959/j.issn.1000-436x.2023156

通信学报 ›› 2023, Vol. 44 ›› Issue (8): 61-77.doi: 10.11959/j.issn.1000-436x.2023156

• 学术论文 • 上一篇

高效的可验证无证书可搜索加密方案

崔新华¹^,²^,³, 田有亮¹^,²^,⁴, 张起嘉¹^,²

¹ 公共大数据国家重点实验室，贵州贵阳 550025
² 贵州大学计算机科学与技术学院，贵州贵阳 550025
³ 贵州师范大学经济与管理学院，贵州贵阳 550025
⁴ 贵州大学密码学与数据安全研究所，贵州贵阳 550025

修回日期:2023-06-06 出版日期:2023-08-01 发布日期:2023-08-01
作者简介:崔新华（1982- ），女，侗族，贵州凯里人，贵州大学博士生，主要研究方向为密码学与信息安全、公钥密码
田有亮（1982- ），男，贵州盘县人，博士，贵州大学教授、博士生导师，主要研究方向为算法博弈论、密码学与安全协议、大数据安全与隐私保护等
张起嘉（1995- ），男，河北衡水人，贵州大学博士生，主要研究方向为公钥密码学
基金资助:
国家重点研发计划基金资助项目(2021YFB3101100);国家自然科学基金资助项目(U1836205);国家自然科学基金资助项目(62272123);贵州省高层次创新型人才基金资助项目([2020]6008);贵阳市科技计划基金资助项目([2021]1-5);贵阳市科技计划基金资助项目([2022]2-4);贵州省科技计划基金资助项目([2020]5017);贵州省科技计划基金资助项目([2020]5017);贵州省科技计划基金资助项目([2022]065)

Efficient certificateless searchable encryption scheme with verifiability

Xinhua CUI¹^,²^,³, Youliang TIAN¹^,²^,⁴, Qijia ZHANG¹^,²

¹ State Key Laboratory of Public Big Data, Guiyang 550025, China
² College of Computer Science and Technology, Guizhou University, Guiyang 550025, China
³ College of Economics and Management, Guizhou Normal University, Guiyang 550025, China
⁴ Institute of Cryptography ＆Data Security, Guizhou University, Guiyang 550025, China

Revised:2023-06-06 Online:2023-08-01 Published:2023-08-01
Supported by:
The National Key Research and Development Program of China(2021YFB3101100);The National Natural Science Foundation of China(U1836205);The National Natural Science Foundation of China(62272123);Project of High-level Innovative Talents of Guizhou Province([2020]6008);Science and Technology Program of Guiyang([2021]1-5);Science and Technology Program of Guiyang([2022]2-4);Science and Technology Program of Guizhou Province([2020]5017);Science and Technology Program of Guizhou Province([2020]5017);Science and Technology Program of Guizhou Province([2022]065)

摘要/Abstract

摘要：

在云计算环境中，可搜索加密方案是一种实现数据隐私保护和关键词搜索的有效方法。目前，现有方案不仅难以实现高效验证与动态更新，同时也存在证书管理和密钥分配问题。为了解决上述问题，近期有相关学者提出了一种基于改进 Merkle-Tree 认证方法的可验证多关键词搜索方案，然而经过安全性分析，该方案不能满足密文的不可区分性。通过改进，提出了一种新的高效的可验证无证书可搜索加密方案。分析表明，所提方案不仅能够满足无证书环境下的密文不可区分性与签名的不可伪造性，还实现了更高的计算效率与更小的通信开销，更能适用于资源有限的终端设备。

关键词: 无证书加密, 可搜索加密, 可验证性, 动态更新

Abstract:

Searchable encryption offers an effective way to achieve data privacy protection and keyword search in cloud computing environments.Currently, the existing schemes not only lack dynamic update and efficient verification mechanism, but also suffer from the certificate management burden and key escrow issue.To address these issues, a verifiable multi-keyword searchable encryption scheme based on improved Merkle-Tree had been proposed recently.However, through cryptoanalysis, that scheme could not achieve the indistinguishability.With improvement, an efficient able certificateless searchable encryption scheme with verifiability was proposed.Rigorous analysis show that the proposed scheme not only supports the indistinguishability and the unforgeability, but also enjoys higher computing efficiency and lower communication cost, which is more suitable for terminal devices with limited resources.

Key words: certificateless encryption, searchable encryption, verifiability, dynamic updating

中图分类号:

TP309

崔新华, 田有亮, 张起嘉. 高效的可验证无证书可搜索加密方案[J]. 通信学报, 2023, 44(8): 61-77.

Xinhua CUI, Youliang TIAN, Qijia ZHANG. Efficient certificateless searchable encryption scheme with verifiability[J]. Journal on Communications, 2023, 44(8): 61-77.

图/表 11

图1

图2

图3

图4

表1

表2

表3

表4

图5

图6

图7

参考文献 22

[1]	SONG D X , WAGNER D , PERRIG A . Practical techniques for searches on encrypted data[C]// Proceedings of IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 2002: 44-55.
[2]	BONEH D , CRESCENZO G D , OSTROVSKY R ,et al. Public key encryption with keyword search[C]// International Conference on the Theory and Applications of Cryptographic Techniques. Berlin:Springer, 2004: 506-522.
[3]	GOLLE P , STADDON J , WATERS B . Secure conjunctive keyword search over encrypted data[C]// International Conference on Applied Cryptography and Network Security. Berlin:Springer, 2004: 31-45.
[4]	KAMARA S , PAPAMANTHOU C , ROEDER T . Dynamic searchable symmetric encryption[C]// Proceedings of the 2012 ACM Conference on Computer and Communications Security. New York:ACM Press, 2012: 965-976.
[5]	CURTMOLA R , GARAY J , KAMARA S ,et al. Searchable symmetric encryption:improved definitions and efficient constructions[J]. Journal of Computer Security, 2011,19(5): 895-934.
[6]	张键红, 武梦龙, 王晶 ,等. 云环境下安全的可验证多关键词搜索加密方案[J]. 通信学报, 2021,42(4): 139-149.
	ZHANG J H , WU M L , WANG J ,et al. Secure and verifiable multi-keyword searchable encryption scheme in cloud[J]. Journal on Communications, 2021,42(4): 139-149.
[7]	SHACHAM H , WATERS B . Compact proofs of retrievability[J]. Journal of Cryptology, 2013,26(3): 442-483.
[8]	GUO L F , LU B , LI X Y ,et al. A verifiable proxy re-encryption with keyword search without random oracle[C]// Proceedings of Ninth International Conference on Computational Intelligence and Security. Piscataway:IEEE Press, 2014: 474-478.
[9]	YANG Y , MA M D . Conjunctive keyword search with designated tester and timing enabled proxy re-encryption function for E-health clouds[J]. IEEE Transactions on Information Forensics and Security, 2016,11(4): 746-759.
[10]	SUN W H , WANG B , CAO N ,et al. Verifiable privacy-preserving multi-keyword text search in the cloud supporting similarity-based ranking[J]. IEEE Transactions on Parallel and Distributed Systems, 2014,25(11): 3025-3035.
[11]	WANG J F , CHEN X F , HUANG X Y ,et al. Verifiable auditing for outsourced database in cloud computing[J]. IEEE Transactions on Computers, 2015,64(11): 3293-3303.
[12]	MIAO Y B , MA J F , LIU X M ,et al. VMKDO:verifiable multi-keyword search over encrypted cloud data for dynamic data-owner[J]. Peer-to-Peer Networking and Applications, 2018,11(2): 287-297.
[13]	GUO Y , ZHANG C , JIA X H . Verifiable and forward-secure encrypted search using blockchain techniques[C]// Proceedings of 2020 IEEE International Conference on Communications (ICC). Piscataway:IEEE Press, 2020: 1-7.
[14]	PENG Y G , CUI J T , PENG C G ,et al. Certificateless public key encryption with keyword search[J]. China Communications, 2014,11(11): 100-113.
[15]	郑东, 朱天泽, 郭瑞 . 基于区块链的多用户环境中公钥可搜索加密方案[J]. 通信学报, 2021,42(10): 140-152.
	ZHENG D , ZHU T Z , GUO R . Public key searchable encryption scheme in blockchain-enabled multi-user environment[J]. Journal on Communications, 2021,42(10): 140-152.
[16]	MA M M , HE D B , KUMAR N ,et al. Certificateless searchable public key encryption scheme for industrial Internet of things[J]. IEEE Transactions on Industrial Informatics, 2018,14(2): 759-767.
[17]	张玉磊, 文龙, 王浩浩 ,等. 多用户环境下无证书认证可搜索加密方案[J]. 电子与信息学报, 2020,42(5): 1094-1101.
	ZHANG Y L , WEN L , WANG H H ,et al. Certificateless authentication searchable encryption scheme for multi-user[J]. Journal of Electronics ＆ Information Technology, 2020,42(5): 1094-1101.
[18]	WU L B , ZHANG Y B , MA M M ,et al. Certificateless searchable public key authenticated encryption with designated tester for cloud-assisted medical Internet of things[J]. Annals of Telecommunications, 2019,74(7): 423-434.
[19]	ZHENG Q J , LI X X , AZGIN A . CLKS:certificateless keyword search on encrypted data[C]// International Conference on Network and System Security. Berlin:Springer, 2015: 239-253.
[20]	MIAO Y , WENG J , LIU X ,et al. Enabling verifiable multiple keywords search over encrypted cloud data[J]. Information Sciences, 2018,465(10): 21-37.
[21]	田有亮, 骆琴 . 基于改进 Merkle-Tree 认证方法的可验证多关键词搜索方案[J]. 通信学报, 2020,41(9): 118-129.
	TIAN Y L , LUO Q . Verifiable multi-keyword search scheme based on improved Merkle-Tree authentication method[J]. Journal on Communications, 2020,41(9): 118-129.
[22]	GARG N , BAWA S . RITS-MHT:relative indexed and time stamped Merkle hash tree based data auditing protocol for cloud computing[J]. Journal of Network and Computer Applications, 2017,84: 1-13.

参数	含义
E	群G中的指数运算(Type-1 pairing)
E₁	群G₁中的指数运算
E₂	群G₂中的指数运算
P	对运算
H₀	群G中的map to point运算(Type-1 pairing)
H₁	群G₁中的map to point运算
H₂	群G₂中的map to point运算

方案	密文生成阶段	陷门生成阶段
文献[19]	4\|G\|	4\|G\|
文献[20]	5\|G\|	4\|G\|
文献[21]	5\|G\|	5\|G\|
文献[6]	5\|G\|+2\|G_T\|	2\|G\|
所提方案	2\|G₁\|+\|G₂\|	\|G₁\|+2\|G₂\|

方案	密钥生成（用户侧）	密文生成	陷门生成	密文搜索	结果验证
文献[19]	2E	9E	10E	4P	—
文献[20]	2E	11E+H₀	10E	4P	4P
文献[21]	E	11E	10E	4P	E+4P
文献[6]	2E	8E+H₀+2P	3E	2P+2E	2E+H₀+2P
所提方案	E₁	4E₁+H₁	E₁+3E₂	3P	4P

曲线	表达式	基域的阶/bit	安全位数/bit	群G₁中指数运算耗时/ms	群G₂中指数运算耗时/ms	对运算耗时/ms	map to point运算耗时/ms
Type-A	y ²=x³+x mod q	512	1 024	6.726	—	9.151	14.280
D159	y ²=x³+ax+b mod q	159	954	12.322	1.262	10.532	0.115(G₂)

高效的可验证无证书可搜索加密方案

Efficient certificateless searchable encryption scheme with verifiability

在线阅读

PDF下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 11

参考文献 22

相关文章 15

Metrics

推荐阅读 0

[1]	冯涛, 陈李秋, 方君丽, 石建明. 基于本地化差分隐私和属性基可搜索加密的区块链数据共享方案[J]. 通信学报, 2023, 44(5): 224-233.
[2]	谢晴晴, 杨念民, 冯霞. 基于区块链的噪声化数据分享控制协议[J]. 通信学报, 2023, 44(10): 198-212.
[3]	杜瑞忠, 张玉晴, 李明月. 基于双向索引的高效连接关键字查询动态可搜索加密方案[J]. 通信学报, 2022, 43(5): 123-132.
[4]	郑东, 朱天泽, 郭瑞. 基于区块链的多用户环境中公钥可搜索加密方案[J]. 通信学报, 2021, 42(10): 140-152.
[5]	田有亮,骆琴. 基于改进Merkle-Tree认证方法的可验证多关键词搜索方案[J]. 通信学报, 2020, 41(9): 118-129.
[6]	牛淑芬,刘文科,陈俐霞,王彩芬,杜小妮. 基于联盟链的可搜索加密电子病历数据共享方案[J]. 通信学报, 2020, 41(8): 204-214.
[7]	杜瑞忠,谭艾伦,田俊峰. 基于区块链的公钥可搜索加密方案[J]. 通信学报, 2020, 41(4): 114-122.
[8]	闫玺玺,原笑含,汤永利,陈艳丽. 基于区块链且支持验证的属性基搜索加密方案[J]. 通信学报, 2020, 41(2): 187-198.
[9]	张强,王国军,张少波. 基于多边缘服务器的个性化搜索隐私保护方法[J]. 通信学报, 2019, 40(2): 40-50.
[10]	胡欣,宋航宇,刘帅军,李秀华,王卫东,汪春霆. 基于时间演进图的LEO星间切换实时预测及更新方法[J]. 通信学报, 2018, 39(10): 43-51.
[11]	宋衍,韩臻,李建军,韩磊. 支持安全共享的云存储系统研究[J]. 通信学报, 2017, 38(Z1): 88-96.
[12]	伍祈应,马建峰,李辉,张俊伟,姜奇,苗银宾. 支持用户撤销的多关键字密文查询方案[J]. 通信学报, 2017, 38(8): 183-193.
[13]	吴志强,李肯立,郑蕙. 高效可扩展的对称密文检索架构[J]. 通信学报, 2017, 38(8): 79-93.
[14]	伍祈应,马建峰,苗银宾,张俊伟,沈丽敏. 多数据拥有者认证的密文检索方案[J]. 通信学报, 2017, 38(11): 161-170.
[15]	宋衍,韩臻,陈栋,赵进华. 支持关键词任意连接搜索的属性加密方案[J]. 通信学报, 2016, 37(8): 77-85.