信息网络安全 ›› 2017, Vol. 17 ›› Issue (4): 1-8.doi: 10.3969/j.issn.1671-1122.2017.04.001

• •    下一篇

基于Merkle哈希树的可验证密文检索方案

陈兰香1,2(), 邱林冰1,2   

  1. 1.福建师范大学数学与计算机科学学院,福建福州 350108
    2. 福建师范大学网络安全与密码技术重点实验室,福建福州 350108
  • 收稿日期:2016-11-17 出版日期:2017-04-20 发布日期:2020-05-12
  • 作者简介:

    作者简介: 陈兰香(1979—),女,湖北,副教授,博士,主要研究方向为云存储、网络存储、存储安全、信息安全;邱林冰(1988—),男,福建,硕士研究生,主要研究方向为密文检索、云存储。

  • 基金资助:
    国家自然科学基金[61602118,61572010,61472074];福建省自然科学基金[2015J01240];福建省教育厅科技项目[JK2014009];福州市科技计划项目[2014-G-80];福建师范大学校创新团队[IRTL1207]

A Verifiable Ciphertext Retrieval Scheme Based on Merkle Hash Tree

Lanxiang CHEN1,2(), Linbing QIU1,2   

  1. 1.School of Mathematics and Computer Science, Fujian Normal University, Fuzhou Fujian 350108,China
    2. Key Lab of Network Security and Cryptology, Fujian Normal University, Fuzhou Fujian 350108,China
  • Received:2016-11-17 Online:2017-04-20 Published:2020-05-12

摘要:

在半诚实且好奇的云服务器模型下,为通过构建安全倒排索引和认证数据结构,达到快速检索密文和验证服务器行为的目的,文章提出一个基于Merkle哈希树的可验证密文检索方案。方案使用Lucene搜索引擎工具包,通过改进传统明文索引结构得到适于密文检索的安全倒排索引,以保证检索的效率和安全性。此外,文章基于Merkle哈希树结构实现了检索结果的完整性和正确性验证。实验分析表明,文章方案不仅满足用户对外包私密数据的高效检索和数据安全要求,而且能准确且高效地验证云服务器可能存在的篡改、删除和伪造等不法行为。

关键词: 云存储, 可搜索加密, 倒排索引, Merkle哈希树, 完整性验证

Abstract:

In the model of the semi-honest and curious server, in order to achieve the purpose of fast retrieval of ciphertext and verification of server behaviors by constructing the secure inverted index and the authentication data structure, this paper proposes a verifiable ciphertext retrieval scheme based on Merkle Hash tree. The scheme uses the Lucene search engine toolkit to improve the traditional plaintext index structure to get the secure inverted index which is suitable for the ciphertext retrieval, which ensures the efficiency and security of retrieval. In addition, this paper implements the verification of the completeness and correctness of the retrieval results based on Merkle Hash tree structure. Experimental analysis shows that this scheme not only satisfies the user's efficient retrieval requirement on outsourced private data and data security requirement, but also can accurately and efficiently verify the illegal acts of tampering, deletion, forgery and others that exist on cloud server.

Key words: cloud storage, searchable encryption, inverted index, Merkle Hash tree, integrity checking

中图分类号: