基于可验证秘密共享的多关键词可搜索加密方案

doi:10.3969/j.issn.1671-1122.2023.05.004

信息网络安全 ›› 2023, Vol. 23 ›› Issue (5): 32-40.doi: 10.3969/j.issn.1671-1122.2023.05.004

基于可验证秘密共享的多关键词可搜索加密方案

秦宝东¹(), ，陈从正¹, ，何俊杰¹, 郑东¹^,²

1.西安邮电大学网络空间安全学院，西安 710121
2.青海师范大学计算机学院，西宁 810008

收稿日期:2023-02-19 出版日期:2023-05-10 发布日期:2023-05-15
通讯作者: 秦宝东 E-mail:qinbaodong@xupt.edu.cn
作者简介:秦宝东（1982—），男，江苏，教授，博士，主要研究方向为密码学与信息安全|陈从正（1996—），男，陕西，硕士研究生，主要研究方向为公钥可搜索加密|何俊杰（1997—），男，陕西，硕士研究生，主要研究方向为公钥可搜索加密|郑东（1964—），男，山西，教授，博士，主要研究方向为密码学与信息安全
基金资助:
国家自然科学基金(62072371);青海省基础研究计划基金资助项目(2020-ZJ-701)

Multi-Keyword Searchable Encryption Scheme Based on Verifiable Secret Sharing

QIN Baodong¹(), CHEN Congzheng¹, HE Junjie¹, ZHENG Dong¹^,²

1. School of Cyberspace Security, Xi’an University of Posts and Telecommunications, Xi’an 710121, China
2. The college of Computer, Qinghai Normal University, Xining 810008, China

Received:2023-02-19 Online:2023-05-10 Published:2023-05-15
Contact: QIN Baodong E-mail:qinbaodong@xupt.edu.cn

摘要/Abstract

摘要：

可搜索加密技术在云存储技术快速发展的环境下已经被广泛应用于数据安全与个人信息保护的实施办法中，并作为研究热点被国内外众多学者关注。密码体制的安全性依赖密钥的保密，然而目前大多可搜索加密方案都需要用户自行管理密钥，存在密钥泄露和遗失的风险，影响加密方案的安全性，同时也限制了需要使用不同设备的用户。文章针对可搜索加密的密钥管理问题，基于可验证秘密共享提出了一种密钥可重构的多关键词可搜索加密方案，用户只需依赖自己的生物特征和预设口令即可完成数据的外包和检索，摆脱了自行管理密钥的困扰。方案满足选择关键词不可区分和身份认证两个安全属性，确保只有口令正确且生物特征与模板足够接近的情况下才能完成数据的外包和检索，用户特征的正确性由服务器端计算并验证，且无法得到关于用户的原始生物特征、密钥和关键词等隐私信息。

关键词: 多可搜索加密, 生物特征, 可验证秘密共享, 密钥管理

Abstract:

With the rapid development of cloud storage technology, searchable encryption technology has been widely used in the implementation of data security and personal information protection, and has been paid attention by many scholars at home and abroad as a research hotspot. The security of the encryption system depends on the confidentiality of the key. However, at present, most searchable encryption schemes require users to manage the key by themselves. There is a risk of key leakage and loss, which affects the security of the encryption scheme, and also limits users who need to use different devices. Aiming at the key management problem of searchable encryption, the paper proposed a key reconfigurable multi-keyword searchable encryption scheme based on verifiable secret sharing. Users only need to rely on their biometrics and password to complete data outsourcing and retrieval, and get rid of the problem of self-managed keys. The scheme meets the two security attributes of selecting keywords indistinguishable and identity authentication, and ensures that data outsourcing and retrieval can be completed only when the password is correct and the biometrics are close enough to the template. The correctness of user characteristics is calculated and verified by the server, and privacy information such as the user's original biometrics, keys and keywords cannot be obtained.

Key words: multi-searchable encryption, biometric, verifiable secret sharing, key management

中图分类号:

TP309

秦宝东, ，陈从正, ，何俊杰, 郑东. 基于可验证秘密共享的多关键词可搜索加密方案[J]. 信息网络安全, 2023, 23(5): 32-40.

QIN Baodong, CHEN Congzheng, HE Junjie, ZHENG Dong. Multi-Keyword Searchable Encryption Scheme Based on Verifiable Secret Sharing[J]. Netinfo Security, 2023, 23(5): 32-40.

图/表 3

参考文献 22

[1]	VENKATESH A, EASTAFF M S. A Study of Data Storage Security Issues in Cloud Computing[J]. International Journal of Scientific Research in Computer Science, Engineering and Information Technology, 2018, 3(1): 1741-1745.
[2]	YANG Pan, XIONG Naixue, REN Jingli. Data Security and Privacy Protection for Cloud Storage: A Survey[J]. IEEE Access, 2020(8): 131723-131740.
[3]	SONG D X, WAGNER D, PERRIG A. Practical Techniques for Searches on Encrypted Data[C]// IEEE. Proceeding 2000 IEEE Symposium on Security and Privacy. New York: IEEE, 2000: 44-55.
[4]	BONEH D, DI C G, OSTROVSKY R, et al. Public Key Encryption with Keyword Search[C]// Springer. International Conference on the Theory and Applications of Cryptographic Techniques. Heidelberg: Springer, 2004: 506-522.
[5]	HUANG Yicai, LI Sensen, YU Bin. Survey of Symmetric Searchable Encryption in Cloud Environment[J]. Journal of Electronics & Information Technology, 2022, 45(3): 1134-1146.
	黄一才, 李森森, 郁滨. 云环境下对称可搜索加密研究综述[J]. 电子与信息学报, 2022, 45(3):1134-1146.
[6]	KUNAL S, SAHA A, AMIN R. An Overview of Cloud-Fog Computing: Architectures, Applications with Security Challenges[EB/OL]. (2019-05-16)[2023-02-02]. https://onlinelibrary.wiley.com/doi/abs/10.1002/spy2.72.
[7]	OMETOV A, BEZZATEEV S, MÄKITALO N, et al. Multi-Factor Authentication: A Survey[EB/OL]. (2018-01-05)[2023-02-02]. https://www.mdpi.com/2410-387X/2/1/1.
[8]	LI Weifeng. Talking About the Advantages and Disadvantages of Common Biometric Identification Technology[J]. Network Security Technology & Application, 2021(8): 144-146.
	李维峰. 浅谈常用生物特征识别技术的优缺点[J]. 网络安全技术与应用, 2021(8):144-146.
[9]	LI Jun, CHAI Haixin. Research on Privacy in Biometrics[J]. Journal of Information Security Research, 2020, 6(7): 589-601.
	李俊, 柴海新. 生物特征识别隐私保护研究[J]. 信息安全研究, 2020, 6(7):589-601.
[10]	DODIS Y, REYZIN L, SMITH A. Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data[C]// Springer. International Conference on the Theory and Applications of Cryptographic Techniques. Heidelberg: Springer, 2004: 523-540.
[11]	BOYEN X. Reusable Cryptographic Fuzzy Extractors[C]// ACM. Proceedings of the 11th ACM Conference on Computer and Communications Security. New York: ACM, 2004: 82-91.
[12]	SIMHADRI S, STEEL J, FULLER B. Cryptographic Authentication from the Iris[C]// Springer. Information Security:22nd International Conference. Heidelberg: Springer, 2019: 465-485.
[13]	HUANG K, MANULIS M, CHEN L. Password Authenticated Keyword Search[C]// IEEE. 2017 IEEE Symposium on Privacy-Aware Computing. New York: IEEE, 2017: 129-140.
[14]	SALAHDINE F, KAABOUCH N. Social Engineering Attacks: A Survey[EB/OL]. (2019-04-02)[2023-02-02]. https://www.mdpi.com/1999-5903/11/4/89.
[15]	WU Defu. How to Prevent "Library Collision" to Protect Your Privacy[J]. Computer & Network, 2018, 44(1): 43-53.
	吴德福. 如何防止“撞库”保护自己的隐私安全[J]. 计算机与网络, 2018, 44(1): 43-53.
[16]	GARDHAM D, MANULIS M, DRĂGAN C C. Biometric-Authenticated Searchable Encryption[C]// Springer. International Conference on Applied Cryptography and Network Security. Heidelberg: Springer, 2020: 40-61.
[17]	PEDERSEN T P. Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing[C]// Springer. Annual International Cryptology Conference. Heidelberg: Springer, 1992: 129-140.
[18]	AKHTAR Z, MICHELONI C, FORESTI G L. Biometric Liveness Detection: Challenges and Research Opportunities[J]. IEEE Security & Privacy, 2015, 13(5): 63-72.
[19]	FLEISCHHACKER N, MANULIS M, AZODI A. A Modular Framework for Multi-Factor Authentication and Key Exchange[C]// Springer. International Conference on Research in Security Standardisation. Heidelberg: Springer, 2014: 190-214.
[20]	POINTCHEVAL D, ZIMMER S. Multi-Factor Authenticated Key Exchange[C]// Springer. International Conference on Applied Cryptography and Network Security. Heidelberg: Springer, 2008: 277-295.
[21]	WANG Zhengcai, YANG Shiping. Research on Principles and Methods of Designing Authentication Protocols against Replay Attack[J]. Computer Engineering and Design, 2008, 29(20): 5163-5165.
	王正才, 杨世平. 抗重放攻击认证协议的设计原则和方法研究[J]. 计算机工程与设计, 2008, 29(20):5163-5165.
[22]	BELLARE M, BOLDYREVA A, MICALI S. Public-Key Encryption in a Multi-User Setting: Security Proofs and Improvements[C]// Springer. International Conference on the Theory and Applications of Cryptographic Techniques. Heidelberg: Springer, 2000: 259-274.

生物特征长度/ bit	初始化时间/ ms	注册时间/ ms	密钥重构时间/ ms	索引生成时间/ ms
128	1029	259	70	11
256	979	490	149	7
512	1135	780	280	8

群阶数位数/ bit	初始化时间/ ms	注册时间/ ms	密钥重构时间/ ms	索引生成时间/ ms
128	921	238	73	9
256	1019	390	70	24
512	1241	819	130	58

基于可验证秘密共享的多关键词可搜索加密方案

Multi-Keyword Searchable Encryption Scheme Based on Verifiable Secret Sharing

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 3

参考文献 22

相关文章 15

编辑推荐

Metrics

本文评价

[1]	杨伊, 何德彪, 文义红, 罗敏. 密钥管理服务系统下的多方协同SM4加/解密方案[J]. 信息网络安全, 2021, 21(8): 17-25.
[2]	张骁, 刘吉强. 基于硬件指纹和生物特征的多因素身份认证协议[J]. 信息网络安全, 2020, 20(8): 9-15.
[3]	张富友, 王琼霄, 宋利. 基于生物特征识别的统一身份认证系统研究[J]. 信息网络安全, 2019, 19(9): 86-90.
[4]	任良钦, 王伟, 王琼霄, 鲁琳俪. 一种新型云密码计算平台架构及实现[J]. 信息网络安全, 2019, 19(9): 91-95.
[5]	亢保元, 颉明明, 司林. 基于生物识别技术的多云服务器认证方案研究[J]. 信息网络安全, 2019, 19(6): 45-52.
[6]	邹翔, 陈兵. 基于国产密码算法的印章防伪技术研究[J]. 信息网络安全, 2019, 19(1): 76-82.
[7]	刘敬浩, 平鉴川, 付晓梅. 一种基于区块链的分布式公钥管理方案研究[J]. 信息网络安全, 2018, 18(8): 25-33.
[8]	游林, 梁家豪. 基于同态加密与生物特征的安全身份认证研究[J]. 信息网络安全, 2018, 18(4): 1-8.
[9]	宋新霞, 马佳敏, 陈智罡, 陈克非. 基于SEAL的虹膜特征密文认证系统[J]. 信息网络安全, 2018, 18(12): 15-22.
[10]	计海萍, 徐磊, 蔚晓玲, 许春根. 云计算环境下基于身份的分层加密管理系统研究[J]. 信息网络安全, 2016, 16(5): 30-36.
[11]	何光蓉, 汪学明. 一种新的基于HECC的Ad Hoc组密钥管理方案[J]. 信息网络安全, 2016, 16(5): 58-63.
[12]	王冠, 袁华浩. 基于可信根服务器的虚拟TCM密钥管理功能研究[J]. 信息网络安全, 2016, 16(4): 17-22.
[13]	刘伟, 叶清, 王成. 基于动态密钥管理的改进LEACH路由算法[J]. 信息网络安全, 2015, 15(8): 41-46.
[14]	武传坤. 身份证件的安全要求和可使用的密码学技术[J]. 信息网络安全, 2015, 15(5): 21-27.
[15]	侯玉灵, 卞阳东, 胡广跃, 王潮. 星际骨干网的轻量级密码体制研究[J]. 信息网络安全, 2015, 15(2): 33-39.