信息网络安全 ›› 2020, Vol. 20 ›› Issue (2): 91-97.doi: 10.3969/j.issn.1671-1122.2020.02.012

• • 上一篇    下一篇

基于认证树的外包数据库连接查询验证方案

侯林, 冯达(), 玄鹏开, 周福才   

  1. 东北大学软件学院,沈阳110169
  • 收稿日期:2019-10-23 出版日期:2020-02-10 发布日期:2020-05-11
  • 作者简介:

    作者简介:侯林(1983—),男,黑龙江,工程师,硕士,主要研究方向为网络与信息安全;冯达(1993—),男,吉林,博士研究生,主要研究方向为信息安全;玄鹏开(1994—),男,河北,硕士,主要研究方向为信息安全;周福才(1964—),男,辽宁,教授,博士,主要研究方向为信息安全。

  • 基金资助:
    国家自然科学基金[61872069];中央高校基本科研业务费项目[N130317002]

Outsourcing Database Join Query Verification Scheme Based on Authentication Tree

HOU Lin, FENG Da(), XUAN Pengkai, ZHOU Fucai   

  1. Software College of Northeastern University, Shenyang 110169, China
  • Received:2019-10-23 Online:2020-02-10 Published:2020-05-11

摘要:

在外包数据库广泛应用的同时,其安全性受到了很大的挑战。用户在查询数据时无法保证查询结果的正确性和完整性。文章针对现有的外包数据库不能支持连接查询验证问题,提出一种基于认证树的外包数据库连接查询验证模型,并给出了模型的形式化定义以及模型的正确性和安全性定义。文章利用双线性映射累加器、认证树等技术构建了基于认证树的外包数据库连接查询验证方案,利用密码学的VBDHE和q-BSDH困难性假设给出了安全性分析;通过证明敌手不能通过伪造错误结果来使得验证通过,从而证明了方案的正确性。实验结果及性能分析表明,文章方案在密钥生成、查询验证、通信开销、存储开销等方面比其他方案有更高的效率。

关键词: 外包数据库, 可验证集合计算, 认证树, 连接查询

Abstract:

While outsourcing database is widely used, its security is greatly challenged. Users cannot guarantee the correctness and integrity of the query results when querying data. Aiming at the problem that the existing outsourcing databases can not support connection query verification, this paper proposes a connection query verification model based on authentication tree, and gives the formal definition of the model and the definition of the correctness and security of the model. This paper uses bilinear map accumulator, authentication tree and other technologies to build a connection query verification scheme of outsourcing database based on authentication tree, and uses the VBDHE and q-BSDH difficulty assumption of cryptography to give the security analysis. This paper proves that the adversary can’t make the verification pass by falsifying the wrong results, thus proving the correctness of the scheme. Experimental results and performance analysis show that the proposed scheme has higher efficiency than other schemes in key generation, query verification, communication overhead, storage overhead, etc.

Key words: outsourcing database, verifiable set operation, authentication tree, join query

中图分类号: