面向云存储的支持范围密文搜索的属性基加密方案

doi:10.3969/j.issn.1671-1122.2020.06.009

信息网络安全 ›› 2020, Vol. 20 ›› Issue (6): 75-81.doi: 10.3969/j.issn.1671-1122.2020.06.009

面向云存储的支持范围密文搜索的属性基加密方案

施国峰(), 张兴兰

北京工业大学信息学部计算机学院,北京 100022

收稿日期:2020-05-14 出版日期:2020-06-10 发布日期:2020-10-21
通讯作者: 施国峰 E-mail:shiguofeng@emails.bjut.edu.cn
作者简介:施国峰（1995—）,男,河北,硕士研究生,主要研究方向为网络安全和属性基加密|张兴兰（1970—）,女,山西,教授,博士,主要研究方向为经典密码学和属性基加密
基金资助:
国家自然科学基金(61801008)

An Attribute-based Encryption Scheme for Cloud Storage Supporting Range Ciphertext Search

SHI Guofeng(), ZHANG Xinglan

Faculty of Computer Science, Department of Information, Beijing University of Technology, Beijing 100022, China

Received:2020-05-14 Online:2020-06-10 Published:2020-10-21
Contact: SHI Guofeng E-mail:shiguofeng@emails.bjut.edu.cn

摘要/Abstract

摘要：

属性基加密作为一种灵活的细粒度访问控制方案,为云计算所存在的安全问题提供了一种很好的解决方式。但是由于存储在云端的数据规模通常都特别巨大,如何在保证安全性的同时检索到用户所需要的数据是值得研究的内容。目前存在的密文搜索方案大多不支持范围搜索。文章利用0/1编码构造了一种基于在线/离线策略的密文搜索属性基加密方案,0/1编码可以将范围域问题转换为集合运算问题,解决无法在保持密文的状态下进行范围搜索的问题。分析表明,文章方案可以在较小的计算开销和关键词开销下实现范围密文搜索,在范围搜索上具有计算高效性和安全性。

关键词: 属性基加密, 0/1编码, 密文搜索, 在线/离线策略

Abstract:

As a flexible fine-grained access control scheme, attribute-based encryption provides a good solution to the security problems existing in cloud computing. But because the scale of data stored in the cloud is very large, how to retrieve the data needed by users while ensuring the security is worth studying. At present, most of the existing ciphertext search schemes do not support range search. This paper uses 0/1 encoding to construct a ciphertext search attribute-based encryption scheme based on online/offline strategy. 0/1 coding can transform the range domain problem into the set operation problem, and solve the problem that the range search cannot be carried out in the state of ciphertext. The analysis shows that the proposed scheme can achieve the range ciphertext search with less computation cost and keyword cost, and has computational efficiency and security in the range search.

Key words: attribute-based encryption, 0/1 encoding, ciphertext search, online/offline strategy

中图分类号:

TP309

施国峰, 张兴兰. 面向云存储的支持范围密文搜索的属性基加密方案[J]. 信息网络安全, 2020, 20(6): 75-81.

SHI Guofeng, ZHANG Xinglan. An Attribute-based Encryption Scheme for Cloud Storage Supporting Range Ciphertext Search[J]. Netinfo Security, 2020, 20(6): 75-81.

图/表 4

参考文献 18

[1]	SAHAI A, WATERS B. Fuzzy Identity-based Encryption[M] //Springer. Advances in Cryptology-EUROCRYPT 2005. Heidelberg: Springer, Berlin, Heidelberg, 2005: 457-473.
[2]	BONEH D, CRESCENZO G D, OSTROVSKY R, et al. Public Key Encryption with Keyword Search[M] // Springer. Advances in Cryptology - EUROCRYPT 2004, Heidelberg: Springer, Berlin, Heidelberg, 2004: 506-522.
[3]	ZHAO Fangming, NISHIDE T, SAKURAI K. Multi-User Keyword Search Scheme for Secure Data Sharing with Fine-Grained Access Control[EB/OL]. https://www.researchgate.net/publication/262275918_Multi-User_Keyword_Search_Scheme_for_Secure_Data_Sharing_with_Fine-Grained_Access_Control, 2020 -4-20.
[4]	CAO Ning, WANG Cong, LI Ming, et al. Privacy-Preserving Multi-keyword Ranked Search over Encrypted Cloud Data[J]. IEEE Transactions on Parallel and Distributed Systems, 2014,25(1):222-233.
[5]	LI Shuang, XU Maozhi. Property-based Searchable Encryption Scheme[J]. Chinese Journal of Computers, 2016(5):1017-1024.
	李双, 徐茂智. 基于属性的可搜索加密方案[J]. 计算机学报, 2016(5):1017-1024.
[6]	LI Jiguo, SHI Yuerong, ZHANG Yichen. Searchable Ciphertext-policy Attribute-based Encryption with Revocation in Cloud Storage[J]. International Journal of Communication Systems, 2017,30(1):1-13.
[7]	YIN Hui, ZHANG Jixin, XIONG Yinqiao, et al. CP-ABSE: A Ciphertext-policy Attribute-based Searchable Encryption Scheme[J]. IEEE Access, 2019,7:5682-5694.
[8]	CAO Laicheng, WANG Weiting, KANG Yifan, et al. Fuzzy Searchable Encrypted Cloud Storage Scheme with Attribute Blindness[J]. Transaction of Beijing Institute of Technology, 2019(7):706-713.
	曹来成, 王玮婷, 康一帆, 等. 属性盲化的模糊可搜索加密云存储方案[J]. 北京理工大学学报, 2019(7):706-713.
[9]	TOMIDA K. A Transformation from Attribute-based Encryption to Associative Searchable Encryption by Using Hash Function[J]. IEICE Technical Report Information & Communication System Security, 2015,114:175-179.
[10]	LIN H Y, TZENG W G. An Efﬁcient Solution to the Millionaires’ Problem Based on Homomorphic Encryption[M] //Springer. Applied Cryptography and Network Security. Heidelberg: Springer, Berlin, Heidelberg, 2005: 456-466.
[11]	XUE Kaiping, HONG Jianan, XUE Yingjie, et al. CABE: A New Comparable Attribute-based Encryption Construction with 0-Encoding and 1-Encoding[J]. IEEE Transactions on Computers, 2017,66(9):1491-1503.
[12]	MA Haiying, ZENG Guosun, WANG Zhanjun, et al. Efficient and Provably Secure Attribute-based Online/Offline Encryption Schemes[J]. Journal on Communications, 2014,35(7):104-112.
	马海英, 曾国荪, 王占君, 等. 高效可证明安全的基于属性的在线/离线加密机制[J]. 通信学报, 2014,35(7):104-112.
[13]	SELVI S S D, VIVEK S S, RANGAN C P. Identity-based Online/Offline Encryption and Signcryption Schemes Revisited[M] // Springer. Security Aspects in Information Technology. Heidelberg: Springer, Berlin, Heidelberg, 2011: 111-127.
[14]	SHAO Jiaye, ZHU Yanqin, JI Qijin. Privacy-preserving Online/offline and Outsourced Multi-authority Attribute-based Encryption [C]//IEEE. 2017 IEEE/ACIS 16th International Conference on Computer and Information Science (ICIS), May 24-26, 2017, Wuhan, China. NJ: IEEE, 2017: 285-291.
[15]	ZHANG Kai, MA Jianfeng, ZHANG Junwei, et al. On-line/ off-line Traceable Attribute Encryption Scheme[J]. Journal of Computer Research and Development, 2018,55(1):216-224.
	张凯, 马建峰, 张俊伟, 等. 在线/离线的可追责属性加密方案[J]. 计算机研究与发展, 2018,55(1):216-224.
[16]	ZHAO Zhiyuan, WANG Jianhua, ZHU Zhiqiang, et al. Survey of Attribute-based Encryption in Cloud Storage Environment[J]. Application Research of Computers, 2018,35(4):961-968.
	赵志远, 王建华, 朱智强, 等. 云存储环境下属性基加密综述[J]. 计算机应用研究, 2018,35(4):961-968.
[17]	FU Yingxun, LUO Shengmei, SHU Jiwu. Survey of Secure Cloud Storage System and Key Technologies[J]. Application Research of Computers, 2013(1):138-147.
	傅颖勋, 罗圣美, 舒继武. 安全云存储系统与关键技术综述[J]. 计算机研究与发展, 2013(1):138-147.
[18]	GOYAL V, PANDEY O, SAHAI A, et al. Attribute-based Encryption for Fine-grained Access Control of Encrypted Data [C]//ACM. The 13th ACM Conference on Computer and Communications Security, October 30-November 3, 2006, Alexandria, VA, USA. New York: ACM, 2006: 89-98.

搜索关键词	0/1编码	编码结果
REFERENCES>100	0编码	111
		1101
		110011
		1100101
	1编码	1
		11
		11001
REFERENCES=75	0编码	11
		101
		10011
	1编码	1
		1001
		100101
		1001011
REFERENCES=112	0编码	1111
		11101
		111001
		1110001
	1编码	1
		11
		111

方案	计算开销
方案	PEKS_off	PEKS_on	TrapDoor	Search
文献[2]	×	P+2K	K	P
文献[10]	×	2P+2M+(3+n)K	K	P+M
本文方案	(1+2n)K	P+M+2K	K	P+M

面向云存储的支持范围密文搜索的属性基加密方案

An Attribute-based Encryption Scheme for Cloud Storage Supporting Range Ciphertext Search

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 4

参考文献 18

相关文章 14

编辑推荐

Metrics

本文评价

[1]	汪金苗, 谢永恒, 王国威, 李易庭. 基于属性基加密的区块链隐私保护与访问控制方法[J]. 信息网络安全, 2020, 20(9): 47-51.
[2]	刘鹏, 何倩, 刘汪洋, 程序. 支持撤销属性和外包解密的CP-ABE方案[J]. 信息网络安全, 2020, 20(3): 90-97.
[3]	许盛伟, 王飞杰. 多机构授权下可追踪可隐藏的属性基加密方案[J]. 信息网络安全, 2020, 20(1): 33-39.
[4]	秦中元, 韩尹, 张群芳, 朱雪金. 一种改进的多私钥生成中心云存储访问控制方案[J]. 信息网络安全, 2019, 19(6): 11-18.
[5]	闫玺玺, 张棋超, 汤永利, 黄勤龙. 支持叛逆者追踪的密文策略属性基加密方案[J]. 信息网络安全, 2019, 19(5): 47-53.
[6]	董庆贺, 何倩, 江炳城, 刘鹏. 面向云数据库的多租户属性基安全隔离与数据保护方案[J]. 信息网络安全, 2018, 18(7): 60-68.
[7]	闫玺玺, 刘媛, 胡明星, 黄勤龙. 云环境下基于LWE的多机构属性基加密方案[J]. 信息网络安全, 2017, 17(9): 128-133.
[8]	闫玺玺, 刘媛, 李子臣, 黄勤龙. 云环境下理想格上的多机构属性基加密隐私保护方案[J]. 信息网络安全, 2017, 17(8): 19-25.
[9]	闫玺玺, 叶青, 刘宇. 云环境下支持隐私保护和用户撤销的属性基加密方案[J]. 信息网络安全, 2017, 17(6): 14-21.
[10]	韩清德, 谢慧, 袁志民, 聂峰. 一种支持访问结构隐藏的MA-CP-ABE方案[J]. 信息网络安全, 2017, 17(1): 48-56.
[11]	荣星, 江荣. 一种基于混合属性的多授权中心云访问方案[J]. 信息网络安全, 2016, 16(11): 6-6.
[12]	连科, 赵泽茂, 王丽君, 贺玉菊. 一种支持属性重用的DCP-ABE方案研究[J]. 信息网络安全, 2015, 15(6): 41-46.
[13]	. 云计算中基于密文策略属性基加密的数据访问控制协议[J]. , 2014, 14(7): 57-.
[14]	连科, 赵泽茂, 贺玉菊. 属性匹配检测的匿名CP-ABE机制[J]. 信息网络安全, 2014, 15(10): 59-63.