An Attribute-based Encryption Scheme for Cloud Storage Supporting Range Ciphertext Search

doi:10.3969/j.issn.1671-1122.2020.06.009

Abstract

Abstract:

As a flexible fine-grained access control scheme, attribute-based encryption provides a good solution to the security problems existing in cloud computing. But because the scale of data stored in the cloud is very large, how to retrieve the data needed by users while ensuring the security is worth studying. At present, most of the existing ciphertext search schemes do not support range search. This paper uses 0/1 encoding to construct a ciphertext search attribute-based encryption scheme based on online/offline strategy. 0/1 coding can transform the range domain problem into the set operation problem, and solve the problem that the range search cannot be carried out in the state of ciphertext. The analysis shows that the proposed scheme can achieve the range ciphertext search with less computation cost and keyword cost, and has computational efficiency and security in the range search.

Key words: attribute-based encryption, 0/1 encoding, ciphertext search, online/offline strategy

CLC Number:

TP309

SHI Guofeng, ZHANG Xinglan. An Attribute-based Encryption Scheme for Cloud Storage Supporting Range Ciphertext Search[J]. Netinfo Security, 2020, 20(6): 75-81.

Figures/Tables 4

References 18

[1]	SAHAI A, WATERS B. Fuzzy Identity-based Encryption[M] //Springer. Advances in Cryptology-EUROCRYPT 2005. Heidelberg: Springer, Berlin, Heidelberg, 2005: 457-473.
[2]	BONEH D, CRESCENZO G D, OSTROVSKY R, et al. Public Key Encryption with Keyword Search[M] // Springer. Advances in Cryptology - EUROCRYPT 2004, Heidelberg: Springer, Berlin, Heidelberg, 2004: 506-522.
[3]	ZHAO Fangming, NISHIDE T, SAKURAI K. Multi-User Keyword Search Scheme for Secure Data Sharing with Fine-Grained Access Control[EB/OL]. https://www.researchgate.net/publication/262275918_Multi-User_Keyword_Search_Scheme_for_Secure_Data_Sharing_with_Fine-Grained_Access_Control, 2020 -4-20.
[4]	CAO Ning, WANG Cong, LI Ming, et al. Privacy-Preserving Multi-keyword Ranked Search over Encrypted Cloud Data[J]. IEEE Transactions on Parallel and Distributed Systems, 2014,25(1):222-233.
[5]	LI Shuang, XU Maozhi. Property-based Searchable Encryption Scheme[J]. Chinese Journal of Computers, 2016(5):1017-1024.
	李双, 徐茂智. 基于属性的可搜索加密方案[J]. 计算机学报, 2016(5):1017-1024.
[6]	LI Jiguo, SHI Yuerong, ZHANG Yichen. Searchable Ciphertext-policy Attribute-based Encryption with Revocation in Cloud Storage[J]. International Journal of Communication Systems, 2017,30(1):1-13.
[7]	YIN Hui, ZHANG Jixin, XIONG Yinqiao, et al. CP-ABSE: A Ciphertext-policy Attribute-based Searchable Encryption Scheme[J]. IEEE Access, 2019,7:5682-5694.
[8]	CAO Laicheng, WANG Weiting, KANG Yifan, et al. Fuzzy Searchable Encrypted Cloud Storage Scheme with Attribute Blindness[J]. Transaction of Beijing Institute of Technology, 2019(7):706-713.
	曹来成, 王玮婷, 康一帆, 等. 属性盲化的模糊可搜索加密云存储方案[J]. 北京理工大学学报, 2019(7):706-713.
[9]	TOMIDA K. A Transformation from Attribute-based Encryption to Associative Searchable Encryption by Using Hash Function[J]. IEICE Technical Report Information & Communication System Security, 2015,114:175-179.
[10]	LIN H Y, TZENG W G. An Efﬁcient Solution to the Millionaires’ Problem Based on Homomorphic Encryption[M] //Springer. Applied Cryptography and Network Security. Heidelberg: Springer, Berlin, Heidelberg, 2005: 456-466.
[11]	XUE Kaiping, HONG Jianan, XUE Yingjie, et al. CABE: A New Comparable Attribute-based Encryption Construction with 0-Encoding and 1-Encoding[J]. IEEE Transactions on Computers, 2017,66(9):1491-1503.
[12]	MA Haiying, ZENG Guosun, WANG Zhanjun, et al. Efficient and Provably Secure Attribute-based Online/Offline Encryption Schemes[J]. Journal on Communications, 2014,35(7):104-112.
	马海英, 曾国荪, 王占君, 等. 高效可证明安全的基于属性的在线/离线加密机制[J]. 通信学报, 2014,35(7):104-112.
[13]	SELVI S S D, VIVEK S S, RANGAN C P. Identity-based Online/Offline Encryption and Signcryption Schemes Revisited[M] // Springer. Security Aspects in Information Technology. Heidelberg: Springer, Berlin, Heidelberg, 2011: 111-127.
[14]	SHAO Jiaye, ZHU Yanqin, JI Qijin. Privacy-preserving Online/offline and Outsourced Multi-authority Attribute-based Encryption [C]//IEEE. 2017 IEEE/ACIS 16th International Conference on Computer and Information Science (ICIS), May 24-26, 2017, Wuhan, China. NJ: IEEE, 2017: 285-291.
[15]	ZHANG Kai, MA Jianfeng, ZHANG Junwei, et al. On-line/ off-line Traceable Attribute Encryption Scheme[J]. Journal of Computer Research and Development, 2018,55(1):216-224.
	张凯, 马建峰, 张俊伟, 等. 在线/离线的可追责属性加密方案[J]. 计算机研究与发展, 2018,55(1):216-224.
[16]	ZHAO Zhiyuan, WANG Jianhua, ZHU Zhiqiang, et al. Survey of Attribute-based Encryption in Cloud Storage Environment[J]. Application Research of Computers, 2018,35(4):961-968.
	赵志远, 王建华, 朱智强, 等. 云存储环境下属性基加密综述[J]. 计算机应用研究, 2018,35(4):961-968.
[17]	FU Yingxun, LUO Shengmei, SHU Jiwu. Survey of Secure Cloud Storage System and Key Technologies[J]. Application Research of Computers, 2013(1):138-147.
	傅颖勋, 罗圣美, 舒继武. 安全云存储系统与关键技术综述[J]. 计算机研究与发展, 2013(1):138-147.
[18]	GOYAL V, PANDEY O, SAHAI A, et al. Attribute-based Encryption for Fine-grained Access Control of Encrypted Data [C]//ACM. The 13th ACM Conference on Computer and Communications Security, October 30-November 3, 2006, Alexandria, VA, USA. New York: ACM, 2006: 89-98.

搜索关键词	0/1编码	编码结果
REFERENCES>100	0编码	111
		1101
		110011
		1100101
	1编码	1
		11
		11001
REFERENCES=75	0编码	11
		101
		10011
	1编码	1
		1001
		100101
		1001011
REFERENCES=112	0编码	1111
		11101
		111001
		1110001
	1编码	1
		11
		111

方案	计算开销
方案	PEKS_off	PEKS_on	TrapDoor	Search
文献[2]	×	P+2K	K	P
文献[10]	×	2P+2M+(3+n)K	K	P+M
本文方案	(1+2n)K	P+M+2K	K	P+M