云存储中一种支持可验证的模糊查询加密方案

doi:10.11999/JEIT160971

摘要
图/表
参考文献(16)
相关文章 (15)

全文: PDF (420 KB)
输出: BibTeX | EndNote (RIS)

摘要

针对当前可查询加密方案大多不支持模糊查询的不足，并且无法应对恶意服务器的威胁，云计算亟需为用户提供一种允许拼写错误并且可以验证查询结果正确性的加密方案。同时考虑到云存储中数据经常更新，提出一种动态云存储中支持可验证的模糊查询加密方案。该方案通过编辑距离生成模糊关键词集，并基于伪随机函数、随机排列函数等技术构建安全索引，从而保护用户的数据隐私。通过RSA累加器和哈希函数验证查询结果的正确性，用于检测恶意攻击者的非法行为。安全分析证明该方案能够保护用户的隐私安全，并具有可验证性。实验结果表明该方案具有可行性与有效性。

	服务

	把本文推荐给朋友
	加入我的书架
	加入引用管理器
	E-mail Alert
	RSS
	作者相关文章
	朱小玉
	刘琴
	王国军

关键词 ：云存储, 隐私保护, 模糊查询, 可验证查询, 加密方案

Abstract：

Most of the existing searchable encryption schemes can not support fuzzy keyword search, and can not resist threats from malicious server, that the cloud computing needs to provide an encryption scheme, which can support typos and verification of the search result. Considering the data is updated frequently in cloud computing, a verifiable fuzzy searchable encryption scheme in dynamic cloud storage is presented. The proposed scheme constructs the fuzzy keyword set based on edit distance technique, and builds secure index based on pseudorandom function and random permutation, so as to protect the users’ data privacy. The RSA accumulator and Hash function are used to verify the correctness of the search result, in order to detect the cheating behavior of the malicious attacker. The security analysis proves that the proposed scheme is privacy preserving and verifiable. The experiment results show that the proposed scheme is efficient.

Key words： Cloud storage Privacy preserving Fuzzy search Verifiable search Encryption scheme

收稿日期: 2016-09-26 出版日期: 2017-04-14

PACS:

TP393

基金资助:

国家自然科学基金(61632009, 61472451, 61272151, 61402161)

通讯作者: 王国军：男，1970年生，教授，博士生导师，研究方向为网络计算、可信计算、大数据、隐私保护. E-mail: csgjwang@163.com

作者简介: 朱小玉：女，1989年生，博士生，研究方向为云计算安全与隐私保护. 刘琴：女，1982年生，博士，助理教授，研究方向为云计算、大数据和隐私保护. 王国军：男，1970年生，教授，博士生导师，研究方向为网络计算、可信计算、大数据、隐私保护.

引用本文:

朱小玉,刘琴,王国军. 云存储中一种支持可验证的模糊查询加密方案[J]. 电子与信息学报, 2017, 39(7): 1741-1747. ZHU Xiaoyu, LIU Qin, WANG Guojun. Fuzzy Searchable Encryption Scheme Supporting Verification in Cloud Storage. JEIT, 2017, 39(7): 1741-1747.

链接本文:

http://jeit.ie.ac.cn/CN/10.11999/JEIT160971 或 http://jeit.ie.ac.cn/CN/Y2017/V39/I7/1741

[1]	SONG D X, WAGNER D, and PERRIG A. Practical techniques for searches on encrypted data[C]. IEEE Symposium on Security & Privacy, Berkeley, CA, USA, 2000: 44-55.
[2]	林鹏, 江颉, 陈铁明. 云环境下关键词搜索加密算法研究[J]. 通信学报, 2015, 36(Z1): 1-7. doi: 10.11959/j.issn.1000-436x. 2015307.
	LIN Peng, JIANG Jie, and CHEN Tieming. Application of keyword searchable encryption in cloud[J]. Journal on Communications, 2015, 36(Z1): 1-7. doi: 10.11959/j.issn. 1000-436x.2015307.
[3]	CAO Ning, WANG Cong, LI Ming, et al. Privacy-preserving multi-keyword ranked search over encrypted cloud data[J]. IEEE Transactions on Parallel and Distributed Systems, 2014, 25(1): 222-233. doi: 10.1109/TPDS.2013.45.
[4]	XIA Zhihua, WANG Xinhui, SUN Xingming, et al. A secure and dynamic multi-keyword ranked search scheme over encrypted cloud data[J]. IEEE Transactions on Parallel and Distributed Systems, 2016, 27(2): 340-352. doi: 10. 1109/TPDS.2015.2401003.
[5]	FU Zhangjie, SUN Xingming, LIU Qi, et al. Achieving efficient cloud search services: Multi-keyword ranked search over encrypted cloud data supporting parallel computing[J]. IEICE Transactions on Communications, 2015, 98(1): 190-200. doi: 10.1587/transcom.E98.B.190.
[6]	李真, 蒋瀚, 赵明昊. 一个自主授权的多用户可搜索加密方案[J]. 计算机研究与发展, 2015, 52(10): 2313-2322. doi: 10.7544 /issn1000-1239.2015.20150504.
	LI Zhen, JIANG Han, and ZHAO Minghao. A discretionary searchable encryption scheme in multi-user settings[J]. Journal of Computer Research and Development, 2015, 52(10): 2313-2322. doi: 10.7544/issn1000-1239.2015.20150504.
[7]	LI Jin, WANG Qian, WANG Cong, et al. Fuzzy keyword search over encrypted data in cloud computing[C]. IEEE International Conference on Computer Communications, San Diego, CA, USA, 2010: 1-5.
[8]	CHAI Qi and GONG Guang. Verifiable symmetric searchable encryption for semi-honest-but-curious cloud servers[C]. IEEE International Conference on Communications, Ottawa, Canada, 2012: 917-922.
[9]	WANG J, YU X, and ZHAO M. Fault-tolerant verifiable keyword symmetric searchable encryption in hybrid cloud[J]. International Journal of Network Security, 2015, 17(4): 471-483.
[10]	SUN W, LIU X, LOU W, et al. Catch you if you lie to me: Efficient verifiable conjunctive keyword search over large dynamic encrypted cloud data[C]. IEEE Conference on Computer Communications, Hong Kong, China, 2015: 2110-2118.
[11]	ZHANG W, LIN Y, and GU Q. Catch you if you misbehave: Ranked keyword search results verification in cloud computing[J]. IEEE Transactions on Cloud Computing, 2015, 6(1): 1-14. doi: 10.1109/TCC.2015.2481389.
[12]	KUROSAWA K and OHTAKI Y. UC-secure searchable symmetric encryption[C]. International Conference on Financial Cryptography and Data Security, Kralendijk, Bonaire, 2012: 285-298.
[13]	KAMARA S, PAPAMANTHOU C, and ROEDER T. Dynamic searchable symmetric encryption[C]. ACM Conference on Computer and Communications Security, Raleigh, NC, USA, 2012: 965-976.
[14]	KAMARA S and PAPAMANTHOU C. Parallel and dynamic searchable symmetric encryption[C]. International Conference on Financial Cryptography and Data Security, Okinawa, Japan, 2013: 258-274.
[15]	KUROSAWA K and OHTAKI Y. How to update documents verifiably in searchable symmetric encryption[C]. International Conference on Cryptology and Network Security, Paraty, Brazil, 2013: 309-328.
[16]	GENNARO R, HALEVI S, and RABIN T. Secure hash-　and-sign signatures without the random oracle[C]. International Conference on the Theory and Applications of Cryptographic Techniques, Prague, Czech Republic, 1999: 123-139.