摘要
密文策略下基于属性的关键字搜索(CP-ABKS)技术可以对加密的数据实现细粒度控制和检索。现有CP-ABKS方案较少考虑云服务器的恶意行为和搜索过程的公平支付,且通常只支持单关键字密文检索。对此,文章提出基于区块链的多关键字细粒度可搜索加密方案。利用密文策略下基于属性的加密技术满足多用户检索,实现了细粒度访问控制和访问策略隐藏。结合区块链技术避免了恶意云服务器对索引的篡改,使用智能合约保障了用户和数据拥有者之间的公平支付。此外,文章方案还实现了多关键字检索,且无需第三方验证实体就可以保证用户得到正确的检索结果。安全性分析表明文中方案能够保证关键字和访问策略的不可区分性,并通过性能评估验证了该方案在保证效率的同时具有更优的功能。
Ciphertext-policy attribute-based keyword search(CP-ABKS)technology can achieve fine-grained control and retrieval of encrypted data.However,the existing CP-ABKS scheme seldom considered the malicious behavior of the cloud server and the fair payment of the search process,and usually only supported single-keyword ciphertext retrieval.This paper proposes a multi-keyword fine-grained searchable encryption scheme based on blockchain.The use of ciphertext policy attribute-based encryption(CP-ABE)technology satisfies multi-user retrieval and realizes fine-grained access control and access policy hiding.The combination of blockchain technology prevents malicious cloud servers from tampering with the index,and the use of smart contracts ensures fair payment between users and data owners.In addition,the scheme also implements multi-keyword retrieval,and can ensure that users get correct retrieval results without the need for a third-party verification entity.The security analysis shows that the proposed scheme can guarantee the indistinguishability of keywords and access policies,and the performance evaluation verifies that the scheme has better functions while ensuring efficiency.
作者
张应辉
朱甜
郑东
ZHANG Yinghui;ZHU Tian;ZHENG Dong(School of Cyberspace Security,Xi’an University of Posts and Telecommunications,Xi’an 710121,China;National Engineering Laboratory for Wireless Security,Xi’an University of Posts and Telecommunications,Xi’an 710121,China)
出处
《信息网络安全》
CSCD
北大核心
2021年第2期34-44,共11页
Netinfo Security
基金
国家自然科学基金[62072369,62072371,61772418]
陕西省创新能力支撑计划[2020KJXX-052]
陕西省重点研发计划[2019KW-053]。
