ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2018, Vol. 55 ›› Issue (10): 2149-2163.doi: 10.7544/issn1000-1239.2018.20180433

所属专题: 2018分布式安全与区块链技术研究专题

• 信息安全 • 上一篇    下一篇

双服务器模型下支持相关度排序的多关键字密文搜索方案

李宇溪,周福才,徐剑,徐紫枫   

  1. (东北大学软件学院 沈阳 110819) (eliyuxi@gmail.com)
  • 出版日期: 2018-10-01
  • 基金资助: 
    国家自然科学基金项目(61772127,61472184);国家科技重大专项基金项目(2013ZX03002006);辽宁省科技攻关项目(2013217004);中央高校基本科研业务费专项资金项目(N151704002)

Multiple-Keyword Encrypted Search with Relevance Ranking on Dual-Server Model

Li Yuxi, Zhou Fucai, Xu Jian, Xu Zifeng   

  1. (College of Software, Northeastern University, Shenyang 110819)
  • Online: 2018-10-01

摘要: 围绕当前云存储环境中用户数据机密性以及可用性的问题,对多关键字密文搜索方案展开研究,提出双服务器模型下支持相关度排序的多关键字密文搜索方案(multi-keyword encrypted search with relevance ranking, MES-RR),在能够保证高效地实现多关键字密文搜索的同时,实现对于搜索结果的排序.方案基于TF-IDF加权技术并融合Paillier同态加密体制,构建关键字相关度安全索引,优化计算代价并降低了存储复杂度;设计双服务器模型架构,引入安全可信的协同处理机制来构造安全排序协议,实现对于搜索结果的高效排序.在安全性方面,在诚实与好奇的威胁场景下构建方案的安全模型,并对安全性进行严格分析,结果表明方案能够在随机预言模型下抵抗自适应性选择关键字攻击,具有IND-CKA2安全性.性能分析表明:该方案用户生成q个关键字搜索令牌仅需要常数级时间O(q),而且仅需和服务器进行1次交互即可得到搜索结果,与以往的支持排序的多关键字密文搜索方案相比,该方案大大降低了计算代价和访问交互次数,适用于实际的云存储环境.

关键词: 密文搜索, 相关度排序, 双服务器, 同态加密, 自适应性选择关键字攻击

Abstract: Focusing on the problem of confidentiality and availability of user data in cloud storage environment, we study the encrypted search method with multi-keyword. Aiming at the practical demand, we propose a multi-keyword encrypted search scheme with relevance ranking (MES-RR) in dual-server model, which can not only achieve secure multi-keyword encrypted search, but also ensure efficient search result sorting. We construct a relevance-based keyword index with the tools of TF-IDF weighting scheme and Paillier homomorphic cryptosystems, which not only obtains optimize computational complexity but also reduces storage complexity. We design a dual-server model architecture to perform the collaborated mechanism. Based on that, we design a secure sorting protocol between the two collaborated servers to sort the encrypted search results, which outputs private ranking result to user. In terms of security, we design the security model of MES-RR under honest but curious threat scenario, and give formal security analysis. The result shows that MES-RR can resist adaptive chosen keyword attacks under the random oracle model (IND-CKA2). The performance analysis shows that compared with the previous multi-keyword encrypted search scheme that supports result sorting, MES-RR reduces the storage cost and interactions, and is applicable to the cloud storage environment in the real world.

Key words: encrypted search, relevance ranking, dual-server, homomorphic cryptosystems, adaptive chosen keyword attack

中图分类号: