高级检索

    一种增强的多用户前向安全动态对称可搜索加密方案

    A Multi-User Forward Secure Dynamic Symmetric Searchable Encryption with Enhanced Security

    • 摘要: 动态对称可搜索加密由于其具有良好的动态密文数据搜索功能而在云存储中得到了广泛的应用,但最近研究表明,动态可搜索加密很容易遭受文件注入攻击.为了抵抗这种攻击,前向安全的对称可搜索加密方案被相继提出.可是,现有的前向安全对称可搜索方案大多只支持单用户.最近,Wang等人在NSS 2018上提出了多用户环境下的前向安全动态可搜索加密方案(multi-user forward secure dynamic searchable encryption scheme, MFS),通过引入一个半诚实且不与云服务器合谋的代理服务器,解决了多用户查询的问题.但是,发现敌手可以通过窃听攻击或重放攻击找出更新文件与旧的搜索令牌之间的关联,从而破坏MFS方案的前向安全性.为了解决这个问题,提出了一个增强的多用户前向安全动态可搜索加密方案EMFS,通过去除用户和代理服务器之间的状态值传递和用户身份验证来抵抗窃听攻击和重放攻击.该方案采用了一个新的索引结构,能够有效地提升删除效率.最后,给出了形式化的安全证明,证明了EMFS方案在保证前向安全同时,能够抵抗上述2种攻击,并且把删除的复杂度从O(n\-w)降低到O(1),其中n\-w表示匹配关键字w的文件个数.

       

      Abstract: Dynamic symmetric searchable encryption has been widely used in cloud storage due to its functionality of dynamic encrypted data search. However, recent studies have shown that dynamic searchable encryption is vulnerable to file injection attacks. In order to resist such attacks, several forward secure symmetric searchable encryption schemes have been proposed. Unfortunately, most of the existing forward secure symmetric searchable solutions only work in the single user setting. In NSS 2018, Wang et al. proposed a multi-user forward secure dynamic searchable encryption scheme (MFS), by introducing a semi-honest proxy server that does not collude with the cloud server. However, we found that the forward security of the scheme can be compromised by the adversary who observes the association between the new update and the previous search tokens through eavesdropping attacks or replay attacks. To address this issue, a multi-user forward secure dynamic searchable symmetric encryption scheme EMFS is proposed with enhanced security, by exploiting user authentication mechanism without the need of state information transfer. We also adopt a new index structure to improve the efficiency. Finally, we give formal security proof to show that our scheme can resist the two attacks mentioned above, while maintaining forward security. Compared with Wang et al’s scheme, our construction provides a higher level of practical efficiency by reducing the complexity of deletion from O(n\-w) to O(1), where n\-w denotes the number of matching documents for keyword w.

       

    /

    返回文章
    返回