ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2021, Vol. 58 ›› Issue (4): 811-821.doi: 10.7544/issn1000-1239.2021.20200041

• 信息安全 • 上一篇    下一篇

区块链上基于云辅助的属性基可搜索加密方案

牛淑芬1,谢亚亚1,杨平平1,杜小妮2   

  1. 1(西北师范大学计算机科学与工程学院 兰州 730070);2(西北师范大学数学与统计学院 兰州 730070) (sfniu76@nwnu.edu.cn)
  • 出版日期: 2021-04-01
  • 基金资助: 
    国家自然科学基金项目(61562077,61662071,61662069,61772022)

Cloud-Assisted Attribute-Based Searchable Encryption Scheme on Blockchain

Niu Shufen1, Xie Yaya1, Yang Pingping1, Du Xiaoni2   

  1. 1(College of Computer Science and Engineering,Northwest Normal University,Lanzhou 730070);2(College of Mathematics and Statistics,Northwest Normal University,Lanzhou 730070)
  • Online: 2021-04-01
  • Supported by: 
    This work was supported by the National Natural Science Foundation of China (61562077, 61662071, 61662069, 61772022).

摘要: 可搜索加密技术在不解密的情况下搜索加密数据.针对现有的可搜索加密技术没有考虑数据用户细粒度搜索权限的问题,以及现有的可搜索加密方案中因云存储的集中化对数据安全和隐私保护带来的问题,提出了区块链上基于云辅助的属性基可搜索加密方案.该方案利用可搜索加密技术实现加密数据在区块链上的安全搜索,利用基于属性的加密技术实现数据的细粒度访问控制,利用区块链不可篡改的特性确保关键字密文的安全.在该方案中属性基加密技术用来加密关键字,区块链上存储关键字密文,云服务器上存储关键字密文和数据密文.基于困难问题假设,证明该方案能够保证关键字密文和陷门的安全性.数值实验结果表明:该方案在密钥生成阶段、陷门生成阶段、关键字搜索阶段具有较高的效率.

关键词: 可搜索加密, 属性基加密, 区块链, 云辅助, 细粒度访问控制

Abstract: Searchable encryption technology can effectively solve the problem of searching encrypted data without decryption. In view of the fact that the existing searchable encryption technology does not consider the problem of fine-grained search permission of data users, and the problem of data security and privacy protection caused by the centralization of cloud storage in the existing searchable encryption schemes, this paper proposes a cloud-assisted attribute-based searchable encryption scheme on blockchain. In this scheme, searchable encryption technology is used to realize secure search of encrypted data on the blockchain, attribute-based encryption technology is used to realize fine-grained access control of data, and the immutability of the blockchain is used to ensure the security of keyword ciphertext. In this scheme, attribute-based encryption technology is used to encrypt keywords extracted from data files. The keyword ciphertext is uploaded to the blockchain in the form of a transaction. Keyword ciphertext and encrypted data files are stored on the semi-trusted cloud server. Based on the assumption of difficult problems, it is proved that the scheme can guarantee the security of keyword ciphertext and trapdoor. And important information related to keywords and trapdoors will not be leaked.The numerical experimental results show that the proposed scheme is more efficient in the key generation phase, trapdoor generation phase, and keyword search phase than the existing similar schemes.

Key words: searchable encryption, attribute-based encryption, blockchain, cloud-assisted, fine-grained access control

中图分类号: