基于区块链索引的可验证布尔搜索加密方案
Verifiable Boolean Searchable Encryption based on Blockchain Index
-
摘要: 针对已有可搜索加密方法中搜索表达性不强且验证机制不完善等问题,提出基于区块链索引的可验证布尔搜索加密方案(Verifiable Boolean Searchable Encryption based on Blockchain Index,VBSE-BI).方案首先构建面向可验证布尔搜索的安全模型,在此模型下设计一种基于区块链存储结构的增量型安全索引构造方法,实现高效搜索的同时保证索引结构的不可篡改性;设计安全索引的高效动态更新机制,避免了构建辅助更新结构导致的索引存储及更新开销大的问题.除此之外,针对布尔搜索的完整性验证需求,给出布尔搜索结果不可伪造性定义,并提出基于双线性映射累加器和扩展欧几里德算法的布尔运算完整性验证算法.安全性分析表明,VBSE-BI方案在随机预言模型下能够抵抗动态选择关键字攻击,并且在双线性q阶强Diffie-Hellman 假设下满足不可伪造性.与同类方案相比,VBSE-BI方案在支持更丰富的布尔查询语句的同时,以log n (n为关键字个数)的比例大幅度降低了用户端计算复杂度.实验结果表明,VBSE-BI方案通过优化验证算法,使用户端验证时间始终保持在低水平(1.0秒至1.8秒),仅为服务器端计算时间的9.98%至14.03%.这使得VBSE-BI方案特别适用于日益普遍的资源受限型移动设备,为可搜索加密的实际应用提供了坚实的理论基础和效率保证.Abstract: Aiming at the lacking of rich search expressiveness and efficient verification mechanism in existing searchable en-cryption schemes, a verifiable Boolean searchable encryption scheme based on blockchain index (VBSE-BI) was proposed. Firstly, a verifiable Boolean search secure model was built. In this model, an append-only secure index structure based on blockchain datastore was constructed, which ensures that the index structure cannot be tampered and has good search performance. An efficient dynamic index updating algorithm was also designed which avoid high index storage and updating cost caused by the construction of auxiliary updating structure. In addition, aiming at the integrity verification requirements of Boolean search, the definition of unforgeability of Boolean search was formalized, and a Boolean integrity verification method based on bilinear map accumulator and extended Euclidean algorithm was designed. The security analysis shows that VBSE-BI is secure under adaptive chosen keyword attacks in random oracle model(IND-CKA2) and satisfies Unforgeability under the bilinear q-strong Diffie-Hellman assump-tion. The performance analysis shows that VBSE-BI reduces the cost of storage and search on server-side and the computational complexity on client-side compared with similar scheme. Compared with others, VBSE-BI supports a richer variety of Boolean query while significantly reducing the computational complexity on the user side by a factor of log n (where n is the number of keywords). Experimental results show that the user-side verification time in VBSE-BI maintains consistently at a low level (between 1.0 seconds and 1.8 seconds) by optimizing the verification algorithm, which is only 9.98% to 14.03% of the server-side computation time. This makes VBSE-BI particularly suitable for the increasingly prevalent resource-constrained mobile devices, providing a solid theoretical foundation and efficiency guarantee for the practical application of searchable encryption.
-
Keywords:
- Searchable encryption /
- Blockchain /
- Boolean search /
- Unforgeability /
- Integrity verification
-
计量
- 文章访问数: 7
- HTML全文浏览量: 0
- PDF下载量: 5
下载:
