- 中国精品科技期刊
- CCF推荐A类中文期刊
- 计算领域高质量科技期刊T1类
| Citation: |
Liu Yongzhi, Qin Guiyun, Liu Pengtao, Hu Chengyu, Guo Shanqing. Provably Secure Public Key Authenticated Encryption with Keyword Search Based on SGX[J]. Journal of Computer Research and Development, 2023, 60(12): 2709-2724. DOI: 10.7544/issn1000-1239.202220478
|
Liu Yongzhi: born in 1997. Master candidate. His main research interests include cloud data security and trusted execution environment
Qin Guiyun: born in 1997. Master candidate. Her main research interests include searchable encryption and cloud data security
Liu Pengtao: born in 1980. Master, associate professor. Her main research interest includes searchable encryption
Hu Chengyu: born in 1981. PhD, associate professor. His main research interests include cloud data security and network security
Guo Shanqing: born in 1976. PhD, professor. Member of CCF. His main research interests include network security and software security
PEKS (public key encryption with keyword search) enables users to search over encrypted data stored in the untrusted cloud server, which is of great significance for data privacy protection and is of increasing interest for this reason. PAEKS (public key authenticated encryption with keyword search) requires that a data sender not only uses the receiver’s public key to encrypt the keyword, but also uses his own private key to authenticate the keyword. PAEKS ensures that the adversaries cannot construct a keyword ciphertext, thus resisting the keyword guessing attacks (KGAs) that PEKS is facing. In this paper, we propose a scheme for public key authenticated encryption with keyword search based on SGX (software guard extensions), which supporting searching on encrypted data by creating a trusted zone and running a keyword comparison enclave program in the cloud server. The formal security proof of the scheme is provided and shows that the scheme satisfies the ciphertext indistinguishability and trapdoor indistinguishability, that is, the scheme can resist keyword guessing attacks. Further, the search pattern privacy (SP-Privacy) is defined, which ensures that adversaries cannot judge whether two searches are the same keyword only through the trapdoors, so as to avoid revealing some privacy to external adversaries. In addition, the scheme can be easily extended to support complicated search functionalities and enhance privacy protection, e.g. forward security. As examples, brief descriptions about how to extend the scheme to support multi-keyword search, search capability sharing, as well as forward security are given. Experiments in real scenario show the better efficiency of the scheme compared with some other typical schemes.
| [1] |
Boneh D, Crescenzo G D, Ostrovsky R, et al. Public key encryption with keyword search[C] //Proc of the 2nd Int Conf on the Theory and Applications of Cryptographic Techniques. Berlin: Springer, 2004: 506−522
|
| [2] |
Byun J W, Rhee H S, Park H A, et al. Off-line keyword guessing attacks on recent keyword search schemes over encrypted data[C] //Proc of the 3rd VLDB Int Conf on Secure Data Management. Berlin: Springer, 2006: 75−83
|
| [3] |
Naor M, Yung M. Public-key cryptosystems provably secure against chosen ciphertext attacks [C] //Proc of the 22nd Annual Symp on Theory of Computing. New York: ACM, 1990: 427−437
|
| [4] |
Abdalla M, Bellare M, Catalano D, et al. Searchable encryption revisited: Consistency properties, relation to anonymous IBE, and extensions[C] //Proc of the 25th Cryptology Int Conf. Berlin: Springer, 2005: 205−222
|
| [5] |
Baek J, Safavi-Naini R, Susilo W. Public key encryption with keyword search revisited[C] //Proc of Int Conf on Computational Science and Its Applications. Berlin: Springer, 2008: 1249−1259
|
| [6] |
Fang Liming, Susilo W, Ge Chunpeng, et al. Public key encryption with keyword search secure against keyword guessing attacks without random oracle[J]. Information Sciences, 2013, 238: 221−241 doi: 10.1016/j.ins.2013.03.008
|
| [7] |
Xu Peng, Jin Hai, Wu Qianhong, et al. Public-key encryption with fuzzy keyword search: A provably secure scheme under keyword guessing attack[J]. IEEE Transactions on Computers, 2012, 62(11): 2266−2277
|
| [8] |
Rhee H S, Park J H, Susilo W, et al. Trapdoor security in a searchable public-key encryption scheme with a designated tester[J]. Journal of Systems and Software, 2010, 83(5): 763−771 doi: 10.1016/j.jss.2009.11.726
|
| [9] |
Huang Qiong, Li Hongbo. An efficient public-key searchable encryption scheme secure against inside keyword guessing attacks[J]. Information Sciences, 2017, 403: 1−14
|
| [10] |
Qin Baodong, Chen Yu, Huang Qiong, et al. Public-key authenticated encryption with keyword search revisited: Security model and constructions[J]. Information Sciences, 2020, 516: 515−528 doi: 10.1016/j.ins.2019.12.063
|
| [11] |
Shao Jun, Cao Zhenfu, Liang Xiaohui, et al. Proxy re-encryption with keyword search[J]. Information Sciences, 2010, 180(13): 2576−2587 doi: 10.1016/j.ins.2010.03.026
|
| [12] |
郭丽峰,卢波. 有效的带关键词搜索的代理重加密方案[J]. 计算机研究与发展,2014,51(6):1221−1228
Guo Lifeng, Lu Bo. Efficient proxy re-encryption with keyword search scheme[J]. Journal of Computer Research and Development, 2014, 51(6): 1221−1228 (in Chinese)
|
| [13] |
Fang Liming, Susilo W, Ge Chunpeng, et al. Chosen-ciphertext secure anonymous conditional proxy re-encryption with keyword search[J]. Theoretical Computer Science, 2012, 462: 39−58 doi: 10.1016/j.tcs.2012.08.017
|
| [14] |
Chen Zhenhua, Li Shundong, Huang Qiong, et al. A restricted proxy re-encryption with keyword search for fine-grained data access control in cloud storage[J]. Concurrency and Computation: Practice and Experience, 2016, 28(10): 2858−2876 doi: 10.1002/cpe.3754
|
| [15] |
郑显义,史岗,孟丹. 系统安全隔离技术研究综述[J]. 计算机学报,2017,40(5):1057−1079
Zheng Xianyi, Shi Gang, Meng Dan. A survey on system security isolation technology[J]. Chinese Journal of Computers, 2017, 40(5): 1057−1079 (in Chinese)
|
| [16] |
宁振宇,张锋巍,施巍松. 基于边缘计算的可信执行环境研究[J]. 计算机研究与发展,2019,56(7):1441−1453 doi: 10.7544/issn1000-1239.2019.20180522
Ning Zhenyu, Zhang Fengwei, Shi Weisong. A study of using TEE on edge computing[J]. Journal of Computer Research and Development, 2019, 56(7): 1441−1453 (in Chinese) doi: 10.7544/issn1000-1239.2019.20180522
|
| [17] |
姜超,李玉峰,曹晨红,等. 基于可信执行环境的物联网边缘流处理安全技术综述[J]. 信息安全学报,2021,6(3):169−186 doi: 10.19363/J.cnki.cn10-1380/tn.2021.05.11
Jiang Chao, Li Yufeng, Cao Chenhong, et al. Survey of security technologies for IoT edge stream process based on trusted execution environment[J]. Journal of Cyber Security, 2021, 6(3): 169−186 (in Chinese) doi: 10.19363/J.cnki.cn10-1380/tn.2021.05.11
|
| [18] |
Gueron S. Memory encryption for general-purpose processors[J]. IEEE Security & Privacy, 2016, 14(6): 54−62
|
| [19] |
Yoon H, Moon S, Kim Y, et al. SPEKS: Forward private SGX-based public key encryption with keyword search [J]. Applied Sciences, 2020, 10(21): 7842
|
| [20] |
Goldwasser S, Micali S, Rivest R L. A digital signature scheme secure against adaptive chosen-message attacks[J]. SIAM Journal on Computing, 1988, 17(2): 281−308 doi: 10.1137/0217017
|
| [21] |
Faust S, Katz J, Papamanthou C, et al. On the non-malleability of the Fiat-Shamir transform[C] //Proc of the 13th Int Conf on Cryptology in India. Berlin: Springer, 2012: 60−79
|
| [22] |
Zhang Yupeng, Katz J, Papamanthou C. All your queries are belong to us: The power of file-injection attacks on searchable encryption [C] //Proc of the 25th USENIX Security Symp. Berkeley, CA: USENIX Association, 2016: 707−720
|
| [23] |
Zeng Ming, Qian Haifeng, Chen Jie, et al. Forward secure public key encryption with keyword search for outsourced cloud storage[J]. IEEE Transactions on Cloud Computing, 2019, 10(1): 426−438
|
| [1] | Luo Ke, Zeng Peng, Xiong Bing, Zhao Jinyuan. Joint Optimization Model of Energy Consumption and Efficiency Regarding OpenFlow-Based Packet Forwarding in SD-DCN[J]. Journal of Computer Research and Development, 2023, 60(3): 606-618. DOI: 10.7544/issn1000-1239.202110957 |
| [2] | Xie Zhen, Tan Guangming, Sun Ninghui. Research on Optimal Performance of Sparse Matrix-Vector Multiplication and Convoulution Using the Probability-Process-Ram Model[J]. Journal of Computer Research and Development, 2021, 58(3): 445-457. DOI: 10.7544/issn1000-1239.2021.20180601 |
| [3] | Liu Hui, Xu Jinlong, Zhao Rongcai, Yao Jinyang. Compiler Optimization Sequence Selection Method Based on Learning Model[J]. Journal of Computer Research and Development, 2019, 56(9): 2012-2026. DOI: 10.7544/issn1000-1239.2019.20180789 |
| [4] | Fu Liguo, Pang Jianmin, Wang Jun, Zhang Jiahao, Yue Feng. Formal Model of Correctness and Optimization on Binary Translation[J]. Journal of Computer Research and Development, 2019, 56(9): 2001-2011. DOI: 10.7544/issn1000-1239.2019.20180513 |
| [5] | Huang Guangqiu, Sun Siya, Lu Qiuqin. SEIRS Epidemic Model-Based Function Optimization Method—SEIRS Algorithm[J]. Journal of Computer Research and Development, 2014, 51(12): 2671-2687. DOI: 10.7544/issn1000-1239.2014.20130814 |
| [6] | Wen Renqiang, Zhong Shaobo, Yuan Hongyong, Huang Quanyi. Emergency Resource Multi-Objective Optimization Scheduling Model and Multi-Colony Ant Optimization Algorithm[J]. Journal of Computer Research and Development, 2013, 50(7): 1464-1472. |
| [7] | Han Xuming, Zuo Wanli, Wang Limin, Shi Xiaohu. Atmospheric Quality Assessment Model Based on Immune Algorithm Optimization and Its Applications[J]. Journal of Computer Research and Development, 2011, 48(7): 1307-1313. |
| [8] | Liu Chun'an, Wang Yuping. Dynamic Multi-Objective Optimization Evolutionary Algorithm Based on New Model[J]. Journal of Computer Research and Development, 2008, 45(4): 603-611. |
| [9] | Ge Hongwei and Liang Yanchun. A Multiple Sequence Alignment Algorithm Based on a Hidden Markov Model and Immune Particle Swarm Optimization[J]. Journal of Computer Research and Development, 2006, 43(8): 1330-1336. |
| [10] | Ma Liang, Chen Qunxiu, and Cai Lianhong. An Improved Model for Adaptive Text Information Filtering[J]. Journal of Computer Research and Development, 2005, 42(1): 79-84. |
微信订阅号
(实时资讯)
微信服务号
(同步网站)
微信视频号
(视频分享)
CCF
(扫码入会)
Copyright © Editorial Department of Computer Research and Development
Supported by: Beijing Renhe Information Technology Co.,
Ltd. 
DownLoad: