您的位置:山东大学 -> 科技期刊社 -> 《山东大学学报(理学版)》

山东大学学报(理学版) ›› 2017, Vol. 52 ›› Issue (11): 11-22.doi: 10.6040/j.issn.1671-9352.0.2017.191

• • 上一篇    下一篇

基于生物信息的可验证公钥可搜索加密协议

姚克1,朱斌瑞1,秦静1,2*   

  1. 1.山东大学数学学院, 山东 济南 250100;2.中国科学院信息工程研究所信息安全国家重点实验室, 北京 100093
  • 收稿日期:2017-04-26 出版日期:2017-11-20 发布日期:2017-11-17
  • 通讯作者: 秦静(1960— ),女,博士,教授,研究方向为信息安全. E-mail:qinjing@sdu.edu.cn E-mail:yaokenwpu201@126.com
  • 作者简介:姚克(1985— ),男,硕士,研究方向为信息安全. E-mail:yaokenwpu201@126.com
  • 基金资助:
    国家自然科学基金资助项目(61772311,61272091);山东省自然科学基金资助项目(ZR2012FM005)

Verifiable public key searchable encryption protocol based on biometrics

YAO Ke1, ZHU Bin-rui1, QIN Jing1,2*   

  1. 1. School of Mathematics, Shandong University, Jinan 250100, Shandong, China;
    2. State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China
  • Received:2017-04-26 Online:2017-11-20 Published:2017-11-17

摘要: 可搜索加密保证了加密云数据的可检索性,然而提供云服务的一方并不是完全可信的,利益驱使其不诚实地执行搜索或恶意隐瞒数据泄露,因此对加密搜索结果进行验证是非常必要的。结合已有的研究成果,得到了一个可验证公钥可搜索加密协议模型。从此模型出发,利用布隆过滤器建立搜索结构,利用基于生物信息的加密技术建立访问控制,利用双线性签名技术等建立认证,实现了基于生物特征的公钥可搜索加密协议的可验证性,最后对其正确性和安全性进行了证明。验证结果表明该方案在一定程度上保证了加密搜索的安全性和搜索结果的可验证性。

关键词: 可验证, 可搜索加密, 公钥, 云计算, 生物信息

Abstract: Searchable encryption assures the retrievability of encrypted cloud data. However, the cloud servers are not fully trusted. They may execute search operation unfaithfully or conceal the data storage accidents for higher profit. So it is necessary to verify for the search results of searchable encryption. This paper proposed a verifiable public key encryption with keyword search procotol model based on the known results. According to the model, we establish the search structure using the Bloom filter, establish the access control using the biometric-based cryptography, and establish the authentication using the bilinear-pairing-based signature. Thus, the verifiability of the public key encryption with keyword search based biometric protocol is achieved. Finally, the correctness and security of this scheme are proved. The verification results show that the scheme can ensure the security of the encrypted search and the verifiability of the search results to a certain extent.

Key words: searchable encryption, cloud computing, verifiable, public key, biometric

中图分类号: 

  • TP309
[1] 冯朝胜, 秦志光, 袁丁. 云数据安全存储技术[J]. 计算机学报, 2015, 38(1):150-163. FENG Chaosheng, QIN Zhiguang, YUAN Ding. Techniques of secure storage for cloud data[J]. Chinese Journal of Computers, 2015, 38(1):150-163.
[2] SONG D X, WAGNER D, PERRIG A. Practical techniques for searches on encrypted data[C] // IEEE Symposium on Security and Privacy. Washington: IEEE Computer Society, 2000: 44.
[3] BONEH D, CRESCENZO G D, OSTROVSKY R, et al. Public key encryption with keyword search[M] // CACHIN C, CAMENISCH J. Lecture Notes in Computer Science. Berlin: Springer-verlag Berlin, 2004: 506-522.
[4] BAEK J, SAFAVINAINI R, SUSILO W. Public key encryption with keyword search revisited[M] // GERVASI O, MURGANTE B. Lecture Notes in Computer Science. Berlin: Springer-verlag Berlin, 2008, 5072: 1249-1259.
[5] ABDALLA M, BELLARE M, CATALANO D, et al. Searchable encryption revisited: consistency properties, relation to anonymous IBE, and extensions[J]. Journal of Cryptology, 2008, 21(3):350-391.
[6] BYUN J, RHEE H, PARK H A, et al. Off-line keyword guessing attacks on recent keyword search schemes over encrypted data[J]. Secure Data Management, 2006: 75-83.
[7] JEONG I R, KWON J O, HONG D, et al. Constructing PEKS schemes secure against keyword guessing attacks is possible?[J]. Computer Communications, 2009, 32(2):394-396.
[8] FANG Liming, SUSILO W, GE Chunpeng, et al. A secure channel free public key encryption with keyword search scheme without random oracle[C] // GARAY J A, MIYAJI A, OTSUKA A. Lecture Notes in Computer Science. Berlin: Springer-verlag Berlin, 2009, 5888:248-258.
[9] XU Peng, JIN Hai, WU Qianhong, et al. Public-key encryption with fuzzy keyword search: a provably secure scheme under keyword guessing attack[J]. IEEE Transactions on Computers, 2013, 62(11):2266-2277.
[10] SAHAI A, WATERS B. Fuzzy identity-based encryption[M] // CRAMER R. Lecture Notes in Computer Science. Heidelberg: Springer-verlag Berlin, 2005, 3494:457-473.
[11] DAN B, FRANKLIN M. Identity-based encryption from the Weil pairing[J]. Siam Journal on Computing, 2003, 32(3):213-229.
[12] SAHAI A, WATERS B. Fuzzy identity-based encryption[M] // CRAMER R. Lecture Notes in Computer Science. Heidelberg: Springer-verlag Berlin, 2004, 3494:457-473.
[13] GOYAL V, PANDEY O, SAHAI A, et al. Attribute-based encryption for fine-grained access control of encrypted data[J]. Proceedings of the 13th ACM Conference on Computer and Communications Security. New York: ACM, 2010, 89-98.
[14] BETHENCOURT J, SAHAI A, WATERS B. Ciphertext-policy attribute-based encryption[C] // Proceedings of the IEEE Symposium on Security and Privacy(To Appear). New York: IEEE, 2007: 321-334.
[15] GOYAL V, PANDEY O, SAHAI A, et al. Attribute-based encryption for fine-grained access control of encrypted data[C] // ACM Conference on Computer and Communications Security. New York: ACM, 2006: 89-98.
[16] KHADER D. Attribute based search in encrypted data: ABSE[C] // Proceedings of the 2014 ACM Workshop on Information Sharing & Collaborative Security. New York: ACM, 2014: 31-40.
[17] HAN Fei, QIN Jing, ZHAO Huawei, et al. A general transformation from KP-ABE to searchable encryption[J]. Future Generation Computer Systems, 2014, 30(1):107-115.
[18] 韩斐. 基于属性的可搜索加密协议研究[D]. 济南:山东大学, 2015. HAN Fei. Research on attribute based searchable encryption[D]. Jinan:Shandong University, 2015.
[19] WANG Xingyuan, ZHAO Fengjian. An improved key agreement protocol based on chaos[J]. Communications in Nonlinear Science & Numerical Simulation, 2010, 15(12):4052-4057.
[20] WANG Xingyuan, PENG Daluan. A secure key agreement protocol based on chaotic maps[J]. Chinese Physics B, 2013, 22(11):239-243.
[21] NIU Yunjun, WANG Xingyuan. An anonymous key agreement protocol based on chaotic maps[J]. Communications in Nonlinear Science & Numerical Simulation, 2011, 16(4):1986-1992.
[22] JAIN A K, ROSS A, PRABHAKAR S. An introduction to biometric recognition[J]. IEEE Transactions on Circuits & Systems for Video Technology, 2004, 14(1):4-20.
[23] ULUDAG U, PANKANTI S, PRABHAKAR S, et al. Biometric cryptosystems: issues and challenges[J]. Proceedings of the IEEE, 2004, 92(6):948-960.
[24] 朱斌瑞, 秦静, 韩斐. 基于生物特征的可搜索加密[J]. 山东大学学报(理学版), 2016, 51(5):78-86. ZHU Binrui, QIN Jing, HAN Fei. Searchable encryption scheme based on biometric[J]. Journal of Shandong University(Natural Science), 2016, 51(5):78-86.
[25] CHAI Qi, GONG Guang. Verifiable symmetric searchable encryption for semi-honest-but-curious cloud servers[C] // IEEE International Conference on Communications. New York: IEEE, 2012: 917-922.
[26] ZHENG Q, XU S, ATENISES G. VABKS: verifiable attribute-based keyword search over outsourced encrypted data[C] // IEEE INFOCOM 2014-IEEE Conference on Computer Communications. New York: IEEE, 2014: 522-530.
[27] LIU Pengliang, WANG Jianfeng, MA Hua, et al. Efficient verifiable public key encryption with keyword search based on KP-ABE[C] // International Conference on Broadband & Wireless Computing. New York: IEEE, 2014: 584-589.
[28] SUN Wenhai, WANG Bing, CAO Ning, et al. Verifiable privacy-preserving multi-keyword text search in the cloud supporting similarity-based ranking[J]. IEEE Transactions on Parallel & Distributed Systems, 2013, 25(11):71-82.
[29] WANG Jianfeng, MA Hua, TANG Qiang, et al. Efficient verifiable fuzzy keyword search over encrypted data in cloud computing[J]. Computer Science & Information Systems, 2013, 10(2):667-684.
[30] ZHANG Rui, XUE Rui, YU Ting, et al. PVSAE: a public verifiable searchable encryption service framework for outsourced encrypted data[C] // Proceedings of the International Conference on Web Services(ICWS). New York: IEEE, 2016: 428-435.
[31] MIAO Yinbin, MA Jianfeng, WEI Fushan, et al. VCSE: verifiable conjunctive keywords search over encrypted data without secure-channel[J]. Peer-to-Peer Networking and Applications, 2016: 1-13.
[32] HAN Fei, QIN Jing, HU Jiankun. Secure searches in the cloud[J]. Future Generation Computer Systems, 2016, 62(C):66-75.
[33] GOLLE P, STADDON J, WATERS B. Secure conjunctive keyword search over encrypted data[J]. Lecture Notes in Computer Science, 2004, 3089:31-45.
[34] CAO Ning, WANG Cong, LI Ming, et al. Privacy-preserving multi-keyword ranked search over encrypted cloud data[J]. IEEE Transactions on Parallel & Distributed Systems, 2014, 25(1):222-233.
[35] LI Jin, WANG Qian, WANG Cong, et al. Fuzzy keyword search over encrypted data in cloud computing[C] // IEEE Conference on Information Communications. Piscataway: IEEE, 2010: 1-5.
[36] BURTON H B. Space/time trade-offs in Hash coding with allowable errors[J]. Communications of the ACM, 1970, 13(7):422-426.
[37] ISOBE Y, OHKI T, KOMATSU N. Security performance evaluation for biometric template protection techniques[J]. International Journal of Biometrics, 2013, 5(1):53-72.
[38] DODIS Y, REYZIN L. Fuzzy extractors: how to generate strong keys from biometrics and other noisy data[M] //Advances in Cryptology-EUROCRYPT 2004. Berlin: Springer-verlage Berlin, 2004, 3027:523-540.
[39] HSU S T, YANG C C, HWANG M S. A study of public key encryption with keyword search[J]. International Journal of Network Security, 2013, 15(2):71-79.
[40] RHEE H S, SUSILO W, KIM H J. Secure searchable public key encryption scheme against keyword guessing attacks[J]. IEICE Electronics Express, 2009, 6(5):237-243.
[41] BURNETT A, BYRNE F, DOWLING T, et al. A biometric identity based signature scheme[J]. International Journal of Network Security, 2007, 5(3).
[42] 申飞, 黄承杰, 吴仲城. 生物特征加密技术现状与发展趋势[C] //全国计算机安全学术交流会.合肥:中国科学技术大学出版社,2008:292-297. SHEN Fei, HUANG Chengjie, WU Zhongcheng. The state of the art and developmental tendency of biometric encryption[C] // National Academic Conference on Computer Security. Hefei: University of Science and Technology of China Press, 2008: 292-297.
[43] SARIER N D. A new biometric identity based encryption scheme[C] // Proceedings of the 19th International Conference on Young Computer Scientists. New York: IEEE, 2008: 2061-2066.
[44] SARIER N D. Generic constructions of biometric identity based encryption systems[C] // SAMARATI P, TUNSTALL M, POSEGGA J, et al. Lecture Notes in Computer Science. Berlin: Springer-verlag Berlin, 2010, 6033:90-105.
[1] 王小艳,陈兴蜀,王毅桐,葛龙. 基于OpenStack的云计算网络性能测量与分析[J]. 山东大学学报(理学版), 2018, 53(1): 30-37.
[2] 韩盼盼,秦静. 云计算中可验证的外包数据库加密搜索方案[J]. 山东大学学报(理学版), 2017, 52(9): 41-53.
[3] 黄宇晴,赵波,肖钰,陶威. 一种基于KVM的vTPM虚拟机动态迁移方案[J]. 山东大学学报(理学版), 2017, 52(6): 69-75.
[4] 陈广瑞,陈兴蜀,王毅桐,葛龙. 一种IaaS多租户环境下虚拟机软件更新服务机制[J]. 山东大学学报(理学版), 2017, 52(3): 60-67.
[5] 岳猛,吴志军,姜军. 云计算中基于可用带宽欧氏距离的LDoS攻击检测方法[J]. 山东大学学报(理学版), 2016, 51(9): 92-100.
[6] 朱斌瑞,秦静,韩斐. 基于生物特征的可搜索加密[J]. 山东大学学报(理学版), 2016, 51(5): 78-86.
[7] 蔡红云, 田俊峰. 云计算中的数据隐私保护研究[J]. 山东大学学报(理学版), 2014, 49(09): 83-89.
[8] 罗海燕, 吕萍, 刘林忠, 杨洵. 云环境下基于模糊粗糙AHP的企业信任综合评估[J]. 山东大学学报(理学版), 2014, 49(08): 111-117.
[9] 刘洋,秦丰林,葛连升. 云计算测量研究综述[J]. J4, 2013, 48(11): 27-35.
[10] 古春生1,2,吴访升2,景征骏2,3,于志敏2. 矩阵环上快速公钥密码算法的安全分析[J]. J4, 2013, 48(09): 22-28.
[11] 巨春飞1,仇晓涛2,王保仓2,3. 基于矩阵环的快速公钥密码算法[J]. J4, 2012, 47(9): 56-59.
[12] 李娟英,陈晓峰. 无滥用的三方合同签署协议[J]. J4, 2012, 47(9): 65-70.
[13] . 代理人状态不可验证契约纳什实施惟一性分析[J]. J4, 2009, 44(6): 33-39.
[14] 郇天笑,王 泽,张 辉,白增亮* . 甲胎蛋白分子演化的生物信息学分析[J]. J4, 2007, 42(3): 78-83 .
[15] 刘化锋,王文燕 . 基因转录调控网络模型[J]. J4, 2006, 41(6): 103-108 .
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!