基于生物信息的可验证公钥可搜索加密协议

doi:10.6040/j.issn.1671-9352.0.2017.191

摘要/Abstract

摘要： 可搜索加密保证了加密云数据的可检索性,然而提供云服务的一方并不是完全可信的,利益驱使其不诚实地执行搜索或恶意隐瞒数据泄露,因此对加密搜索结果进行验证是非常必要的。结合已有的研究成果,得到了一个可验证公钥可搜索加密协议模型。从此模型出发,利用布隆过滤器建立搜索结构,利用基于生物信息的加密技术建立访问控制,利用双线性签名技术等建立认证,实现了基于生物特征的公钥可搜索加密协议的可验证性,最后对其正确性和安全性进行了证明。验证结果表明该方案在一定程度上保证了加密搜索的安全性和搜索结果的可验证性。

关键词: 可验证, 可搜索加密, 公钥, 云计算, 生物信息

Abstract: Searchable encryption assures the retrievability of encrypted cloud data. However, the cloud servers are not fully trusted. They may execute search operation unfaithfully or conceal the data storage accidents for higher profit. So it is necessary to verify for the search results of searchable encryption. This paper proposed a verifiable public key encryption with keyword search procotol model based on the known results. According to the model, we establish the search structure using the Bloom filter, establish the access control using the biometric-based cryptography, and establish the authentication using the bilinear-pairing-based signature. Thus, the verifiability of the public key encryption with keyword search based biometric protocol is achieved. Finally, the correctness and security of this scheme are proved. The verification results show that the scheme can ensure the security of the encrypted search and the verifiability of the search results to a certain extent.

Key words: searchable encryption, cloud computing, verifiable, public key, biometric

中图分类号:

TP309

姚克,朱斌瑞,秦静. 基于生物信息的可验证公钥可搜索加密协议[J]. 山东大学学报（理学版）, 2017, 52(11): 11-22.

YAO Ke, ZHU Bin-rui, QIN Jing. Verifiable public key searchable encryption protocol based on biometrics[J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2017, 52(11): 11-22.

参考文献

[1] 冯朝胜, 秦志光, 袁丁. 云数据安全存储技术[J]. 计算机学报, 2015, 38(1):150-163. FENG Chaosheng, QIN Zhiguang, YUAN Ding. Techniques of secure storage for cloud data[J]. Chinese Journal of Computers, 2015, 38(1):150-163.
[2] SONG D X, WAGNER D, PERRIG A. Practical techniques for searches on encrypted data[C] // IEEE Symposium on Security and Privacy. Washington: IEEE Computer Society, 2000: 44.
[3] BONEH D, CRESCENZO G D, OSTROVSKY R, et al. Public key encryption with keyword search[M] // CACHIN C, CAMENISCH J. Lecture Notes in Computer Science. Berlin: Springer-verlag Berlin, 2004: 506-522.
[4] BAEK J, SAFAVINAINI R, SUSILO W. Public key encryption with keyword search revisited[M] // GERVASI O, MURGANTE B. Lecture Notes in Computer Science. Berlin: Springer-verlag Berlin, 2008, 5072: 1249-1259.
[5] ABDALLA M, BELLARE M, CATALANO D, et al. Searchable encryption revisited: consistency properties, relation to anonymous IBE, and extensions[J]. Journal of Cryptology, 2008, 21(3):350-391.
[6] BYUN J, RHEE H, PARK H A, et al. Off-line keyword guessing attacks on recent keyword search schemes over encrypted data[J]. Secure Data Management, 2006: 75-83.
[7] JEONG I R, KWON J O, HONG D, et al. Constructing PEKS schemes secure against keyword guessing attacks is possible?[J]. Computer Communications, 2009, 32(2):394-396.
[8] FANG Liming, SUSILO W, GE Chunpeng, et al. A secure channel free public key encryption with keyword search scheme without random oracle[C] // GARAY J A, MIYAJI A, OTSUKA A. Lecture Notes in Computer Science. Berlin: Springer-verlag Berlin, 2009, 5888:248-258.
[9] XU Peng, JIN Hai, WU Qianhong, et al. Public-key encryption with fuzzy keyword search: a provably secure scheme under keyword guessing attack[J]. IEEE Transactions on Computers, 2013, 62(11):2266-2277.
[10] SAHAI A, WATERS B. Fuzzy identity-based encryption[M] // CRAMER R. Lecture Notes in Computer Science. Heidelberg: Springer-verlag Berlin, 2005, 3494:457-473.
[11] DAN B, FRANKLIN M. Identity-based encryption from the Weil pairing[J]. Siam Journal on Computing, 2003, 32(3):213-229.
[12] SAHAI A, WATERS B. Fuzzy identity-based encryption[M] // CRAMER R. Lecture Notes in Computer Science. Heidelberg: Springer-verlag Berlin, 2004, 3494:457-473.
[13] GOYAL V, PANDEY O, SAHAI A, et al. Attribute-based encryption for fine-grained access control of encrypted data[J]. Proceedings of the 13th ACM Conference on Computer and Communications Security. New York: ACM, 2010, 89-98.
[14] BETHENCOURT J, SAHAI A, WATERS B. Ciphertext-policy attribute-based encryption[C] // Proceedings of the IEEE Symposium on Security and Privacy(To Appear). New York: IEEE, 2007: 321-334.
[15] GOYAL V, PANDEY O, SAHAI A, et al. Attribute-based encryption for fine-grained access control of encrypted data[C] // ACM Conference on Computer and Communications Security. New York: ACM, 2006: 89-98.
[16] KHADER D. Attribute based search in encrypted data: ABSE[C] // Proceedings of the 2014 ACM Workshop on Information Sharing & Collaborative Security. New York: ACM, 2014: 31-40.
[17] HAN Fei, QIN Jing, ZHAO Huawei, et al. A general transformation from KP-ABE to searchable encryption[J]. Future Generation Computer Systems, 2014, 30(1):107-115.
[18] 韩斐. 基于属性的可搜索加密协议研究[D]. 济南:山东大学, 2015. HAN Fei. Research on attribute based searchable encryption[D]. Jinan:Shandong University, 2015.
[19] WANG Xingyuan, ZHAO Fengjian. An improved key agreement protocol based on chaos[J]. Communications in Nonlinear Science & Numerical Simulation, 2010, 15(12):4052-4057.
[20] WANG Xingyuan, PENG Daluan. A secure key agreement protocol based on chaotic maps[J]. Chinese Physics B, 2013, 22(11):239-243.
[21] NIU Yunjun, WANG Xingyuan. An anonymous key agreement protocol based on chaotic maps[J]. Communications in Nonlinear Science & Numerical Simulation, 2011, 16(4):1986-1992.
[22] JAIN A K, ROSS A, PRABHAKAR S. An introduction to biometric recognition[J]. IEEE Transactions on Circuits & Systems for Video Technology, 2004, 14(1):4-20.
[23] ULUDAG U, PANKANTI S, PRABHAKAR S, et al. Biometric cryptosystems: issues and challenges[J]. Proceedings of the IEEE, 2004, 92(6):948-960.
[24] 朱斌瑞, 秦静, 韩斐. 基于生物特征的可搜索加密[J]. 山东大学学报(理学版), 2016, 51(5):78-86. ZHU Binrui, QIN Jing, HAN Fei. Searchable encryption scheme based on biometric[J]. Journal of Shandong University(Natural Science), 2016, 51(5):78-86.
[25] CHAI Qi, GONG Guang. Verifiable symmetric searchable encryption for semi-honest-but-curious cloud servers[C] // IEEE International Conference on Communications. New York: IEEE, 2012: 917-922.
[26] ZHENG Q, XU S, ATENISES G. VABKS: verifiable attribute-based keyword search over outsourced encrypted data[C] // IEEE INFOCOM 2014-IEEE Conference on Computer Communications. New York: IEEE, 2014: 522-530.
[27] LIU Pengliang, WANG Jianfeng, MA Hua, et al. Efficient verifiable public key encryption with keyword search based on KP-ABE[C] // International Conference on Broadband & Wireless Computing. New York: IEEE, 2014: 584-589.
[28] SUN Wenhai, WANG Bing, CAO Ning, et al. Verifiable privacy-preserving multi-keyword text search in the cloud supporting similarity-based ranking[J]. IEEE Transactions on Parallel & Distributed Systems, 2013, 25(11):71-82.
[29] WANG Jianfeng, MA Hua, TANG Qiang, et al. Efficient verifiable fuzzy keyword search over encrypted data in cloud computing[J]. Computer Science & Information Systems, 2013, 10(2):667-684.
[30] ZHANG Rui, XUE Rui, YU Ting, et al. PVSAE: a public verifiable searchable encryption service framework for outsourced encrypted data[C] // Proceedings of the International Conference on Web Services(ICWS). New York: IEEE, 2016: 428-435.
[31] MIAO Yinbin, MA Jianfeng, WEI Fushan, et al. VCSE: verifiable conjunctive keywords search over encrypted data without secure-channel[J]. Peer-to-Peer Networking and Applications, 2016: 1-13.
[32] HAN Fei, QIN Jing, HU Jiankun. Secure searches in the cloud[J]. Future Generation Computer Systems, 2016, 62(C):66-75.
[33] GOLLE P, STADDON J, WATERS B. Secure conjunctive keyword search over encrypted data[J]. Lecture Notes in Computer Science, 2004, 3089:31-45.
[34] CAO Ning, WANG Cong, LI Ming, et al. Privacy-preserving multi-keyword ranked search over encrypted cloud data[J]. IEEE Transactions on Parallel & Distributed Systems, 2014, 25(1):222-233.
[35] LI Jin, WANG Qian, WANG Cong, et al. Fuzzy keyword search over encrypted data in cloud computing[C] // IEEE Conference on Information Communications. Piscataway: IEEE, 2010: 1-5.
[36] BURTON H B. Space/time trade-offs in Hash coding with allowable errors[J]. Communications of the ACM, 1970, 13(7):422-426.
[37] ISOBE Y, OHKI T, KOMATSU N. Security performance evaluation for biometric template protection techniques[J]. International Journal of Biometrics, 2013, 5(1):53-72.
[38] DODIS Y, REYZIN L. Fuzzy extractors: how to generate strong keys from biometrics and other noisy data[M] //Advances in Cryptology-EUROCRYPT 2004. Berlin: Springer-verlage Berlin, 2004, 3027:523-540.
[39] HSU S T, YANG C C, HWANG M S. A study of public key encryption with keyword search[J]. International Journal of Network Security, 2013, 15(2):71-79.
[40] RHEE H S, SUSILO W, KIM H J. Secure searchable public key encryption scheme against keyword guessing attacks[J]. IEICE Electronics Express, 2009, 6(5):237-243.
[41] BURNETT A, BYRNE F, DOWLING T, et al. A biometric identity based signature scheme[J]. International Journal of Network Security, 2007, 5(3).
[42] 申飞, 黄承杰, 吴仲城. 生物特征加密技术现状与发展趋势[C] //全国计算机安全学术交流会.合肥:中国科学技术大学出版社,2008:292-297. SHEN Fei, HUANG Chengjie, WU Zhongcheng. The state of the art and developmental tendency of biometric encryption[C] // National Academic Conference on Computer Security. Hefei: University of Science and Technology of China Press, 2008: 292-297.
[43] SARIER N D. A new biometric identity based encryption scheme[C] // Proceedings of the 19th International Conference on Young Computer Scientists. New York: IEEE, 2008: 2061-2066.
[44] SARIER N D. Generic constructions of biometric identity based encryption systems[C] // SAMARATI P, TUNSTALL M, POSEGGA J, et al. Lecture Notes in Computer Science. Berlin: Springer-verlag Berlin, 2010, 6033:90-105.

多维度评价

Viewed

Full text

Abstract

Cited

Shared

Discussed