摘要: |
为节约本地存储空间以及管理开销,文件可通过云存储服务被上传到云服务器。云存储服务作为一项重要的云技术已得到了广泛的研究和应用。文件以明文的形式存储显然无法满足隐私保护和安全需求,但若以传统的加密方式将加密后的文件上传服务器又使服务器失去检索原文件的能力。可搜索加密(Searchable Encryption,SE)是近年来发展的一种支持用户在密文上进行关键字查找的密码学原语,它将用户的文件进行特殊的加密后上传到云服务器上,实现服务器可以根据关键字进行安全检索文件的功能,在方便用户使用的同时,也保护了文件的隐私安全。本文介绍了可搜索加密的基本概念,从对称可搜索加密的构建方法和加密手段出发,归纳总结了已有的对称可搜索加密的安全性结果。我们重点梳理了对称可搜索加密的适应性安全模型的发展历程,分析了推理攻击,文件注入攻击,以及新的安全模型与对抗手段,并指出目前可搜索加密安全性研究所面临的主要问题以及未来的发展方向。 |
关键词: 云存储 隐私泄露 可搜索加密 对称可搜索加密 安全性 |
DOI:10.19363/J.cnki.cn10-1380/tn.2021.03.05 |
投稿时间:2020-04-17修订日期:2020-05-18 |
基金项目:本课题得到基金项目支持:北京市自然科学基金(No.M21033);航天科学技术基金(No.2020-HT-BH-22);国家自然科学基金(No.61932011,No.61972017);国家密码发展基金(No.MMJJ20180215)资助 |
|
A Survey on Security Development of Searchable Symmetric Encryption |
LIU Wenxin1, GAO Ying2
|
(1.School of Mathematics Sciences, Beihang University, Beijing 100191, China;2.School of Cyber Science and Technology, Beihang University, Beijing 100191, China) |
Abstract: |
To save local storage space and management overhead, now files can be uploaded to cloud servers. As an important cloud technology, cloud storage service has been widely researched and applied. The storage of files in plaintext obviously cannot meet the privacy and security requirements. However, if the encrypted files are uploaded to the server by traditional encryption, the server will lose the ability to search them by keywords. Searchable encryption (SE) is a cryptographic primitive developed in recent years that supports clients to perform keyword search on ciphertext. By searchable encryption, clients can encrypt the files and uploads them to the cloud server and then retrieve them by keywords, which is convenient for clients and protects the privacy of the files. This paper introduces the basic concepts of SE. Starting from the construction method of symmetric searchable encryption, we summarize the research results about security of existing symmetric searchable encryption. We focus on the development process of the adaptive security model of symmetric searchable encryption, and analyze inference attacks, file-injection attacks, new security models and countermeasures. Then we point out the main problems currently facing the security research of SE and the future direction. |
Key words: cloud storage privacy leakage searchable encryption searchable symmetric encryption security |