引用本文
  • 蒲浪,林超,伍玮,何德彪.基于SM9的公钥可搜索加密方案[J].信息安全学报,已采用    [点击复制]
  • Pu Lang,Lin Chao,Wu Wei,He Debiao.A Public-key Encryption with Keyword Search Scheme from SM9[J].Journal of Cyber Security,Accept   [点击复制]
【打印本页】 【在线阅读全文】【下载PDF全文】 查看/发表评论下载PDF阅读器关闭

过刊浏览    高级检索

本文已被:浏览 375次   下载 0  
基于SM9的公钥可搜索加密方案
蒲浪1, 林超1, 伍玮1, 何德彪2
0
(1.福建师范大学;2.武汉大学)
摘要:
云存储技术因其使用便捷、性价比高等优势得以迅速发展,越来越多用户将个人数据外包至第三方云服务器存储。虽然数据加密存储可有效保护数据安全和用户隐私,但传统的对称/非对称加密技术会影响数据检索和使用。可搜索加密是一种特殊的加密技术,一经提出便备受关注,在保障数据机密性的同时可提供数据检索功能。目前,国内外学者提出了大量可搜索加密方案,但现有方案都基于国外密码算法设计,尚未见基于国产商用密码算法的可搜索加密方案在国内外刊物上公开发表,不符合我国密码核心技术自主可控的要求。为了丰富国产商用密码算法在可搜索加密方面的研究,满足云存储领域的数据安全检索需求,本文以SM9标识加密算法为基础,构造了一种公钥可搜索加密方案 ( SM9-PEKS )。在q-ABDHE安全假设和随机谕言模型下,本文首先证明SM9标识加密算法的匿名性,进而证明SM9-PEKS方案的安全性。理论分析和编程实现结果表明,与常用经典的PEKS方案相比,本文方案在增加64字节通信代价的情况下,可至少降低31.31%的计算开销。最后,提出了未来可能的研究方向。
关键词:  SM9算法  公钥可搜索加密  标识密码  匿名性
DOI:
投稿时间:2021-10-04修订日期:2021-12-08
基金项目:国家自然科学基金(62102089, 62032005, 61872089, 61972294)、中央高校基本科研业务费专项资金(2042021kf1030)、湖北省自然科学基金 (2017CFA007)、福建省自然科学基金(2020J02016)
A Public-key Encryption with Keyword Search Scheme from SM9
Pu Lang1, Lin Chao1, Wu Wei1, He Debiao2
(1.Fujian Normal University;2.Wuhan University)
Abstract:
Cloud storage technology has developed rapidly due to its flexible use and high cost performance, more and more users outsource their personal data to third-party cloud servers in order to save local storage resources and use data more conveniently. A large number of security risks appear while storing data, the data that usually need to be en-crypted then stored to effectively protect data security and user privacy, but traditional symmetric/asymmetric en-cryption technology affects data efficient retrieval and use. Searchable encryption is a special cryptographic tech-nology that not only guarantees data confidentiality but also provides convenient and secure data retrieval service. Searchable encryption has attracted widespread attention of scholars as soon as it was proposed. At present, domes-tic and foreign scholars have proposed a large number of searchable encryption schemes, but the existing schemes are based on foreign cryptographic algorithms. After our extensive research, there is no searchable encryption schemes based on domestic commercial cryptography algorithm has been published in domestic and foreign aca-demic journals, which does not meet the requirements of security and independent control of cryptography core technology. In order to enrich the research of domestic commercial cryptographic algorithms in searchable encryp-tion, and meet the security retrieval needs of data stored in the cloud servers, this article firstly adapts the SM9 identity-based encryption algorithm to construct a public key searchable encryption scheme (SM9-PEKS). Then, we prove the anonymity of SM9 identity-based encryption algorithm in the random oracle model based on the security assumption of q-ABDHE, followed by the security of the proposed SM9-PEKS. Theoretical analysis and program-ming implementation results show that, this scheme has a good balance between safety and efficiency. Compared with the classic commonly used PEKS schemes, the SM9-PEKS can reduce the computational overhead by at least 31.31% under extra communication cost of 64 bytes. Finally, the possible future research directions are proposed.
Key words:  SM9 algorithm  public key encryption with keyword search  identity-based cryptography  anonymity