| 摘要: |
| 随着云存储技术和5G通信的广泛应用,云服务器成为了用户节省本地存储空间和管理开销的重要手段。传统的加密技术能够有效保护云端的私密数据免受恶意敌手的攻击,却也造成了数据检索和使用的不便。公钥可搜索加密技术允许用户在不解密密文数据的情况下进行数据检索,既保护了数据的机密性,又提供了高效的数据检索功能。然而,目前大多数的公钥可搜索加密方案的设计都以国外密码体制为基础,对以国家商用密码算法为基础的可搜索加密方案研究较少。为了拓展国产密码算法在公钥可搜索加密领域的应用,以满足国产密码核心技术的自主性和安全可控性的需求。本文以国产商用密码算法SM9为基础,构建了一种可认证公钥可搜索加密方案。相比于传统的公钥可搜索加密方案,数据发送方需要对生成的关键字密文进行认证,从而验证方确信该关键字密文只能由发送方生成。这样的设计防止了云服务器的内部攻击者通过关键字猜测攻击的方式从给定的陷门中恢复出搜索关键字,进而破环数据机密性。在随机预言模型下,基于困难问题假设分别证明了本方案满足陷门不可区分性和密文不可区分性,进而得出本方案具备抵御内部关键字猜测攻击的能力。理论分析与实验结果表明,与经典的公钥可搜索加密方案相比,本方案在具备较高的安全性的同时在关键字密文生成阶段也具有较高的效率。最后给出该领域的未来研究方向。 |
| 关键词: 公钥可搜索加密 SM9密码算法 内部关键字猜测攻击 不可区分性 |
| DOI: |
| 投稿时间:2023-12-18修订日期:2024-04-26 |
| 基金项目:国家自然科学基金项目(面上项目,重点项目,重大项目) |
|
| A searchable encryption scheme based on SM9 for resisting internal keyword guessing attacks |
|
Xujiawang, Wanghuaqun
|
| (School of Computer Science, Nanjing University of Posts and Telecommunications) |
| Abstract: |
| With the widespread application of cloud storage technology and 5G communication, cloud servers have become an important means for users to save local storage space and manage overhead costs. Traditional encryption techniques effectively protect sensitive data stored in the cloud from malicious attacks, but they also result in inconvenience in data retrieval and utilization. Public-key searchable encryption technology allows users to perform data retrieval without decrypting ciphertext data, thus preserving data confidentiality while providing efficient data retrieval functionality. However, most existing public-key searchable encryption schemes are based on foreign cryptographic primitives, with limited research on schemes based on domestic commercial cryptographic algorithms. To expand the application of domestic cryptographic algorithms in the field of public-key searchable encryption and meet the demand for the autonomy and security controllability of domestic cryptographic core technologies, this paper proposes a searchable encryption scheme based on the domestic commercial cryptographic algorithm SM9. In this scheme, termed as authenticated public-key searchable encryption, the data sender needs to authenticate the generated keyword ciphertext, ensuring that the receiver can verify that the keyword ciphertext can only be generated by the sender. This design prevents internal attackers of cloud servers from guessing keywords through attacks, thereby compromising data confidentiality. Under the random oracle model, based on the hardness problem assumption, the scheme is proven to satisfy indistinguishability of trapdoors and ciphertexts, demonstrating its capability to resist internal keyword guessing attacks. Theoretical analysis and experimental results demonstrate that compared to classical public-key searchable encryption schemes, this scheme maintains high security while exhibiting high efficiency in the generation of keyword ciphertexts. Finally, future research directions in this field are proposed. |
| Key words: public key searchable encryption SM9 algorithm inside keyword guessing attack indistinguishability |
