信息安全研究 ›› 2024, Vol. 10 ›› Issue (7): 624-.

• 数据安全与隐私保护专题 • 上一篇    下一篇

基于椭圆曲线加密的多用户可搜索对称加密方案

陈珊1潘文伦2   

  1. 1(中电科网络安全科技股份有限公司北京100160)
    2(北京海泰方圆科技股份有限公司北京100094)
  • 出版日期:2024-07-14 发布日期:2024-07-18
  • 通讯作者: 陈珊 博士,高级工程师.主要研究方向为数据安全、隐私计算、密文检索、密码应用. chen.shan06172@cetccst.com.cn
  • 作者简介:陈珊 博士,高级工程师.主要研究方向为数据安全、隐私计算、密文检索、密码应用. chen.shan06172@cetccst.com.cn 潘文伦 博士,高级工程师.主要研究方向为信息安全、人工智能、密码算法. wenlun.pan@haitaichina.com

Multiuser Searchable Symmetric Encryption Scheme Based on  Elliptic Curve Encryption

Chen Shan1 and Pan Wenlun2   

  1. 1(CETC Cyberspace Security Technology Co., Ltd., Beijing 100160)
    2(Beijing Haitaifangyuan Technologies Co., Ltd., Beijing 100094)

  • Online:2024-07-14 Published:2024-07-18

摘要: 可搜索加密(searchable encryption, SE)是数据安全检索环节的关键技术之一,它允许服务器在不解密的情况下直接搜索加密数据.为解决云存储环境下数据安全共享时面临的密文检索问题,对现有单用户场景下的动态可搜索对称加密(searchable symmetric encryption, SSE)方案进行多用户拓展,提出一种高效、安全且客户端无存储的多用户动态可搜索对称加密方案.该方案创新性地采用椭圆曲线加密系统实现多用户间的密钥管理和访问密钥的分发,有效避免了传统多用户解决方案中的密钥共享问题和双线性对操作,且同时满足查询隐私、搜索不可伪造性和用户可撤销性.此外,经过多用户拓展后的可搜索对称加密方案依然保持了原单用户方案泄露信息少、文档搜索高效、文档删除高效且客户端无存储等优点.

关键词: 数据共享, 隐私保护, 可搜索对称加密, 动态可搜索加密, 多用户, 椭圆曲线加密

Abstract: Searchable encryption (SE) is one of the key technologies in secure data retrieval. It allows the server to search encrypted data directly without decrypting it. In this paper, we propose a multiuser extension of the existed dynamic searchable symmetric encryption (SSE) scheme for the singleuser to solve the problem of data security sharing in cloud storage environment. The proposed scheme is efficient, secure and requires no storage on the client. The scheme uses elliptic curve encryption system to realize key management and access key distribution among authorized users,effectively avoiding the key sharing problem and bilinear pairing operation in traditional multiuser scheme. It also meets the requirements of query privacy, search unforgeability, and user revocability. At the same time, after multiuser expansion, the scheme still maintains the advantages of the original scheme, such as less information leakage, efficient file search, efficient file deletion and no storage on the client.

Key words: data sharing, privacy protection, searchable symmetric encryption, dynamic searchable encryption, multiuser, elliptic curve encryption

中图分类号: