随着云计算的迅速发展，用户开始将数据迁移到云端服务器，以此避免繁琐的本地数据管理并获得更加便捷的服务.为了保证数据安全和用户隐私，数据一般是以密文存储在云端服务器中，但是用户将会遇到如何在密文上进行查找的难题.可搜索加密（searchable encryption，简称SE）是近年来发展的一种支持用户在密文上进行关键字查找的密码学原语，它能够为用户节省大量的网络和计算开销，并充分利用云端服务器庞大的计算资源进行密文上的关键字查找.介绍了SE机制的研究背景和目前的研究进展，对比阐述了基于对称密码学和基于公钥密码学而构造的SE机制的不同特点，分析了SE机制在支持单词搜索、连接关键字搜索和复杂逻辑结构搜索语句的研究进展.最后阐述了其所适用的典型应用场景，并讨论了SE机制未来可能的发展趋势.

With the rapid development of cloud computing, users are beginning to move their data to the cloud servers in order to avoid troublesome data management at local machines and enjoy convenient service. To protect data security and user privacy, data are usually stored in encrypted form in the cloud, but it activates the inconvenience when the user tries to retrieve the files containing some interested keywords. Searchable encryption (SE) is a recently developed cryptographic primitive that supports keyword search over encrypted data, which not only saves huge network bandwidth and computation capacity for users, but also migrates the cumbersome search operation to the cloud server to utilize its vast computational resources. This paper first introduces the research background and the current development of SE schemes and compares the different features between symmetric key cryptography based SE schemes and public key cryptography based SE schemes. The research status of the search query supported in SE schemes is then provided. The discussion includes the support of single keyword search query, conjunctive (and multi-keyword) search query and complex search query, respectively. Finally, this study presents the typical application scenario of SE schemes, and discusses the possible development tendency.

国家自然科学基金（61232003）；国家科技重大专项（2013ZX03002004-003）；中美软件合作研究项目（61361120098）