鲁棒的前后向隐私联合对称可搜索加密方案
作者:
中图分类号:

TP309

基金项目:

国家自然科学基金 (62332018, 62072078, 62271128); 四川省自然科学基金 (2022NSFSC0550)


Robust Scheme for Conjunctive Symmetric Searchable Encryption with Forward and Backward Privacy
Author:
  • 摘要
  • | |
  • 访问统计
  • |
  • 参考文献
  • |
  • 相似文献
  • |
  • 引证文献
  • | |
  • 文章评论
    摘要:

    动态对称可搜索加密允许用户安全地搜索和动态更新存储在半可信云服务器中的加密文档, 近年来备受关注. 然而, 现有多数对称可搜索加密方案仅支持单关键词搜索, 无法在实现联合搜索的同时满足前向和后向隐私. 此外, 多数方案不具有鲁棒性, 即无法处理客户端重复添加或删除某个关键词/文件标识符对或删除不存在的关键词/文件标识符对等不合理更新请求. 针对上述挑战, 提出一个鲁棒的前后向隐私联合动态对称可搜索加密方案RFBC. 在该方案中, 服务器为每个关键词建立两个布隆过滤器, 分别用于存储所要添加和删除的关键词/文件标识符对的相关哈希值. 当客户端发送更新请求时, 服务器利用两个布隆过滤器进行判断, 过滤不合理请求, 以满足方案的鲁棒性. 此外, 利用多关键词中最低频关键词的状态信息, 结合布隆过滤器与更新计数器, 筛选掉不包含其余关键词的文件标识实现联合查询. 通过定义方案的泄露函数, 经过一系列的安全性游戏证明RFBC支持前向隐私与Type-III后向隐私. 实验分析表明相较于相关方案, RFBC较大幅度提高了计算和通信效率. 具体来说, RFBC更新操作的计算开销分别为ODXT和BDXT的28%和61.7%, 搜索操作的计算开销分别为ODXT和BDXT的21.9%和27.3%, 而搜索操作的通信开销分别为ODXT和BDXT的19.7%和31.6%. 而且, 当不合理更新的比例逐渐增加时, 搜索效率的提升明显高于BDXT与ODXT.

    Abstract:

    Dynamic searchable symmetric encryption has attracted much attention because it allows users to securely search and dynamically update encrypted documents stored in a semi-trusted cloud server. However, most searchable symmetric encryption schemes only support single-keyword search, failing to achieve conjunctive search while protecting forward and backward privacy. In addition, most schemes are not robust, which means that they cannot handle irrational update requests from a client, such as adding or deleting a certain keyword/file identifier pair, or deleting non-existent keywords/file identifier pairs. To address these challenges, this study proposes a robust scheme for conjunctive dynamic symmetric searchable encryption that preserves both forward and backward privacy, called RFBC. In this scheme, the server constructs two Bloom filters for each keyword, which are used to store the relevant hash values of the keyword/file identifier pair to be added and deleted, respectively. When the client sends update requests, the server uses the two Bloom filters to determine and filter irrational update requests, so as to guarantee the robustness of the scheme. In addition, by combining the status information of the lowest frequency keywords among multiple keywords, the Bloom filters, and the update counter, RFBC realizes conjunctive search by filtering out file identifiers that do not contain the rest keywords. Finally, by defining the leakage function, RFBC is proved to be forward private and Type-III backward private through a series of security analyses. Experimental results show that compared with related schemes, RFBC greatly improves computation and communication efficiency. Specifically, the computational overhead of update operations in RFBC is about 28% and 61.7% of that in ODXT and BDXT, respectively. The computational overhead of search operations in RFBC is about 21.9% and 27.3% of that in ODXT and BDXT, respectively. The communication overhead of search operations in RFBC is about 19.7% and 31.6% of that in ODXT and BDXT, respectively. Moreover, as the proportion of irrational updates gradually increases, RFBC exhibits significantly higher improvement in search efficiency compared to both BDXT and ODXT.

    参考文献
    相似文献
    引证文献
引用本文

张文琪,李雄,尹智明,梁伟,黄可,张小松.鲁棒的前后向隐私联合对称可搜索加密方案.软件学报,,():1-25

复制
分享
文章指标
  • 点击次数:
  • 下载次数:
  • HTML阅读次数:
  • 引用次数:
历史
  • 收稿日期:2023-08-28
  • 最后修改日期:2024-02-20
  • 在线发布日期: 2024-12-04
文章二维码
您是第位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号