基于無(wú)證書(shū)密碼系統(tǒng)的關(guān)鍵字搜索加密算法研究
發(fā)布時(shí)間:2019-02-16 03:17
【摘要】:目前很多云儲(chǔ)存平臺(tái)都只關(guān)注于內(nèi)容存儲(chǔ)和共享服務(wù)(如百度云),這些云平臺(tái)為了提供共享服務(wù)都使用明文形式存儲(chǔ),所以這類(lèi)云平臺(tái)都缺乏對(duì)用戶(hù)信息的隱私保護(hù)。而另一類(lèi)云平臺(tái)(如堅(jiān)果云)為了保證用戶(hù)的隱私數(shù)據(jù)不被泄漏,會(huì)在用戶(hù)數(shù)據(jù)上傳到服務(wù)器后進(jìn)行加密存儲(chǔ)。對(duì)于這種存儲(chǔ)機(jī)制,一旦攻擊者將存儲(chǔ)服務(wù)器攻破并拿到服務(wù)器的私鑰,攻擊者便可以解密用戶(hù)的所有數(shù)據(jù)。國(guó)外有些云存儲(chǔ)平臺(tái)(如Wuala云)是將數(shù)據(jù)在本地加密后再上傳到服務(wù)器進(jìn)行存儲(chǔ),但由于服務(wù)器沒(méi)有用戶(hù)私鑰,無(wú)法解密用戶(hù)數(shù)據(jù),所以無(wú)法提供線(xiàn)上搜索功能。也就是說(shuō)在現(xiàn)有的云存儲(chǔ)平臺(tái)中,沒(méi)有一種平臺(tái)即以密文形式存儲(chǔ)又提供了關(guān)鍵字搜索功能?紤]到無(wú)證書(shū)密碼系統(tǒng)所具有的優(yōu)點(diǎn)和目前云存儲(chǔ)中存在的問(wèn)題,我們將無(wú)證書(shū)密碼系統(tǒng)與關(guān)鍵字搜索加密相結(jié)合,設(shè)計(jì)一個(gè)基于無(wú)證書(shū)公鑰密碼系統(tǒng)的關(guān)鍵字搜索加密方案,希望可以將其應(yīng)用到現(xiàn)有云存儲(chǔ)平臺(tái)中,幫助云平臺(tái)在保護(hù)用戶(hù)隱私的同時(shí)提供關(guān)鍵字搜索服務(wù)。在本文中,我們先對(duì)關(guān)鍵字搜索加密和無(wú)證書(shū)密碼系統(tǒng)進(jìn)行了深入研究,發(fā)現(xiàn)在2014年P(guān)eng等學(xué)者提出了一個(gè)將無(wú)證書(shū)密鑰系統(tǒng)與關(guān)鍵字搜索加密相結(jié)合的具體方案。經(jīng)過(guò)分析我們發(fā)現(xiàn)這個(gè)方案并不能抵抗離線(xiàn)關(guān)鍵字猜測(cè)攻擊,在本文中我們指出了這篇文章存在的安全漏洞,并提出了具體的改進(jìn)算法。之后我們基于Peng的安全模型對(duì)我們的改進(jìn)算法進(jìn)行了理論安全證明,證明了我們的改進(jìn)算法是安全的。但是經(jīng)過(guò)分析其效能,我們發(fā)現(xiàn)這個(gè)算法的計(jì)算量偏大,影響了算法效率。所以我們提出了一個(gè)新的基于無(wú)證書(shū)的關(guān)鍵字搜索加密方案,建立了新的安全模型,并進(jìn)行了理論分析和效能分析,證明了我們的新方案在隨機(jī)寓言模型和雙線(xiàn)性Diffie-Hellman以及計(jì)算Diffie-Hellman難題下的安全性。最后我們?cè)赪indows系統(tǒng)中搭建云平臺(tái)進(jìn)行仿真實(shí)驗(yàn),經(jīng)過(guò)實(shí)驗(yàn)分析我們發(fā)現(xiàn)相對(duì)我們新提出的方案,我們對(duì)Peng的改進(jìn)算法雖然在安全方面得到了足夠的保證,但在運(yùn)算效率及搜索時(shí)間上并不理想。我們提出的新方法具有更高的搜索效率和更低的運(yùn)算成本。實(shí)驗(yàn)結(jié)果表明,我們的新方法有較好的效能并且解決了傳統(tǒng)公鑰系統(tǒng)中繁瑣的證書(shū)管理和基于身份密鑰系統(tǒng)中的密鑰托管問(wèn)題。
[Abstract]:At present, many cloud storage platforms only focus on content storage and shared services (such as Baidu cloud), these cloud platforms use plaintext to provide shared services, so these cloud platforms lack privacy protection for user information. Another kind of cloud platform (such as nut cloud) will encrypt and store the user data after uploading it to the server to ensure that the user's privacy data is not disclosed. For this storage mechanism, once an attacker breaks the storage server and gets the private key of the server, the attacker can decrypt all the user's data. Some overseas cloud storage platforms (such as Wuala cloud) encrypt the data locally and upload it to the server for storage. However, because the server does not have the private key of the user, it can not decrypt the user data, so it can not provide the function of online search. In other words, none of the existing cloud storage platforms provide keyword search function by ciphertext storage. Considering the advantages of certificate free cryptography system and the existing problems in cloud storage, we design a key search encryption scheme based on the certificate free public key cryptosystem by combining the certificate free cryptography system with keyword search encryption. It is hoped that it can be applied to the existing cloud storage platform to help the cloud platform provide keyword search service while protecting users' privacy. In this paper, we study keyword search encryption and certificate free cryptography, and find out that in 2014, Peng and other scholars put forward a concrete scheme which combines certificate free key system with keyword search encryption. After analysis, we find that this scheme can not resist the offline keyword guessing attack. In this paper, we point out the security holes in this paper, and propose a specific improved algorithm. Then we prove that our improved algorithm is safe based on the security model of Peng. However, by analyzing its efficiency, we find that the computational complexity of the algorithm is too large, which affects the efficiency of the algorithm. So we propose a new encryption scheme based on non-certificate keyword search, establish a new security model, and carry out theoretical analysis and efficiency analysis. The security of our new scheme under stochastic fable model bilinear Diffie-Hellman and computational Diffie-Hellman problem is proved. Finally, we build a cloud platform in the Windows system for simulation experiments. Through the analysis of the experiment, we find that compared with our new scheme, our improved algorithm of Peng has been fully guaranteed in terms of security. However, the computational efficiency and search time are not ideal. The new method has higher search efficiency and lower computational cost. The experimental results show that our new method has good performance and solves the problem of certificate management and key escrow in traditional public key system.
【學(xué)位授予單位】:哈爾濱工業(yè)大學(xué)
【學(xué)位級(jí)別】:碩士
【學(xué)位授予年份】:2017
【分類(lèi)號(hào)】:TP309.7
本文編號(hào):2423987
[Abstract]:At present, many cloud storage platforms only focus on content storage and shared services (such as Baidu cloud), these cloud platforms use plaintext to provide shared services, so these cloud platforms lack privacy protection for user information. Another kind of cloud platform (such as nut cloud) will encrypt and store the user data after uploading it to the server to ensure that the user's privacy data is not disclosed. For this storage mechanism, once an attacker breaks the storage server and gets the private key of the server, the attacker can decrypt all the user's data. Some overseas cloud storage platforms (such as Wuala cloud) encrypt the data locally and upload it to the server for storage. However, because the server does not have the private key of the user, it can not decrypt the user data, so it can not provide the function of online search. In other words, none of the existing cloud storage platforms provide keyword search function by ciphertext storage. Considering the advantages of certificate free cryptography system and the existing problems in cloud storage, we design a key search encryption scheme based on the certificate free public key cryptosystem by combining the certificate free cryptography system with keyword search encryption. It is hoped that it can be applied to the existing cloud storage platform to help the cloud platform provide keyword search service while protecting users' privacy. In this paper, we study keyword search encryption and certificate free cryptography, and find out that in 2014, Peng and other scholars put forward a concrete scheme which combines certificate free key system with keyword search encryption. After analysis, we find that this scheme can not resist the offline keyword guessing attack. In this paper, we point out the security holes in this paper, and propose a specific improved algorithm. Then we prove that our improved algorithm is safe based on the security model of Peng. However, by analyzing its efficiency, we find that the computational complexity of the algorithm is too large, which affects the efficiency of the algorithm. So we propose a new encryption scheme based on non-certificate keyword search, establish a new security model, and carry out theoretical analysis and efficiency analysis. The security of our new scheme under stochastic fable model bilinear Diffie-Hellman and computational Diffie-Hellman problem is proved. Finally, we build a cloud platform in the Windows system for simulation experiments. Through the analysis of the experiment, we find that compared with our new scheme, our improved algorithm of Peng has been fully guaranteed in terms of security. However, the computational efficiency and search time are not ideal. The new method has higher search efficiency and lower computational cost. The experimental results show that our new method has good performance and solves the problem of certificate management and key escrow in traditional public key system.
【學(xué)位授予單位】:哈爾濱工業(yè)大學(xué)
【學(xué)位級(jí)別】:碩士
【學(xué)位授予年份】:2017
【分類(lèi)號(hào)】:TP309.7
【參考文獻(xiàn)】
相關(guān)期刊論文 前2條
1 彭延國(guó);崔江濤;彭長(zhǎng)根;應(yīng)作賦;;無(wú)證書(shū)公鑰關(guān)鍵詞可搜索加密(英文)[J];中國(guó)通信;2014年11期
2 沈志榮;薛巍;舒繼武;;可搜索加密機(jī)制研究與進(jìn)展[J];軟件學(xué)報(bào);2014年04期
相關(guān)博士學(xué)位論文 前1條
1 方黎明;帶關(guān)鍵字搜索公鑰加密的研究[D];南京航空航天大學(xué);2012年
相關(guān)碩士學(xué)位論文 前2條
1 劉文;無(wú)證書(shū)公鑰密碼算法的研究與分析[D];西安電子科技大學(xué);2013年
2 鄒靜;基于雙線(xiàn)性配對(duì)函數(shù)的密碼協(xié)議的研究[D];山東大學(xué);2005年
,本文編號(hào):2423987
本文鏈接:http://sikaile.net/kejilunwen/ruanjiangongchenglunwen/2423987.html
最近更新
教材專(zhuān)著
