Method for keyword searchable encryption based on bilinear pairs in cloud storage

Method for keyword searchable encryption based on bilinear pairs in cloud storage

  • CN 104,021,157 A
  • Filed: 05/22/2014
  • Published: 09/03/2014
  • Est. Priority Date: 05/22/2014
  • Status: Active Grant
First Claim
Patent Images

1. in cloud storage, based on the right keyword of bilinearity, can search for an encryption method, it is characterized in that, according to following steps, implement:

  • Step 1, initialization system parameterBy file encryption person Ent input security parameter k, export two multiplication loop group G that rank are prime number q 1and G 2, g is G 1generator;

    Select a bilinear map Select equably at random x ∈

    rz qmaster key as file encryption person Ent, is designated as msk ent=x;

    Select anti-collision Hash function h 1;

    { 0,1} *

    G 1with key Hash function h 2;

    { 0,1} k* { 0,1} *

    { 0,1} t, wherein t is a fixing constant;

    Select symmetric encipherment algorithm SKE={SKE.Gen (1 k), SKE.ENC (.), SKE.DE (.) }, select equably at random an encryption key ek ←

    SKE.Gen (1 k);

    The open systematic parameter of file encryption person Ent is secrecy system private key is msk ent=x and file encryption key ek;

    Step 2, interpolation userBy file encryption person Ent input master key msk entwith user identity u iD, at random equably for identity is u iDuser select to search for key and calculate will send to safely user u iDas search key and decrypted private key, will simultaneously send to safely cloud storage server CSS, cloud storage server CSS inserts in its user list U_List Step 3, generation are to file encryption and Security IndexBy file encryption person Ent input master key msk ent, encryption key ek, document D i, 1≤

    i≤

    n, and lists of keywords W i=(w i, 1..., w i, m) file encryption person Ent is to D iencrypted result be E i=SKE.Enc ek(D i) to keyword w i,j

    W i, 1≤

    j≤

    m, encrypted result be δ

    i,j=h 2(s i, e i,j), random number s wherein i

    r{ 0,1} k, and finally by C i=(E i, I i) send to cloud storage server CSS storage, wherein I i=(s i, δ

    i, 1..., δ

    i,m) be E iindex;

    Step 4, generate user about the search token of keywordUser u iDinputted search key the key word w searching for, calculates trapdoor by searching request T=(u iD, T w) send to cloud storage server CSS;

    Step 5, search cloud storage server are about the keyword of ciphertextBy cloud storage server CSS inputted search request T=(u iD, T w) and ciphertext C i=(E i, I i), cloud storage server CSS is first according to the u in T iDin U_List, search if nothing, returns to the failed symbol ⊥

    of search to user u iD;

    Otherwise calculate ew=e^(Tw,hkuID)=e^(h1(w)xID,gx/xID)e^(h1(w),g)xAnd initialization empty set SR, for ciphertext C arbitrarily i=(E i, I i), 1≤

    i≤

    n,, I wherein i=(s i, δ

    i, 1..., δ

    i,m) be ciphertext E iindex, cloud storage server CSS judges whether to exist 1≤

    j≤

    m, and following formula is set up;

    If set up, the results set SR=SR ∪

    { E searching for i, to all C i=(E i, I i), 1≤

    i≤

    n, after search, finally sends to user u by the results set SR of search iD;

    Step 6, user are to decrypt ciphertextUser u iDreceive after the ciphertext S set R that cloud storage server CSS returns, to all E i

    SR, utilizes ek deciphering to obtain D i=SKE.Dec ek(E i);

    Step 7, cancel userFile encryption person Ent input user'"'"'s identity u iD, file encryption person Ent sends and cancels user u to cloud storage server CSS iDorder, cloud storage server CSS upgrades be that cloud storage server CSS deletes user u iDregistration project .

View all claims
    ×
    ×

    Thank you for your feedback

    ×
    ×