云环境下基于编码树的新型保序加密算法

doi:10.19678/j.issn.1000-3428.0050187

计算机工程 ›› 2018, Vol. 44 ›› Issue (12): 288-293,300. doi: 10.19678/j.issn.1000-3428.0050187

云环境下基于编码树的新型保序加密算法

纪鹏¹,吕旭明¹,苏善婷²,陈硕¹,李东民²,刘赛³

1.国网辽宁省电力有限公司,沈阳110000; 2.南京航空航天大学计算机科学与技术学院,南京 211106; 3.南瑞集团(国网电力科学研究院)有限公司,南京 210000

收稿日期:2018-01-19 出版日期:2018-12-15 发布日期:2018-12-15
作者简介:纪鹏(1972—),男,高级工程师,主研方向为信息安全、智能电网;吕旭明,高级工程师;苏善婷(通信作者),硕士研究生;陈硕,高级工程师、博士;李东民、刘赛,工程师、硕士。
基金资助:
国家电网公司总部科技项目“自服务电网大数据治理关键技术与应用研究”(SGLNXT00YJJS1800110);国网辽宁省电力有限公司科技项目“基于深度学习的电网设备画像关键技术研究及应用”。

New Order-preserving Encryption Algorithm Based on Coding Tree in Cloud Environments

JI Peng¹,L Xuming¹,SU Shanting²,CHEN Shuo¹,LI Dongmin²,LIU Sai³

1.State Grid Liaoning Electric Power Co.,Ltd.,Shenyang 110000,China; 2.College of Computer Science and Technology, Nanjing University of Aeronautics and Astronautics,Nanjing 211106,China; 3.NARI Group Corporation/State Grid Electric Power Research Institute,Nanjing 210000,China

Received:2018-01-19 Online:2018-12-15 Published:2018-12-15

摘要/Abstract

摘要：

传统加密方式导致云服务器无法解析加密数据,限制了云平台服务能力。为此,提出一种基于编码树的保序加密算法,根据密文在编码树中的查找路径生成保序密文。针对保序加密过程中密文可变性,设计一种密文更新策略,在用户数据更新情况下快速进行密文更新,从而保证加密算法的高效性和可靠性。实验结果表明,该算法可减少客户端与服务器通信次数,提升保序密文生成效率。

关键词: 云计算, 保序加密, 密码学, 密文运算, 数据保护

Abstract:

The tradition encryption algorithms make the cloud server fail to parse the encrypted data and limit the data processing capability of the cloud platform.A new order-preserving encryption based on coding tree is proposed.The order-preserving ciphertext is generated according to the search path of the ciphertext in the coding tree.Because of the ciphertext variability,an update strategy is designed to quickly perform ciphertext updates when data is updated,so as to ensure the efficiency and reliability of encryption algorithm.Experimental results show that the algorithm can reduce the number of client-server communication and greatly improves the efficiency of generating ciphertext.

Key words: cloud computing, order-preserving encryption, cryptography, ciphertext operation, data protection

中图分类号:

TP309

纪鹏,吕旭明,苏善婷. 云环境下基于编码树的新型保序加密算法[J]. 计算机工程, 2018, 44(12): 288-293,300.

JI Peng,LXuming,SU Shanting,CHEN Shuo,LI Dongmin,LIU Sai. New Order-preserving Encryption Algorithm Based on Coding Tree in Cloud Environments[J]. Computer Engineering, 2018, 44(12): 288-293,300.

http://www.ecice06.com/CN/Y2018/V44/I12/288

参考文献

［1］李乔,郑啸.云计算研究现状综述［J］.计算机科学,2011,38(4):32-37.
［2］管俊涵.云存储中可搜索加密研究［D］.重庆:重庆大学,2016.
［3］CIRIANI V,VIMERCATI S D C D,FORESTI S,et al.Fragmentation and encryption to enforce privacy in data storage［C］//Proceedings of the 12th European Con-ference on Research in Computer Security.Berlin,Germany:Springer,2007:171-186.
［4］林闯,苏文博,孟坤,等.云计算安全:架构、机制与模型评价［J］.计算机学报,2013,36(9):1765-1784.
［5］AGRAWAL R,KIERNAN J,SRIKANT R,et al.Order preserving encryption for numeric data［C］//Pro-ceedings of the 2004 ACM Sigmod International Con-ference on Management of Data.New York,USA:ACM Press,2004:563-574.
［6］BOLDYREVA A,CHENETTE N,LEE Y,et al.Order-preserving symmetric encryption［C］//Proceedings of the 28th Annual International Conference on Advances in Cryptology:the Theory and Applications of Crypto-graphic Techniques.Berlin,Germany:Springer,2009:224-241.
［7］WOZNIAK S,ROSSBERG M,GRAU S,et al.Beyond the ideal object:towards disclosure-resilient order-preserving encryption schemes［C］//Proceedings of 2013 ACM Workshop on Cloud Computing Security.New York,USA:ACM Press,2013:89-100.
［8］KRENDELEV S F,YAKOVLEV M,USOLTSEVA M.Order-preserving encryption schemes based on arithmetic coding and matrices［C］//Proceedings of 2014 Federated Conference on Computer Science and Info-rmation Systems.Washington D.C.,USA:IEEE Press,2014:891-899.
［9］LIU D,WANG S.Nonlinear order preserving index for encrypted database query in service cloud environ-ments［J］.Concurrency & Computation Practice & Experience,2013,25(13):1967-1984.
［10］MARTNEZ S,MIRET J M,TOMS R,et al.Securing databases by using diagonal-based order preserving symmetric encryption［J］.Applied Mathematics and Information Sciences,2014,8(5):2085-2094.
［11］DYER J,DYER M,XU J.Order-preserving encryption using approximate integer common divisors ［C］//Proceedings of International Workshop on Data Privacy Management.［S.l.］:Springer,2017:257-274.
［12］POPA R A,LI F H,ZELDOVICH N.An ideal-security protocol for order-preserving encoding［C］//Proceed-ings of IEEE Symposium on Security and Privacy.Washington D.C.,USA:IEEE Press,2013:463-477.
［13］ROCHE D S,APON D,CHOI S G,et al.POPE:partial order preserving encoding［C］//Proceedings of 2016 ACM SIGSAC Conference on Computer and Com-munications Security.New York,USA:ACM Press,2016:1131-1142.
［14］KERSCHBAUM F,SCHROEPFER A.Optimal average-complexity ideal-security order-preserving encryption［C］//Proceedings of 2014 ACM SIGSAC Conference on Computer and Communications Security.New York,USA:ACM Press,2014:275-286.
［15］KERSCHBAUM F.Frequency-hiding order-preserving encryption［C］//Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security.New York,USA:ACM Press,2015:656-667.
［16］LIU Z,CHEN X,YANG J,et al.New order preserving encryption model for outsourced databases in cloud environments［J］.Journal of Network and Computer Applications,2016,59(C):198-207.
［17］PENG Y,LI H,CUI J,et al.Hope:improved order preserving encryption with the power to homomorphic operations of ciphertexts［J］.Science China,2017,60(6):062101.
［18］MOLLA E,TZOURAMANIS T,GRITZALIS S.SOPE:a spatial order preserving encryption model for multi-dimensional data［EB/OL］.［2017-10-20］.https://arxiv.org/abs/1710.09420.
［19］陈永府,宋鹏,王启富,等.云环境下的数据防泄密存储技术［J］.计算机应用与软件,2016,33(10):288-293.
［20］杜远志,杜学绘,杨智.云计算环境下基于属性加密的信息流控制及实现［J］.计算机工程,2018,44(3):27-36.
［21］宋志毅,马兆丰,黄勤龙.基于保序加密的MongoDB数据加密技术研究与实现［C］//第十届中国通信学会学术年会论文集.北京:国防工业出版社,2014.
［22］杨策.广义保序加密研究［D］.合肥:中国科学技术大学,2017.
［23］LIU Z,CHEN X,YANG J,et al.New order preserving encryption model for outsourced databases in cloud environments［J］.Journal of Network and Computer Applications,2013,59(C):198-207.
［24］曾橙焜,杨庚,汪海伟.密文数据库保序编码方法的研究与改进［J］.计算机应用研究,2017,34(8):2453-2458.

[1]	刘志彬, 黄秋兰, 胡庆宝, 程耀东, 胡誉, 田浩来. Kubernetes异构资源细粒度调度策略的设计与实现[J]. 计算机工程, 2023, 49(2): 31-36,45.
[2]	张亮, 刘百祥. 区块链与秘密分享融合技术综述[J]. 计算机工程, 2022, 48(8): 1-11.
[3]	奚智雯, 蔡晶晶, 阳文敏, 柴志雷. 基于微服务架构FPGA云平台的并发请求调度机制[J]. 计算机工程, 2022, 48(7): 206-213.
[4]	贺小伟, 徐靖杰, 王宾, 吴昊, 张博文. 基于GRU-LSTM组合模型的云计算资源负载预测研究[J]. 计算机工程, 2022, 48(5): 11-17,34.
[5]	赵宇峰, 雷晟, 张国钢, 耿英三. 基于容器技术的电力设备仿真云平台设计与开发[J]. 计算机工程, 2021, 47(9): 171-177,184.
[6]	施凌鹏, 朱征, 周俊松, 李鑫, 李静. 面向微服务架构的云系统负载均衡机制[J]. 计算机工程, 2021, 47(9): 44-50,58.
[7]	倪思源, 扈红超, 刘文彦, 梁浩. 基于轮换策略的异构云资源分配算法[J]. 计算机工程, 2021, 47(6): 44-51,67.
[8]	李凌书, 邬江兴. 面向云网融合SaaS安全的虚拟网络功能映射方法[J]. 计算机工程, 2021, 47(12): 30-39.
[9]	朱嵩, 王化群. 基于Paillier算法的智能电网数据聚合与激励方案[J]. 计算机工程, 2021, 47(11): 166-174.
[10]	王妍, 葛海波, 冯安琪. 云辅助移动边缘计算中的计算卸载策略[J]. 计算机工程, 2020, 46(8): 27-34.
[11]	衡星辰, 董灿, 林克全, 肖禹亭. 基于区块链的分布式电力竞价交易算法[J]. 计算机工程, 2020, 46(2): 35-40,47.
[12]	张继炎, 郑汉垣. 云环境下基于预算分配的科学工作流调度研究[J]. 计算机工程, 2019, 45(9): 40-48.
[13]	郑彦斌, 易宗向. 有限域上置换多项式的研究进展[J]. 计算机工程, 2019, 45(9): 124-127.
[14]	孙海燕, 李玲玲, 张玲, 张建伟, 黄万伟. 一种增强的移动互联网身份基认证密钥协商协议[J]. 计算机工程, 2019, 45(9): 153-160,182.
[15]	徐云涛, 许武军, 翟梦琳. 基于B/S架构的高并发虹膜识别系统[J]. 计算机工程, 2019, 45(8): 102-106,112.

选择文件类型/文献管理软件名称

选择包含的内容

云环境下基于编码树的新型保序加密算法

New Order-preserving Encryption Algorithm Based on Coding Tree in Cloud Environments

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

本文评价

模态框（Modal）标题

选择文件类型/文献管理软件名称

选择包含的内容

云环境下基于编码树的新型保序加密算法

New Order-preserving Encryption Algorithm Based on Coding Tree in Cloud Environments

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

本文评价