作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2020, Vol. 46 ›› Issue (10): 137-142,150. doi: 10.19678/j.issn.1000-3428.0055654

• 网络空间安全 • 上一篇    下一篇

电子邮件系统中指定服务器的关键字搜索加密方案

牛淑芬a, 杨平平a, 谢亚亚a, 王彩芬a, 杜小妮b   

  1. 西北师范大学 a. 计算机科学与工程学院;b. 数学与统计学院, 兰州 730070
  • 收稿日期:2019-08-05 修回日期:2019-10-11 发布日期:2019-10-23
  • 作者简介:牛淑芬(1976-),女,副教授、博士,主研方向为大数据网络隐私保护、云计算;杨平平、谢亚亚,硕士研究生;王彩芬、杜小妮,教授、博士。
  • 基金资助:
    国家自然科学基金(61562077,61662069,61662071,61772022);甘肃省杰出青年基金(1308RJDA007);西北师范大学青年教师科研能力提升计划项目(NWNU-LKQN-14-7)。

Keyword Search Encryption Scheme for Designated Server in Email System

NIU Shufena, YANG Pingpinga, XIE Yayaa, WANG Caifena, DU Xiaonib   

  1. a. College of Computer Science and Engineering;b. College of Mathematics and Statistics, Northwest Normal University, Lanzhou 730070, China
  • Received:2019-08-05 Revised:2019-10-11 Published:2019-10-23

摘要: 现有指定服务器的基于身份关键字搜索加密方案无法满足关键字密文的不可区分性,为满足电子邮件系统更高的安全需求,提出一种指定邮件服务器的身份认证关键字搜索加密方案。针对指定邮件存储服务器和数据接收者身份对关键字加密以抵抗离线关键字猜测攻击,在随机预言模型下,对该方案适应性选择消息攻击的关键字密文不可区分性、陷门不可区分性和离线猜测攻击的安全性进行验证。理论分析和数值实验结果表明,与dIBEKS方案相比,该方案在关键字加密和验证阶段计算效率更高。

关键词: 加密电子邮件, 指定服务器, 身份认证, 可搜索加密, 关键字加密

Abstract: The existing identity-based keyword search encryption schemes for designated server cannot satisfy the indistinguishability of keyword ciphertext.To meet the higher security requirements of email systems,this paper proposes an identity authentication-based keyword search encryption scheme for designated mail server.The scheme can resist off-line keyword guessing attacks by encrypting the identity of the designated mail storage server and data receiver.In the random oracle model,the following security features of the scheme such as the indistinguishability of keyword ciphertext in adaptively chosen message attacks,indistinguishability of trapdoor and security of offline guessing attacks are verified.Results of theoretical analysis and numerical experiments show that the proposed scheme has higher computational efficiency in keyword encryption and verification than dIBEKS scheme.

Key words: encrypted email, designated server, identity authentication, searchable encryption, keyword encryption

中图分类号: