基于国密SM9的可搜索加密方案

doi:10.19678/j.issn.1000-3428.0062771

计算机工程 ›› 2022, Vol. 48 ›› Issue (7): 159-167. doi: 10.19678/j.issn.1000-3428.0062771

基于国密SM9的可搜索加密方案

张超^1,2, 彭长根^1,2,3, 丁红发⁴, 许德权^1,2

1. 贵州大学计算机科学与技术学院公共大数据国家重点实验室, 贵阳 550025;
2. 贵州大学密码学与数据安全研究所, 贵阳 550025;
3. 贵州大学贵州省大数据产业应用发展研究院, 贵阳 550025;
4. 贵州财经大学信息学院, 贵阳 550025

收稿日期:2021-09-26 修回日期:2021-12-25 出版日期:2022-07-15 发布日期:2022-07-12
作者简介:张超(1990—),男,硕士研究生,主研方向为密码学、密文检索;彭长根,教授、博士;丁红发(通信作者),副教授、博士;许德权,博士。
基金资助:
国家自然科学基金（U1836205）；贵州省科技计划基金（黔科合平台人才［2020］5017）；贵州省教育厅自然科学项目（黔教合KY字［2021］140）。

Searchable Encryption Scheme Based on China State Cryptography Standard SM9

ZHANG Chao^1,2, PENG Changgen^1,2,3, DING Hongfa⁴, XU Dequan^1,2

1. State Key Laboratory of Public Big Data, College of Computer Science and Technology, Guizhou University, Guiyang 550025, China;
2. Institute of Cryptography and Data Security, Guizhou University, Guiyang 550025, China;
3. Institute of Guizhou Big Data Industries Application and Development, Guizhou University, Guiyang 550025, China;
4. College of Information, Guizhou University of Finance and Economics, Guiyang 550025, China

Received:2021-09-26 Revised:2021-12-25 Online:2022-07-15 Published:2022-07-12

摘要/Abstract

摘要： 为满足密文数据安全级别的要求，现有基于身份的可搜索加密方案多次使用安全参数较大的对称双线性对运算，导致计算效率降低，且其密钥形式难以与国家商用密码算法SM9相结合。针对该问题，设计一种基于SM9密码算法的可搜索加密方案。在离散椭圆曲线的两个子群中分别生成用户的公私钥对，使方案的密钥形式与SM9密码算法保持一致，解决经SM9密码算法加密后数据的检索问题，同时结合SM9密码算法，基于非对称双线性特性在确保方案安全性的同时提高检索效率。根据双线性对的性质分析该方案的正确性和安全性，并验证其满足在随机谕言模型下的适应性密文不可区分性和陷门不可区分性。仿真结果表明，与EdIBEKS、PEAKS、dIBAEKS方案相比，该方案在索引生成算法、陷门生成算法和检索匹配算法上的计算效率分别平均提高了77%、16.67%、28%以上。

关键词: 可搜索加密, 双线性对, 密文数据, SM9密码算法, 安全性证明

Abstract: To meet the requirements of the security level of ciphertext data, existing identity-based Searchable Encryption(SE) schemes use symmetric bilinear pairing with a considerable number of security parameters for many times, which results in a reduced computational efficiency and difficulty in combining their key form with the national commercial cryptographic algorithm, SM9.To solve this problem, a SE scheme based on the SM9 cryptographic algorithm is designed.Public-private key pairing of users are generated in the two subgroups of the discrete elliptic curve to ensure consistency between the scheme key form and the SM9 cryptographic algorithm, and solve the problem of data retrieval after encryption by the SM9 cryptographic algorithm.At the same time, combined with the SM9 cryptographic algorithm, based on the asymmetric bilinear feature, the security of the scheme is ensured, and its retrieval efficiency is improved.According to the properties of the bilinear pairing, the correctness and security of the scheme are verified, and the adaptive ciphertext indistinguishability and trapdoor indistinguishability under the random oracle model are satisfied.Simulation results show that, compared with EdIBEKS, PEAKS, and dIBAEKS, the computational efficiency of the scheme in the index generation algorithm, trapdoor generation algorithm, and search matching algorithm is improved by 77%, 16.67%, and 28%, respectively.

Key words: Searchable Encryption(SE), bilinear pairing, ciphertext data, SM9 cryptographic algorithm, security proof

中图分类号:

TP309.2

张超, 彭长根, 丁红发, 许德权. 基于国密SM9的可搜索加密方案[J]. 计算机工程, 2022, 48(7): 159-167.

ZHANG Chao, PENG Changgen, DING Hongfa, XU Dequan. Searchable Encryption Scheme Based on China State Cryptography Standard SM9[J]. Computer Engineering, 2022, 48(7): 159-167.

http://www.ecice06.com/CN/Y2022/V48/I7/159

图/表 7

20220903175421

20220903175425

20220903175430

20220903175434

20220903175439

20220903175443

20220903175447

参考文献

[1] SONG D X, WAGNER D, PERRIG A.Practical techniques for searches on encrypted data[C]//Proceedings of IEEE Symposium on Security and Privacy.Washington D.C., USA:IEEE Press, 2000:1-10.
[2] GOH E J.Secure indexes[EB/OL].[2021-08-24].http://xenon.stanford.edu/~eujin/papers/secureindex/2004mar-secureindex.pdf.
[3] BLOOM B H.Space/time trade-offs in hash coding with allowable errors[J].Communications of the ACM, 1970, 13(7):422-426.
[4] BONEH D, DI CRESCENZO G, OSTROVSKY R, et al.Public key encryption with keyword search[EB/OL] [2021-08-24].https://link.springer.com/content/pdf/10.1007% 2F978-3-540-24676-3_30.pdf.
[5] BONEH D, FRANKLIN M.Identity-based encryption from the Weil pairing[C]//Proceedings of International Conference on Advances in Cryptology.Berlin, Germany:Springer, 2001:213-229.
[6] ABDALLA M, BELLARE M, CATALANO D, et al.Searchable encryption revisited:consistency properties, relation to anonymous IBE, and extensions[J].Journal of Cryptology, 2008, 21(3):350-391.
[7] TIAN X X, WANG Y.ID-based encryption with keyword search scheme from bilinear pairings[C]//Proceedings of the 4th International Conference on Wireless Communications, Networking and Mobile Computing.Washington D.C., USA:IEEE Press, 2008:1-4.
[8] SIAD A.Anonymous identity-based encryption with distributed private-key generator and searchable encryption[C]//Proceedings of the 5th International Conference on New Technologies, Mobility and Security.Washington D.C., USA:IEEE Press, 2012:1-8.
[9] XU P, JIN H, WU Q H, et al.Public-key encryption with fuzzy keyword search:a provably secure scheme under keyword guessing attack[J].IEEE Transactions on Computers, 2013, 62(11):2266-2277.
[10] WU T Y, TSAI T T, TSENG Y M.Efficient searchable ID-based encryption with a designated server[J].Annals of Telecommunications-Annales Des Telecommunications, 2014, 69(7/8):391-402.
[11] 李经纬, 贾春福, 刘哲理, 等.可搜索加密技术研究综述[J].软件学报, 2015, 26(1):109-128. LI J W, JIA C F, LIU Z L, et al.Survey on the searchable encryption[J].Journal of Software, 2015, 26(1):109-128.(in Chinese)
[12] XU P, WU Q H, WANG W, et al.Generating searchable public-key ciphertexts with hidden structures for fast keyword search[J].IEEE Transactions on Information Forensics and Security, 2015, 10(9):1993-2006.
[13] RAMYA C P, VIPIN K M.Comparison of different techniques for keyword searching over encrypted data[C]//Proceedings of Online International Conference on Green Engineering and Technologies.Washington D.C., USA:IEEE Press, 2016:1-4.
[14] HUANG Q, LI H B.An efficient public-key searchable encryption scheme secure against inside keyword guessing attacks[J].Information Sciences, 2017, 403/404:1-14.
[15] ZHANG X J, XU C X, MU L M, et al.Identity-based encryption with keyword search from lattice assumption[J].China Communications, 2018, 15(4):164-178.
[16] JIANG P, GUO F C, MU Y.Efficient identity-based broadcast encryption with keyword search against insider attacks for database systems[J].Theoretical Computer Science, 2019, 767(45):51-72.
[17] LI H B, HUANG Q, SHEN J, et al.Designated-server identity-based authenticated encryption with keyword search for encrypted emails[J].Information Sciences, 2019, 481(19):330-343.
[18] 朱敏惠, 陈燕俐, 胡媛媛.支持代理重加密的基于身份可搜索加密方案[J].计算机工程, 2019, 45(1):129-135, 140. ZHU M H, CHEN Y L, HU Y Y.Identity-based searchable encryption scheme supporting proxy re-encryption[J].Computer Engineering, 2019, 45(1):129-135, 140.(in Chinese)
[19] 倪绿林, 许春根.基于身份的动态可搜索加密方案[J].计算机工程, 2019, 45(1):136-140. NI L L, XU C G.Dynamic searchable encryption scheme based on identity[J].Computer Engineering, 2019, 45(1):136-140.(in Chinese)
[20] 牛淑芬, 杨平平, 谢亚亚, 等.电子邮件系统中指定服务器的关键字搜索加密方案[J].计算机工程, 2020, 46(10):137-142, 150. NIU S F, YANG P P, XIE Y Y, et al.Keyword search encryption scheme for designated server in email system[J].Computer Engineering, 2020, 46(10):137-142, 150.(in Chinese)
[21] ZHANG X J, HUANG C, GU D W, et al.BIB-MKS:post-quantum secure biometric identity-based multi-keyword search over encrypted data in cloud storage systems[J].IEEE Transactions on Services Computing, 2021, 99(14):1-10.
[22] LIU Z Y, TSENG Y F, TSO R, et al.Identity-certifying authority-aided identity-based searchable encryption framework in cloud systems[J].IEEE Systems Journal, 2021, 99(15):1-12.
[23] LEE E, LEE H S, PARK C M.Efficient and generalized pairing computation on abelianvarieties[J].IEEE Transactions on Information Theory, 2009, 55(4):1793-1803.
[24] CHATTERJEE S, MENEZES A.On cryptographic protocols employing asymmetric pairings-the role of Ψ revisited[J].Discrete Applied Mathematics, 2011, 159(13):1311-1322.
[25] 彭长根, 张小玉, 丁红发, 等.基于Cocks身份密码体制的高效签密方案[J].通信学报, 2020, 41(12):128-138. PENG C G, ZHANG X Y, DING H F, et al.Efficient signcryption scheme based on Cocks' identity cryptosystem[J].Journal on Communications, 2020, 41(12):128-138.(in Chinese)
[26] BARRETO P S L M, NAEHRIG M.Pairing-friendly elliptic curves of prime order[C]//Proceedings of International Conference on Selected Areas.Berlin, Germany:Springer, 2006:319-331.

选择文件类型/文献管理软件名称

选择包含的内容

基于国密SM9的可搜索加密方案

Searchable Encryption Scheme Based on China State Cryptography Standard SM9

RichHTML

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

图/表 7

参考文献

相关文章 15

编辑推荐

Metrics

本文评价

[1]	饶金涛, 崔喆. 基于SM9盲签名与环签名的安全电子选举协议[J]. 计算机工程, 2023, 49(6): 13-23,33.
[2]	张晓均, 刘庆, 郑爽, 王鑫, 薛婧婷, 王世雄. 支持隐私保护的可验证云端数据分享方案[J]. 计算机工程, 2023, 49(3): 49-57.
[3]	丁晓晖, 曹素珍, 王彩芬. 智能合约辅助下满足前后向安全的动态可搜索加密方案[J]. 计算机工程, 2022, 48(7): 141-150.
[4]	彭红艳, 李杰, 石贞奎, 李先贤. 一种基于区块链可验证的加密图像检索方案[J]. 计算机工程, 2022, 48(2): 25-33,39.
[5]	窦凤鸽, 曹素珍, 马佳佳, 丁晓晖, 王彩芬. 指定使用者的多服务器多关键字可搜索加密方案[J]. 计算机工程, 2021, 47(11): 144-149,157.
[6]	黄保华, 黄丕荣, 赵伟宏, 彭丽. 云存储中支持属性撤销的多关键词可搜索加密方案[J]. 计算机工程, 2021, 47(11): 29-36.
[7]	杨小东, 陈桂兰, 李婷, 刘瑞, 赵晓斌. 基于无证书密码体制的多用户密文检索方案[J]. 计算机工程, 2020, 46(9): 129-135.
[8]	邓志辉, 王少辉, 王平. 基于合数阶双线性对的可搜索加密方案分析与改进[J]. 计算机工程, 2020, 46(9): 123-128,135.
[9]	骆云鹏, 朱旎彤, 毛慈伟, 程晋雪, 许春根. 一种基于连接关键词的实用化可搜索加密方案[J]. 计算机工程, 2020, 46(2): 175-182.
[10]	牛淑芬, 杨平平, 谢亚亚, 王彩芬, 杜小妮. 电子邮件系统中指定服务器的关键字搜索加密方案[J]. 计算机工程, 2020, 46(10): 137-142,150.
[11]	孙海燕, 李玲玲, 张玲, 张建伟, 黄万伟. 一种增强的移动互联网身份基认证密钥协商协议[J]. 计算机工程, 2019, 45(9): 153-160,182.
[12]	程晋雪, 许春根, 徐磊, 赵泽茂, 薛春阳. 非安全信道下的高效可搜索加密方案[J]. 计算机工程, 2019, 45(7): 188-193.
[13]	甘植旺,廖方圆. 国密SM9中R-ate双线性对快速计算[J]. 计算机工程, 2019, 45(6): 171-174.
[14]	左黎明,周庆,陈兰兰. 一种可证安全高效无证书短签名方案[J]. 计算机工程, 2019, 45(6): 193-198.
[15]	吴颖豪,凌捷. 一种改进的云存储数据完整性验证方法[J]. 计算机工程, 2019, 45(3): 36-40.

模态框（Modal）标题

选择文件类型/文献管理软件名称

选择包含的内容

基于国密SM9的可搜索加密方案

Searchable Encryption Scheme Based on China State Cryptography Standard SM9

RichHTML

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

图/表 7

参考文献

相关文章 15

编辑推荐

Metrics

本文评价