Author Login Editor-in-Chief Peer Review Editor Work Office Work

Computer Engineering ›› 2020, Vol. 46 ›› Issue (9): 129-135. doi: 10.19678/j.issn.1000-3428.0056080

• Cyberspace Security • Previous Articles     Next Articles

Multi-User Ciphertext Retrieval Scheme Based on Certificateless Cryptosystem

YANG Xiaodong1, CHEN Guilan1, LI Ting1, LIU Rui1, ZHAO Xiaobin2   

  1. 1. College of Computer Science and Engineering, Northwest Normal University, Lanzhou 730070, China;
    2. Gansu Anxin Information Security Technology Co., Ltd., Lanzhou 730000, China
  • Received:2019-09-20 Revised:2019-11-16 Published:2019-10-25

基于无证书密码体制的多用户密文检索方案

杨小东1, 陈桂兰1, 李婷1, 刘瑞1, 赵晓斌2   

  1. 1. 西北师范大学 计算机科学与工程学院, 兰州 730070;
    2. 甘肃安信信息安全技术有限公司, 兰州 730000
  • 作者简介:杨小东(1981-),男,教授、博士,主研方向为代理重签名、云计算安全;陈桂兰、李婷、刘瑞,硕士研究生;赵晓斌,学士。
  • 基金资助:
    国家自然科学基金(61662069,61262057,61562077);兰州市科技计划项目(2013-4-22);西北师范大学青年教师科研能力提升计划(NWNU-LKQN-14-7)。

Abstract: Searchable encryption technology has broad application prospects in cloud storage environment,which can protect the confidentiality and privacy of cloud data.However,existing searchable encryption schemes face problems such as excessive computational overhead,low security,and lack of support for multi-user ciphertext retrieval.In order to solve these problems,a multi-user ciphertext retrieval scheme based on certificateless cryptosystem is proposed.The user's final private key consists of part of the private key and secret value,which effectively solves the certificate management problem of the traditional cryptosystem and the key escrow problem based on the identity cryptosystem.In addition,the data owner does not need to specify the identity of the accessing user when encrypting the keyword.The scheme supports ciphertext retrieval by multiple users,and implements functions such as joining and revoking access users through an authorization list.The analysis results show that the scheme satisfies the indistinguishability of ciphertext index and the indistinguishability of trapdoors.Compared with similar schemes,it has higher computational performance in terms of keyword encryption,trapdoor generation and keyword retrieval.

Key words: cloud storage, searchable encryption, certificateless cryptosystem, multi-user ciphertext retrieval, difficult problem assumption

摘要: 可搜索加密技术能保障云端数据的机密性和隐私性,在云存储环境中具有广泛的应用前景。然而,现有可搜索加密方案存在计算开销大、安全性低和不支持多用户密文检索等不足。为此,通过引入无证书密码体制提出一种新的多用户密文检索方案。在该方案中,用户的完整私钥由部分私钥和秘密值两部分组成,能够解决传统密码体制的证书管理问题和基于身份密码体制的密钥托管问题。此外,数据拥有者在加密关键字时无需指定访问用户的身份,方案同时支持多用户的密文检索,并可通过授权列表实现访问用户的加入与撤销等功能。分析结果表明,该方案满足密文索引不可区分性和陷门不可区分性,在关键字加密、陷门生成及关键字检索等阶段具有较高的计算性能。

关键词: 云存储, 可搜索加密, 无证书密码体制, 多用户密文检索, 困难问题假设

CLC Number: