基于全同态加密的可验证多关键词密文检索方案

doi:10.19678/j.issn.1000-3428.0069084

摘要/Abstract

摘要：

由于云服务器能够提供强大的存储和计算能力, 因此个人和企业更趋向于将加密数据存储于云端。为了解决密文数据检索困难的问题, 利用同态加密的密文检索方式成为研究热点。然而, 现有的方案主要集中在单关键词检索上, 由于检索限制条件较少、搜索精度较低, 从而导致通信和计算开销较大。另外, 将数据托管到第三方提供的不可信云主机上, 可能出现删除、修改、返回不真实和不全面的搜索信息等恶意情况。为此, 基于全同态加密和不经意伪随机函数提出一种新型的密文检索方案。通过构造加密的关键词索引和哈希表, 使得方案能够支持多关键词的连接查询。利用文件的标识和大小生成验证标签, 使得数据接收者能够对检索结果的正确性和完整性进行验证。理论分析和实验结果表明, 相比于基于全同态加密的单关键词检索方案, 在检索2~3个多关键词时, 所提方案的密文搜索效率提升36.2%~45.9%, 并且在检索更多关键词时拥有更好的综合性能。

关键词: 云存储, 全同态加密, 密文检索, 安全共享, 可验证

Abstract:

Individuals and businesses are more inclined to store encrypted data in the cloud because cloud servers offer powerful storage and computing capabilities. Ciphertext retrieval using homomorphic encryption has become a research hotspot to address the issue of difficult ciphertext data retrieval. However, existing schemes mainly focus on single-keyword retrieval, which results in high communication and computation overheads owing to fewer retrieval constraints and lower search accuracy. In addition, owing to the hosting of data on untrustworthy cloud hosts provided by third parties, malicious situations such as the deletion, modification, or return of untrue and incomplete search information may occur. Therefore, a novel ciphertext retrieval scheme is proposed based on full homomorphic encryption and an inadvertent pseudo-random function. By constructing an encrypted keyword index and hash table, the scheme can support multi-keyword conjunctive retrieval. The identification and size of the file are used to generate authentication tags that enable the data receiver to verify the correctness and integrity of the retrieval results. Theoretical analysis and experimental results show that, compared to the single-keyword retrieval scheme based on full homomorphic encryption, the efficiency of searching ciphertexts is improved by 36.2%-45.9% when retrieving 2-3 multiple keywords, and the proposed scheme exhibits better overall performance when retrieving more keywords.

Key words: cloud storage, fully homomorphic encryption, ciphertext retrieval, secure sharing, verifiable

唐莹莹, 陈玉玲, 罗运, 李再东. 基于全同态加密的可验证多关键词密文检索方案[J]. 计算机工程, 2025, 51(4): 188-197.

TANG Yingying, CHEN Yuling, LUO Yun, LI Zaidong. Verifiable Multi-Keyword Ciphertext Retrieval Scheme Based on Fully Homomorphic Encryption[J]. Computer Engineering, 2025, 51(4): 188-197.

https://www.ecice06.com/CN/Y2025/V51/I4/188

图/表 6

图1 系统模型

Fig.1 System model

图2 密文索引

Fig.2 Ciphertext index

图3 加解密时间

Fig.3 Time of encryption and decryption

图4 检索效率对比

Fig.4 Comparison of retrieval efficiency

参考文献 36

1	SONG D X, WAGNER D, PERRIG A. Practical techniques for searches on encrypted data[C]//Proceedings of the IEEE Symposium on Security and Privacy. Washington D.C., USA: IEEE Press, 2000: 44-55.
2	李经纬, 贾春福, 刘哲理, 等. 可搜索加密技术研究综述. 软件学报, 2015, 26 (1): 109- 128.
	LI J W , JIA C F , LIU Z L , et al. Survey on the searchable encryption. Journal of Software, 2015, 26 (1): 109- 128.
3	秦志光, 徐骏, 聂旭云, 等. 公钥可搜索加密体制综述. 信息安全学报, 2017, 2 (3): 1- 12.
	QIN Z G , XU J , NIE X Y , et al. A survey of public-key encryption with keyword search. Journal of Cyber Security, 2017, 2 (3): 1- 12.
4	BONEH D, DI CRESCENZO G, OSTROVSKY R, et al. Public key encryption with keyword search[EB/OL]. [2023-11-05]. https://eprint.iacr.org/2003/195.pdf.
5	BYUN J W, RHEE H S, PARK H A, et al. Off-line keyword guessing attacks on recent keyword search schemes over encrypted data[EB/OL]. [2023-11-05]. https://link.springer.com/chapter/10.1007/11844662_6.
6	BAEK J, SAFAVI-NAINI R, SUSILO W. Public key encryption with keyword search revisited[EB/OL]. [2023-11-05]. https://link.springer.com/chapter/10.1007/978-3-540-69839-5_96.
7	程帅, 姚寒冰. 基于同态加密的密文全文检索技术的研究. 计算机科学, 2015, 42 (S1): 413- 416.
	CHENG S , YAO H B . Research on full-text retrieval technology of ciphertext based on homomorphic encryption. Computer Science, 2015, 42 (S1): 413- 416.
8	白利芳, 祝跃飞, 李勇军, 等. 全同态加密研究进展. 计算机研究与发展, 2024, 61 (12): 3069- 3087. doi: 10.7544/issn1000-1239.202221052
	BAI L F , ZHU Y F , LI Y J , et al. Research progress of fully homomorphic encryption. Journal of Computer Research and Development, 2024, 61 (12): 3069- 3087. doi: 10.7544/issn1000-1239.202221052
9	ZHENG Q J, XU S H, ATENIESE G. VABKS: verifiable attribute-based keyword search over outsourced encrypted data[C]//Proceedings of the IEEE Conference on Computer Communications. Washington D.C., USA: IEEE Press, 2014: 522-530.
10	LUO Y , CHEN Y L , LI T , et al. An entropy-view secure multiparty computation protocol based on semi-honest model. Journal of Organizational and End User Computing, 2022, 34 (10): 1- 17.
11	CHEN Z H , ZHANG F G , ZHANG P , et al. Verifiable keyword search for secure big data-based mobile healthcare networks with fine-grained authorization control. Future Generation Computer Systems, 2018, 87, 712- 724. doi: 10.1016/j.future.2017.10.022
12	CHEN Y L , TAO J H , LI T , et al. An effective security comparison protocol in cloud computing. Computers, Materials&Continua, 2023, 75 (3): 5141- 5158.
13	RHEE H S , PARK J H , SUSILO W , et al. Trapdoor security in a searchable public-key encryption scheme with a designated tester. Journal of Systems and Software, 2010, 83 (5): 763- 771. doi: 10.1016/j.jss.2009.11.726
14	TANG Q, CHEN L Q. Public-key encryption with registered keyword search[EB/OL]. [2023-11-05]. https://link.springer.com/chapter/10.1007/978-3-642-16441-5_11.
15	XU P , JIN H , WU Q H , et al. Public-key encryption with fuzzy keyword search: a provably secure scheme under keyword guessing attack. IEEE Transactions on Computers, 2013, 62 (11): 2266- 2277. doi: 10.1109/TC.2012.215
16	ZHANG Y , XU C X , NI J B , et al. Blockchain-assisted public-key encryption with keyword search against keyword guessing attacks for cloud storage. IEEE Transactions on Cloud Computing, 2019, 9 (4): 1335- 1348.
17	LI H B , HUANG Q , SUSILO W . A secure cloud data sharing protocol for enterprise supporting hierarchical keyword search. IEEE Transactions on Dependable and Secure Computing, 2020, 19 (3): 1532- 1543.
18	VAHID Y , TARANEH E . An efficient, secure and verifiable conjunctive keyword search scheme based on rank metric codes over encrypted outsourced cloud data. Computers and Electrical Engineering, 2023, 105, 108523. doi: 10.1016/j.compeleceng.2022.108523
19	曹素珍, 杜霞玲, 杨小东, 等. 可验证混合存储属性基多关键字密文检索方案. 计算机工程, 2020, 46 (11): 181-186, 193. URL
	CAO S Z , DU X L , YANG X D , et al. Attribute-based multi-keyword ciphertext retrieval scheme using verifiable hybrid storage. Computer Engineering, 2020, 46 (11): 181-186, 193. URL
20	CRAIG G. A fully homomorphic encryption scheme[EB/OL]. [2023-11-05]. https://crypto.stanford.edu/craig/craig-thesis.pdf.
21	BRAKERSKI Z, GENTRY C, VAIKUNTANATHAN V, et al. (Leveled) fully homomorphic encryption without bootstrapping[C]//Proceedings of the 3rd Innovations in Theoretical Computer Science Conference. New York, USA: ACM Press, 2012: 309-325.
22	FAN J F, VERCAUTEREN F. Somewhat practical fully homomorphic encryption[EB/OL]. [2023-11-05]. https://eprint.iacr.org/2012/144.pdf.
23	CHEON J H, KIM A, KIM M, et al. Homomorphic encryption for arithmetic of approximate numbers[EB/OL]. [2023-11-05]. https://eprint.iacr.org/2016/421.pdf.
24	GENTRY C, SAHAI A, WATERS B. Homomorphic encryption from learning with errors: conceptually-simpler, asymptotically-faster, attribute-based[EB/OL]. [2023-11-05]. https://link.springer.com/chapter/10.1007/978-3-642-40041-4_5.
25	DUCAS L, MICCIANCIO D. FHEW: bootstrapping homomorphic encryption in less than a second[EB/OL]. [2023-11-05]. https://eprint.iacr.org/2014/816.
26	CHEN H, CHILLOTTI I, SONG Y. Multi-key homomorphic encryption from TFHE[EB/OL]. [2023-11-05]. https://link.springer.com/chapter/10.1007/978-3-030-34621-8_16.
27	CHEN Y L , DONG S , LI T , et al. Dynamic multi-key FHE in asymmetric key setting from LWE. IEEE Transactions on Information Forensics and Security, 2021, 16, 5239- 5249.
28	宋新霞, 陈智罡, 李焱华. HEBenchmark: 全同态加密测试系统设计与实现. 密码学报, 2020, 7 (6): 853- 863.
	SONG X X , CHEN Z G , LI Y H . HEBenchmark: design and implementation of fully homomorphic encryption test system. Journal of Cryptologic Research, 2020, 7 (6): 853- 863.
29	AKAVIA A, FELDMAN D, SHAUL H, et al. Secure search on encrypted data via multi-ring sketch[C]//Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. New York, USA: ACM Press, 2018: 985-1001.
30	WEN R, YU Y, XIE X, et al. LEAF: a faster secure search algorithm via localization, extraction, and reconstruction[C]//Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. New York, USA: ACM Press, 2020: 1219-1232.
31	IQBAL Y , TAHIR S , TAHIR H , et al. A novel homomorphic approach for preserving privacy of patient data in telemedicine. Sensors (Basel, Switzerland), 2022, 22 (12): 4432.
32	TANG Y Y , CHEN Y L , LUO Y , et al. VR-PEKS: a verifiable and resistant to keyword guess attack public key encryption with keyword search scheme. Applied Sciences, 2023, 13 (7): 4166.
33	AMORIM I, COSTA I. Homomorphic encryption: an analysis of its applications in searchable encryption[EB/OL]. [2023-11-05]. https://arxiv.org/abs/2306.14407v1.
34	ZHANG X J , XU C X , JIN C H , et al. Efficient fully homomorphic encryption from RLWE with an extension to a threshold encryption scheme. Future Generation Computer Systems, 2014, 36, 180- 186.
35	FREEDMAN M J, ISHAI Y, PINKAS B, et al. Keyword search and oblivious pseudorandom functions[EB/OL]. [2023-11-05]. https://www.cs.princeton.edu/~mfreed/docs/FIPR05-ks.pdf.
36	KOLESNIKOV V, MATANIA N, PINKAS B, et al. Practical multi-party private set intersection from symmetric-key techniques[C]//Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. New York, USA: ACM Press, 2017: 1257-1272.

[1]	蒋淇淇, 张亮, 彭凌祺, 阚海斌. 基于区块链的可问责可验证外包分层属性加密方案[J]. 计算机工程, 2025, 51(3): 24-33.
[2]	张晓均, 李兴鹏, 唐伟, 郝云溥, 薛婧婷. 云-边融合的可验证隐私保护跨域联邦学习方案[J]. 计算机工程, 2024, 50(3): 148-155.
[3]	崔怀勇, 张绍华, 李超, 戴炳荣. 一种基于Schnorr签名的区块链预言机改进方案[J]. 计算机工程, 2024, 50(1): 166-173.
[4]	张晓均, 刘庆, 郑爽, 王鑫, 薛婧婷, 王世雄. 支持隐私保护的可验证云端数据分享方案[J]. 计算机工程, 2023, 49(3): 49-57.
[5]	孙林昆, 蒋文保, 郭阳楠, 李春强. 基于密码累加器的无状态区块链性能优化[J]. 计算机工程, 2023, 49(2): 46-53.
[6]	张利华, 曹宇, 张赣哲, 黄阳, 陈世宏. 基于区块链的微电网数据安全共享方案[J]. 计算机工程, 2022, 48(1): 43-50.
[7]	魏秀然, 王峰. 基于协调器与遗传算法的云存储数据复制策略[J]. 计算机工程, 2021, 47(8): 124-130,139.
[8]	张晓均, 张经伟, 黄超, 唐伟. 可验证的云存储医疗加密数据统计分析方案[J]. 计算机工程, 2021, 47(6): 32-37,43.
[9]	牛淑芬, 刘文科, 陈俐霞, 杜小妮. 基于代理重加密的电子病历数据共享方案[J]. 计算机工程, 2021, 47(6): 164-171.
[10]	牛淑芬, 韩松, 于斐, 王彩芬, 杜小妮. 区块链电子病历中基于密钥聚合的密文检索方案[J]. 计算机工程, 2021, 47(5): 36-43.
[11]	李秋贤, 周全兴, 王振龙, 丁红发, 潘齐欣. 基于隐私保护的可证明安全委托计算协议[J]. 计算机工程, 2021, 47(5): 131-137.
[12]	黄保华, 黄丕荣, 赵伟宏, 彭丽. 云存储中支持属性撤销的多关键词可搜索加密方案[J]. 计算机工程, 2021, 47(11): 29-36.
[13]	杨小东, 陈桂兰, 李婷, 刘瑞, 赵晓斌. 基于无证书密码体制的多用户密文检索方案[J]. 计算机工程, 2020, 46(9): 129-135.
[14]	曹素珍, 杜霞玲, 王友琛, 刘雪艳. 多服务器可验证的属性基多关键字排序检索方案[J]. 计算机工程, 2020, 46(3): 120-128.
[15]	骆云鹏, 朱旎彤, 毛慈伟, 程晋雪, 许春根. 一种基于连接关键词的实用化可搜索加密方案[J]. 计算机工程, 2020, 46(2): 175-182.

选择文件类型/文献管理软件名称

选择包含的内容