A Revocable Ciphertext Search Scheme with Fully Hidden Access Policies for Cloud-Edge Collaborative Supply Chains

doi:10.19678/j.issn.1000-3428.0253051

Abstract

Abstract: Under the digital transformation of supply chains, multi-source data exchange and cross-enterprise sharing face security risks such as data leakage and policy exposure. Traditional attribute-based encryption schemes suffer from inefficiency and insufficient dynamic control, making them unsuitable for such scenarios. To address these challenges, this paper proposes a revocable ciphertext search scheme with fully hidden access policies under a cloud-edge collaborative architecture, designed to meet the demands for efficient data interaction and privacy protection in complex supply chain environments. The scheme integrates the real-time processing capabilities of edge computing with the robust computational power of cloud computing. By leveraging collaborative ciphertext caching and pre-decryption services at the edge, it significantly reduces decryption latency and local computational load on users. Access policies are fully hidden through a combination of multi-value attributes with wildcard support, gate-based access structures, and Bloom filters, effectively preventing sensitive policy leakage during data transmission and storage. Furthermore, blockchain and smart contracts are introduced to enable efficient search and dynamic revocation: a "search contract" automates keyword trapdoor validation to shorten matching time, while a "revocation contract" dynamically updates permissions for attribute revocation. Under the Decisional Bilinear Diffie–Hellman (DBDH) assumption, the scheme achieves indistinguishability against chosen-plaintext attacks. Performance analysis shows that it incurs low computational overhead, particularly during the search phase, the computational cost is increased by nearly two-thirds compared to the BADS scheme, thereby providing efficient and secure data retrieval for collaborative supply chain management.

摘要： 供应链数字化转型背景下，多源数据交互与跨企业共享面临数据泄露、策略暴露等安全风险，传统属性基加密方案因效率低、动态管控不足，难以适配场景需求。针对此问题，本文提出云边协同架构下基于属性的策略全隐藏可撤销密文检索方案，以应对供应链复杂场景下的高效数据交互与隐私安全需求。该方案融合边缘实时处理能力与云端强大算力，通过云边协同优化性能：边缘端提供预解密服务，结合云端外包存储，经协作密文缓存管理加速数据获取，依托边缘近用户端低延迟特性，显著降低用户解密等待时间与本地计算负载；采用支持通配符的多值属性与门访问结构与布隆过滤器结合，实现访问策略完全隐藏，有效防范供应链数据传输与存储中的敏感策略泄露，强化数据隐私性；引入区块链与智能合约实现高效检索与动态撤销，设计“搜索合约”自动化验证关键字陷门以缩短匹配时间，通过“撤销合约”动态更新权限完成属性撤销。方案在DBDH假设下满足选择明文攻击不可区分性安全，性能分析表明其计算开销较低，尤其搜索阶段计算开销较BADS方案提升近三分之二，为供应链协同管理提供高效数据检索与安全保障。

ZHANG Xuan, CAO Suzhen, LIU Guorui, HAN Lei, ZHANG Tianhao, YANG Xiaodong. A Revocable Ciphertext Search Scheme with Fully Hidden Access Policies for Cloud-Edge Collaborative Supply Chains[J]. Computer Engineering, doi: 10.19678/j.issn.1000-3428.0253051.

张萱, 曹素珍, 刘国锐, 韩磊, 张田昊, 杨小东. 云边协同供应链中策略完全隐藏的可撤销密文检索方案[J]. 计算机工程, doi: 10.19678/j.issn.1000-3428.0253051.

/ Recommend / Download Citations

URL: https://www.ecice06.com/EN/10.19678/j.issn.1000-3428.0253051

References

[1] CHEN S B, ZHANG G Y, LI J Y, et al. Design of Cooperative Optimization Scenario of Enterprise Bidding Procurement and Supply Chain under the Digital Wave[J]. Sustainable Development, 2022, 12(6): 1785-1788.
[2] SHEN X J, LI XR, YIN HJ, et al. Lattice-based multi-authority ciphertext-policy attribute-based searchable encryption with attribute revocation for cloud storage[J]. Computer Networks, 2024, 250: 110559.
[3] 王经纬, 宁建廷, 许胜民, 等. 面向可变用户群体的可搜索属性基加密方案[J]. 软件学报, 2023, 34(4): 1907-1925. WANG J W, NING J T, XU S M, et al. Searchable Attribute-based Encryption Scheme for Dynamic User Groups[J]. Journal of Software, 2023, 34(4): 1907-1925. (in Chinese)
[4] YANG X D, LIAN S Q, WANG Y Q, et al. Decentralized and Anonymous Attribute-Based Searchable Encryption With Policy Update and Batch Revocation for Computing Power Network[J]. IEEE Internet of Things Journal, 2025, 12(19): 41232-41247.
[5] YIN H, ZHANG W, DENG H, et al. An Attribute-Based Searchable Encryption Scheme for Cloud-Assisted IIoT[J]. IEEE Internet of Things Journal, 2023, 10(12): 11014-11023.
[6] XIE M D, YANG X K, HONG H B, et al. A novel verifiable chinese multi-keyword fuzzy rank searchable encryption scheme in cloud environments[J]. Future Generation Computer Systems, 2024, 153: 287-300.
[7] LI J T, HAN D Z, WENG T H, et al. A secure data storage and sharing scheme for port supply chain based on blockchain and dynamic searchable encryption[J]. Computer Standards & Interfaces, 2025, 91: 103887.
[8] ZHU B, NIU L. A privacy-preserving federated learning scheme with homomorphic encryption and edge computing[J]. Alexandria Engineering Journal, 2025, 118: 11-20.
[9] WANG H M, LIU W H, WANG X A, et al. Privacy-enhanced facial recognition for IoT based on homomorphic encryption[J]. Internet of Things, 2025, 34: 101757.
[10] LI S S, HUANG M G, FANG C, et al. Flexible and efficient privacy-preserving fine-grained access control scheme for data sharing in cloud-edge collaborative IoT[J]. Computer Communications, 2025, 241: 108259.
[11] MAHATO G K, BANERJEE A, CHAKRABORTY S K, et al. Privacy preserving verifiable federated learning scheme using blockchain and homomorphic encryption[J]. Applied Soft Computing, 2024, 167: 112405.
[12] HOU Z S, NING J T, HUANG X Y, et al. Blockchain-based efficient verifiable outsourced attribute-based encryption in cloud[J]. Computer Standards & Interfaces, 2024, 90: 103854.
[13] LI X H, JIANG J, CHEN Y C. Fully Decentralized Authentication and Revocation Scheme in Data Sharing Systems[A]. IEEE International Conference on Big Data Science and Engineering[C], 2018.
[14] AKANKSHA S, ZHU Q Y, NAVNEET S, et al. A Smart-Contract-Based Access Control Framework for Cloud Smart Healthcare System[J]. IEEE INTERNET OF THINGS JOURNAL, 2021, 8(7): 5914-5925.
[15] HOU R W, ZHOU F C, WANG Q, et al. Revokable Blockchain-Enabled Ranked Multi-Keyword Attribute-Based Searchable Encryption Scheme With Mobile Edge Computing for Vehicular[J]. IEEE Transactions on Network and Service Management, 2025, : 1.
[16] GAO H C, HUANG H P, XUE L Y, et al. Blockchain-enabled Fine-Grained Searchable Encryption With Cloud-edge Computing for Electronic Health Records Sharing[J]. IEEE Internet of Things Journal, 2023, 10(20): 1.
[17] CHEN L Q, XU S G, ZHANG H, et al. Fair-and-Exculpable-Attribute-Based Searchable Encryption With Revocation and Verifiable Outsourced Decryption Using Smart Contract[J]. IEEE Internet of Things Journal, 2025, 12(4): 4302-4317.
[18] ZHANG B Y, YANG W J, ZHANG F T, et al. Efficient Attribute-Based Searchable Encryption With Policy Hiding Over Personal Health Records[J]. IEEE Transactions on Dependable and Secure Computing, 2025, 22(2): 1299-1312.
[19] ZHANG K, ZHANG Y, LI Y, et al. A Blockchain-Based Anonymous Attribute-Based Searchable Encryption Scheme for Data Sharing[J]. IEEE Internet of Things Journal, 2024, 11(1): 1685-1697.v [20] GUO Z Z, WANG G L, LI Y X, et al. Attribute-Based Data Sharing Scheme Using Blockchain for 6G-Enabled VANETs[J]. IEEE Transactions on Mobile Computing, 2024, 23(4): 3343-3360.
[21] WAN Q X, LIU M H, WANG L, et al. Dual-Policy Attribute-Based Searchable Encryption with Secure Keyword Update for Vehicular Social Networks[J]. Electronics (Switzerland), 2025, 14(2).
[22] CHEN L Q, XU S G, JIN C H, et al. Partially Hidden Policy Attribute-Based Multi-Keyword Searchable Encryption with Verification and Revocation[J]. IEEE Transactions on Mobile Computing, 2025, 24(9): 1-16.
[23] 周艺华, 李美奇, 扈新宇, 等. 云环境下基于属性策略隐藏的细粒度高效可搜索加密方案[J]. 计算机科学, 2023, 50(7): 339-346. ZHOU Y H, LI M Q, HU X Y, et al. Fine Grained and Efficient Searchable Encryption Scheme Based on Attribute Policy Hiding in Cloud Environment[J]. Computer Science, 2023, 50(7): 339-346.(in Chinese)
[24] 杜瑞忠, 张添赫, 石朋亮. 基于区块链且支持数据共享的密文策略隐藏访问控制方案[J]. 通信学报, 2022, 43(6): 168-178. DU R Z, ZHANG T H, SHI P L. Ciphertext policy hidden access control scheme based on blockchain and supporting data sharing[J]. Journal on Communications, 2022, 43(6): 168-178.(in Chinese)
[25] YAN Z H, ZHANG B. An Efficient Attribute-Based Multikeyword Searchable Encryption With Access Policy Hiding in IoT Using Blockchain[J]. IEEE Internet of Things Journal, 2025, 12(15): 32148-32160.
[26] ZHAO F, PEN C G, XU D Q, et al. Attribute-based multi-user collaborative searchable encryption in COVID-19[J]. Computer Communications, 2023, 205: 118-126.
[27] ZHANG Y H, ZHENG D, CHEN X F, et al. Computationally efficient ciphertext-policy attribute-based encryption with constant-size ciphertexts[J]. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2014, 8782(1): 259-273.
[28] BURTON H B. Space/Time Trade-offs in Hash Coding with Allowable Errors[J]. Communications of the Association for Computing Machinery, 1970, 13(7): 422-426.
[29] FENG T, KONG F Q, LIU C Y, et al. Multi-Authorization Attribute-Based Verifiable Encryption Scheme Based on Blockchain[J]. Mobile Networks & Applications, 2023, 28(5): 1-8.
[30] LIU Y K, ZHANG J W, GAO Q. A Blockchain-Based Secure Cloud Files Sharing Scheme with Fine-Grained Access Control[A]. International Conference on Networking and Network Applications[C], 2018.

Please choose a citation manager

Content to export