Font Size: a A A

Research On Attribute Based Searchable Encryption

Posted on:2016-03-10Degree:DoctorType:Dissertation
Country:ChinaCandidate:F HanFull Text:PDF
GTID:1108330461984439Subject:Basic mathematics
Abstract/Summary:Request the full-text of this thesis
With the rapid development of Internet Technology, users are facing a ex-plosive growth of their data. Hence users are inclined to upload their data to a remote data server. Online storage brings forth high scalability and elasticity to users with low cost, meanwhile users can’t maintain their data as they usually did to local storage, because they lost their physical protection to data. As a result their data is in a huge risk of leakage. As a solution, users can protect their online data with encryption, but this will deprive users of the ability of online operation on data, users can not execute access, search or compute op-eration on encrypted data. Search is one of the most frequent operations when users surf the internet. So how to protect users private information while they execute search on data, which is also known as search on encrypted data, is a hot topic of the study on secure storage. This is why searchable encryption is pro-posed. Searchable encryption can be classify into two aspect:searchable public key encryption and searchable symmetric encryption. The first ever searchable encryption is proposed by Song. named as "Practical techniques for searches on encrypted data", which is a searchable symmetric encryption. This scheme adopted " Steam cipher" method. It firstly generated secret key by a pseudo ran-dom number generator, and then XOR it with the word (fixed length) of the data files to get the data files ciphertext. When execute search operation, then XOR the encryption target keyword with ciphertext. The following works focused on index based search. Most works are proposed to consider how to build an effi-cient and secure index for the data files. According’to the feature of symmetric encryption, index of data files and searching keyword are encrypted by the same secret key. So searchable symmetric encryption is usually used in online personal storage service. With some key distributed technique, this protocol can also be used in multi-user model. The first searchable public key encryption protocol was proposed by Boneh, Crescenzo, Ostrovsky and Persiano in Eurocrypt2004. The protocol is built on mail system. As a sender, user can encrypt the mail and key-words with receivers’public key. The receiver generates the search trapdoor with his secret key and keyword he needs, and then sends it to mail server. The server computes the relation between trapdoor and keyword ciphertext, then sends back the data files containing the keyword. The protocol guarantees data privacy of users and server.Prior to working on searchable encryption, we first study on attribute based encryption (ABE), which is a novel and powerful public key encryption system. Attribute based encryption is proposed by Sahai and Waters in 2005, which is a generalized identity based encryption. It represents a user’s identity with a set of descriptive attributes rather than a single value. In this way, the definition of a user’s identity will be more elasticity, and along with an additional access struc-ture, encryptor can define the authorization of decryption flexibly, only the users whose attributes satisfy the access structure can decrypt the ciphertext. Then ABE scheme turns into a highly expressive and flexible encryption scheme. ABE scheme can be classified into Key-policy attribute based encryption (KP-ABE) and Ciphertext-policy attribute based encryption(CP-ABE).In KP-ABE, keys are associated with the access control policy, and ciphertexts are associated with the attribute set. In CP-ABE, it is just the opposite:keys are associated with attribute set, and ciphertexts are associated with access policy. CP-ABE seems to be more realistic for practical applications than KP-ABE. This is because, in CP-ABE, the encryptor dominates the construction of the access control policy and determines what attributes could pass the access policy. But in KP-ABE, the decryptor defines the access control policy. However KP-ABE is more suitable for access control, outsourcing computation, searchable encryption.etc. compared with CP-ABE. Hence in this paper we mainly consider KP-ABE scheme since we will construct a searchable encryption. Anonymity is an key feature of cryptosys-tem to protect the user’s identity privacy. The anonymity of ABE scheme can prevent an adversary from distinguishing attributes of different users, thus can efficiently protect users’attributes secrecy. However previous ABE constructions are not concern with this feature. In this paper we studied key policy attribute based encryption (KP-ABE) and make an improvement. We constructed an attribute private KP-ABE scheme. Here we adopted the idea of dual system en-cryption, with composite order bilinear group we proved our scheme to be fully secure. In this group, the order is a product of four prime, hence it has four prime order subgroup, denoted by GP1, GP2, GP3, GP4. The normal encryption occurs in the subgroup GP1, we treat subgroup GP2 as a semi-functional space, which is only used for proof, the subgroup GP3 is used to randomize the keys, and the sub-group GP4 is applied to guarantee attribute privacy of ciphertext. The attribute privacy is a weakened anonymity, it can partially guarantee the anonymity, and it is sufficient for us when we construct the searchable encryption scheme.To construct an secure searchable encryption scheme, we firstly propose a general transformation form KP-ABE to searchable encryption. We prove that consistency and security of searchable encryption can be reduced to the security and attribute privacy of KP-ABE scheme respectively. Based on this transfor-mation, we construct a attribute based searchable encryption with the above KP-ABE scheme.Keyword guessing attack is an efficient attack to searchable encryption. How to resist this attack is a hot topic on the research of searchable encryption. The cause of keyword guessing attack is low entropy of valid keyword in plaintext space. Randomize the keyword index is an efficient method to resist this attack, thereby adversary cannot efficiently obtain an valid keyword. Inspiring by’func-tion private identity based encryption’proposed by Boneh, Raghunathan and Segev, we constructed a function private attribute based encryption. The func-tion privacy prevents an adversary from distinguishing different users’secret key. In this paper, we adopted "extract-augment-combine" method to improve the original scheme. Firstly, in Extract phase, we add a random number to random-ize the secret key, then in Augment phase, we modify the decryption algorithm. Finally we combine all these modification to guarantee correctness of the scheme. Now we constructed a function private attribute based encryption which is already fully secure and attribute private. Given these security features, we constructed a secure searchable encryption scheme using the above transformation, and then proved the resistant to keyword guessing attack of searchable encryption can be reduced to function privacy of underlying attribute based encryption. Hence our scheme can resist keyword guessing attack.
Keywords/Search Tags:Storage security, Attribute based encryption, Searchable encryp- tion, Keyword guessing attack
Request the full-text of this thesis
Related items