Research On Searchable Encryption Technology And Its Application In A Specific Situation

As an important part of cloud computing, DAS(Data As a Service) and SAAS(Software As A Service) become more and more popularization and promotion. However, their security incidents that are frequently reported on many newspapers gradually cause wide attention and concern. How to ensure that data security on the cloud can be controlled, this has become an urgent issue.It is common to encrypt the data on the cloud for privacy protection, but the structure and semantic of the encrypted data has been changed, which causes the ciphertext stored on the cloud cannot have as plaintext as operability. In the case of a small amount of data, when we use it, all ciphertext data can be downloaded to the client from the cloud, we can use it after decryption. However, communication overhead becomes a bottleneck when downloading all the data from the cloud to the client, which is heavy and infeasible for a large amount of data.In practical application, we hope that cloud users are able to retrieve the ciphertext same operation as the plaintext in the cloud, at the same time, this process can also meet the security requirements in the retrieval. In accordance with the requirements of cloud user, the server can feedback to the retrieved ciphertext to the user instead of downloading the entire ciphertext. This technique is called searchable encryption technology.The disadvantage of searchable encryption scheme built on a symmetric key is distribution difficulties, and application scenarios are not broad enough. Further, searchable encryption scheme based on asymmetric key encryption brings slow speed. So both searchable encryption schemes are not practical enough for big data, this thesis proposes a new searchable encryption scheme(CBSE-MU) according to the real application scenario of military through research and analysis of the traditional searchable encryption scheme, which puts forward the framework and the concrete algorithm for CBSE-MU, and also fully proves its security to protect and retrieve privacy data. The common document is standardized and it is made to have so some security characteristics(e.g., digital signature, access control, message authentication, data self-destruction), coupled with the technology of cryptology, security protocol and information retrieval, all this can make sure that the massive private data in the cloud have confidentiality, integrity, nonrepudiation and retrievability. In order to the flexibility and the practicability, the scheme introduces the keyword fuzzy and participle technology, and supports the multiple keywords and fuzzy retrieval and fine-grained ciphertext retrieval.Finally, it’s summarized and elaborated the research direction and next content to be improved in the future for this thesis.