Research On Multi-user Searchable Encryption And Secure Data Sharing In Cloud Storage System

Cloud storage is a cloud computing system focusing on data storage and management.It can provide users powerful and convenient services such as data storage,data processing and data sharing.With the increasing popularity of cloud computing,more and more users tend to outsource their local data to the cloud.This not only can help users save the cost of data management and system maintenance,but also can make them accessible to data through Interne at any place and any time they want.However,when users enjoy this convenient and efficient service,they would also face the following problems about data security and privacy disclosure.The cloud storage server cannot be trusted completely.The eavesdropping on the transmission channel,the attacks on the server,and even the server administrator's personal disclosure will pose threats to users' data.Particularly in the field of medicine and finance,information disclosure and abuse will cause a great loss to users.In order to prevent the server and other non-authorized users from accessing the private data,a trivial solution is that the users encrypt their data before uploading.However this will make data difficult to query and share.Under this circumstance,searchable encryption(SE)and secure data sharing technologies have come out,which can not only guarantee the users to use the cloud storage service safely but also solve the problem of processing encrypted data.In the mechanism of searchable encryption,data owner(aka.writer)generates an encrypted index and stores it on cloud server along with the encrypted documents.Data user(aka.reader)generates the trapdoor of a keyword and gets the target documents that containing the keyword.The cloud server can search the index and return the query results,meanwhile it cannot obtain the plaintext of the target document and the keyword.As a result,legitimate users can take the advantage of the cloud server's powerful storage capacity and computing power to safely store their data and make query operations.Early research on searchable encryption was focused on single-writer/single-reader(S/S),which means the writer is the same person to the reader.In today's cloud storage systems,every user has both the desire to share data and the demand to access data from others or himself.In other words,each user can not only be a writer but also a reader in the model called multi-writer/multi-reader(M/M).This model of cloud storage can be widely used in a variety of areas in reality,hence the development on it is of great value.Secure data sharing is a technique to achieve confidentiality by encrypting data and achieve access control through autonomous distribution of the decryption keys.Existing schemes either rely on the trusted third party(TTP)or the online writer for key distribution.But with more and more users enter into the cloud storage system,it cannot meet the demand.It is necessary for the system to extend its service to every users by a technology with convenience,individuality and pay-as-you-go mode.This shows that the main problems of multi-user searchable encryption and secure data sharing in cloud storage system are as follows.(1)Each writer wishes to have access control for his own data.There is no fully trusted third party and no unified resource management system.(2)Each user may need to access data at any time and any place through different types of terminals,so the scheme should reduce the dependence on the secure channel.However,data transmission over public channels would meet with new threats.(3)Since the writer himself is an ordinary user,it is impossible for him to distribute the decryption key online like administrators.Existing solutions often fail to solve these problems,the content of this paper is to design the provably secure multi-user searchable encryption scheme and the secure data sharing scheme to solve these problems.Our research focuses on the design of the scheme with the analysis and proof of the security.The security requirements of the schemes and the theoretical feasibility of them is concerned.Thus,a theoretical foundation for the implementation of practical protocols are laid.The strict security proof also bring a theoretical basis for the analysis of such schemes,so we focus on the formal proof in specific security model.The above provable security requirements are necessary in modern cryptography.Specifically,our research includes the following aspects.1.Research on discretionary authorization of MMSE schemeWe study the formal definition,security model and construction method of MMSE scheme and propose a TTP-free scheme which achieves fine-grained access control.In replacement of a trusted user management center,the writer can discretionarily grant and revoke the privileges to readers by maintaining a dynamically updated authority distribution matrix in the semi-honest cloud server.The writer calculates the authorization value according to the public key of the reader.Since each user's public and private key can be obtained from an existing CA center,a trusted third party is not needed to manage the key.Moreover,the reader can specify one or more writer to query,and the server only searches for documents that the reader have privilege to get,thus the search scope can be narrowed.And with the help of the bilinear maps,the key distribution is an integration between with user authorization and search procedures.It reduces the interaction between the user and the server or writers and readers,and thus reduces the communication overhead.Finally,we give the formal proofs of its security in the random oracle model2.Research on keyword guessing attack and defense on MMSE schemeWe have completed the following two part jobs.The first one is analyzing whether keyword guessing attack(KGA)is a problem in MMSE schemes,the second one is designing a security channel-free scheme that can resist KGA.Research on the security of multi-user SE scheme is always a notable problem.Especially in KGA,some scholars have proved that it resists in the multi-writer/single-reader(M/S)scheme.This is because people usually queries commonly-used keywords,so an eavesdropping adversary can guess some keywords by themselves and verify them with the information he got from the public channel.However,this attack is not considered in the existing MMSE schemes.Therefore,we analyze some current main MMSE scheme,and prove that none of these scheme can resist this attack without the secure channel.This is mainly because the authorized user has the legal private key,he can calculate some data by using the information that was collected from the public channel to implement KGA.However,deploying secure channel is impractical in some scenarios.Therefore,our second task is to propose an MMSE scheme that can resist KGA without a secure channel by using the designated server.In the scheme,the index value of the document and the trapdoor of keywords are hidden by the random number and the public key of the server,so that only the designated server can perform storage and search operations.At the same time,the scheme retains the advantage of independence from the TTP in user management.Moreover,in terms of the documents encrypted by different keys,the reader only need to generate one trapdoor,which simplifies his computational overhead.In the same way,we prove the security in the random oracle model.3.Research on secure data sharing scheme with multiple keysWe study the formal definition,security model and construction method of secure data sharing scheme and propose a multi-key data sharing scheme.The research of secure data sharing is focused on the implementation of cryptographic access control technology,which mainly uses the cryptography technology to realize the decryption capability of users based on some access control policies.However,the current scheme is not flexible enough for the realization of multi-user discretionary data sharing,and the security considerations are not comprehensive.Therefore,we propose a multi-key data sharing scheme.The scheme reaches fine-grained access control by allowing the writer to authorize different classes of data without a TTP.Instead of using a secure channel,a designated server which has the corresponding private key can perform data sharing operations,thus resisting the malicious behavior by the authorized user.Each document is encrypted with a unique key to ensure the confidentiality.But the writer is not required to distribute the keys.Instead,the cloud server can generate the trapdoor of decryption key and transmit it to the reader.Then the reader can recover the decryption key by using his private key.Thus,our proposed scheme does not need an online writer,which simplifies the procedure of key distribution.In summary,we study the multi-user searchable encryption and secure data sharing technologies in cloud storage.The main focus is on multi-writer multi-reader model.We solve the problems such as allowing users to discretionary authorize without a TTP,resisting keyword guessing attack without security channel and realizing key model.We solve the problems such as allowing users to discretionary authorize without a TTP,resisting keyword guessing attack without security channel and realizing key distribution without introducing additional overhead.Designing the provable security schemes not only can lay a theoretical foundation to the design and the implementation of practical protocols,but also provide a useful reference for the popularization and application of cloud storage.