Design And Security Analysis Of Public Key Encryption Scheme With Equality Test In Cloud Computing

Cloud computing is a model for the enabling ubiquitous,convenient,on-demand network access to a shared pool of configurable computing resources.Due to these characteristics,lots of companies and individuals move their IT operations to the cloud.And more and more users upload their own data to cloud for storage or processing,including company financial data,personal social relationship data,photos,emails,personal health information,etc.,which are highly related to privacy.However,with the increasing awareness of public privacy protection and the frequent occurrence of cloud computing security incidents,users are increasingly worried about the security of cloud data.One possible solution is that the user encrypts the data uploaded to the cloud.However,this method makes it hard for users to operate the cloud data quickly and conveniently.For example,the data search service based on the traditional plaintext keyword retrieval is almost impossible.It seriously reduces the practical value of the cloud computing and turns it into a traditional remote storage service.Therefore,how to use the advantages of cloud computing technology to deal with transactions without revealing user privacy data is a research focus of academic and industrial circles in recent years.Searchable encryption is a technology that allows third parties to retrieve user-uploaded ciphertext,data without revealing any information other than search patterns and search results.However,the traditional searchable encryption technology requires that the ciphertext to be retrieved must be encrypted using the same public key,which is only suitable for a single user scenario.But,in an actual cloud computing scenario,for applications with a large number of users(for example,enterprise applications with a large number of employees),most ciphertexts are usually encrypted by different users using different public keys.Some scholars have proposed to solve this problem by using public key encryption with equality test technology.However,these protfocols cannot fully meet the requirements of cloud computing environment in terms of performance,security and practicability.Therefore,how to enable third parties(such as cloud servers)to perform efficient retrieval in ciphertexts encrypted by different public keys,and to avoid private keyword information leaks in ciphertext,and protect user privacy has become a research topic of great practical significance.This paper studies the design and security analysis of public key encryption scheme with equality test in cloud computing.First of all,the existing identity-based encryption schemes with equality test have some flaws such as low performance,no fine-grained trapdoor authorization,risks of privacy leakage and so on.This paper designs an identity-based fine-grained authorized encryption scheme with equality test in the smart grid cloud computing scenario.Secondly,the traditional single-server architecture-based protocol is vulnerable to internal malicious keyword guessing attacks.In order to resist this attack,this paper designs a dual-server identity-based encryption scheme with equality test(DS-IBEET)based on the specific needs of mobile healthcare social networks.Finally,in order to reduce the time-consuming bilinear pairing and Hash-ToPoint operations and improve the efficiency of execution on lightweight devices,this paper designs a pairing-free identity-based encryption scheme with authorized equality test that does not use HashToPoint operation.The specific research work of this paper is as follows:(1)Research on identity-based encryption scheme with fine-grained authorized equality testAs the number of users increases,the management of certificates will become more and more arduous in the encryption scheme with equality test based on the traditional PKI system,such as the generation,application,issuance,and revoca-tion of a large number of certificates.This increases the maintenance cost of the system.Besides,the existing identity-based encryption schemes with equality test are not fine-grained,which cannot meet the performance requirements of appli-cations running on lightweight devices in cloud computing.Therefore,this paper designs an identity-based encryption scheme with fine-grained authorized equality-test based on the specific application scenarios in smart grid cloud computing.This scheme gives each specific ciphertext a uniqe trapdoor so that the cloud server can-not obtain any privacy information about other ciphertext keywords.Moreover,the security of the scheme is proved under the random oracle model.Combined with the performance requirements of applications running on lightweight devices such as smart meters,the performance of the protocol is analyzed using the cryptographic library MIRACL and compared with other similar protocols.(2)Research on dual-server identity-based encryption scheme with equality testAt present,both the public key encryption scheme with equality test and the identity-based encryption scheme with equality test are single-server architectures.This architecture has the potential to be attacked by malicious internal keyword guesses.For example,if a server is compromised by an external attacker or a malicious attacker exists inside the organization,the user's private information will be leaked.In this paper,based on the characteristics of mobile healthcare network,a DS-IBEET is proposed for the first time.All the equality test must be performed by two servers at the same time.It is impossible to perform equality test for only one server so that only one malicious attacker cannot obtain user privacy information based on the data it processes.The security of the scheme is proved under the random oracle model.Performance analysis is performed using the MIRACL library.(3)Research on pairing-free identity-based encryption scheme with equality testTo my best knowledge,all existing encryption schemes with equality use bi-linear pair operations or HashToPoint operations.However,both these operations are poor computational performance,which makes them not suitable for resource-constrained lightweight mobile devices.Therefore,combined with the privacy pro-tection requirements of social network applications,this paper designs an identity-based encryption scheme with equality test that can be executed efficiently on resource-constrained devices without using bilinear pairing and HashToPoint oper-ations.Besides,the scheme is with fine-grained authorization on keyword search.And its security is proved under the random oracle model.Performance analysis is performed using the cryptographic library MIRACL and some comparions are made between the scheme and other schemes using bilinear pairing or HashToPoint operations.