| Cloud storage is currently the main way for remote data storage,which can greatly save the storage space of user terminal equipments and provide efficient data access services.However,with the popularity of cloud storage,it also leads to some data security incidents,data security issues and privacy leakage risks are getting more and more attentions.Cryptography is one of the most effective ways to achieve data security,encrypting data before storing it in a cloud server can provide users with reliable information security,but using traditional cryptographic technologies may cause inconveniences for data access.Specifically,data will lose its original characteristics after being encrypted,when a user wants to access data,it first needs to download all the encrypted data to the terminal device,and then decrypts to find the desired data.The method will bring serious computation costs and communication costs,which is inappropriate for efficient cloud storage.In order to solve the data search problem of encrypted cloud storage,and further promote the application of cryptographic technologies in cloud security,this paper studies function efficiency requirements and security performance requirements of encrypted data search technologies.The details are as follows:(1)Searchable Asymmetric Encryption with Support for Boolean Queries.Searchable en-cryption is a cryptographic primitive that can support searching over encrypted data,a user generates a search token for its search requirement,the cloud server takes the search token to search on the encrypted data and returns encrypted search results.At present,most search-able encryption schemes only support simple single-keyword queries,the schemes that sup-port boolean keyword queries only consider the single-user model,which is not suitable for the multi-user model of cloud storage.Therefore,we propose a searchable asymmetric en-cryption scheme that supports boolean queries.In order to design the scheme,we give a new secure inverted index,which not only has the characteristics of symmetric searchable encryption,but also has the characteristics of public key searchable encryption,due to its public key characteristics,the index method can support the multi-user model of public key encryption.In addition,owing to that the encrypted data are indexed by the inverted index method,the search complexity of our scheme is only sub-linearly related to the total number of encrypted data,which effectively improves the search efficiency compared with previ-ous schemes.The security analysis proves that the scheme has adaptive simulation-based security under the SXDH assumption.The experimental results show that the scheme can provide efficient data search services.(2)Public Key Encryption with Equality Test.Encrypted equality test allows a tester to know whether two different ciphertexts correspond to a same plaintext or not,which is valuable for encrypted data search,such as searching the intersection between two encrypted data sets.Most public key encryption with equality test schemes rely on random oracles,and other schemes in the standard model require cryptographic primitives such as identity-based encryption and unforgeable one-time signatures,which will bring serious computation costs and storage costs.In this paper,we propose a framework for constructing public key en-cryption with equality test schemes in the standard model,the framework needs only the ba-sic properties of hash proof system,and it is efficient compared with previous frameworks in the standard model.Since hash proof system can be instantiated based on different as-sumptions,our framework also provides an efficient way to construct public key encryption with equality test schemes in the standard model from different assumptions.The security analysis shows that the framework can achieve OW-CCA security and IND-CCA security.We instantiate the framework based on the DDH assumption and the DCR assumption re-spectively,and obtain two concrete public key encryption with equality test schemes in the standard model without using pairing for the first time.(3)Forward Secure Public Key Searchable Encryption.The forward security of searchable encryption means that a search token cannot be used to search the encrypted data gener-ated after it.In the searchable encryption schemes without forward security,cloud server can use an old search token to search a new encrypted data,which may cause information leakage risks.At present,the research of forward security mainly focuses on searchable symmetric encryption,while lacking considerations for public key searchable encryption.In the paper,we propose a forward secure public key searchable encryption scheme,the main idea is to embed the generation times into an encrypted data and a search token by the0-encoding and 1-encoding technology,and then use access control method to achieve that a new encrypted data cannot be searched by an old search token.Security analysis proves that the proposed scheme can achieve keyword indistinguishable forward security.We fur-ther propose a framework for constructing forward secure public key searchable encryption schemes,and prove its security.The framework can transform any attribute-based search-able encryption scheme that supports OR gate into a forward secure public key searchable encryption scheme without losses of efficiency and security.Finally,we show the efficien-cies of the proposed scheme by experiments.In summary,this thesis focuses on encrypted data search of cloud storage,and proposes cryptographic schemes for function efficiency requirements and security performance require- ments.The research results not only have theoretical significance,but also can further promote the applications of cryptographic technologies in cloud storage. |
PDF Full Text Request