Design A Query Protocol For Encrypted Database Based On Predicate Encryption

In recent years, with the rapid development of information society, cloud storage as a new form of storage has been widespreadly concerned in the community. More and more enterprises and end-users choose to put the data storage and computing into the cloud. Although cloud storage brings convenience to the user for storing and managing data, its privacy issue prevents it from being widely used. Database management system serves as an important storage platform of cloud storage, whose security determines the security of the entire cloud storage platform. The thesis considers the database management system(DBMS) privacy issue that the data is stored in the database in the form of ciphertext, while ensuring that queries are not affected.Specifically, the thesis proposes a protocol of database query based on predicate encryption, which applies a new method to the privacy issue of database management system. Predicate Encryption is a new research topic in the field of encrypted database, including four procedures: Setup, Encrypt, Gen Key and Query. The algorithm uses an attribute I to associate with a ciphertext C, a predicate f(a query condition) to associate with a secret key SKf. If f(I) 1, it illustrates the ciphertext C matches the predicate f. Using predicate encryption to encrypt data before storing them into database, it can execute query directly on the ciphertext without decrypting, which ensures the efficienty and security.Inner product is a common method used in predicate encryption scheme. However, it consumes huge storage space and pre-processing time, which hinders its application in practice. KSW predicate encryption is a classical scheme using inner product, the thesis proposed a new predicate encryption scheme to reduce the memory storage and pre-processing time from(2)nO to O(n) with the tradeoff of increasing one more step of Transform, where n represents the number of attribute values need to be encrypted. In general, it may reach to tens or even hundreds.In terms of security, the thesis uses “Selective” security model and a provably secure method to prove attribute-hiding property. It ensures the security of the algorithm.At last, we apply KSW predicate encryption and the improved predicate encryption into Mysql database. The experimental data demonstrates the advantages of the improved predicate encryption scheme in practice.