Searchable Encryption Technology Research In Cloud Environment

With the rapid development of cloud computing and cloud storage,enterprises and individuals are willing to outsource their data to cloud service providers.They can effectively use the cloud computing resources and the powerful computing.In order to ensure the security and privacy of users' data,the data needs to be encrypted before storing to cloud.However,the ciphertext data stored in cloud have brought some challenges for searching operation.To some extent,users lost the operation of the data.Traditional plaintext retrieval cannot meet users' demand,so searchable encryption technology came into being.Data owner can store data in cloud server through searchable encryption technology,but they cannot achieve fine-grained access control the data.Anyone can access and search the data stored in the semmi-trusted cloud server.To a certain extent,there is a security risk of data privacy.In view of the above problems,this paper proposed a scheme which introduces Attribute-based encryption into searchable encryption.Attribute-based encryption utilizes the users' attributes set and access control to realize the fine-grained access control of data.Data owner specifies the access control policy and the data are encrypted with Attribute-based encryption policy.Only the users' attributes satisfy the access policy can decrypt the ciphertext data.This paper proposes a scheme which combines the public key searchable encryption with ciphertext policy attribute-based encryption(CP-ABE).The scheme can make data owner to achieve fine-grained access control the data in cloud.Searchable encryption technology are used to encrypt the original file,while the file key is encrypted with CP-ABE policy.If and only if the search users' attributes can satisfy the access control policy,the secret key may recover from the access control tree.So,the users who can obtain the secret key have the permission to perform the ciphertext search in cloud server.Based on the disadvantage of the existing scheme,it is proposed to use multi-authorization center.Multi-authorization center manages and distributes users' attributes and keys.They can ensure the privacy of users' information and resist the collusion attacks of the cloud server.Meanwhile,the scheme adopts location sensitive hash function(LSH)to map the keywordset into the Bloom filter.The scheme can update the keyword index information dynamically and realize multi-keyword fuzzy search.At the same time,to ensure the security of trapdoor,the scheme uses the dual key pairs of server and users.The keywords trapdoor are also encrypted of matrix.So,the keywords trapdoor can transmitte on public channel.As a result of the attribute-based encryption,the scheme can better support multi-user ciphertext sharing.Finally,we analysis the security and function of the scheme.