Research On Order-preserving Encryption Algorithm In Cloud Environment

With the rapid development of cloud computing technology,more and more users outsource their data to cloud servers for mitigating complex management tasks.To ensure the security of sensitive information stored in untrusted cloud servers,the owner performs the encryption operation before storing the ciphertext.However the exiting encryption technology will break the order of plaintext,which makes it difficult for traditional plaintext retrieval technology to be used,yet order preserving encryption provides a solution to the above problems.Meanwhile,the security of order-preserving encryption is reduced because that ciphertext maintains the order of plaintext.In this thesis,the existing order-preserving encryption scheme would be studied,in the view of the shortcomings of the previouse schemes,more feasible sequential encryption algorithm is proposed and verified by experiments.(1)To solve the problem that the existing sequential encryption algorithms are based on symmetric encryption system,a public key encryption order preserving algorithm is proposed in this article to simplify key management and reduce the storage pressure of the users.First,splitting the original message,hence the non-uniformly distributed data is mapped to the uniformly distributed plaintext bucket,for hiding the distribution of plaintext.Then the data owner uses the public key allocated by CA to encrypt from one bucket to another bucket,and adds the noise for implementing the one-to-many mapping.Thus the uncertainty of ciphertext values is increased.After the authorized gets the ciphertext,the plaintext value can be calculated by using the private key.Finally,a formal definition of IND-SR-OCPA(indistinguishability under sparse and random ordered chosen-plaintext attack)is proposed,and prove that this algorithm is security under the only-ciphertext attack and IND-SR-OCPA.(2)A large number of Certificate Management problems occurred in Cryptography Scheme based on PKI,and storage of the public key consumes a lot of resource space under the massive amounts of data in the cloud environment.Aiming at this issue,an identity-based order-preserving encryption algorithm is proposed in this article.Using the identity of the data consumer as the public keys to encrypt data,which can effectively reduce the overhead of key management.Meanwhile,in the process of encryption,the definition of high min-entropy is introduced to determine the best size of the ciphertext interval,for increasing the confusion and randomness of mapping results to hide the frequency distribution rules of plaintext.Finally,a formal definition of IND-ID-SR-OCPA is proposed.(3)In order to verify the feasibility of the above two algorithms,we construct a searchable keyword scheme based on order preserving encryption in this article.Taking keyword correlation score as an index,using the property of order preserving encryption and combining file identifier to build inverted index.Then a fast sequential retrieval is realized.The experiment shows that the sequential encryption scheme proposed in former two chapters can hide the distribution of plaintext effectively and it will provide an efficient retrieval environment.