一种支持前向安全更新和验证的加密搜索算法

Algorithm for encrypted search with forward secure updates and verification

Research output: Journal Publications and ReviewsRGC 21 - Publication in refereed journalpeer-review

6 Scopus Citations
View graph of relations

Author(s)

Related Research Unit(s)

Detail(s)

Original languageChinese (Simplified)
Pages (from-to)48-56
Journal / Publication西安电子科技大学学报
Volume47
Issue number5
Online published26 Aug 2020
Publication statusPublished - Oct 2020

Abstract

近年来, 云计算的进步推动了可搜索加密技术的发展。然而, 现有的加密搜索模式主要考虑中心化的环境, 即搜索操作执行在传统的客户-服务器模型中。如何在非信任的分布式环境(如区块链系统)应用可搜索加密技术仍有待探索。与此同时, 如何保证前向安全更新则是可搜索加密技术面临的另一挑战。为解决以上问题, 基于区块链技术, 设计了一种支持前向安全更新和验证的加密搜索算法。首先, 提出了一种支持前向安全更新的双索引结构, 并展示了如何将此结构应用于区块链系统, 以实现最优的搜索和更新复杂度; 其次, 提出了一种新的结果验证方案, 该方案基于加密的链上验证表实现了强大的数据保护, 并显著降低了区块链的开销; 最终, 通过Redis集群实现了系统原型, 并利用Amazon Cloud服务器对系统进行了性能评估。大量实验证明了所设计的方案是安全且高效的。
Recent advances in cloud computing are further pushing forward the development of the technique known as searchable encryption. However, existing encrypted search schemes mainly consider a centralized setting, where a search is conducted in a traditional client-server model. How to apply searchable encryption schemes to an untrusted distributed setting like the blockchain environment remains to be explored. Meanwhile, the advanced security property like forward security is posing new challenges that traditional technologies are no longer sufficient to cope with. In this work, we explore the potential of the blockchain technique and propose a novel dual index structure for forward-secure encrypted search with dynamic file updates. We show how to synthesize this design strategy in the context of blockchain-based storage systems and achieve both optimal search and update complexity. We also propose a verification scheme to verify the correctness of search results and customize an encrypted on-chain checklist to achieve strong data protection and lower the blockchain overhead. We implement the prototype on a Redis cluster and conduct performance evaluations on the Amazon Cloud. Extensive experiments demonstrate the security and efficiency of the design.

Research Area(s)

  • 加密搜索, 前向安全, 区块链系统, 动态可搜索加密, Encrypted search, Forward security, Blockchain system, Dynamic searchable encryption

Citation Format(s)

一种支持前向安全更新和验证的加密搜索算法. / 李涵; 张晨; 黄荷姣 et al.
In: 西安电子科技大学学报, Vol. 47, No. 5, 10.2020, p. 48-56.

Research output: Journal Publications and ReviewsRGC 21 - Publication in refereed journalpeer-review