针对当前可搜索加密云存储技术主要侧重于多关键词、多用户可搜索云存储机制的研究,而忽略了语义对用户搜索结果的作用,提出一种基于语义的多用户高效搜索(ESBMS)方案:选用2个不同的云服务器,其中一个用于存储加密的数据文档,而另一个用于存储语义树密文,并为请求搜索的数据用户产生陷门和进行陷门匹配计算;通过向采用陷门策略的云服务器发送语义树进行搜索来减少服务器负载,而语义树在发送时已被加密,以确保其关键信息安全。结果表明:该方案具有完备性、语义隐私性和抗共谋攻击能力。与目前相关方案相比,该方案具有高效性。
Current cloud storage searchable encryption schemes have mostly been developed for multiuser environments with multi-keyword searches, but research on these schemes have not considered the influence of the semantics on the search results. This paper presents an efficient semantic-based multiuser search scheme using two cloud servers to ensure efficient searches. One cloud server matches the trapdoor and generates results that match the semantics while the other searches for the most relevant files and returns them to the user. This coordination reduces the server load by sending the semantic tree search to the cloud server which uses the trapdoor strategy. The semantic tree is encrypted to ensure the key information security. Tests show that this scheme is effective, resists the collusion attack, provides semantic privacy, and is more efficient than current related schemes.
[1] 李晖, 孙文海, 李凤华, 等. 公共云存储服务数据安全及隐私保护技术综述[J]. 计算机研究与发展, 2014, 51(7):1397-1409. LI H, SUN W H, LI F H, et al. Secure and privacy-preserving data storage service in public cloud[J]. Journal of Computer Research and Development, 2014, 51(7):1397-1409. (in Chinese)
[2] 沈志荣, 薛巍, 舒继武. 可搜索加密机制研究与进展[J]. 软件学报, 2014, 25(4):880-895. SHEN Z R, XUE W, SHU J W. Survey on the research and development of searchable encryption schemes[J]. Journal of Software, 2014, 25(4):880-895. (in Chinese)
[3] 曹来成, 王玮婷, 康一帆, 等. 属性盲化的模糊可搜索加密云存储方案[J]. 北京理工大学学报, 2019, 39(7):706-713. CAO L C, WANG W T, KANG Y F, et al. Cloud storage scheme on attribute blinding fuzzy searchable encryption[J]. Transactions of Beijing Institute of Technology, 2019, 39(7):706-713. (in Chinese)
[4] 曹来成, 刘宇飞, 董晓晔, 等. 基于属性加密的用户隐私保护云存储方案[J]. 清华大学学报(自然科学版), 2018, 58(2):150-156. CAO L C, LIU Y F, DONG X Y, et al. User privacy-preserving cloud storage scheme on CP-ABE[J]. Journal of Tsinghua University (Science and Technology), 2018, 58(2):150-156. (in Chinese)
[5] 韩静, 李艳平, 禹勇, 等. 用户可动态撤销及数据可实时更新的云审计方案[J]. 软件学报, 2020, 31(2):578-596. HAN J, LI Y P, YU Y, et al. Cloud auditing scheme with dynamic revocation of users and real-time updates of data[J]. Journal of Software, 2020, 31(2):578-596. (in Chinese)
[6] YANG J, FU C, NAN S, et al. General multi-key searchable encryption[C]//2015 IEEE 29th International Conference on Advanced Information Networking and Applications Workshops. Gwangiu, Republic of Korea, 2015:89-95.
[7] KANG Y Q, LIU Z H. A fully secure verifiable and outsourced decryption ranked searchable encryption scheme supporting synonym query[C]//2017 IEEE Second International Conference on Data Science in Cyberspace (DSC). Shenzhen, China, 2017:223-231.
[8] WANG Y L, WANG J F, SUN S F, et al. Towards multi-user searchable encryption supporting Boolean query and fast decryption[J]. Journal of Universal Computer Science, 2019, 25(3):222-244.
[9] MANOHARAN S N, SOUNDAR K R. A novel securable fuzzy logic based ranking scheme for document searching on outsourced cloud data[J]. Wireless Personal Communications, 2019, 105(1):175-218.
[10] FU Z J, XIA L L, SUN X M, et al. Semantic-aware searching over encrypted data for cloud computing[J]. IEEE Transactions on Information Forensics and Security, 2018, 13(9):2359-2371.
[11] DAI X L, DAI H, YANG G, et al. An efficient and dynamic semantic-aware multikeyword ranked search scheme over encrypted cloud data[J]. IEEE Access, 2019, 7:142855-142865.
[12] DAI H, DAI X L, YI X, et al. Semantic-aware multi-keyword ranked search scheme over encrypted cloud data[J]. Journal of Network and Computer Applications, 2019, 147:102442.
