面向尺寸模式保护的高效对称可搜索加密方案
Efficient Searchable Symmetric Encryption Scheme for Size Pattern Protection
李强 1沈援海 2刘天旭 3黄晏瑜 3孙建国3
作者信息
- 1. 西安电子科技大学计算机科学与技术学院,西安 710071;中移(杭州)信息技术有限公司,杭州 310023
- 2. 中移(杭州)信息技术有限公司,杭州 310023
- 3. 西安电子科技大学杭州研究院,杭州 311231
- 折叠
摘要
近年来,随着云服务的普及以及对数据安全保护需求的增加,动态对称可搜索加密(DSSE)由于可以在加密数据库中进行更新和查询的特点而受到学界广泛关注.由于考虑搜索和更新效率,DSSE通常需要泄露一些信息,主要包括搜索模式、访问模式和尺寸模式.目前,主要使用不经意随机访问机(ORAM)来保护搜索模式和访问模式,但ORAM无法保证尺寸模式泄露的安全性.文章说明了尺寸模式泄露的危害,并基于现有DSSE隐私概念提出了强前后向隐私,以达到对尺寸模式的保护目的.基于这种增强的安全性目标,文章提出了一种面向尺寸模式保护的高效对称可搜索加密方案Eurus,旨在解决现有方案中的尺寸模式泄露问题.Eurus通过结合多服务器ORAM架构、更新槽机制和细树路径淘汰技术,提供了强正向和反向隐私保护,防止敏感关键字和文件信息被泄露.多服务器ORAM隐藏了搜索和访问模式,更新槽机制混淆了文件标识符,细树路径淘汰技术打乱了文件的实际排列顺序.实验结果表明,Eurus在实现隐私保护的同时,提高了搜索和更新效率,搜索性能较现有方案提升了约46%,更新性能提升了4.73倍.
Abstract
In recent years,with the popularity of cloud services and the increasing demand for data security protection,dynamic searchable symmetric encryption(DSSE)has attracted widespread attention from academia due to its ability to update and query in encrypted databases.Due to considerations of search and update efficiency,DSSE often needs to disclose some information,mainly search pattern,access pattern,and size pattern.At present,the main use of oblivious random access machine(ORAM)is to protect search and access pattern,but ORAM cannot guarantee the security of size pattern leakage.The article explained the harm of size pattern leakage to security and extended the existing DSSE privacy concept to achieve protection of size patterns,namely proposing strong forward backward privacy.Based on this enhanced security objective,the article proposed an efficient searchable symmetric encryption scheme for size pattern protection named Eurus,aiming to solve the size pattern leakage problem in existing solutions.By combining multi-server ORAM architecture,update slot mechanism and fine tree path elimination technology,Eurus provided strong forward and reversed privacy protection to prevent the disclosure of sensitive keywords and file information.Multi-server ORAM hided search and access patterns,update slots confuse file identifiers,and fine tree path elimination techniques disrupted the actual order of files.The experimental results show that Eurus improves the search and update efficiency while maintaining privacy,improving the search performance by about 46%compared with the existing scheme,and improving the update performance by 4.73 times.
关键词
可搜索加密/尺寸模式/ORAMKey words
searchable encryption/size pattern/ORAM引用本文复制引用
基金项目
国家自然科学基金(62302365)
网络与信息安全安徽省重点实验室开放基金(AHNIS2022004)
中移(杭州)工业互联网标识与平台互通中间件联合测试验收项目(2023-2024)(CMHY-202300856)
出版年
2024
NETL
NSTL
万方数据