Publications-Theses

Article View/Open

Publication Export

Google ScholarTM

NCCU Library

Citation Infomation

Related Publications in TAIR

題名 適用於雲輔助 IIoT 且具隱私保護之雙向關鍵字搜尋加密方案
Privacy-preserving Bidirectional Keyword Search over Encrypted Data for Cloud-assisted IIoT
作者 李丞翊
Lee, Cheng-Yi
貢獻者 左瑞麟
Tso, Raylin
李丞翊
Lee, Cheng-Yi
關鍵詞 關鍵字搜尋
雙向搜尋
工業物聯網
免映射運算
多接受者
Keyword search
Bidirectional search
IIoT
Pairing-free
Multi-receiver
日期 2022
上傳時間 6-Apr-2023 18:00:28 (UTC+8)
摘要 基於雲輔助的工業物聯網(Industrial Internet of Things, IIoT)技術越來越多地被相關 企業使用。此種創新營運方式不僅僅降低計算成本,更能提高作業生產效率。為了 達到保護敏感數據的隱私,IIoT 環境中的設備必須在將數據發送到雲伺服器之前對其 進行加密。然而具有關鍵字搜索的公鑰加密方案(Public-key Encryption with Keyword Search, PEKS)提供雲輔助 IIoT 環境下重要的搜尋功能,允許使用者在不需解密的情 況下搜尋加密數據。為了滿足更實際需求,Zhang 等人近期提出具有雙向關鍵字搜尋 的公鑰加密概念,此概念支援發送者和接收者雙向搜尋。然而由於他們方案無法抵 抗外部竊聽者或內部惡意雲伺服器發起的關鍵字猜測攻擊(Keyword Guessing Attack, KGA),因此該方案存在安全性問題。此外,他們方案需要耗時的操作,例如雙線性配 對,導致計算成本高。在此研究中,我們為多接收者環境設計一種具雙向關鍵字搜尋 的公鑰認證加密(Public-key Authenticated Encryption with Bidirectional Keyword Search, PAEBKS)新穎概念。並基於此概念定義該系統定義和其安全要求,以確保沒有攻擊者 可攻克選擇關鍵字攻擊(Chosen Keyword Attack, CKA)和關鍵字猜測攻擊的不可區分 性。此外,我們提出一種免映射運算的半通用架構,結合多方非交互協議和認證功能, 並其在標準模型(Standard Model)下的安全證明。最後經過我們實驗表示,與其他方 案相比,我們所提出的方案更實用、更安全,並且更適合使用於雲輔助 IIoT 環境。
Cloud-assisted Industrial Internet of Things (IIoT) technology is increasingly used by related enterprises. This innovative business operation reduces computational costs and improves production efficiency. To preserve the privacy of sensitive data, IIoT devices must encrypt data before sending them to a cloud server. Public-key Encryption with Keyword Search (PEKS) provides an important search function over cloud-assisted IIoT, allowing users to search for encrypted data without decryption. To increase practical functionality, Zhang et al. recently proposed the concept of public-key encryption with bidirectional keyword search, which supports both sender and receiver searches. However, their scheme provides insufficient security because it cannot resist keyword guessing attacks (KGA) launched by an external eavesdropper or internal malicious cloud server. Additionally, their scheme requires time-consuming operations such as bilinear pairing, resulting in high computational costs. In this study, a novel concept called Public-key Authenticated Encryption with Bidirectional Keyword Search (PAEBKS) was devised for multi-user settings. The system definition and security requirements are formally defined to ensure that no adversary can overcome the indistinguishability against chosen- keyword attacks or KGA. Furthermore, we propose a pairing-free semi-generic construction, combines a multiparty non-interactive protocol and authenticated functionality, which has proven to be secure under the standard model. The experimental results reveal that, compared with other state-of-the-art schemes, the proposed scheme is more practical, secure, and suitable for use with cloud-assisted IIoT systems.
參考文獻 [ABC+ 05] Michel Abdalla, Mihir Bellare, Dario Catalano, et al. “Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions.” In: Advances in Cryptology - CRYPTO 2005: 25th Annual International Cryptology Conference, Santa Barbara, California, USA, August 14-18, 2005, Proceedings. Ed. by Victor Shoup. Vol. 3621. Lecture Notes in Computer Science. Springer, 2005, pp. 205–222 (cit. p. 5).
[BSS08] Joonsang Baek, Reihaneh Safavi-Naini, and Willy Susilo. “Public Key Encryption with Keyword Search Revisited.” In: Computational Science and Its Applications - ICCSA 2008, International Conference, Perugia, Italy, June 30 - July 3, 2008, Proceedings, Part I. Ed. by Osvaldo Gervasi, Beniamino Murgante, Antonio Laganà, et al. Vol. 5072. Lecture Notes in Computer Science. Springer, 2008, pp. 1249–1259 (cit. pp. 5, 6).
[BCO+ 04] Dan Boneh, Giovanni Di Crescenzo, Rafail Ostrovsky, and Giuseppe Persiano. “Public Key Encryption with Keyword Search.” In: Advances in Cryptology - EUROCRYPT 2004, International Conference on the Theory and Applications of Cryptographic Techniques, Interlaken, Switzerland, May 2-6, 2004, Proceedings. Ed. by Christian Cachin and Jan Camenisch. Vol. 3027. Lecture Notes in Computer Science. Springer, 2004, pp. 506–522 (cit. pp. 2, 5, 6, 9, 10).
[BS02] Dan Boneh and Alice Silverberg. “Applications of Multilinear Forms to Cryptography.” In: IACR Cryptol. ePrint Arch. (2002), p. 80 (cit. p. 15).
[BZ14] Dan Boneh and Mark Zhandry. “Multiparty Key Exchange, Efficient Traitor Tracing, and More from Indistinguishability Obfuscation.” In: Advances in Cryptology - CRYPTO 2014 - 34th Annual Cryptology Conference, Santa Barbara, CA, USA, August 17-21, 2014, Proceedings, Part I. Ed. by Juan A. Garay and Rosario Gennaro. Vol. 8616. Lecture Notes in Computer Science. Springer, 2014, pp. 480–499 (cit. p. 15).
[BRP+ 06] Jin Wook Byun, Hyun Suk Rhee, Hyun-A Park, and Dong Hoon Lee. “Off-Line Keyword Guessing Attacks on Recent Keyword Search Schemes over Encrypted Data.” In: Secure Data Management, Third VLDB Workshop, SDM 2006, Seoul, Korea, September 10-11, 2006, Proceedings. Ed. by Willem Jonker and Milan Petkovic. Vol. 4165. Lecture Notes in Computer Science. Springer, 2006, pp. 75–83 (cit. p. 6).
[CKS08] David Cash, Eike Kiltz, and Victor Shoup. “The Twin Diffie-Hellman Problem and Applications.” In: Advances in Cryptology - EUROCRYPT 2008, 27th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Istanbul, Turkey, April 13-17, 2008. Proceedings. Ed. by Nigel P. Smart. Vol. 4965. Lecture Notes in Computer Science. Springer, 2008, pp. 127–145 (cit. p. 16).
[CMY+ 15] Rongmao Chen, Yi Mu, Guomin Yang, Fuchun Guo, and Xiaofen Wang. “A New General Framework for Secure Public Key Encryption with Keyword Search.” In: Information Security and Privacy - 20th Australasian Conference, ACISP 2015, Brisbane, QLD, Australia, June 29 - July 1, 2015, Proceedings. Ed. by Ernest Foo and Douglas Stebila. Vol. 9144. Lecture Notes in Computer Science. Springer, 2015, pp. 59–76 (cit. p. 6).
[CMY+ 16a] Rongmao Chen, Yi Mu, Guomin Yang, Fuchun Guo, and Xiaofen Wang. “Dual-Server Public-Key Encryption With Keyword Search for Secure Cloud Storage.” In: IEEE Trans. Inf. Forensics Secur. 11.4 (2016), pp. 789–798 (cit. p. 7).
[CMY+ 16b] Rongmao Chen, Yi Mu, Guomin Yang, et al. “Server-Aided Public Key Encryption With Keyword Search.” In: IEEE Trans. Inf. Forensics Secur. 11.12 (2016), pp. 2833–2842 (cit. p. 6).
[CTW21] Yu Chen, Qiang Tang, and Yuyu Wang. “Hierarchical Integrated Signature and Encryption - (or: Key Separation vs. Key Reuse: Enjoy the Best of both Worlds).” In: Advances in Cryptology - ASIACRYPT 2021 - 27th International Conference on the Theory and Application of Cryptology and Information Security, Singapore, December 6-10, 2021, Proceedings, Part II. Ed. by Mehdi Tibouchi and Huaxiong Wang. Vol. 13091. Lecture Notes in Computer Science. Springer, 2021, pp. 514–543 (cit. p. 16).
[CM21] Leixiao Cheng and Fei Meng. “Security analysis of Pan et al.`s“Public-key authenticated encryption with keyword search achieving both multi-ciphertext and multi-trapdoor indistinguishability".” In: Journal of Systems Architecture (2021), p. 102248 (cit. p. 7).
[DH76] Whitfield Diffie and Martin E. Hellman. “New directions in cryptography.” In: IEEE Trans. Inf. Theory 22.6 (1976), pp. 644–654 (cit. p. 15).
[FSG+ 09] Liming Fang, Willy Susilo, Chunpeng Ge, and Jiandong Wang. “A Secure Channel Free Public Key Encryption with Keyword Search Scheme without Random Oracle.” In: Cryptology and Network Security, 8th International Conference, CANS 2009, Kanazawa, Japan, December 12-14, 2009. Proceedings. Ed. by Juan A. Garay, Atsuko Miyaji, and Akira Otsuka. Vol. 5888. Lecture Notes in Computer Science. Springer, 2009, pp. 248–258 (cit. p. 6).
[FSG+ 13] Liming Fang, Willy Susilo, Chunpeng Ge, and Jiandong Wang. “Public key encryption with keyword search secure against keyword guessing attacks without random oracle.” In: Inf. Sci. 238 (2013), pp. 221–241 (cit. p. 6).
[FHK+ 13] Eduarda S. V. Freire, Dennis Hofheinz, Eike Kiltz, and Kenneth G. Paterson. “Non-Interactive Key Exchange.” In: Public-Key Cryptography - PKC 2013 - 16th International Conference on Practice and Theory in Public-Key Cryptography, Nara, Japan, February 26 - March 1, 2013. Proceedings. Ed. by Kaoru Kurosawa and Goichiro Hanaoka. Vol. 7778. Lecture Notes in Computer Science. Springer, 2013, pp. 254–271 (cit. p. 16).
[HIL+ 99] Johan Håstad, Russell Impagliazzo, Leonid A. Levin, and Michael Luby. “A Pseudorandom Generator from any One-way Function.” In: SIAM J. Comput. 28.4 (1999), pp. 1364–1396 (cit. p. 17).
[HMZ+ 18] Debiao He, Mimi Ma, Sherali Zeadally, Neeraj Kumar, and Kaitai Liang. “Certificateless Public Key Authenticated Encryption With Keyword Search for Industrial Internet of Things.” In: IEEE Trans. Ind. Informatics 14.8 (2018), pp. 3618–3627 (cit. pp. 5, 7).
[HL17] Qiong Huang and Hongbo Li. “An efficient public-key searchable encryption scheme secure against inside keyword guessing attacks.” In: Inf. Sci. 403 (2017), pp. 1–14 (cit. pp. 7, 10, 36).
[JKH+ 09] Ik Rae Jeong, Jeong Ok Kwon, Dowon Hong, and Dong Hoon Lee. “Constructing PEKS schemes secure against keyword guessing attacks is possible?” In: Comput. Commun. 32.2 (2009), pp. 394– 396 (cit. p. 6).
[Jou04] Antoine Joux. “A One Round Protocol for Tripartite Diffie-Hellman.” In: J. Cryptol. 17.4 (2004), pp. 263–276 (cit. p. 15).
[KJZ+ 21] Ge Kan, Chunhua Jin, Huihui Zhu, Yongliang Xu, and Nian Liu. “An identity-based proxy re- encryption for data deduplication in cloud.” In: Journal of Systems Architecture 121 (2021), p. 102332 (cit. p. 2).
[LHS+ 19] Hongbo Li, Qiong Huang, Jian Shen, Guomin Yang, and Willy Susilo. “Designated-server identity- based authenticated encryption with keyword search for encrypted emails.” In: Inf. Sci. 481 (2019), pp. 330–343 (cit. pp. 5, 7).
[LLZ+ 17] Jiguo Li, Xiaonan Lin, Yichen Zhang, and Jinguang Han. “KSF-OABE: Outsourced Attribute-Based Encryption with Keyword Search Function for Cloud Storage.” In: IEEE Trans. Serv. Comput. 10.5 (2017), pp. 715–725 (cit. p. 2).
[LZN+ 20] Jiguo Li, Yichen Zhang, Jianting Ning, et al. “Attribute based encryption with privacy protection and accountability for CloudIoT.” In: IEEE Transactions on Cloud Computing (2020) (cit. p. 5).
[LWW12] Qin Liu, Guojun Wang, and Jie Wu. “Secure and privacy preserving keyword searching for cloud storage services.” In: J. Netw. Comput. Appl. 35.3 (2012), pp. 927–933 (cit. p. 2).
[LTT+ 21] Zi-Yuan Liu, Yi-Fan Tseng, Raylin Tso, Yu-Chi Chen, and Masahiro Mambo. “Identity-Certifying Authority-Aided Identity-Based Searchable Encryption Framework in Cloud Systems.” In: IEEE Systems Journal (2021) (cit. p. 7).
[LL19] Yang Lu and Jiguo Li. “Efficient searchable public key encryption against keyword guessing attacks for cloud-based EMR systems.” In: Clust. Comput. 22.1 (2019), pp. 285–299 (cit. pp. 2, 36).
[LL21] Yang Lu and Jiguo Li. “Lightweight Public Key Authenticated Encryption with Keyword Search against Adaptively-Chosen-Targets Adversaries for Mobile Devices.” In: IEEE Transactions on Mobile Computing (2021) (cit. pp. 2, 7, 35–39).
[LLW21] Yang Lu, Jiguo Li, and Fen Wang. “Pairing-Free Certificate-Based Searchable Encryption Supporting Privacy-Preserving Keyword Search Function for IIoTs.” In: IEEE Trans. Ind. Informatics 17.4 (2021), pp. 2696–2706 (cit. p. 7).
[LLZ20] Yang Lu, Jiguo Li, and Yichen Zhang. “Privacy-Preserving and Pairing-Free Multirecipient Certificateless Encryption With Keyword Search for Cloud-Assisted IIoT.” In: IEEE Internet Things J. 7.4 (2020), pp. 2553–2562 (cit. p. 5).
[LLZ21] Yang Lu, Jiguo Li, and Yichen Zhang. “Secure Channel Free Certificate-Based Searchable Encryption Withstanding Outside and Inside Keyword Guessing Attacks.” In: IEEE Trans. Serv. Comput. 14.6 (2021), pp. 2041–2054 (cit. p. 7).
[LWL+ 17] Yang Lu, Gang Wang, Jiguo Li, and Jian Shen. “Efficient designated server identity-based encryption with conjunctive keyword search.” In: Ann. des Télécommunications 72.5-6 (2017), pp. 359–370 (cit. p. 5).
[LR88] Michael Luby and Charles Rackoff. “How to Construct Pseudorandom Permutations from Pseudorandom Functions.” In: SIAM J. Comput. 17.2 (1988), pp. 373–386 (cit. p. 17).
[MHK+ 18] Mimi Ma, Debiao He, Muhammad Khurram Khan, and Jianhua Chen. “Certificateless searchable public key encryption scheme for mobile healthcare system.” In: Comput. Electr. Eng. 65 (2018), pp. 413–424 (cit. pp. 2, 5, 7).
[MLC+ 21] Yinbin Miao, Ximeng Liu, Kim-Kwang Raymond Choo, et al. “Privacy-Preserving Attribute-Based Keyword Search in Shared Multi-owner Setting.” In: IEEE Trans. Dependable Secur. Comput. 18.3 (2021), pp. 1080–1094 (cit. p. 5).
[NE19] Mahnaz Noroozi and Ziba Eslami. “Public key authenticated encryption with keyword search: revisited.” In: IET Inf. Secur. 13.4 (2019), pp. 336–342 (cit. p. 7).
[PL21] Xiangyu Pan and Fagen Li. “Public-key authenticated encryption with keyword search achieving both multi-ciphertext and multi-trapdoor indistinguishability.” In: J. Syst. Archit. 115 (2021), p. 102075 (cit. p. 7).
[QCH+ 20] Baodong Qin, Yu Chen, Qiong Huang, Ximeng Liu, and Dong Zheng. “Public-key authenticated encryption with keyword search revisited: Security model and constructions.” In: Inf. Sci. 516 (2020), pp. 515–528 (cit. p. 7).
[Qu99] Minghua Qu. “Sec 2: Recommended elliptic curve domain parameters.” In: Certicom Res., Mississauga, ON, Canada, Tech. Rep. SEC2-Ver-0.6 (1999) (cit. p. 36).
[RPL12] Hyun Sook Rhee, Jong Hwan Park, and Dong Hoon Lee. “Generic construction of designated tester public-key encryption with keyword search.” In: Inf. Sci. 205 (2012), pp. 93–109 (cit. p. 5).
[RPS+ 09] Hyun Sook Rhee, Jong Hwan Park, Willy Susilo, and Dong Hoon Lee. “Improved searchable public key encryption with designated tester.” In: Proceedings of the 2009 ACM Symposium on Information, Computer and Communications Security, ASIACCS 2009, Sydney, Australia, March 10-12, 2009. Ed. by Wanqing Li, Willy Susilo, Udaya Kiran Tupakula, Reihaneh Safavi-Naini, and Vijay Varadharajan. ACM, 2009, pp. 376–379 (cit. p. 5).
[RPS+ 10] Hyun Sook Rhee, Jong Hwan Park, Willy Susilo, and Dong Hoon Lee. “Trapdoor security in a searchable public-key encryption scheme with a designated tester.” In: J. Syst. Softw. 83.5 (2010), pp. 763–771 (cit. pp. 5, 6).
[RSK09] Hyun Sook Rhee, Willy Susilo, and Hyun-Jeong Kim. “Secure searchable public key encryption scheme against keyword guessing attacks.” In: IEICE Electron. Express 6.5 (2009), pp. 237–243 (cit. p. 6).
[SBS+ 21a] Mohammed Raouf Senouci, Ilyas Benkhaddra, Abdelkader Senouci, and Fagen Li. “An efficient and secure certificateless searchable encryption scheme against keyword guessing attacks.” In: Journal of Systems Architecture 119 (2021), p. 102271 (cit. p. 5).
[SBS+ 21b] Mohammed Raouf Senouci, Ilyas Benkhaddra, Abdelkader Senouci, and Fagen Li. “An efficient and secure certificateless searchable encryption scheme against keyword guessing attacks.” In: Journal of Systems Architecture 119 (2021), p. 102271 (cit. p. 7).
[SY15] Zhi-Yi Shao and Bo Yang. “On security against the server in designated tester public key encryption with keyword search.” In: Inf. Process. Lett. 115.12 (2015), pp. 957–961 (cit. p. 6).
[Sho04] Victor Shoup. “Sequences of games: a tool for taming complexity in security proofs.” In: IACR Cryptol. ePrint Arch. 2004 (2004), p. 332 (cit. pp. 17, 27).
[UWC+19] Erneste Uwizeye, Jiye Wang, Zhihua Cheng, and Fagen Li. “Certificateless public key encryption with conjunctive keyword search and its application to cloud-based reliable smart grid system.” In: Annals of Telecommunications 74.7 (2019), pp. 435–449 (cit. p. 7).
[WCZ+18] Libing Wu, Biwen Chen, Sherali Zeadally, and Debiao He. “An efficient and secure searchable public key encryption scheme with privacy protection for cloud storage.” In: Soft Comput. 22.23 (2018), pp. 7685–7696 (cit. p. 36).
[WZM+ 19] Libing Wu, Yubo Zhang, Mimi Ma, Neeraj Kumar, and Debiao He. “Certificateless searchable public key authenticated encryption with designated tester for cloud-assisted medical Internet of Things.” In: Ann. des Télécommunications 74.7-8 (2019), pp. 423–434 (cit. p. 7).
[XZY+ 21] Qian Xu, Qing Zhang, Bo Yu, et al. “Decentralized and expressive data publish-subscribe scheme in cloud based on attribute-based keyword search.” In: Journal of Systems Architecture 119 (2021), p. 102274 (cit. p. 5).
[YJC+ 14] Peng Yanguo, Cui Jiangtao, Peng Changgen, and Ying Zuobin. “Certificateless public key encryption with keyword search.” In: China Communications 11.11 (2014), pp. 100–113 (cit. p. 5).
[YHG08] Wei-Chuen Yau, Swee-Huay Heng, and Bok-Min Goi. “Off-Line Keyword Guessing Attacks on Recent Public Key Encryption with Keyword Search Schemes.” In: Autonomic and Trusted Computing, 5th International Conference, ATC 2008, Oslo, Norway, June 23-25, 2008, Proceedings. Ed. by Chunming Rong, Martin Gilje Jaatun, Frode Eika Sandnes, Laurence Tianruo Yang, and Jianhua Ma. Vol. 5060. Lecture Notes in Computer Science. Springer, 2008, pp. 100–105 (cit. p. 6).
[ZQD+ 21] Wenzheng Zhang, Baodong Qin, Xinfeng Dong, and Aikui Tian. “Public-key encryption with bidirectional keyword search and its application to encrypted emails.” In: Comput. Stand. Interfaces 78 (2021), p. 103542 (cit. pp. 2, 3, 5, 11, 35–39).
[ZNS11] Fangming Zhao, Takashi Nishide, and Kouichi Sakurai. “Multi-User Keyword Search Scheme for Secure Data Sharing with Fine-Grained Access Control.” In: Information Security and Cryptology - ICISC 2011 - 14th International Conference, Seoul, Korea, November 30 - December 2, 2011. Revised Selected Papers. Ed. by Howon Kim. Vol. 7259. Lecture Notes in Computer Science. Springer, 2011, pp. 406–418 (cit. p. 2).
描述 碩士
國立政治大學
資訊科學系
109753120
資料來源 http://thesis.lib.nccu.edu.tw/record/#G0109753120
資料類型 thesis
dc.contributor.advisor 左瑞麟zh_TW
dc.contributor.advisor Tso, Raylinen_US
dc.contributor.author (Authors) 李丞翊zh_TW
dc.contributor.author (Authors) Lee, Cheng-Yien_US
dc.creator (作者) 李丞翊zh_TW
dc.creator (作者) Lee, Cheng-Yien_US
dc.date (日期) 2022en_US
dc.date.accessioned 6-Apr-2023 18:00:28 (UTC+8)-
dc.date.available 6-Apr-2023 18:00:28 (UTC+8)-
dc.date.issued (上傳時間) 6-Apr-2023 18:00:28 (UTC+8)-
dc.identifier (Other Identifiers) G0109753120en_US
dc.identifier.uri (URI) http://nccur.lib.nccu.edu.tw/handle/140.119/144043-
dc.description (描述) 碩士zh_TW
dc.description (描述) 國立政治大學zh_TW
dc.description (描述) 資訊科學系zh_TW
dc.description (描述) 109753120zh_TW
dc.description.abstract (摘要) 基於雲輔助的工業物聯網(Industrial Internet of Things, IIoT)技術越來越多地被相關 企業使用。此種創新營運方式不僅僅降低計算成本,更能提高作業生產效率。為了 達到保護敏感數據的隱私,IIoT 環境中的設備必須在將數據發送到雲伺服器之前對其 進行加密。然而具有關鍵字搜索的公鑰加密方案(Public-key Encryption with Keyword Search, PEKS)提供雲輔助 IIoT 環境下重要的搜尋功能,允許使用者在不需解密的情 況下搜尋加密數據。為了滿足更實際需求,Zhang 等人近期提出具有雙向關鍵字搜尋 的公鑰加密概念,此概念支援發送者和接收者雙向搜尋。然而由於他們方案無法抵 抗外部竊聽者或內部惡意雲伺服器發起的關鍵字猜測攻擊(Keyword Guessing Attack, KGA),因此該方案存在安全性問題。此外,他們方案需要耗時的操作,例如雙線性配 對,導致計算成本高。在此研究中,我們為多接收者環境設計一種具雙向關鍵字搜尋 的公鑰認證加密(Public-key Authenticated Encryption with Bidirectional Keyword Search, PAEBKS)新穎概念。並基於此概念定義該系統定義和其安全要求,以確保沒有攻擊者 可攻克選擇關鍵字攻擊(Chosen Keyword Attack, CKA)和關鍵字猜測攻擊的不可區分 性。此外,我們提出一種免映射運算的半通用架構,結合多方非交互協議和認證功能, 並其在標準模型(Standard Model)下的安全證明。最後經過我們實驗表示,與其他方 案相比,我們所提出的方案更實用、更安全,並且更適合使用於雲輔助 IIoT 環境。zh_TW
dc.description.abstract (摘要) Cloud-assisted Industrial Internet of Things (IIoT) technology is increasingly used by related enterprises. This innovative business operation reduces computational costs and improves production efficiency. To preserve the privacy of sensitive data, IIoT devices must encrypt data before sending them to a cloud server. Public-key Encryption with Keyword Search (PEKS) provides an important search function over cloud-assisted IIoT, allowing users to search for encrypted data without decryption. To increase practical functionality, Zhang et al. recently proposed the concept of public-key encryption with bidirectional keyword search, which supports both sender and receiver searches. However, their scheme provides insufficient security because it cannot resist keyword guessing attacks (KGA) launched by an external eavesdropper or internal malicious cloud server. Additionally, their scheme requires time-consuming operations such as bilinear pairing, resulting in high computational costs. In this study, a novel concept called Public-key Authenticated Encryption with Bidirectional Keyword Search (PAEBKS) was devised for multi-user settings. The system definition and security requirements are formally defined to ensure that no adversary can overcome the indistinguishability against chosen- keyword attacks or KGA. Furthermore, we propose a pairing-free semi-generic construction, combines a multiparty non-interactive protocol and authenticated functionality, which has proven to be secure under the standard model. The experimental results reveal that, compared with other state-of-the-art schemes, the proposed scheme is more practical, secure, and suitable for use with cloud-assisted IIoT systems.en_US
dc.description.tableofcontents 1 Introduction 1
1.1 Background.................................... 1
1.2 MotivationandOurContributions ........................ 3
1.3 Organization.................................... 4
2 Related Work 5
3 Background 9
3.1 Public-keyEncryptionwithKeywordSearch(PEKS) . . . . 9
3.1.1 DefinitionofPEKS............................ 9
3.2 Public-key Authenticated Encryption with Keyword Search (PAEKS) . . . . . . 10
3.2.1 DefinitionofPAEKS........................... 10
3.3 Public-key Encryption with Bidirectional Keyword Search (PEBKS) . . . . . . 11
3.3.1 DefinitionofPEBKS........................... 11
4 Preliminaries 15
4.1 Bilinearmaps................................... 15
4.2 Multi-party Non-Interactive Key Exchange Protocol (MP-NIKE) . . . . . . . . 15
4.3 Pseudo-randomfunctions(PRFs)......................... 17
4.4 Game-hopping .................................. 17
5 Public-key Authenticated Encryption with Bidirectional Keyword Search 19
5.1 DescriptionofEntitiesinPAEBKS........................ 19
5.2 DefinitionofPAEBKS .............................. 20
5.3 SecurityModelofPAEBKS ........................... 21
5.3.1 IND-CKAsecurity............................ 21
5.3.2 IND-KGAsecurity ............................ 23
5.4 Pairing-freePAEBKSconstruction.................. 24
6 Security Analysis 27
7 Theoretical Comparison & Performance Analysis 35
7.1 TheoreticalComparison ............................ 35
7.2 PerformanceAnalysis............................... 36
8 Conclusion 43
Bibliography 45
zh_TW
dc.format.extent 6520655 bytes-
dc.format.mimetype application/pdf-
dc.source.uri (資料來源) http://thesis.lib.nccu.edu.tw/record/#G0109753120en_US
dc.subject (關鍵詞) 關鍵字搜尋zh_TW
dc.subject (關鍵詞) 雙向搜尋zh_TW
dc.subject (關鍵詞) 工業物聯網zh_TW
dc.subject (關鍵詞) 免映射運算zh_TW
dc.subject (關鍵詞) 多接受者zh_TW
dc.subject (關鍵詞) Keyword searchen_US
dc.subject (關鍵詞) Bidirectional searchen_US
dc.subject (關鍵詞) IIoTen_US
dc.subject (關鍵詞) Pairing-freeen_US
dc.subject (關鍵詞) Multi-receiveren_US
dc.title (題名) 適用於雲輔助 IIoT 且具隱私保護之雙向關鍵字搜尋加密方案zh_TW
dc.title (題名) Privacy-preserving Bidirectional Keyword Search over Encrypted Data for Cloud-assisted IIoTen_US
dc.type (資料類型) thesisen_US
dc.relation.reference (參考文獻) [ABC+ 05] Michel Abdalla, Mihir Bellare, Dario Catalano, et al. “Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions.” In: Advances in Cryptology - CRYPTO 2005: 25th Annual International Cryptology Conference, Santa Barbara, California, USA, August 14-18, 2005, Proceedings. Ed. by Victor Shoup. Vol. 3621. Lecture Notes in Computer Science. Springer, 2005, pp. 205–222 (cit. p. 5).
[BSS08] Joonsang Baek, Reihaneh Safavi-Naini, and Willy Susilo. “Public Key Encryption with Keyword Search Revisited.” In: Computational Science and Its Applications - ICCSA 2008, International Conference, Perugia, Italy, June 30 - July 3, 2008, Proceedings, Part I. Ed. by Osvaldo Gervasi, Beniamino Murgante, Antonio Laganà, et al. Vol. 5072. Lecture Notes in Computer Science. Springer, 2008, pp. 1249–1259 (cit. pp. 5, 6).
[BCO+ 04] Dan Boneh, Giovanni Di Crescenzo, Rafail Ostrovsky, and Giuseppe Persiano. “Public Key Encryption with Keyword Search.” In: Advances in Cryptology - EUROCRYPT 2004, International Conference on the Theory and Applications of Cryptographic Techniques, Interlaken, Switzerland, May 2-6, 2004, Proceedings. Ed. by Christian Cachin and Jan Camenisch. Vol. 3027. Lecture Notes in Computer Science. Springer, 2004, pp. 506–522 (cit. pp. 2, 5, 6, 9, 10).
[BS02] Dan Boneh and Alice Silverberg. “Applications of Multilinear Forms to Cryptography.” In: IACR Cryptol. ePrint Arch. (2002), p. 80 (cit. p. 15).
[BZ14] Dan Boneh and Mark Zhandry. “Multiparty Key Exchange, Efficient Traitor Tracing, and More from Indistinguishability Obfuscation.” In: Advances in Cryptology - CRYPTO 2014 - 34th Annual Cryptology Conference, Santa Barbara, CA, USA, August 17-21, 2014, Proceedings, Part I. Ed. by Juan A. Garay and Rosario Gennaro. Vol. 8616. Lecture Notes in Computer Science. Springer, 2014, pp. 480–499 (cit. p. 15).
[BRP+ 06] Jin Wook Byun, Hyun Suk Rhee, Hyun-A Park, and Dong Hoon Lee. “Off-Line Keyword Guessing Attacks on Recent Keyword Search Schemes over Encrypted Data.” In: Secure Data Management, Third VLDB Workshop, SDM 2006, Seoul, Korea, September 10-11, 2006, Proceedings. Ed. by Willem Jonker and Milan Petkovic. Vol. 4165. Lecture Notes in Computer Science. Springer, 2006, pp. 75–83 (cit. p. 6).
[CKS08] David Cash, Eike Kiltz, and Victor Shoup. “The Twin Diffie-Hellman Problem and Applications.” In: Advances in Cryptology - EUROCRYPT 2008, 27th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Istanbul, Turkey, April 13-17, 2008. Proceedings. Ed. by Nigel P. Smart. Vol. 4965. Lecture Notes in Computer Science. Springer, 2008, pp. 127–145 (cit. p. 16).
[CMY+ 15] Rongmao Chen, Yi Mu, Guomin Yang, Fuchun Guo, and Xiaofen Wang. “A New General Framework for Secure Public Key Encryption with Keyword Search.” In: Information Security and Privacy - 20th Australasian Conference, ACISP 2015, Brisbane, QLD, Australia, June 29 - July 1, 2015, Proceedings. Ed. by Ernest Foo and Douglas Stebila. Vol. 9144. Lecture Notes in Computer Science. Springer, 2015, pp. 59–76 (cit. p. 6).
[CMY+ 16a] Rongmao Chen, Yi Mu, Guomin Yang, Fuchun Guo, and Xiaofen Wang. “Dual-Server Public-Key Encryption With Keyword Search for Secure Cloud Storage.” In: IEEE Trans. Inf. Forensics Secur. 11.4 (2016), pp. 789–798 (cit. p. 7).
[CMY+ 16b] Rongmao Chen, Yi Mu, Guomin Yang, et al. “Server-Aided Public Key Encryption With Keyword Search.” In: IEEE Trans. Inf. Forensics Secur. 11.12 (2016), pp. 2833–2842 (cit. p. 6).
[CTW21] Yu Chen, Qiang Tang, and Yuyu Wang. “Hierarchical Integrated Signature and Encryption - (or: Key Separation vs. Key Reuse: Enjoy the Best of both Worlds).” In: Advances in Cryptology - ASIACRYPT 2021 - 27th International Conference on the Theory and Application of Cryptology and Information Security, Singapore, December 6-10, 2021, Proceedings, Part II. Ed. by Mehdi Tibouchi and Huaxiong Wang. Vol. 13091. Lecture Notes in Computer Science. Springer, 2021, pp. 514–543 (cit. p. 16).
[CM21] Leixiao Cheng and Fei Meng. “Security analysis of Pan et al.`s“Public-key authenticated encryption with keyword search achieving both multi-ciphertext and multi-trapdoor indistinguishability".” In: Journal of Systems Architecture (2021), p. 102248 (cit. p. 7).
[DH76] Whitfield Diffie and Martin E. Hellman. “New directions in cryptography.” In: IEEE Trans. Inf. Theory 22.6 (1976), pp. 644–654 (cit. p. 15).
[FSG+ 09] Liming Fang, Willy Susilo, Chunpeng Ge, and Jiandong Wang. “A Secure Channel Free Public Key Encryption with Keyword Search Scheme without Random Oracle.” In: Cryptology and Network Security, 8th International Conference, CANS 2009, Kanazawa, Japan, December 12-14, 2009. Proceedings. Ed. by Juan A. Garay, Atsuko Miyaji, and Akira Otsuka. Vol. 5888. Lecture Notes in Computer Science. Springer, 2009, pp. 248–258 (cit. p. 6).
[FSG+ 13] Liming Fang, Willy Susilo, Chunpeng Ge, and Jiandong Wang. “Public key encryption with keyword search secure against keyword guessing attacks without random oracle.” In: Inf. Sci. 238 (2013), pp. 221–241 (cit. p. 6).
[FHK+ 13] Eduarda S. V. Freire, Dennis Hofheinz, Eike Kiltz, and Kenneth G. Paterson. “Non-Interactive Key Exchange.” In: Public-Key Cryptography - PKC 2013 - 16th International Conference on Practice and Theory in Public-Key Cryptography, Nara, Japan, February 26 - March 1, 2013. Proceedings. Ed. by Kaoru Kurosawa and Goichiro Hanaoka. Vol. 7778. Lecture Notes in Computer Science. Springer, 2013, pp. 254–271 (cit. p. 16).
[HIL+ 99] Johan Håstad, Russell Impagliazzo, Leonid A. Levin, and Michael Luby. “A Pseudorandom Generator from any One-way Function.” In: SIAM J. Comput. 28.4 (1999), pp. 1364–1396 (cit. p. 17).
[HMZ+ 18] Debiao He, Mimi Ma, Sherali Zeadally, Neeraj Kumar, and Kaitai Liang. “Certificateless Public Key Authenticated Encryption With Keyword Search for Industrial Internet of Things.” In: IEEE Trans. Ind. Informatics 14.8 (2018), pp. 3618–3627 (cit. pp. 5, 7).
[HL17] Qiong Huang and Hongbo Li. “An efficient public-key searchable encryption scheme secure against inside keyword guessing attacks.” In: Inf. Sci. 403 (2017), pp. 1–14 (cit. pp. 7, 10, 36).
[JKH+ 09] Ik Rae Jeong, Jeong Ok Kwon, Dowon Hong, and Dong Hoon Lee. “Constructing PEKS schemes secure against keyword guessing attacks is possible?” In: Comput. Commun. 32.2 (2009), pp. 394– 396 (cit. p. 6).
[Jou04] Antoine Joux. “A One Round Protocol for Tripartite Diffie-Hellman.” In: J. Cryptol. 17.4 (2004), pp. 263–276 (cit. p. 15).
[KJZ+ 21] Ge Kan, Chunhua Jin, Huihui Zhu, Yongliang Xu, and Nian Liu. “An identity-based proxy re- encryption for data deduplication in cloud.” In: Journal of Systems Architecture 121 (2021), p. 102332 (cit. p. 2).
[LHS+ 19] Hongbo Li, Qiong Huang, Jian Shen, Guomin Yang, and Willy Susilo. “Designated-server identity- based authenticated encryption with keyword search for encrypted emails.” In: Inf. Sci. 481 (2019), pp. 330–343 (cit. pp. 5, 7).
[LLZ+ 17] Jiguo Li, Xiaonan Lin, Yichen Zhang, and Jinguang Han. “KSF-OABE: Outsourced Attribute-Based Encryption with Keyword Search Function for Cloud Storage.” In: IEEE Trans. Serv. Comput. 10.5 (2017), pp. 715–725 (cit. p. 2).
[LZN+ 20] Jiguo Li, Yichen Zhang, Jianting Ning, et al. “Attribute based encryption with privacy protection and accountability for CloudIoT.” In: IEEE Transactions on Cloud Computing (2020) (cit. p. 5).
[LWW12] Qin Liu, Guojun Wang, and Jie Wu. “Secure and privacy preserving keyword searching for cloud storage services.” In: J. Netw. Comput. Appl. 35.3 (2012), pp. 927–933 (cit. p. 2).
[LTT+ 21] Zi-Yuan Liu, Yi-Fan Tseng, Raylin Tso, Yu-Chi Chen, and Masahiro Mambo. “Identity-Certifying Authority-Aided Identity-Based Searchable Encryption Framework in Cloud Systems.” In: IEEE Systems Journal (2021) (cit. p. 7).
[LL19] Yang Lu and Jiguo Li. “Efficient searchable public key encryption against keyword guessing attacks for cloud-based EMR systems.” In: Clust. Comput. 22.1 (2019), pp. 285–299 (cit. pp. 2, 36).
[LL21] Yang Lu and Jiguo Li. “Lightweight Public Key Authenticated Encryption with Keyword Search against Adaptively-Chosen-Targets Adversaries for Mobile Devices.” In: IEEE Transactions on Mobile Computing (2021) (cit. pp. 2, 7, 35–39).
[LLW21] Yang Lu, Jiguo Li, and Fen Wang. “Pairing-Free Certificate-Based Searchable Encryption Supporting Privacy-Preserving Keyword Search Function for IIoTs.” In: IEEE Trans. Ind. Informatics 17.4 (2021), pp. 2696–2706 (cit. p. 7).
[LLZ20] Yang Lu, Jiguo Li, and Yichen Zhang. “Privacy-Preserving and Pairing-Free Multirecipient Certificateless Encryption With Keyword Search for Cloud-Assisted IIoT.” In: IEEE Internet Things J. 7.4 (2020), pp. 2553–2562 (cit. p. 5).
[LLZ21] Yang Lu, Jiguo Li, and Yichen Zhang. “Secure Channel Free Certificate-Based Searchable Encryption Withstanding Outside and Inside Keyword Guessing Attacks.” In: IEEE Trans. Serv. Comput. 14.6 (2021), pp. 2041–2054 (cit. p. 7).
[LWL+ 17] Yang Lu, Gang Wang, Jiguo Li, and Jian Shen. “Efficient designated server identity-based encryption with conjunctive keyword search.” In: Ann. des Télécommunications 72.5-6 (2017), pp. 359–370 (cit. p. 5).
[LR88] Michael Luby and Charles Rackoff. “How to Construct Pseudorandom Permutations from Pseudorandom Functions.” In: SIAM J. Comput. 17.2 (1988), pp. 373–386 (cit. p. 17).
[MHK+ 18] Mimi Ma, Debiao He, Muhammad Khurram Khan, and Jianhua Chen. “Certificateless searchable public key encryption scheme for mobile healthcare system.” In: Comput. Electr. Eng. 65 (2018), pp. 413–424 (cit. pp. 2, 5, 7).
[MLC+ 21] Yinbin Miao, Ximeng Liu, Kim-Kwang Raymond Choo, et al. “Privacy-Preserving Attribute-Based Keyword Search in Shared Multi-owner Setting.” In: IEEE Trans. Dependable Secur. Comput. 18.3 (2021), pp. 1080–1094 (cit. p. 5).
[NE19] Mahnaz Noroozi and Ziba Eslami. “Public key authenticated encryption with keyword search: revisited.” In: IET Inf. Secur. 13.4 (2019), pp. 336–342 (cit. p. 7).
[PL21] Xiangyu Pan and Fagen Li. “Public-key authenticated encryption with keyword search achieving both multi-ciphertext and multi-trapdoor indistinguishability.” In: J. Syst. Archit. 115 (2021), p. 102075 (cit. p. 7).
[QCH+ 20] Baodong Qin, Yu Chen, Qiong Huang, Ximeng Liu, and Dong Zheng. “Public-key authenticated encryption with keyword search revisited: Security model and constructions.” In: Inf. Sci. 516 (2020), pp. 515–528 (cit. p. 7).
[Qu99] Minghua Qu. “Sec 2: Recommended elliptic curve domain parameters.” In: Certicom Res., Mississauga, ON, Canada, Tech. Rep. SEC2-Ver-0.6 (1999) (cit. p. 36).
[RPL12] Hyun Sook Rhee, Jong Hwan Park, and Dong Hoon Lee. “Generic construction of designated tester public-key encryption with keyword search.” In: Inf. Sci. 205 (2012), pp. 93–109 (cit. p. 5).
[RPS+ 09] Hyun Sook Rhee, Jong Hwan Park, Willy Susilo, and Dong Hoon Lee. “Improved searchable public key encryption with designated tester.” In: Proceedings of the 2009 ACM Symposium on Information, Computer and Communications Security, ASIACCS 2009, Sydney, Australia, March 10-12, 2009. Ed. by Wanqing Li, Willy Susilo, Udaya Kiran Tupakula, Reihaneh Safavi-Naini, and Vijay Varadharajan. ACM, 2009, pp. 376–379 (cit. p. 5).
[RPS+ 10] Hyun Sook Rhee, Jong Hwan Park, Willy Susilo, and Dong Hoon Lee. “Trapdoor security in a searchable public-key encryption scheme with a designated tester.” In: J. Syst. Softw. 83.5 (2010), pp. 763–771 (cit. pp. 5, 6).
[RSK09] Hyun Sook Rhee, Willy Susilo, and Hyun-Jeong Kim. “Secure searchable public key encryption scheme against keyword guessing attacks.” In: IEICE Electron. Express 6.5 (2009), pp. 237–243 (cit. p. 6).
[SBS+ 21a] Mohammed Raouf Senouci, Ilyas Benkhaddra, Abdelkader Senouci, and Fagen Li. “An efficient and secure certificateless searchable encryption scheme against keyword guessing attacks.” In: Journal of Systems Architecture 119 (2021), p. 102271 (cit. p. 5).
[SBS+ 21b] Mohammed Raouf Senouci, Ilyas Benkhaddra, Abdelkader Senouci, and Fagen Li. “An efficient and secure certificateless searchable encryption scheme against keyword guessing attacks.” In: Journal of Systems Architecture 119 (2021), p. 102271 (cit. p. 7).
[SY15] Zhi-Yi Shao and Bo Yang. “On security against the server in designated tester public key encryption with keyword search.” In: Inf. Process. Lett. 115.12 (2015), pp. 957–961 (cit. p. 6).
[Sho04] Victor Shoup. “Sequences of games: a tool for taming complexity in security proofs.” In: IACR Cryptol. ePrint Arch. 2004 (2004), p. 332 (cit. pp. 17, 27).
[UWC+19] Erneste Uwizeye, Jiye Wang, Zhihua Cheng, and Fagen Li. “Certificateless public key encryption with conjunctive keyword search and its application to cloud-based reliable smart grid system.” In: Annals of Telecommunications 74.7 (2019), pp. 435–449 (cit. p. 7).
[WCZ+18] Libing Wu, Biwen Chen, Sherali Zeadally, and Debiao He. “An efficient and secure searchable public key encryption scheme with privacy protection for cloud storage.” In: Soft Comput. 22.23 (2018), pp. 7685–7696 (cit. p. 36).
[WZM+ 19] Libing Wu, Yubo Zhang, Mimi Ma, Neeraj Kumar, and Debiao He. “Certificateless searchable public key authenticated encryption with designated tester for cloud-assisted medical Internet of Things.” In: Ann. des Télécommunications 74.7-8 (2019), pp. 423–434 (cit. p. 7).
[XZY+ 21] Qian Xu, Qing Zhang, Bo Yu, et al. “Decentralized and expressive data publish-subscribe scheme in cloud based on attribute-based keyword search.” In: Journal of Systems Architecture 119 (2021), p. 102274 (cit. p. 5).
[YJC+ 14] Peng Yanguo, Cui Jiangtao, Peng Changgen, and Ying Zuobin. “Certificateless public key encryption with keyword search.” In: China Communications 11.11 (2014), pp. 100–113 (cit. p. 5).
[YHG08] Wei-Chuen Yau, Swee-Huay Heng, and Bok-Min Goi. “Off-Line Keyword Guessing Attacks on Recent Public Key Encryption with Keyword Search Schemes.” In: Autonomic and Trusted Computing, 5th International Conference, ATC 2008, Oslo, Norway, June 23-25, 2008, Proceedings. Ed. by Chunming Rong, Martin Gilje Jaatun, Frode Eika Sandnes, Laurence Tianruo Yang, and Jianhua Ma. Vol. 5060. Lecture Notes in Computer Science. Springer, 2008, pp. 100–105 (cit. p. 6).
[ZQD+ 21] Wenzheng Zhang, Baodong Qin, Xinfeng Dong, and Aikui Tian. “Public-key encryption with bidirectional keyword search and its application to encrypted emails.” In: Comput. Stand. Interfaces 78 (2021), p. 103542 (cit. pp. 2, 3, 5, 11, 35–39).
[ZNS11] Fangming Zhao, Takashi Nishide, and Kouichi Sakurai. “Multi-User Keyword Search Scheme for Secure Data Sharing with Fine-Grained Access Control.” In: Information Security and Cryptology - ICISC 2011 - 14th International Conference, Seoul, Korea, November 30 - December 2, 2011. Revised Selected Papers. Ed. by Howon Kim. Vol. 7259. Lecture Notes in Computer Science. Springer, 2011, pp. 406–418 (cit. p. 2).
zh_TW