طرح رمزگذاری متقارن قابل جستجو مبتنی بر بلاک چین
Abstract
1- Introduction
2- Preliminaries
3- Our system model
4- The detailed scheme
5- Security and performance analysis
6- Conclusion
References
Abstract
The mechanism for traditional searchable symmetric encryption (SSE) is pay-then-use. This situation is not fair to user because the cloud server may return wrong results. Besides, the user needs to verify these results locally. In order to ensure fairness and reduce user’s calculations, we combined blockchain with SSE, and proposed a fair SSE scheme based on blockchain. Our scheme can guarantee fairness for both parties. That is, if the user is not honest, he cannot get right results from the server, and at the same time the server cannot get any information related to the plaintexts during this search process. If the server is not honest, except for the service charge, it will be punished automatically. Moreover, the user in our scheme does not need to verify the results locally. The security and performance analyses showed our scheme was semantic secure and feasible.
Introduction
With the rapid development of cloud computing, more and more service providers have issued a series of cloud products, such as Amazon Web Services, Google Cloud, etc. These cloud storage systems have changed the original storage way of data. Users can store their data on the cloud directly, and then get access to them on any device conveniently. The data usually include some sensitive information, such as name, telephone number and so on. The cryptography plays an important role in protecting data privacy. Namely, to protect the privacy of data, users can encrypt them before uploading. However, which encryption algorithm is chosen will affect the search efficiency. Searchable symmetric encryption (SSE) was firstly proposed by Song et al. [1]. It allows a user to outsource his data to the cloud in a private manner, while maintains the ability of selectively search segments of the data. It involves three participants in SSE: Data owner, cloud server and user. The data owner encrypts documents D1,D2, . . .,Dn and stores them on the cloud. The cloud server manages these ciphertexts and provides search service to users. If a user gets the permission from the data owner, he can obtain search results with the help of the cloud server by using an encrypted keyword. Finally, the user decrypts them locally. There are two ways to construct SSE. The first is to use an index, and the second is not to use an index. Because the former can improve search efficiency, the subsequent SSE works mostly accept this approach. A SSE scheme is secure if anyone except authorised person cannot learn any information about the plaintexts when he/she only gets ciphertexts.