Research And Design Of Cloud-Oriented Encrypted Data Search System

With the increasing development of information industry and social networks,data privacy as an important aspect of information security has become a hot issue in nowadays.The recent outbreaks of data breaches from users,enterprises and even the national level have promoted the development of the cyber security disciplines and research on data privacy protection.In numerous research work on data privacy protection,searchable encryption has attracted much attention as it introduces the function of encrypted search while ensuring data security.In particular,the rich query structure and complete functional system make searchable encryption scheme have important research significance and broad application prospects in the security protection of encrypted database.Based on the research and analysis of existing searchable encryption schemes,this paper focuses on discussing the functionality and security of searchable encryption schemes and exploring to design different search schemes according to the requirements of different application scenarios.The main research results and innovations are listed as follows:· Most of the traditional public key encryption schemes with keyword search are always built on the prime order elliptic curve groups,which restricts the types of curves be chosen when instantiating.To address this problem,we propose a new searchable encryption scheme by composite order bilinear pairings.The scheme is proved to be against chosen keyword attack under the subgroup decision assumptions in composite order groups.In addition,to address the problem of data breaches caused by the token missing during transmission,we design a novel public key encryption scheme with designated verifier.The scheme makes up for the shortcomings that the traditional token must be transmitted under the secure channel and reduces the requirements for the communication environment.· Considering the inefficiency of the public key encryption scheme with keyword search,we propose a dynamic searchable symmetric encryption scheme supporting multiple users.At the same time,to save storage overhead,we also make the scheme support physical deletion instead of logical deletion.Moreover,we also take the intelligent medical scenario as an example to further study the problem of data cross-domain search,i.e.,enabling authorized search over different authorities.This work utilizes the idea of multi-authority attribute-based encryption to achieve cross-domain sharing of data and realizes fine-grained access control of the user's search capability.· To resist the threats of quantum computing,this paper also designs a searchable encryption scheme that can resist quantum attacks from lattice.Inspired by identitybased encryption scheme,we add the identity setting in our scheme to simplify the certificate management.Furthermore,to make up for the lack of implementation on LWE-scheme,this paper also elaborates the implementation techniques of lattice searchable encryption.Since the verification of the lattice-based searchable encryption scheme only contains a small number of matrix-vector multiplications,the performance efficiency of our scheme is also outstanding.· In the last part of this paper,we propose an information theory based framework to analyse the security strength under certain padding overhead.First,we leverage relative entropy to measure the “closeness” between the distributions of the original dataset and padded dataset.Second,we quantify the attack efforts against padding countermeasures by entropy analysis.Apart from theoretical findings,we further devise an algorithm via outlier detection for padding generation,which considers both the padded dataset distribution and the similarity between real and bogus files.Evaluations on a real-world dataset confirm our theoretical results and demonstrate the efficiency and effectiveness of our proposed padding generation algorithm.