Autonomous authorized searchable encryption method with hidden structure under cloud-edge collaboration

By using a cloud-edge collaborative computing model, a self-authorized searchable encryption method with hidden structures is constructed using bilinear mapping and hash functions. This solves the problems of high search complexity and insufficient access control in multi-user IoT environments, and achieves efficient self-authorized access control and lightweight computing.

CN116668126BActive Publication Date: 2026-07-10HUNAN UNIV OF SCI & TECH

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
HUNAN UNIV OF SCI & TECH
Filing Date
2023-06-02
Publication Date
2026-07-10

Smart Images

  • Figure CN116668126B_ABST
    Figure CN116668126B_ABST
Patent Text Reader

Abstract

The application discloses an autonomous authorization searchable encryption method with a hidden structure under cloud-edge cooperation, and steps are as follows: taking a multi-user Internet of Things environment as a background, a system model of cloud-edge cooperative calculation is constructed; a system setting stage; a structure initialization stage; a structured encryption stage; a trapdoor generation stage; a structured search stage; correctness verification. Under cloud-edge cooperative calculation, the Internet of Things device can generate searchable ciphertext with a hidden structure through an edge server, share the ciphertext through a cloud server, and realize a searchable encryption mechanism with a sub-linear search complexity in a multi-user Internet of Things environment; on this basis, the Internet of Things device can also be autonomously authorized to realize efficient access control; in addition, considering the resource-limited Internet of Things device, the application uses the edge server to bear the encryption overhead for the Internet of Things device.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the field of data encryption, and in particular to a self-authorized searchable encryption method with a hidden structure under cloud-edge collaboration. Background Technology

[0002] With the development of technologies such as 5G and the Internet of Things (IoT), we have now entered a true era of the Internet of Everything. According to IDC, by 2025, there will be over 41.6 billion connected devices globally, generating a total of 79.4 ZB of data annually. This massive amount of data places higher demands on data privacy protection. Data encryption is an effective method for protecting data security. IoT devices typically encrypt their data and store it on cloud servers for secure data sharing. However, because resource-constrained IoT devices cannot efficiently perform encryption operations, edge computing has emerged. Edge servers can provide data computing and data transmission services for IoT devices. Nevertheless, data encryption makes effective data retrieval and use an extremely challenging task.

[0003] Searchable encryption is a burgeoning cryptographic primitive that enables efficient keyword searching of ciphertext. Numerous searchable encryption schemes have been proposed in the literature. Unfortunately, these schemes all suffer from high search complexity, linearly related to the total number of ciphertexts. The server must scan and test every ciphertext, as it is indistinguishable to the cloud server whether these ciphertexts correspond to the same keyword. To address this issue, some researchers have proposed the concept of hidden structures to achieve search complexity linearly with the number of matching ciphertexts rather than the total number of ciphertexts. All ciphertexts with the same keyword construct a hidden chain relationship; furthermore, a hidden relationship exists from the common parameter Head to the first ciphertext in each chain. Upon receiving a keyword search trapdoor, the cloud server searches for the first matching ciphertext using the correspondence from the Head. Another relationship can then be exposed using the found ciphertext, guiding the server to search for the next matching ciphertext, thus finding all matching ciphertexts. However, these schemes only support data sharing with a single IoT device and are unsuitable for today's multi-user IoT environments.

[0004] Furthermore, flexible access control mechanisms play a crucial role in searchable encryption. They ensure that only authorized users can search and access specific ciphertexts. This prevents sensitive data from being accessed or leaked by unauthorized users. However, current searchable encryption methods with hidden structures do not implement access control mechanisms. Because there is a chain-like relationship between ciphertexts with hidden structures, once access to one ciphertext is restricted, subsequent ciphertexts cannot be found. Therefore, it is necessary to design an efficient searchable encryption method that simultaneously incorporates hidden structures and access control.

[0005] Song et al. first proposed the concept of searchable encryption, but cloud servers must scan each encrypted keyword in a file sequentially, leading to excessive search costs. Goh et al. defined a security model for searchable encryption and designed a Bloom filter-based index to improve search efficiency. Boneh et al. first proposed Public Key Searchable Encryption (PEKS), in which the sender uses the recipient's public key to encrypt emails and build a secure index, while the recipient uses their own private key to generate a query trapdoor, solving the problem of difficult key distribution. Yin et al. proposed a multi-keyword sorted secure search scheme with multiple data owners, removing the management server and improving system security and reliability. Mollah et al. proposed a secure data sharing scheme under cloud-edge collaborative computing, introducing edge servers to reduce user overhead. However, certain security risks exist. To address this issue, Ye et al. combined PEKS and symmetric encryption technologies to improve the security of data sharing under cloud-edge collaborative computing. However, these schemes all have high search complexity, requiring cloud servers to scan and test each ciphertext. To address this issue, Xu et al. proposed the concept of Searchable Public-Key Ciphertext with Hidden Structures (SPCHS) and constructed an SPCHS instance to achieve sublinear search complexity, but this incurred high computational overhead. Xu et al. used hashing techniques to reduce the encryption overhead of SPCHS. Wang et al. proposed a fast parallel keyword search scheme, further improving the search efficiency of ciphertexts with hidden structures. To further reduce overhead, Wang et al. proposed a lightweight secure search based on public-key cryptography, introducing edge servers to shoulder a significant computational burden for users. However, these schemes only support data sharing to a single data user, making them unsuitable for today's IoT environment. Furthermore, none of these schemes implemented access control mechanisms.

[0006] Bilinear pairing is a commonly used method in elliptic curve cryptography that maps points on two elliptic curves to elements on another group. , Let represent two multiplicative cyclic groups of order p. Bilinear mapping e: → It satisfies the following properties:

[0007] (1) Bilinearity: For any x, y∈ Q, Z∈ Equation e( , )= Established;

[0008] (2) Non-degeneracy: There exist Q, Z∈ This makes e(Q,Z) not equal to 1;

[0009] (3) Computability: For any Q, Z∈ It is able to calculate the value of e(Q, Z) within an acceptable time.

[0010] A hash function is an algorithm that converts a message of arbitrary length into a fixed-length digest. The input to a hash function can be a message of arbitrary length, and the output is a fixed-length hash value. A key characteristic of hash functions is that for the same input, they always produce the same output. Hash functions are commonly used in cryptography, security protocols, and other fields. A hash function should possess the following characteristics:

[0011] (1) Collision resistance: For different inputs, the hash function should produce different hash values;

[0012] (2) One-wayness: It should be very difficult to derive the original data from the hash value;

[0013] (3) Sensitivity: Even if the input is only slightly different, the hash value will be very different.

[0014] (4) Efficiency: For any length of input message, the hash function should calculate the corresponding hash value in a reasonable time. Summary of the Invention

[0015] To address the aforementioned issues, this invention provides a highly efficient and secure cloud-edge collaborative method with a hidden structure that allows for autonomous authorization and searchable encryption.

[0016] The technical solution of this invention to solve the above-mentioned technical problems is: a self-authorized searchable encryption method with hidden structure under cloud-edge collaboration, the steps of which are as follows:

[0017] Step 1: Taking a multi-user IoT environment as the research background, a cloud-edge collaborative computing system model was constructed, including IoT devices (data owners, data users), cloud servers, and edge servers.

[0018] Step Two: System Setup Phase;

[0019] Step 3: Structure Initialization Phase: The data owner initializes a pair of public and private parts (PUB, PRI). PUB acts as the Head node, used to establish the hidden relationship between the search trapdoor and the first ciphertext of each chain; PRI is used to establish the hidden relationship between ciphertexts, guiding the cloud server to find the next matching ciphertext.

[0020] Step 4: Structured Encryption Phase: The data owner inputs keywords and the private part PRI to construct ciphertext with a hidden structure;

[0021] Step 5: Trapdoor Generation Stage: Data users generate search trapdoors using keywords and authorization credentials to search for encrypted text on the cloud server. Data users aggregate authorization credentials to generate a single trapdoor capable of searching all authorized encrypted text.

[0022] Step Six: Structured Search Phase: The cloud server sequentially searches the encrypted text of each data owner. This includes the public portion PUB, the searchable encrypted text C containing all keywords, and... As input, output all authorized matching ciphertexts;

[0023] Step 7: Correctness verification.

[0024] The above-mentioned cloud-edge collaborative autonomous authorized searchable encryption method with hidden structure, in step two, the specific steps of the system setup phase are as follows:

[0025] We input a sufficiently large safety parameter L into the system and output the system's common parameters to build the working environment for our solution.

[0026] a) The generation is a composite factorial cyclic group of order p. , , g is Given the generators, construct a bilinear mapping e: → ;

[0027] b) Generate a one-way hash function H:{0,1}*→ It hashes any string as One of the elements;

[0028] c) Set the keyword space to W={0,1}*;

[0029] d) Publish the system's public parameter PK=(e,g,p, H);

[0030] e) Each data owner generate ,in =p. Where is Important parameters for data owners This serves as an authorization credential for the data owner.

[0031] The above-mentioned cloud-edge collaborative autonomous authorized searchable encryption method with hidden structure, in step three, the specific steps of the structure initialization stage are as follows:

[0032] Data owner Initialize a public and private pair (PUB, PRI). PUB acts as the Head node, used to establish the hidden relationship between the search trapdoor and the first ciphertext of each chain; PRI is used to establish the hidden relationship between ciphertexts, guiding the cloud server to find the next matching ciphertext.

[0033] a) Calculate PUB= , of which Data owner An important parameter, r It is a random number used to improve the security of PUB;

[0034] b) Initialize PRI. Note that PRI is a list of variables of the form (u, {(w, Pt[u, w]) | w ∈ W, u ∈ ... Pt[u,w]∈ }). Where Pt[u,w] represents the group. One of the elements in the array. The initial value of Pt[u,w] is r.

[0035] The above-mentioned cloud-edge collaborative autonomous authorized searchable encryption method with hidden structure, in step four, the specific steps of the structured encryption stage are as follows:

[0036] Data owner Input the keyword w and the private part PRI to construct a ciphertext with a hidden structure.

[0037] a) Calculate H(w) × ×Pt[u,w] is sent to a nearby edge server;

[0038] b) Edge server computing Return to ;

[0039] c) Randomly select R∈ ,calculate ;

[0040] d) Output ciphertext C=( , )=(H( ), ), update Pt[u,w]=R.

[0041] The above-mentioned cloud-edge collaborative autonomous authorized searchable encryption method with hidden structure, in step five, the specific steps of the trap generation stage are as follows:

[0042] Data users It can generate a search trap using the keyword 'w' and authorization credentials to search for encrypted text on a cloud server. Assume a data user... Authorization was obtained from 5 data owners, and the authorization certificates are as follows: , , , , . It can aggregate authorization credentials, thereby generating a trapdoor that can search all authorized ciphertexts.

[0043] a) Calculation Aggregate authorization certificates.

[0044] b) Output trapdoor = Where k∈ It is a randomly generated encryption key used to implement the disconnectability of the trapdoor, thereby improving the security of the trapdoor.

[0045] The aforementioned cloud-edge collaborative autonomous authorized searchable encryption method with hidden structures, in step six, the specific steps of the structured search phase are as follows:

[0046] The cloud server searches the encrypted text for each data owner sequentially. It searches for the searchable encrypted text C using keywords such as PUB and all relevant keywords. As input, let For an empty set, perform the following steps:

[0047] a) Calculation =e( (PUB)

[0048] b) Search =H( ) ciphertext ;

[0049] c) If ciphertext exists Then Add to In the middle. Then calculate. =e( , );

[0050] d) If no matching ciphertext is found, output .

[0051] In the aforementioned cloud-edge collaborative autonomous authorized searchable encryption method with hidden structures, the specific steps for the correctness proof in step seven are as follows:

[0052] Let's assume we are keywords Three searchable ciphertexts were generated. , , We can use keywords Search traps Find with PUB and obtain We utilize and search traps Able to find At the same time, obtain By using the same method, we found the third matching ciphertext. Therefore, using keywords Search traps It can find all authorized matching ciphertexts in the cloud server.

[0053] The example above visually demonstrates the correctness of our solution. Here, the correctness will be formally proven by Theorem 1 below.

[0054] Theorem 1: Assume that the hash function H is collision-free.

[0055] Proof: Without loss of generality, this is equivalent to proving that, given the key... Keyword search trap The common part of PUB, which has a hidden structure, can find keywords during the structured search phase. All ciphertexts matching the authorization of the hidden structure PUB. Proof follows.

[0056] According to our solution, it is assumed that the keywords have already been generated during the structured encryption phase. The first keyword can be used to search for the ciphertext. Let... Indicates data owner Keywords Ciphertext. We have =(H( ), If the data user is an authorized user, then the data user owns the data. Authorization certificate So, what are the keywords for data users? The search trapdoor can be represented as = , where m is the product of the authorization credentials of other data owners and the random key, and m is equivalent to a random number. In the structured search phase, we first calculate:

[0057] =e( (PUB)

[0058] =e( , )

[0059] =e( , ) e( , )

[0060] =

[0061] = .

[0062] because , It is a composite factorial cyclic group of order p. = Therefore, H( )=H( (This is an example of a search engine that can find keywords during the structured search phase.) The probability of the first matching ciphertext caused by a collision with the hash function H is negligible. Similarly, if the data user is an unauthorized user, then H( ) H( Unauthorized users' search traps prevent them from finding keywords. The first matching ciphertext.

[0063] After finding the first matching ciphertext After that, we will be able to obtain = Assuming the keywords have already been generated during the structured encryption phase. The second keyword can be used to search for ciphertext. =(H( ), Let's calculate first. =e( , We have H( )=H( Therefore, keywords can be found during the structured search phase. The second matching ciphertext. The keyword can be found using the same method. All matching ciphertexts can be found, but the probability is negligible. Unauthorized users cannot find the keywords. The first matching ciphertext cannot be found, therefore subsequent ciphertexts cannot be found either.

[0064] The beneficial effects of this invention are as follows:

[0065] 1. This invention proposes a self-authorized searchable encryption method with a hidden structure under cloud-edge collaborative computing. This invention achieves sublinear search complexity in a multi-user IoT environment while enabling efficient, self-authorized access control, and utilizes edge servers to ensure lightweight overhead for IoT devices.

[0066] 2. This invention implements a searchable encryption method with hidden structure in a multi-user IoT environment. This method allows each IoT device to design a hidden relationship to organize ciphertext. When IoT devices search for ciphertext, the search time depends on the actual number of ciphertexts containing the query keyword, rather than the total number of all ciphertexts.

[0067] 3. This invention achieves self-authorized access control based on a searchable encryption mechanism with a hidden structure. IoT devices can self-authorize access to their encrypted data. Authorized IoT devices can self-aggregate access permissions. Without any negotiation or communication, a cloud server can search for authorized ciphertext using only a search trapdoor. Attached Figure Description

[0068] Figure 1 This is a flowchart of the present invention.

[0069] Figure 2 The system model diagram constructed for this invention. Detailed Implementation

[0070] The invention will now be further described with reference to the accompanying drawings.

[0071] like Figure 1 As shown, a self-authorized searchable encryption method with hidden structure under cloud-edge collaboration includes the following steps:

[0072] Step 1: This invention takes a multi-user IoT environment as its research background and constructs a system model under cloud-edge collaborative computing, including IoT devices (data owners, data users), cloud servers, and edge servers. The cloud server and edge server are defined as a "honest but curious" semi-trusted threat entity. For example... Figure 1 As shown.

[0073] like Figure 2As shown. In the system of this invention, the data owner encrypts keywords to generate searchable ciphertext with a hidden structure. During the encryption process, the data owner delegates most of the encryption operations to a nearby edge server, which then stores the ciphertext in a cloud server. The data owner independently selects and authorizes data users, distributing authorization credentials through a secure channel. When data users want to search for ciphertext, they can aggregate authorization credentials, thus requiring only a single search trapdoor to retrieve all authorized ciphertext. The cloud server can then sequentially find all matching authorized ciphertext based on the trapdoor.

[0074] Step two, system setup phase.

[0075] The specific steps in the system setup phase are as follows:

[0076] We input a sufficiently large safety parameter L into the system and output the system's common parameters to build the working environment for our solution.

[0077] a) The generation is a composite factorial cyclic group of order p. , , g is Given the generators, construct a bilinear mapping e: → ;

[0078] b) Generate a one-way hash function H:{0,1}*→ It hashes any string as One of the elements;

[0079] c) Set the keyword space to W={0,1}*;

[0080] d) Publish the system's public parameter PK=(e,g,p, H);

[0081] e) Each data owner generate ,in =p. Where is Important parameters for data owners This serves as an authorization credential for the data owner.

[0082] Step 3, Structure Initialization Phase.

[0083] The specific steps in the structure initialization phase are as follows:

[0084] Data owner Initialize a public and private pair (PUB, PRI). PUB acts as the Head node, used to establish the hidden relationship between the search trapdoor and the first ciphertext of each chain; PRI is used to establish the hidden relationship between ciphertexts, guiding the cloud server to find the next matching ciphertext.

[0085] a) Calculate PUB= , of which Data owner An important parameter, r It is a random number used to improve the security of PUB;

[0086] b) Initialize PRI. Note that PRI is a list of variables of the form (u, {(w, Pt[u, w]) | w ∈ W, u ∈ ... Pt[u,w]∈ }). Where Pt[u,w] represents the group. One of the elements in the array. The initial value of Pt[u,w] is r.

[0087] Step 4, Structured Encryption Phase: Data Owner Input the keyword w and the private part PRI to construct a ciphertext with a hidden structure.

[0088] a) Calculate H(w) × ×Pt[u,w] is sent to a nearby edge server;

[0089] b) Edge server computing Return to ;

[0090] c) Randomly select R∈ ,calculate ;

[0091] d) Output ciphertext C=( , )=(H( ), ), update Pt[u,w]=R.

[0092] Step 5, Trapdoor Generation Stage: Data Users It can generate a search trap using the keyword 'w' and authorization credentials to search for encrypted text on a cloud server. Assume a data user... Authorization was obtained from 5 data owners, and the authorization certificates are as follows: , , , , . It can aggregate authorization credentials, thereby generating a trapdoor that can search all authorized ciphertexts.

[0093] a) Calculation Aggregate authorization certificates.

[0094] b) Output trapdoor = Where k∈ It is a randomly generated encryption key used to implement the disconnectability of the trapdoor, thereby improving the security of the trapdoor.

[0095] Step Six, Structured Search Phase: The cloud server sequentially searches the encrypted text for each data owner. This includes searching the searchable encrypted text C for all keywords, such as PUB. As input, let For an empty set, perform the following steps:

[0096] a) Calculation =e( (PUB)

[0097] b) Search =H( ) ciphertext ;

[0098] c) If ciphertext exists Then Add to In the middle. Then calculate. =e( , );

[0099] d) If no matching ciphertext is found, output ;

[0100] Step 7, Correctness Verification: Assume we are the keywords. Three searchable ciphertexts were generated. , , We can use keywords Search traps Find with PUB and obtain We utilize and search traps Able to find At the same time, obtain By using the same method, we found the third matching ciphertext. Therefore, using keywords Search traps It can find all authorized matching ciphertexts in the cloud server.

[0101] The example above visually demonstrates the correctness of our solution. Here, the correctness will be formally proven by Theorem 1 below.

[0102] Theorem 1: Assume that the hash function H is collision-free.

[0103] Proof: Without loss of generality, this is equivalent to proving that, given the key... Keyword search trap The common part of PUB, which has a hidden structure, can find keywords during the structured search phase. All ciphertexts matching the authorization of the hidden structure PUB. Proof follows.

[0104] According to our solution, it is assumed that the keywords have already been generated during the structured encryption phase. The first keyword can be used to search for the ciphertext. Let... Indicates data owner Keywords Ciphertext. We have =(H( ), If the data user is an authorized user, then the data user owns the data. Authorization certificate So, what are the keywords for data users? The search trapdoor can be represented as = , where m is the product of the authorization credentials of other data owners and the random key, and m is equivalent to a random number. In the structured search phase, we first calculate:

[0105] =e( (PUB)

[0106] =e( , )

[0107] =e( , ) e( , )

[0108] =

[0109] = .

[0110] because , It is a composite factorial cyclic group of order p. = Therefore, H( )=H( (This is an example of a search engine that can find keywords during the structured search phase.) The probability of the first matching ciphertext caused by a collision with the hash function H is negligible. Similarly, if the data user is an unauthorized user, then H( ) H( Unauthorized users' search traps prevent them from finding keywords. The first matching ciphertext.

[0111] After finding the first matching ciphertext After that, we will be able to obtain = Assuming the keywords have already been generated during the structured encryption phase. The second keyword can be used to search for ciphertext. =(H( ), Let's calculate first. =e( , We have H( )=H( Therefore, keywords can be found during the structured search phase. The second matching ciphertext. The keyword can be found using the same method. All matching ciphertexts can be found, but the probability is negligible. Unauthorized users cannot find the keywords. The first matching ciphertext cannot be found, therefore subsequent ciphertexts cannot be found either.

Claims

1. A self-authorized searchable encryption method with hidden structure under cloud-edge collaboration, characterized in that: The constructed method includes the following steps: Step 1: Taking a multi-user IoT environment as the research background, a cloud-edge collaborative computing system model was constructed, including data owners, data users, cloud servers and edge servers, where data owners and data users are IoT devices; Step Two: System Setup Phase; Step 3: Structure Initialization Phase: Data Owner Initialize a public and private pair (PUB, PRI), where PUB acts as the Head node, establishing a hidden relationship between the search trapdoor and the first ciphertext of each chain; PRI is used to establish hidden relationships between ciphertexts, guiding the cloud server to find the next matching ciphertext. Step Four: Structured Encryption Phase: Data Owner Input the keyword w and the private part PRI to generate ciphertext with a hidden structure; Step 5: Search Trapdoor Generation Stage: Data Users It can generate a search trapdoor using the keyword 'w' and authorization credentials to search for encrypted text on a cloud server. Obtain authorization from multiple data owners and aggregate their authorization credentials to generate a search trapdoor. It can search all authorized encrypted text; Step Six: Structured Search Phase: The cloud server sequentially searches the encrypted text of each data owner, including the public portion PUB, the searchable encrypted text C containing all keywords, and... As input, output all authorized matching ciphertexts; Step 7: Correctness verification; The specific steps of the system setup phase in step two are as follows: First, we build a working environment for the solution, inputting a security parameter L to the system and outputting the system's common parameters: The generation is two composite factorial cyclic groups of order p. , , for Given the generators, construct a bilinear mapping e: → ; Generate a one-way hash function H:{0,1}*→ ; Set the key space to W={0,1}*; )Publish system public parameter PK=(e, ,p, ,H); Each data owner generate ,in =p, where Parameters for the data owner, As authorization credentials for the data owner; In step three, the specific steps of the structure initialization stage are as follows: ) Calculate PUB= r It is a random number used to improve the security of PUB; Initialize PRI, where PRI is a list of variables of the form (u, {(w, Pt[u, w]) | w ∈ W, u ∈ ... Pt[u,w]∈ }), where Pt[u,w] represents the multiplicative cyclic group. One of the elements, Pt[u,w], has an initial value of r; The specific steps of the structured encryption stage in step four are as follows: ) Calculate H(w)× ×Pt[u,w] is sent to a nearby edge server; Edge server computing Return to ; ) Randomly select R∈ ,calculate ; ) Output ciphertext C=( , )=(H( ), ), update Pt[u,w]=R; In step five, the specific steps of the trapdoor generation stage are as follows: ) Calculate aggregate authorization certificate n represents the number of people excluding the data owner. The product of authorization credentials from other data owners; Output search trapdoor = , where k∈ It is a randomly generated encryption key; In step six, the specific steps of the structured search phase are as follows: )calculate =e( (PUB) Search =H( ) ciphertext ; If ciphertext exists Then Add to Then calculate =e( , ); If no matching ciphertext is found, output: .