云环境下低存储索引结构的动态可搜索加密机制

发布时间：2018-06-25 18:42

本文选题：云存储 + 可搜索加密　；参考：《兰州理工大学》2017年硕士论文

【摘要】：云存储具有高扩展性、无接入限制、廉价及易管理等优点,可使众多中小企业和用户摆脱系统的搭建和维护的麻烦,减轻了用户存储成本,具有广阔的市场前景。它的出现,彻底改变了人们传统的存储观念。用户将大量的数据存储在云服务器上,失去了对数据的绝对控制,云服务器也变得不可信。为了解决云上数据安全性问题,研究人员提出将数据加密之后存放在云上。这种方式在一定程度上保证了数据的安全性,但是会导致数据共享和使用效率的问题。可搜索加密技术就是一种支持密文检索的技术,高效动态的可搜索加密机制正是广大研究者共同追求的目标。Seny Kamara提出的动态可搜索加密机制采用“关键字-文件标识符”的索引结构,通过建立搜索数组和删除数组实现索引的动态更新。该机制在关键字集合较大时,索引空间消耗较高,搜索效率低下;在文件更新时涉及的数据结构较多,更新流程复杂。本文改进了Seny Kamara的动态可搜索加密机制,降低了索引的空间消耗,提高了搜索效率。在改进的机制中,用户上传数据之前首先在本地生成“关键字-比特字符串”的索引结构;然后连同数据文件一同加密上传至云服务器。检索时,用户在本地生成检索令牌并发往云服务器,云服务器收到令牌后在加密索引中进行匹配,找到与令牌对应的文件后发送给用户。更新时,生成对应的添加、删除令牌,云服务器根据给定算法在服务端进行更新操作。该机制采用“关键字-比特字符串”的索引结构,减少了索引的存储空间,提高了搜索效率,并且具有更好的动态性。通过安全性分析和实验,证明了本方案的安全性和可行性。本文同时对多线程方式处理文件加解密进行了研究。结合多线程技术,提高用户上传与下载文件的加解密效率。实验表明多线程处理方式的效率较单线程有了很大提高,并将其应用到云存储系统中。
[Abstract]:Cloud storage has the advantages of high expansibility, no access restriction, low cost and easy management. It can make many small and medium-sized enterprises and users get rid of the trouble of system construction and maintenance, reduce the cost of user storage, and have a broad market prospect. Its appearance, has completely changed people's traditional storage idea. Users store large amounts of data on cloud servers, losing absolute control of the data, and cloud servers become untrustworthy. In order to solve the problem of data security in the cloud, the researchers propose to encrypt the data and store it on the cloud. This method ensures the security of data to some extent, but it will lead to the problem of data sharing and efficiency. Searchable encryption is a technology that supports ciphertext retrieval. The efficient and dynamic searchable encryption mechanism is the target of the common pursuit of many researchers. Seny Kamara's dynamic searchable encryption mechanism adopts the index structure of "keyword-file identifier". The index is dynamically updated by creating a search array and deleting an array. When the keyword set is large, the index space consumption is high, the search efficiency is low, the data structure is more involved in the file update, and the updating process is complex. In this paper, the dynamic searchable encryption mechanism of Seny Kamara is improved, the space consumption of index is reduced and the search efficiency is improved. In the improved mechanism, the user first generates the index structure of "keyword-bit string" locally before uploading the data, and then encrypts and uploads it to the cloud server together with the data file. When retrieving, the user generates the retrieval token locally and sends it to the cloud server. After receiving the token, the cloud server matches in the encrypted index, finds the file corresponding to the token and sends it to the user. When updating, corresponding additions are generated, tokens are deleted, and the cloud server updates on the server side according to the given algorithm. This mechanism adopts the index structure of "keyword-bit string", reduces the storage space of the index, improves the search efficiency, and has a better dynamic property. The safety and feasibility of this scheme are proved by safety analysis and experiment. At the same time, this paper studies the multi-thread processing file encryption and decryption. Combining multi-thread technology to improve the efficiency of user upload and download files encryption and decryption. Experiments show that the efficiency of multithread processing is much higher than that of single thread, and it is applied to cloud storage system.
【学位授予单位】：兰州理工大学
【学位级别】：硕士
【学位授予年份】：2017
【分类号】：TP309.7;TP333

【参考文献】