面向外包大数据服务安全与隐私防护的应用密码学研究
发布时间:2018-09-03 06:55
【摘要】:随着相关领域技术与产业的发展,我们迎来了大数据时代。大数据技术的战略意义在于,通过专业化处理可以从海量数据中发掘出潜在的价值,从而为分析、预测及决策提供可靠的依据。因此,大数据相关产业的发展受到各国政府的极大重视。然而数据采集、清洗、存储和分析依赖于昂贵的专业设施,对个人与中小企业来说难以负担设备购买与维护的开销。云计算作为新兴的服务计算模式,为用户提供便捷的数据存储、数据处理、信息共享和虚拟化服务,目前已成为大数据工程的理想解决方案。用户可以将自己的数据外包给云服务提供商,随后根据自己的需求来获取相应的数据,或者获取基于数据的服务,这一模式一般成为外包计算。然而制约外包数据服务推广的一个重要因素在于对数据安全和隐私的担忧,特别是金融、医疗等敏感领域,如果数据遭到云服务提供商的滥用或泄漏,将会给用户造成重大的损失。密码学是保证数据隐私的基础工具,然而传统的加密方案虽可以确保数据的隐私性,但是加密会限制数据的可用性,使得云失去了对数据处理、分析和挖掘的能力。因此在云环境下需要设计新的密码学原语,使之既能保证数据隐私性,又能允许云服务提供商能够对数据做特定的操作。可搜索加密是云计算环境中确保存储安全与数据隐私的重要密码学原语,当用户将文档加密上传云端后,它可以按照用户的查找条件进行搜索并获取所需要的密文文档,同时保证云服务器仅能获得极少的信息。早期可搜索加密方案的研究集中在安全性、搜索效率和更广泛的搜索表意等方面,近年来的研究开始关注数据集可动态更新的对称可搜索加密方案。本文提出了一个新的动态对称可搜索加密方案,在运行效率方面,该方案搜索算法的时间复杂度为O(1),而文档增加和删除操作的时间复杂度为O(m"n)和0(N)(其中m"表示新增文档的关键词个数,N表示文档-关键字配对数,n表示字典大小),整体效率优于现有方案;在安全性方面,该方案可以抵抗选择关键词攻击,且与之前方案相比本文方案做到了更少的信息泄漏。目前可搜索加密的一个显著缺陷在于,通常方案都是以单词为单位作为查询条件,这对于黏着语语料库并不适用,其原因在于这类语言是由语素组成长字符串来表示语义。因此搜索此类语言需要以字符为单位进行处理。我们选取最长公共子序列作为评定字符串相似度的依据,利用部分同态加密为基本密码学原语,构造了在密文下求解最长公共字串的方案。该方案具有显著的高效性和可拓展性,实现该方案仅需对数级深度的同态电路,需要的乘同态运算次数为O(μ-1)log(μ-1))(μ为编码单字节所需比特数)。作为隐私防护的外包计算中的基本组件,该方案在诸多具体问题中都有重要应用。
[Abstract]:With the development of technology and industry in related fields, we ushered in the era of big data. The strategic significance of big data's technology lies in that it can discover the potential value from massive data through specialized processing, thus providing reliable basis for analysis, prediction and decision making. Therefore, the development of big data related industries has been attached great importance by the governments of various countries. However, data collection, cleaning, storage, and analysis depend on expensive professional facilities, and it is difficult for individuals and small and medium-sized enterprises to afford the cost of equipment purchase and maintenance. As a new service computing model, cloud computing provides users with convenient data storage, data processing, information sharing and virtualization services, which has become an ideal solution for big data project. Users can outsource their data to cloud service providers, and then obtain the corresponding data according to their own requirements, or obtain data-based services. This model is generally called outsourcing computing. However, an important constraint to the promotion of outsourced data services is concerns about data security and privacy, especially in sensitive areas such as finance and healthcare, if data is abused or leaked by cloud service providers. Will cause heavy loss to the user. Cryptography is the basic tool to ensure the privacy of data. However, the traditional encryption scheme can ensure the privacy of data, but encryption will limit the availability of data and make the cloud lose the ability of data processing, analysis and mining. Therefore, it is necessary to design new cryptographic primitives in the cloud environment, which can not only guarantee the privacy of data, but also allow cloud service providers to perform specific operations on data. Searchable encryption is an important cryptographic primitive to ensure storage security and data privacy in cloud computing environment. At the same time, make sure that the cloud server can only get very little information. Early searchable encryption schemes focus on security, search efficiency and broader search ideas. In recent years, researches have focused on symmetric searchable encryption schemes in which data sets can be dynamically updated. In this paper, a new dynamic symmetric searchable encryption scheme is proposed. The time complexity of the algorithm is O (1), while the time complexity of adding and deleting documents is O (m "n) and 0 (N) (, in which the number of keywords in m" denotes the number of new documents N means the document-keyword pairing number n means dictionary size). The overall efficiency is better than the existing scheme; In the aspect of security, the scheme can resist the attack of selecting keywords, and the scheme achieves less information leakage than the previous scheme. A significant drawback of searchable encryption at present is that the schemes usually use words as the query condition, which is not suitable for the cohesive corpus. The reason is that these languages are represented by morpheme growth strings. Therefore, searching for such a language needs to be handled by characters. We select the longest common subsequences as the basis for assessing the similarity of strings, and use partial homomorphism encryption as the basic cryptographic primitive to construct a scheme to solve the longest common string under ciphertext. The scheme is highly efficient and scalable. It requires only logarithmic depth homomorphism circuit, and the number of times of multiplying homomorphism is O (渭 -1) log (渭 -1) (渭 is the number of bits required for encoding single byte). As a basic component of outsourced computing for privacy protection, this scheme has important applications in many specific problems.
【学位授予单位】:山东大学
【学位级别】:硕士
【学位授予年份】:2017
【分类号】:TP309
[Abstract]:With the development of technology and industry in related fields, we ushered in the era of big data. The strategic significance of big data's technology lies in that it can discover the potential value from massive data through specialized processing, thus providing reliable basis for analysis, prediction and decision making. Therefore, the development of big data related industries has been attached great importance by the governments of various countries. However, data collection, cleaning, storage, and analysis depend on expensive professional facilities, and it is difficult for individuals and small and medium-sized enterprises to afford the cost of equipment purchase and maintenance. As a new service computing model, cloud computing provides users with convenient data storage, data processing, information sharing and virtualization services, which has become an ideal solution for big data project. Users can outsource their data to cloud service providers, and then obtain the corresponding data according to their own requirements, or obtain data-based services. This model is generally called outsourcing computing. However, an important constraint to the promotion of outsourced data services is concerns about data security and privacy, especially in sensitive areas such as finance and healthcare, if data is abused or leaked by cloud service providers. Will cause heavy loss to the user. Cryptography is the basic tool to ensure the privacy of data. However, the traditional encryption scheme can ensure the privacy of data, but encryption will limit the availability of data and make the cloud lose the ability of data processing, analysis and mining. Therefore, it is necessary to design new cryptographic primitives in the cloud environment, which can not only guarantee the privacy of data, but also allow cloud service providers to perform specific operations on data. Searchable encryption is an important cryptographic primitive to ensure storage security and data privacy in cloud computing environment. At the same time, make sure that the cloud server can only get very little information. Early searchable encryption schemes focus on security, search efficiency and broader search ideas. In recent years, researches have focused on symmetric searchable encryption schemes in which data sets can be dynamically updated. In this paper, a new dynamic symmetric searchable encryption scheme is proposed. The time complexity of the algorithm is O (1), while the time complexity of adding and deleting documents is O (m "n) and 0 (N) (, in which the number of keywords in m" denotes the number of new documents N means the document-keyword pairing number n means dictionary size). The overall efficiency is better than the existing scheme; In the aspect of security, the scheme can resist the attack of selecting keywords, and the scheme achieves less information leakage than the previous scheme. A significant drawback of searchable encryption at present is that the schemes usually use words as the query condition, which is not suitable for the cohesive corpus. The reason is that these languages are represented by morpheme growth strings. Therefore, searching for such a language needs to be handled by characters. We select the longest common subsequences as the basis for assessing the similarity of strings, and use partial homomorphism encryption as the basic cryptographic primitive to construct a scheme to solve the longest common string under ciphertext. The scheme is highly efficient and scalable. It requires only logarithmic depth homomorphism circuit, and the number of times of multiplying homomorphism is O (渭 -1) log (渭 -1) (渭 is the number of bits required for encoding single byte). As a basic component of outsourced computing for privacy protection, this scheme has important applications in many specific problems.
【学位授予单位】:山东大学
【学位级别】:硕士
【学位授予年份】:2017
【分类号】:TP309
【相似文献】
相关期刊论文 前10条
1 刘艮;蒋天发;;同态加密技术及其在物联网中的应用研究[J];信息网络安全;2011年05期
2 闫世斗;刘念;李子臣;;公钥密码体制的同态性分析[J];北京电子科技学院学报;2012年02期
3 杨耀增;;用同态,
本文编号:2219239
本文链接:https://www.wllwen.com/kejilunwen/ruanjiangongchenglunwen/2219239.html
