CN108111587B - A cloud storage search method based on time release - Google Patents

Abstract

Translated fromChinese

本发明属于云存储领域，具体涉及一种基于时间释放的云存储搜索方法。本发明对明文数据规定了时间权限，并将其进行加密处理后存储到云端。当用户想要搜索文档时，服务器利用用户产生的搜索指令进行查询，在查询过程中，服务器，用户，时间服务器三方交互最终得到需要的密文文件。然后用户与时间服务器继续通信获得密文对应的解密密钥，并在线下解密文件。本发明充分考虑了电子文档的时间查阅权限方面的要求，保证了数据的隐私和时间查阅权限，具有很强的实用性。

The invention belongs to the field of cloud storage, and in particular relates to a cloud storage search method based on time release. The present invention specifies time authority for plaintext data, encrypts it and stores it in the cloud. When a user wants to search for a document, the server uses the search instruction generated by the user to perform a query. During the query process, the server, the user, and the time server interact with each other to finally obtain the required ciphertext file. Then the user continues to communicate with the time server to obtain the decryption key corresponding to the ciphertext, and decrypts the file offline. The invention fully considers the requirements of the time checking authority of the electronic document, ensures the privacy of the data and the time checking authority, and has strong practicability.

Description

Translated fromChinese

一种基于时间释放的云存储搜索方法A cloud storage search method based on time release

技术领域technical field

本发明属于云存储领域，特别涉及一种可在未来某个时间段内在加密电子文档上实现搜索的方法。The invention belongs to the field of cloud storage, and in particular relates to a method for realizing search on encrypted electronic documents in a certain period of time in the future.

背景技术Background technique

随着Internet的迅速普及，信息的存储也从传统的纸质存档转向到了利用本地物理磁盘电子存档的形式。然而当今社会是一个信息爆炸的时代，信息的存储量呈指数级的增长，这也意味着信息的维护管理和购买磁盘等费用在不断的增多。2006年8月9日，Google首席执行官埃里克·施密特(Eric Schmidt)在搜索引擎大会(SES San Jose 2006)上首次提出“云计算”(Cloud Computing)的概念。随后，亚马逊、微软、IBM等公司宣布了各自的云概念产品—云存储。With the rapid popularization of the Internet, the storage of information has also shifted from traditional paper archives to electronic archives using local physical disks. However, today's society is an era of information explosion, and the amount of information storage is increasing exponentially, which also means that the maintenance and management of information and the purchase of disks are constantly increasing. On August 9, 2006, Google CEO Eric Schmidt first proposed the concept of "Cloud Computing" at the Search Engine Conference (SES San Jose 2006). Subsequently, Amazon, Microsoft, IBM and other companies announced their respective cloud concept products - cloud storage.

云存储是指通过集群应用、网络技术或分布式文件系统等功能，将网络中大量各种不同类型的存储设备通过应用软件集合起来协同工作，共同对外提供数据存储和业务访问功能的一个系统。该系统可以降低用户个人本地的物理、成本等方面的开销，让用户真正体会到随时随地查询个人数据的乐趣，因此越来越多的用户将个人本地数据上传到云端。然而，一旦这些数据被存储到云端，用户本身也就失去了对数据的直接控制权。这些数据中的敏感信息常常是他人窃取的对象，近几年频频爆发的数据泄露事件让用户越来越意识到保障数据隐私安全的重要性。Cloud storage refers to a system that integrates a large number of different types of storage devices in the network through application software to work together to provide data storage and business access functions through cluster applications, network technology or distributed file systems and other functions. The system can reduce the user's personal local physical, cost and other expenses, allowing users to truly experience the fun of querying personal data anytime, anywhere, so more and more users upload personal local data to the cloud. However, once this data is stored in the cloud, users themselves lose direct control over the data. Sensitive information in these data is often stolen by others. In recent years, frequent data leakage incidents have made users more and more aware of the importance of ensuring data privacy and security.

利用密码技术将数据加密，然后再将其上传到云端，无疑对数据的隐私和安全起到了一定的保障作用，然而采用什么样的加密技术将影响到数据的查询效率。如果采用常规的加密技术，用户需要将云端数据全部下载下来，然后在本地服务器上进行解密，最终筛选出自己需要的文档集。假设用户使用的光纤带宽是100M，那么理论上每秒只能下载12.8Mb的文件，对于100G的数据来说，全部下完大约需要2小时。因此，对于轻量级的数据来说，用户可以利用这种传统的搜索方式，但当数据较大的时候，该种方法并不实用。Encrypting data using cryptographic technology and then uploading it to the cloud undoubtedly plays a role in ensuring data privacy and security. However, what encryption technology is used will affect the efficiency of data query. If conventional encryption technology is used, users need to download all the data from the cloud, and then decrypt them on the local server, and finally filter out the set of documents they need. Assuming that the fiber bandwidth used by the user is 100M, theoretically, only 12.8Mb files can be downloaded per second. For 100G data, it takes about 2 hours to download all the data. Therefore, for lightweight data, users can use this traditional search method, but when the data is large, this method is not practical.

Song等在2000年提出了搜索加密的概念，并给出了一种可行的方案。这种方案主要使用了伪随机函数和伪随机生成器，在执行搜索过程中，服务器需要将搜索指令与密文逐比特进行匹配测试，如果测试成功，则返回该密文，因此该协议的搜索复杂度为O(n)，其中n为单个文档的长度。Boneh等在2003年将搜索加密的思想引入到公钥密码体制中，提出了公钥加密搜索方案(PEKS)，至此，搜索加密主要包含公钥搜索加密和对称搜索加密(SSE)两个方向。总体而言，公钥搜索加密的功能比较强大，但大部分的PEKS方案中一般都会使用双线性对，因此搜索效率并不高。在SSE方案中，用户的加解密密钥一样，因此SSE要想实现多个用户同时上传文档，需要将该密钥广播给用户，这也间接导致了SSE的功能不够强大，然而SSE的效率比PEKS高很多。Song et al. proposed the concept of search encryption in 2000, and gave a feasible scheme. This scheme mainly uses a pseudo-random function and a pseudo-random generator. During the search process, the server needs to match the search instruction with the ciphertext bit by bit. If the test is successful, the ciphertext is returned. Therefore, the search of this protocol The complexity is O(n), where n is the length of a single document. In 2003, Boneh et al. introduced the idea of search encryption into the public key cryptosystem and proposed the public key encryption search scheme (PEKS). So far, search encryption mainly includes public key search encryption and symmetric search encryption (SSE). In general, the function of public key search encryption is relatively powerful, but bilinear pairing is generally used in most PEKS schemes, so the search efficiency is not high. In the SSE scheme, the encryption and decryption keys of users are the same. Therefore, if SSE wants to upload documents by multiple users at the same time, it needs to broadcast the key to users, which indirectly causes the function of SSE to not be powerful enough. However, the efficiency of SSE is higher than that of SSE. PEKS is much higher.

在SSE中，主要有三个参与者：数据拥有者U、服务器S和检索用户U₁。检索用户U₁和数据拥有者U可以是同一个人，也可以不同，如果U₁和U不同，则U₁需要将密钥K广播给U。SSE的主要思想是：数据拥有者U利用密钥K将本地的数据D＝(D₁,D₂,…,D_n)加密成C＝(C₁,C₂,…,C_n)。同时，数据拥有者U为数据D创建一个索引表I，最后U将C和I存储到服务器S上面。检索用户U₁如果要查询包含关键词w的文档，他首先利用密钥K，为关键字w生成一个搜索指令t(w)，然后将t(w)发送给服务器S。S通过t(w)在I中找出包含w的文档的指针集合，然后根据这些指针，将对应的密文数据返回给用户U₁。最后，U₁在本地设备上利用密钥K对这些密文进行解密。In SSE, there are mainly three participants: data owner U, server S and retrieval user U₁ . The retrieval user U₁ and the data owner U can be the same person or different. If U₁ and U are different, U₁ needs to broadcast the key K to U. The main idea of SSE is: the data owner U uses the key K to encrypt the local data D=(D₁ , D₂ , . . . , D_n ) into C=(C₁ , C₂ , . . . , C_n ). At the same time, the data owner U creates an index table I for the data D, and finally U stores C and I on the server S. If the retrieval user U1 wants to query the document containing the keyword w, he_first uses the key K to generate a search instruction t(w) for the keyword w, and then sends t(w) to the server S. S finds the set of pointers of documents containing w in I through t(w), and then returns the corresponding ciphertext data to user U₁ according to these pointers. Finally, U1 decrypts these ciphertexts with the key K_on the local device.

早期的SSE方案仅支持单个关键字的精确搜索，后来研究学者将SSE的功能进行了一定的扩展，例如模糊搜索、范围搜索、子集搜索、动态搜索、排序搜索、语句搜索和boolean搜索等。然而这些功能有一定的局限性，并不能解决特殊场合中的搜索问题。例如，在目前的SSE方案中，并未考虑用户查阅文件的时间权限问题，所以按照当前的搜索方式，一旦用户执行一次搜索，他将立即获得自己需要的所有文件。然而，在许多实际搜索问题中，是需要考虑时间因素的。The early SSE solutions only supported the precise search of a single keyword. Later, researchers extended the functions of SSE to a certain extent, such as fuzzy search, range search, subset search, dynamic search, sorting search, sentence search, and boolean search. However, these functions have certain limitations and cannot solve the search problem in special occasions. For example, in the current SSE solution, the user's time permission for viewing files is not considered, so according to the current search method, once a user performs a search, he will immediately obtain all the files he needs. However, in many practical search problems, the time factor needs to be considered.

例如，为避免子女因财产分割而发生纠纷，当前很多商人会提前立遗嘱，并由律师保密管理该文件。按照规定该遗嘱只能在特定的时间才能被打开。由于现有的加密搜索技术不能有效的解决此类问题，这也限制了云存储技术的使用范围。再如，电子投票系统中，每个投票人匿名将自己的投票结果上传到云端。候选人不能提前获知自己的票数，只有到了公开阶段，他才知道自己的总票数。事实上，这种基于时间释放的搜索加密技术除了在律师事务所、电子投票系统使用外，还有一些其他的应用场合，例如全国考试成绩查询系统等。For example, in order to avoid disputes between children due to property division, many businessmen will make a will in advance, and the lawyer will manage the document confidentially. According to the regulations, the will can only be opened at a specific time. Since the existing encrypted search technology cannot effectively solve such problems, it also limits the application scope of cloud storage technology. For another example, in the electronic voting system, each voter anonymously uploads their voting results to the cloud. A candidate cannot know his votes in advance, and only at the public stage does he know his total votes. In fact, this time-release-based search encryption technology is not only used in law firms and electronic voting systems, but also has some other applications, such as the national test score query system.

目前解决以上问题的一种办法是管理员在规定的时间的前一秒上传文件，然而这种方法对于轻量级数据来说，是可观的，但是当文件规模比较大，且数量多的情况下容易造成网络堵塞，进而不能使用户在第一时间获取相应的查询结果。另一方面，现有的这种技术并未考虑数据的隐私性，因此随时有信息泄露的潜在可能。One way to solve the above problems is that the administrator uploads the file one second before the specified time. However, this method is considerable for lightweight data, but when the file size is relatively large and the number is large It is easy to cause network congestion, and thus the user cannot obtain the corresponding query results in the first time. On the other hand, the existing technology does not consider the privacy of data, so there is a potential possibility of information leakage at any time.

针对以上问题，我们有必要提供一种可在指定时间段内，在加密电子文档上实现搜索的方法。In view of the above problems, it is necessary for us to provide a method that can search encrypted electronic documents within a specified period of time.

发明内容SUMMARY OF THE INVENTION

为了在未来某个时间点后，在加密电子文档上实现搜索，本发明提出了一种基于时间释放的云存储搜索方法。时间释放是一个基于未来某个时间点的加密算法，其目的是保证加密的信息在指定的时间之前不能被解密。In order to realize search on encrypted electronic documents after a certain time point in the future, the present invention proposes a cloud storage search method based on time release. Time release is an encryption algorithm based on a point in time in the future, whose purpose is to ensure that encrypted information cannot be decrypted before a specified time.

本发明提出的一种基于时间释放的云存储搜索方法，包括数据拥有者，云服务器，用户；A time-release-based cloud storage search method proposed by the present invention includes a data owner, a cloud server, and a user;

数据拥有者用于将本地数据进行加密并上传到云服务器上。The data owner is used to encrypt local data and upload it to the cloud server.

云服务器用于存储数据并帮助用户进行搜索数据。Cloud servers are used to store data and help users search for data.

其特征在于：还包括时间服务器，所述时间服务器是一个可信的中心；It is characterized in that: it also includes a time server, and the time server is a trusted center;

主要包含以下步骤：It mainly includes the following steps:

(S1)、数据拥有者输入一个系统安全参数λ，生成一个用于加密文档和构造索引的密钥数组，表示为n+3维密钥

n是大于等于1的整数，表示文档集D中所包含的文档的个数。所述时间服务器输入安全参数λ，随机生成并广播一系列与时间相关的公钥；表示为

和PK_1,1,…,PK_m,s，m、s均是大于等于1的整数，m是数据库中的关键字的个数，s的取值取决于数据库中关键字所关联的文档的个数的最大值。(S1), the data owner inputs a system security parameter λ, and generates a key array for encrypting the document and constructing the index, which is expressed as an n+3-dimensional key

n is an integer greater than or equal to 1, representing the number of documents included in the document set D. The time server inputs the security parameter λ, randomly generates and broadcasts a series of time-related public keys; expressed as

and PK_1,1 ,...,PK_m,s , m, s are integers greater than or equal to 1, m is the number of keywords in the database, and the value of s depends on the document associated with the keyword in the database. the maximum number.

(S2)、数据拥有者将本地的文档集D＝(D₁,D₂,…,D_n)加密成密文文档集C＝(C₁,C₂,…,C_n)。同时，数据拥有者为文档集D创建一个加密索引表I，数据拥有者将密文文档集C和索引表I存储到云服务器上面。其中每个文档表示为D_i(1≤i≤n)，每个密文文档表示为：C_i(1≤i≤n)。(S2), the data owner encrypts the local document set D=(D₁ , D₂ , . . . , D_n ) into a ciphertext document set C=(C₁ , C₂ , . . . , C_n ). At the same time, the data owner creates an encrypted index table I for the document set D, and the data owner stores the ciphertext document set C and the index table I on the cloud server. Each document is represented as D_i (1≤i≤n), and each ciphertext document is represented as: C_i (1≤i≤n).

(S3)、合法用户查询包含关键词w_α(1≤α≤m)的文档，首先利用密钥为关键字w_α生成一个搜索指令Tr(w_α)，然后将搜索指令Tr(w_α)发送给云服务器。(S3), a legitimate user queries a document containing the keyword w_α (1≤α≤m), first generates a search instruction Tr(w_α ) for the keyword w_α by using the key, and then uses the search instruction Tr(w_α ) sent to the cloud server.

(S4)、云服务器通过搜索指令Tr(w_α)在索引表I中找出包含关键词w_α的文档的指针集合

由于云服务器没有这些文件指针集

对应的解密密钥{SK_α,1,…,SK_α,s}，服务器需要将这些文件指针

返还给用户。用户收到文件指针集合

后与时间服务器通信。时间服务器首先验证用户的身份信息是否合法，如果合法，它在指定的时间段内将对应的解密密钥{SK_α,1,…,SK_α,s}安全的发送给该用户。用户收到解密密钥{SK_α,1,…,SK_α,s}后，从文件指针集合

中解密出明文文件身份标识符

用户与云服务器再次通信，并让其返还相应的密文文档

(S4), the cloud server finds the pointer set of the document containing the keyword w_α in the index table I through the search instruction Tr(w_α )

Since the cloud server does not have these file pointer sets

The corresponding decryption key {SK_α,1 ,…,SK_α,s }, the server needs to convert these file pointers

returned to the user. The user receives a collection of file pointers

Then communicate with the time server. The time server first verifies whether the user's identity information is legal. If it is legal, it securely sends the corresponding decryption key {SK_α,1 ,...,SK_α,s } to the user within the specified time period. After the user receives the decryption key {SK_α,1 ,…,SK_α,s }, the

Decrypt the plaintext file identifier

The user communicates with the cloud server again and asks it to return the corresponding ciphertext document

(S5)、解密阶段：用户收到密文集

后，再次与时间服务器通信，并从时间服务器获得相应的解密密钥

最终用户利用这些密钥

分别对密文

进行解密，获得对应的明文信息

(S5), decryption stage: the user receives the ciphertext set

After that, communicate with the time server again and obtain the corresponding decryption key from the time server

End users utilize these keys

ciphertext

Decrypt to obtain the corresponding plaintext information

所述步骤(S2)中数据拥有者加密文档和建立索引表时均采用了对称加密体制和公钥加密体制相结合的方法，最终生成相应的密文和索引表。In the step (S2), the data owner adopts the method of combining the symmetric encryption system and the public key encryption system when encrypting the document and establishing the index table, and finally generates the corresponding ciphertext and the index table.

具体地，数据拥有者加密文档的过程如下：Specifically, the process for the data owner to encrypt the document is as follows:

(S2a).数据拥有者利用密钥

分别加密文档D₁,…,D_n：

1≤i≤n，其中

表示文档D_i对应的加密结果，

表示一种对称加密算法，而算法中所使用的加密密钥是

1≤i≤n。然后，数据拥有者选取n个与时间相关的公钥

逐个对加密文档过程中所使用的私钥

进行加密，我们用cki表示

的加密结果：

这里

表示一种公钥加密算法，算法中所使用的加密公钥是

文档D_i对应的密文记为

用户将密文C_i(i＝1,…,n)上传至云服务器上；(S2a). The data owner utilizes the key

Encrypt documents D₁ ,...,D_n respectively:

1≤i≤n, where

represents the encryption result corresponding to document D_i ,

represents a symmetric encryption algorithm, and the encryption key used in the algorithm is

1≤i≤n. Then, the data owner selects n time-related public keys

Private key used in encrypting documents one by one

For encryption, we use cki to represent

The encrypted result of:

here

Represents a public key encryption algorithm, the encryption public key used in the algorithm is

The ciphertext corresponding to document D_i is recorded as

The user uploads the ciphertext C_i (i=1,...,n) to the cloud server;

具体地，数据拥有者构造索引表的过程如下：Specifically, the process of constructing the index table by the data owner is as follows:

(S2b1).数据拥有者从文档集D中提取出关键字集合W＝{w₁,…,w_m}。假设每个文档D_i(1≤i≤n)都有一个唯一的身份标识符id_i(i＝1,…,n)，该标识符可以用一个k比特的二进制字符串表示。对每个关键字w_l∈W(l＝1,…,m)，选取大小为s的空集合D(w_l)，并按如下方式对集合D(w_l)中的元素赋值：如果文档D_i(1≤i≤n)包含关键字w_l，那么将文档D_i对应的身份标识符id_i存储在D(w_l)中。令

如果D(w_l)中的元素的个数小于s时，随机选取s-|D(w_l)|个k比特的二进制字符串进行填充，并用符号id′_j(id′_j≠id_j)表示对应的身份标识符，其中j＝1,…,s-|D(w_l)|。数据拥有者利用密钥K₁和伪随机函数F₁对每个关键字w_l(l＝1,…,m)加密处理变为t(w_l)＝F₁(K₁,w_l)(l＝1,…,m)。假设A是一个初始化为空的m×s维数组，该数组用于存放D(w_l)(l＝1,…,m)中的每个元素的相关信息。具体地，数据拥有者对每个D(w_l)(l＝1,…,m)中的元素id_j(1≤j≤s)逐一加密处理，然后把这些加密结果以链表关联的形式分别存储在A(addr(N_l,1)),A(addr(N_l,2)),,…,A(addr(N_l,s))中，这里addr(N_l,1),addr(N_l,2),…,addr(N_l,s)表示矩阵A中s个不同的位置。数据拥有者选取一个{0,1}^k×{0,1}^k的表格T，并把数组A中的每个关键字w_l(1≤l≤m)所对应的链表的头结点的位置信息addr(N_l,1)和t(w_l)(1≤l≤m)加密处理为(t(w_l)，l(w_l)⊕addr(N_l,1))，并存储在表格T中。(S2b1). The data owner extracts the keyword set W={w₁ , . . . , w_m } from the document set D. Assuming that each document D_i (1≤i≤n) has a unique identity identifier id_i (i=1,...,n), the identifier can be represented by a k-bit binary string. For each keyword w_l ∈ W(l=1,...,m), choose an empty set D(w_l ) of size s, and assign values to the elements in set D(w_l ) as follows: If the document D_i (1≤i≤n) contains the keyword wl , then the identity identifier id_i corresponding to the document D_i is stored in D(_wl) . make

If the number of elements in D(w_l ) is less than s, randomly select s-|D(w_l )| k-bit binary strings for filling, and use the symbol id′_j (id′_j ≠id_j ) represents the corresponding identity identifier, where j=1,...,s-|D(w_l )|. The data owner uses the key K₁ and the pseudo-random function F₁ to encrypt each key w_l (_l=1 ,_. l=1,...,m). Suppose that A is an m×s-dimensional array initialized to be empty, and the array is used to store the relevant information of each element in D(w_l ) (l=1, . . . , m). Specifically, the data owner encrypts the elements id_j (1≤j≤s) in each D(w_l )(l=1,...,m) one by one, and then associates these encrypted results in a linked list respectively. Stored in A(addr(N_l,1 )), A(addr(N_l,2 )),,…,A(addr(N_l,s )), where addr(N_l,1 ),addr( N_l,2 ),...,addr(N_l,s ) represent s different positions in matrix A. The data owner selects a table T of {0,1}^k ×{0,1}^k , and puts the head node of the linked list corresponding to each keyword w_l (1≤l≤m) in the array A. The location information addr(N_l,1 ) and t(w_l ) (1≤l≤m) are encrypted as (t(w_l ), l(w_l )⊕addr(N_l,1 )) and stored in Form T.

(S2b2).将索引表I＝(A,T)上传到云端服务器。(S2b2). Upload the index table I=(A, T) to the cloud server.

所述步骤(S2b1)中的矩阵A的构造如下：The structure of the matrix A in the step (S2b1) is as follows:

(S2b11).对D(w_l)(1≤l≤m)中的每个元素id_j(1≤j≤s)利用对称加密和公钥加密相结合的思想进行加密。具体地，对每个元素id_j，利用密钥K₃和关键字w_l计算：

(1≤l≤m,1≤j≤s)。然后利用对称加密方案δ.Enc(·,·)和

将id_j加密为

(1≤l≤m,1≤j≤s)。从云服务器公布的所有公钥集合中选取s个与时间相关的公钥PK_l,1,…,PK_l,s，并利用公钥加密方案ε₂.Enc(·，·)逐个加密这里使用的密钥

相应的密文记为

(1≤j≤s)。最终令

该值表示元素id_j的加密结果。对每个关键字w_l(1≤l≤m)在A中随机选取s个不同的空位置addr(N_l,1),…,addr(N_l,s)(1≤l≤m,)，并将信息

(1≤l≤m,1≤j≤s)依次存储在对应的位置上，这里addr(N_l,s+1)＝⊥表示读取数据、写入数据程序的结束符号。(S2b11). Encrypt each element id_j (1≤j≤s) in D(w_l ) (1≤l≤m) using the idea of combining symmetric encryption and public key encryption. Specifically, for each element id_j , using the key K₃ and the keyword_wl to calculate:

(1≤l≤m, 1≤j≤s). Then use the symmetric encryption scheme δ.Enc(·,·) and

encrypt id_j as

(1≤l≤m, 1≤j≤s). Select s time-related public keys PK_l,1 ,...,PK_l,s from all public key sets published by the cloud server, and encrypt them one by one using the public key encryption scheme ε₂ .Enc(·,·) used here the key

The corresponding ciphertext is denoted as

(1≤j≤s). final order

This value represents the encrypted result of element id_j . For each keyword w_l (1≤l≤m) randomly select s different empty positions in A addr(N_l,1 ),...,addr(N_l,s )(1≤l≤m,) , and put the information

(1≤l≤m, 1≤j≤s) are stored in corresponding positions in sequence, where addr(N_l,s+1 )=⊥ represents the end symbol of the program of reading data and writing data.

所述步骤(S2b1)中的表格T的构造如下：The structure of the table T in the step (S2b1) is as follows:

(S2b12).数据拥有者利用伪随机函数F₁,密钥K₁,K₂对每个关键字w_l(1≤l≤m)计算：t(w_l)＝F₁(K₁,w_l)，l(w_l)＝F₁(K₂,w_l)。然后将数组(t(w_l)，

)按照字典排序法的方式存储在表格T中。(S2b12). The data owner uses pseudo-random function F₁ , keys K₁ , K₂ to calculate for each keyword w_l (1≤l≤m): t(w_l )=F₁ (K₁ ,w_l ), l(w_l )=F₁ (K₂ , w_l ). Then the array(t(w_l ),

) are stored in table T in a lexicographical manner.

具体地，所述步骤(S3)的具体过程如下：Specifically, the specific process of the step (S3) is as follows:

(S3a).用户利用密钥(K₁,K₂)对想要查询的关键字w_α∈W生成搜索指令Tr(w_α)＝(t(w_α),l(w_α),h(w_α))＝(F₁(K₁,w_α),F₁(K₂,w_α)，F₃(K₁,w_α))，并将其发送给服务器，其中t(w_α)为搜索指令Tr(w_α)中的第一个分值，l(w_α)为搜索指令Tr(w_α)中的第二个分值，h(w_α)为搜索指令Tr(w_α)中的第三个分值。(S3a). The user uses the key (K₁ , K₂ ) to generate a search instruction Tr(w_α )_{=(t(w α ), l(w α),} h( w_α )) = (F₁ (K₁ , w_α ), F₁ (K₂ , w_α ), F₃ (K₁ , w_α )), and send it to the server, where t(w_α ) is the first score in the search instruction Tr(w_α ), l(w_α ) is the second score in the search instruction Tr(w_α ), and h(w_α ) is the search instruction Tr(w_α ) the third score in .

具体地，所述步骤(S4)具体过程如下：Specifically, the specific process of the step (S4) is as follows:

(S4a).云服务器根据搜索指令Tr(w_α)中的第一个分值t(w_α)，在表格T中查找到对应的值

然后利用Tr(w_α)中的第二个分值l(w_α)与γ异或，得到地址addr(N_α,1)。服务器提取出数组A(addr(N_α,1))中所存储的数据

保存第一部分的指针信息值

并利用Tr(w_α)中的第三个分值h(w_α)与数据

异或得到addr(N_α,2)。读取数组A(addr(N_α,2))中所存储的数据

保存指针信息值

然后利用Tr(w_α)中的第三个分值h(w_α)与数据

异或得到addr(N_α,3)。重复上面的步骤直到服务器遇到addr(N_α,(s+1))＝⊥为止，这样云服务器可依次获得指针信息

(S4a). The cloud server finds the corresponding value in the table T according to the first score t(w_α ) in the search instruction Tr(w_α )

Then use the second fraction l(w_α ) in Tr(w_α ) to XOR with γ to obtain the address addr(N_α,1 ). The server extracts the data stored in the array A (addr(N_α,1 ))

Save the pointer information value of the first part

And use the third score h(w_{α ) in Tr(w α)} with the data

XOR to get addr(N_α,2 ). Read the data stored in the array A (addr(N_α,2 ))

Save pointer information value

Then use the third score h(w_{α ) in Tr(w α)} with the data

XOR to get addr(N_α,3 ). Repeat the above steps until the server encounters addr(N_α,(s+1) )=⊥, so that the cloud server can obtain the pointer information in turn

(S4b).云服务器将上一步骤中的指针信息集合

返还给用户。(S4b). The cloud server collects the pointer information in the previous step

returned to the user.

(S4c).用户收到指针信息集合

后，与时间服务器通信，以便获得对应的解密密钥SK_α,1,…,SK_α,s。(S4c). The user receives the pointer information set

Then, communicate with the time server in order to obtain the corresponding decryption keys SK_α,1 ,...,SK_α,s .

(S4d).用户收到时间服务器释放的解密密钥SK_α,j(t＝1,…,s)后，利用该密钥SK_α,j解密数组

中的第二个分量

然后利用

解密

中的第一个分量

随后用户继续与云服务器通信。(S4d). After the user receives the decryption key SK_α,j (t=1,...,s) released by the time server, use the key SK_{α,j to} decrypt the array

the second component in

then use

decrypt

the first component in

The user then continues to communicate with the cloud server.

(S4e).云服务器收到用户的请求

后，在C中查找出相应的密文文档

并将其返还给用户。(S4e). The cloud server receives the user's request

After that, find the corresponding ciphertext document in C

and return it to the user.

所述步骤(S4c)的具体过程如下：The specific process of the step (S4c) is as follows:

(S4c1).时间服务器首先验证用户的身份信息，如果身份合法，则查看当前是否可以释放公钥PK_α,1,…,PK_α,s对应的私钥SK_α,1,…,SK_α,s。如果目前可以释放私钥SK_α,j(1≤j≤s)，则将该值发送给用户；如果没有达到规定的时间段，则不返还该私钥SK_α,j(1≤j≤s)。(S4c1). The time server first verifies the user's identity information. If the identity is legal, it checks whether the private key SK_α,1 ,...,SK_α corresponding to the public key PK_α,1 ,…,PK_α,s can be released currently._s . If the private key SK_α,j (1≤j≤s) can be released at present, the value will be sent to the user; if the specified time period is not reached, the private key SK_α ,j (1≤j≤s) will not be returned ).

具体地，所述步骤(S5)具体过程如下：Specifically, the specific process of the step (S5) is as follows:

(S5a).待用户收到

后，用户继续与时间服务器通信，获取相关的解密密钥

时间服务器首先验证用户的身份信息，如果身份合法，则查看当前是否可以释放公钥

所对应的解密密钥

如果可以，则将该值发送给用户。这里的

是加密

所使用的公钥。(S5a). To be received by the user

After that, the user continues to communicate with the time server to obtain the relevant decryption key

The time server first verifies the user's identity information, and if the identity is legal, checks whether the public key can be released currently

the corresponding decryption key

If possible, send this value to the user. here

is encrypted

The public key used.

(S5b).用户收到解密密钥

后，首先对

的第二个分量ckα_j进行解密：

然后利用

解密

的第一个分量

(S5b). User receives decryption key

, first of all

The second component of ckα_j is decrypted:

then use

decrypt

the first component of

相对于现有技术，本发明具有以下有益效果。Compared with the prior art, the present invention has the following beneficial effects.

1.保证了云端文档的隐私。将明文数据加密后存储在云端，一方面保护了数据的隐私，另一方面给用户带来了方便，可以让用户随时随地的在任意的设备上查询自己的数据。1. Ensure the privacy of cloud documents. Encrypting plaintext data and storing it in the cloud not only protects the privacy of the data, but also brings convenience to users, allowing users to query their data on any device anytime, anywhere.

2.可提前上传数据，简化了数据拥有者的工作量。按照之前的方式，数据拥有者需要等到特定时间的前一秒才能上传文档，而且在上传文档的过程中易遭受网络堵塞。利用时间释放机制的加密方式对数据进行处理，可以使得数据提前被上传到云端。2. Data can be uploaded in advance, simplifying the workload of data owners. Previously, data owners needed to wait a second before a certain time to upload documents, and were vulnerable to network congestion during the uploading process. The data is processed using the encryption method of the time release mechanism, so that the data can be uploaded to the cloud in advance.

3.规范了用户查询的时间。实际生活中有些数据只能在未来某个指定的时间段内进行查询，例如遗嘱，全国统一考试成绩查询等。本发明对数据库构建了一个与时间相关的索引，这样可使得用户只能在特定的时间段内查询到与关键词相关的数据集。3. Standardize the time of user query. In real life, some data can only be queried within a specified time period in the future, such as wills, national unified examination results query, etc. The invention builds a time-related index for the database, so that the user can only query the data set related to the keyword within a specific time period.

附图说明Description of drawings

图1是本发明的系统框架结构。Fig. 1 is the system frame structure of the present invention.

具体实施方式Detailed ways

下面结合附图，以实施例1为例，对本发明的技术方案进行具体说明。首先我们对所使用的数学符号进行简要说明。The technical solution of the present invention will be described in detail below with reference to the accompanying drawings, taking Embodiment 1 as an example. First we briefly describe the mathematical notation used.

ε_a＝(ε_a.Enc(·，·)，ε_a.Dec(·，·))安全的密码体制算法，其中ε_a.Enc是相应的加密算法，ε_a.Dec是对应的解密算法。当a＝1时，该算法为对称加密算法，当a＝2时，该算法为公钥加密算法。ε_a =(ε_a .Enc(·,·),ε_a .Dec(·,·)) secure cryptosystem algorithm, where ε_a .Enc is the corresponding encryption algorithm, ε_a .Dec is the corresponding decryption algorithm . When a=1, the algorithm is a symmetric encryption algorithm, and when a=2, the algorithm is a public key encryption algorithm.

δ＝(δ.Enc(·，·)，δ.Dec(·，·))确定对称加密算法，其中δ.Enc是相应的加密算法，δ.Dec是对应的解密算法。该算法的输出长度是k比特。δ=(δ.Enc(·,·), δ.Dec(·,·)) determines the symmetric encryption algorithm, where δ.Enc is the corresponding encryption algorithm, and δ.Dec is the corresponding decryption algorithm. The output length of this algorithm is k bits.

(PK,SK)公私钥对，其中PK是公钥，而SK是对应的私钥。(PK,SK) public-private key pair, where PK is the public key and SK is the corresponding private key.

F_b:{0,1}^k×{0,1}*→{0,1}^k伪随机函数,b＝1,2,3。F_b : {0,1}^k ×{0,1}*→{0,1}^k pseudo-random function, b=1,2,3.

π:{0,1}^k×{0,1}^k→{0,1}^kπ是k-bit到k-bit的伪随机置换。π:{0,1}^k ×{0,1}^k →{0,1}^k π is a pseudo-random permutation of k-bit to k-bit.

D＝(D₁,D₂,…,D_n)文档集合。D = (D₁ , D₂ , . . . , D_n ) collection of documents.

D(w)包含关键字w的文档标识符集合。D(w) contains the set of document identifiers for the keyword w.

W由D中的关键字组成的集合。W consists of the set of keywords in D.

id_i第i个文档D_i对应的文件标识符，由k-bit二进制字符串组成。id_i The file identifier corresponding to the ith document D_i , consisting of a k-bit binary string.

A m·s的数组。An array of Am s.

addr(N_i,j)表示数组A的第addr(N_i,j)个位置，由k-bit二进制字符串表示。addr(N_i,j ) represents the addr(N_i,j )th position of the array A, which is represented by a k-bit binary string.

T{0,1}^k×{0,1}^k的数组。An array of T{0,1}^k ×{0,1}^k .

|W|集合W中元素的个数。|W| The number of elements in set W.

实施例1Example 1

在本实施例中，共涉及四个参与者：数据拥有者，云服务器，时间服务器，用户。具体实现过程中共有五个环节：In this embodiment, a total of four participants are involved: the data owner, the cloud server, the time server, and the user. There are five steps in the specific implementation process:

1、密钥生成阶段：在该阶段中，用户输入安全参数λ，生成密钥数组

而时间服务器输入安全参数λ，并向全体成员广播公钥

和PK_1,1,…,PK_m,s，这些公钥对应的私钥由时间服务器在随后指定的时间内公布给合法用户。安全参数λ取至少为256比特的二进制数。1. Key generation stage: In this stage, the user inputs the security parameter λ to generate a key array

The time server inputs the security parameter λ and broadcasts the public key to all members

and PK_1,1 ,…,PK_m,s , the private keys corresponding to these public keys are published to legitimate users by the time server within a specified time later. The security parameter λ takes a binary number of at least 256 bits.

2、加密阶段：假设数据拥有者有n个文档D＝(D₁,D₂,…,D_n)需要上传到云端，为此他将完成以下两步：2. Encryption stage: Suppose the data owner has n documents D=(D₁ , D₂ ,...,D_n ) that need to be uploaded to the cloud, for which he will complete the following two steps:

a).加密文档数据。数据拥有者对每个文档D_i利用密钥

进行加密，即

数据拥有者选取公钥

按照公钥加密体制的思想对密钥

进行加密

最终文档D_i对应的密文为

a). Encrypted document data. The data owner uses a key for each document D_i

to encrypt, i.e.

The data owner selects the public key

According to the idea of public key encryption system, key

to encrypt

The ciphertext corresponding to the final document D_i is

b).构造索引表I。数据拥有者提取关键字集合W,假设|W|＝m。然后对每个关键字w_l∈W，分别对集合D(w_l)进行赋值：如果文档D_j(j＝1,…,n)包含关键字w_l(l＝1,…,m),则将D_j的文档标识符id_j(j＝1,…,n)存入到集合D(w_l)中。记s_l＝|D(w_l)|(l＝1,…,m)，并令

如果D(w_l)中的元素的个数少于s，那么随机选取s-s_l个k维字符串{0,1}^k将D(w_l)(l＝1,…,m)填充至s个元素为止。令全局变量ctr＝1，从关键字w₁开始，逐个对关键字w_l(l＝1,..,m)做如下运算：b). Construct index table I. The data owner extracts the keyword set W, assuming |W|=m. Then, for each keyword w_l ∈ W, assign a value to the set D(w_l ): if the document D_j (j=1,...,n) contains the keyword w_l (l=1,...,m), Then, the document identifier id_j (j=1, . . . , n) of D_j is stored in the set D(_wl ). Let s_l =|D(w_l )|(l=1,...,m), and let

If the number of elements in D(w_l ) is less than s, then randomly select ss_l k-dimensional strings {0,1}^k to fill D(w_l )(l=1,...,m) to s elements up to. Let the global variable ctr=1, start from the keyword w₁ , and perform the following operations on the keywords w_l (l=1,..,m) one by one:

I).计算t(w_l)←F₁(K₁,w_l)，l(w_l)←F₁(K₂,w_l)，

将数组(t(w_l)，

)按照字典排序法的方式存储在表格T中，这里

表示整数x通过伪随机置换函数

映射到数组A的第addr(y)的位置上。I). Calculate t(w_l )←F₁ (K₁ ,w_l ), l(w_l )←F₁ (K₂ ,w_l ),

Convert the array (t(w_l ),

) is stored in table T in lexicographical order, here

represents the integer x by a pseudorandom permutation function

Map to the position of addr(y) of array A.

II).对D(w_l)中的每个元素

选取与时间相关的公钥PK_l,j(j＝1,…,s)，并做如下运算：

和

并令

II). For each element in D(w_l )

Select the time-related public key PK_l,j (j=1,...,s), and do the following operations:

and

and order

III).令ctr＝ctr+1，计算

将

存储在数组A(addr(N_l,j))中(j＝1,…,s)，其中addr(N_l,(s+1))＝⊥，表示空字符，意味操作结束。III). Let ctr=ctr+1, calculate

Will

Stored in the array A(addr(N_l,j )) (j=1,...,s), where addr(N_l,(s+1) )=⊥, which means a null character, which means the operation ends.

令索引表I＝(A,T)，数据拥有者将密文C和I上传到云端。Let the index table I=(A, T), the data owner uploads the ciphertexts C and I to the cloud.

3、搜索指令生成阶段：当用户想要查询包含关键字w_α的文件时，该用户利用密钥K₁,K₂对关键字w_α计算t(w_α)←F₁(K₁,w_α)，l(w_α)←F₁(K₂,w_α)和h(w_α)←F₃(K₁,w_α)。令Tr(w_α)＝(t(w_α),l(w_α),h(w_α))为搜索指令，并将该值发送给云服务器。3. The search instruction generation stage: when the user wants to query the file containing the keyword w_α , the user uses the keys K₁ , K₂ to calculate t(w_α )←F₁ (K₁ ,w for the keyword w_α )_α ), l(w_α )←F₁ (K₂ ,w_α ) and h(w_α )←F₃ (K₁ ,w_α ). Let Tr(w_α )=(t(w_α ), l(w_α ), h(w_α )) be the search command, and send the value to the cloud server.

4、搜索执行阶段：当云服务器收到用户发来的搜索指令Tr(w_α)后，它首先利用t(w_α)在表格T中找到

然后借助l(w_α)得到

读取数组A(addr(N_α,1))中的信息

存储信息

由于h(w_α)＝F₃(K₁,w_α)，因此云服务器可以计算出

云服务器继续读取A(addr(N_α,2))中的值

重复上述方法直到addr(N_l,(s+1))＝⊥，云服务器可依次获取

并将其返还给用户。4. Search execution stage: When the cloud server receives the search instruction Tr(w_α ) sent by the user, it first uses t(w_α ) to find the table T

Then by l(w_α ) we get

Read the information in array A(addr(N_α,1 ))

store information

Since h(w_α )=F₃ (K₁ ,w_α ), the cloud server can calculate

The cloud server continues to read the value in A(addr(N_α,2 ))

Repeat the above method until addr(N_l,(s+1) )=⊥, the cloud server can obtain the

and return it to the user.

用户收到

后，向时间服务器发送自己的身份信息，一旦验证通过，时间服务器查阅当前是否可以释放公钥PK_α,j(j＝1,…,s)对应的私钥SK_α,1,…,SK_α,s。如果当前可以是释放，那么时间服务器将相应的私钥SK_α,j(1≤j≤s)返还给用户，如果当前不允许释放私钥SK_α,j(1≤j≤s)，则不返还该值给用户。user receives

After that, it sends its own identity information to the time server. Once the verification is passed, the time server checks whether the private key SK_α,1 ,…,SK_α corresponding to the public key PK_α,j (j=1,…,s) can be released at present._,s . If it can be released at present, then the time server returns the corresponding private key SK_α,j (1≤j≤s) to the user, if it is not allowed to release the private key SK_α,j (1≤j≤s), then Return this value to the user.

用户收到SK_α,j(1≤j≤s)后，利用该值对

的第二个分量

进行解密：

(1≤j≤s)。然后利用

对相应的

的第一个分量

做如下运算：

用户向云服务器索要

对应的密文文档

云服务器收到指令后，返还相应的密文文档

给用户。After the user receives SK_α,j (1≤j≤s), use this value to

the second component of

To decrypt:

(1≤j≤s). then use

to the corresponding

the first component of

Do the following operations:

The user asks the cloud server for

Corresponding ciphertext document

After the cloud server receives the instruction, it returns the corresponding ciphertext document

to users.

5、解密阶段：用户收到

后，再次向时间服务器索要公钥

相应的解密密钥

时间服务器根据用户的响应，并结合

中所嵌入的时间信息，按照指定的时间将相应的解密密钥

发送给用户。最终用户收到

j≤s)后，利用这些

对

的第二个分量ckα_j(1≤j≤s)计算

然后利用

对相应的

的第一个分量

计算：

(1≤j≤s)。最终，用户得到了包含关键字w_α的文档

5. Decryption stage: the user receives

After that, ask the time server for the public key again

corresponding decryption key

The time server based on the user's response, combined with

The time information embedded in the corresponding decryption key according to the specified time

sent to the user. end user receives

j≤s), use these

right

The second component of ckα_j (1≤j≤s) calculates

then use

to the corresponding

the first component of

calculate:

(1≤j≤s). Finally, the user gets a document containing the keyword w_α

以上所述仅是本发明的优选实施方式，应当指出，对于本技术领域的普通技术人员来说，在不脱离本发明原理的前提下，还可以作出若干改进和润饰，这些改进和润饰也应视为本发明的保护范围。The above are only the preferred embodiments of the present invention. It should be pointed out that for those skilled in the art, without departing from the principles of the present invention, several improvements and modifications can be made, and these improvements and modifications should also be It is regarded as the protection scope of the present invention.

Claims (8)

1. A cloud storage searching method based on time release mainly comprises a data owner, a cloud server and a user, and is characterized in that:

the system also comprises a time server which is a trusted center;

the method comprises the following steps:

(S1) the data owner inputs the security parameter lambda to generate a security key for encryptionKey array of documents and construction indexes, expressed as n +3 dimensional keys

n is an integer greater than or equal to 1 and represents the number of documents contained in the document set D; the time server inputs a safety parameter lambda, randomly generates and broadcasts a series of public keys related to time; is shown as

And PK_1,1,…,PK_m,sM and s are integers which are more than or equal to 1, m is the number of keywords in the database, and the value of s is determined by the maximum value of the number of documents related to the keywords in the database;

(S2), the data owner sets the local document set D ═ D (D)₁,D₂,…,D_n) Encrypted ciphertext file set C ═ (C)₁,C₂,…,C_n) (ii) a Meanwhile, the data owner creates an encryption index table I for the document set D, and the data owner stores the ciphertext document set C and the index table I to the cloud server; wherein each document is represented as D_i(1 ≦ i ≦ n), the corresponding ciphertext document is represented as: c_i(1≤i≤n)；

(S3), the legal user inquiry contains the key word w_α(1. ltoreq. alpha. ltoreq.m) document, the user first using the key as the keyword w_αGenerating a search instruction Tr (w)_α) Then search instruction Tr (w)_α) Sending the data to a cloud server;

(S4) the cloud server searches for the instruction Tr (w)_α) Finding the contained key word w in the index table I_αA set of pointers to a document

The server needs to point these file pointers

Returning to the user; user receives file pointer set

Then communicating with a time server; after the time server verifies that the identity information of the user is legal, the corresponding decryption key SK is used in a future specified time period_α,1,…,SK_α,sSending to the user, the user receiving the decryption key SK_α,1,…,SK_α,sThen, from the file pointer set

In the clear text document identity identifier

The legal user communicates with the cloud server again and returns the corresponding ciphertext document

(S5), decryption stage: user receives cipher text document

Thereafter, communicating with the timeserver and obtaining a corresponding decryption key from the timeserver

The user utilizes these key pairs to encrypt the set of text

Decrypting to obtain corresponding plaintext information

2. The cloud storage searching method based on time release according to claim 1, wherein: in the step (S2), both the method of combining the symmetric encryption system and the public key encryption system is adopted when the data owner encrypts the document and generates the index table, and finally the ciphertext and the encrypted index table are generated.

3. The cloud storage searching method based on time release according to claim 2, wherein:

the specific process of encrypting the document by the data owner is as follows:

(S2 a.) data owner utilizes a key

Encrypted document D_i(1≤i≤n)：

Wherein

A symmetric encryption scheme is shown that is,

it is shown that the process of encryption,

which represents the process of decryption of the content,

indicating the keys used in the encryption and decryption processes,

representing the corresponding encryption result; then using n public keys related to time

Separately encrypting keys

Represents an encryption process of a public key encryption scheme using a public key of

Document D_iThe corresponding ciphertext document is

The data owner sets the ciphertext document set C ═ C (C)₁,…,C_n) Uploading to a cloud server;

the specific process of constructing the index table by the data owner is as follows:

(S2b 1.) the data owner extracts a set of keywords W from the set of documents D, and for each keyword W_lE.g. W (l ═ 1.., m), calculate D (W)_l) D (w) as defined above_l) Is composed of a key word w_lDocument D of_jIdentifier id of_jSet of constituent documents identifier id_jIs a binary string of k bits; data owner using key K₁And a pseudo-random function F₁Each keyword w_lIs encrypted into t (w)_l) (l ═ 1,. m); the data owner chooses an array A of dimensions | W | × s initialized to empty for storing D (W | ×)_l) (l ═ 1.., m) for each element; data owner first pair D (w)_l) Each element of (1., m)

The encryption process then stores these values in the addr (N) of matrix A in linked list association_l,1),…,addr(N_l,s) Position; if D (w)_l) When the number of elements in (l ═ 1., m) is less than s, the data owner randomly selects s- | D (w |, m)_l) Binary string of | k-dimensional bits

D (w)_l) Filling to s elements; the data owner selects one {0,1}^k×{0,1}^kAnd each key w in array A_l(l ═ 1.. multidata., m) of the head node position information addr (N) of the corresponding linked list_l,1) And a keyword w_lIs given by the cryptographic value t (w)_l) (l ═ 1.., m) is encrypted as

Then storing the result in a table T according to a dictionary sorting method;

the table T in the step (S2b1) is configured as follows:

(S2b 12.) data owner utilizes a pseudo-random function F₁Secret key K₁,K₂For each keyword w_l(1. ltoreq. l. ltoreq.m): t (w)_l)＝F₁(K₁,w_l)，l(w_l)＝F₁(K₂,w_l) (ii) a Then the array is

Storing the data in a table T according to a dictionary sorting method;

(S2b 2.) upload index table I ═ a, T to the cloud server.

4. The cloud storage searching method based on time release according to claim 3, wherein:

the matrix a in the step (S2b1) is constructed as follows:

(S2b11). first, for each D (w)_l) Each element id in (1., m)_j(j ═ 1.., s) as follows: using a secret key K₃And a keyword w_lAnd (3) calculating:

enc (·, ·) and

will id_j(1. ltoreq. j. ltoreq. s) is encrypted as

Selecting s time-dependent public keys PK_l,1,…,PK_l,sAnd using a public key encryption scheme₂Enc (·, ·,) encrypts keys used herein one by one

The corresponding ciphertext is noted

Finally order

The value is expressed as an element id_jThe encryption pointer value of (a); randomly selecting s different empty positions addr (N) in A_l,1),…,addr(N_l,s) Respectively transmit the information

Is stored in A (addr (N)_l,j) J is more than or equal to 1 and less than or equal to s); addr (N)_l,s+1) And ═ is used as the end symbol of the read data and the write data.

5. The time release-based cloud storage searching method according to claim 3 or 4, wherein: the specific process of the step (S3) is as follows:

(S3 a.) user utilizes secret key (K)₁,K₂) Keyword w queried for oneself_αGenerating a search instruction Tr (w)_α)＝(t(w_α),l(w_α),h(w_α) And sends it to the server; wherein t (w)_α) For searching for instruction Tr (w)_α) The first score in, l (w)_α) For searching for instruction Tr (w)_α) The second score in (d), h (w)_α) For searching for instruction Tr (w)_α) The third score in (1).

6. The cloud storage searching method based on time release according to claim 5, wherein: the specific process of the step (S4) is as follows:

(S4a) the cloud server searches the instruction Tr (w)_α) First score t (w) of_α) Find the corresponding value in the table T

Using Tr (w)_α) Second score of l (w)_α) Is transformed to gamma

Get the address addr (N)_α,1) The information of (a); the cloud server extracts array A (addr (N)_α,1) Data stored in (c) in

Saving pointer values in the data

Using Tr (w)_α) Third score h (w) of_α) For the above data

And (3) transformation:

obtaining addr (N)_α,2) (ii) a Repeating the above steps until the cloud server encounters addr (N)_α,(s+1)) Until ═ t, the cloud server can obtain the set of pointers in turn

(S4b) the cloud server sets the pointers in the step (S4a)

The value of (d) is returned to the user;

(S4c) user receipt

Thereafter, it communicates with the time server in order to obtain the corresponding decryption key SK_α,1,…,SK_α,s；

(S4d) the user receives the decryption key SK released by the time server_α,j(j is more than or equal to 1 and less than or equal to s), and then the key SK is utilized_α,j(j is more than or equal to 1 and less than or equal to s) decryption array

Is a second component value

By using

Decrypting array

Is measured at the first component value of

The user will

Sending the data to a cloud server;

(S4e) the cloud server receives the request of the user

Then, the corresponding ciphertext document is found out in C

And returns it to the user.

7. The cloud storage searching method based on time release according to claim 6, wherein:

the specific process of the step (S4c) is as follows:

(S4c1) the time server firstly verifies the identity information of the user, if the identity is legal, the public key PK is checked_α,1,…,PK_α,sThe release time of the corresponding private key; if the release of the private key SK is currently reached_α,1,…,SK_α,sThe corresponding private key SK_α,j(j is more than or equal to 1 and less than or equal to s) is sent to the user; if the specified time period is not reached, the private key SK is not returned_α,j(1≤j≤s)。

8. The time release-based cloud storage searching method according to claim 6 or 7, wherein: the specific process of the step (S5) is as follows:

(S5a) to be received by the user

Thereafter, the user continues to communicate with the time server to obtain the associated decryption key

The time server firstly verifies the identity information of the user, if the identity is legal, the time server checks whether the public key can be released currently

Corresponding decryption key

If so, the corresponding decryption key is used

Sending the data to a user; the above-mentioned

Is encryption

The public key used;

(S5b) the user receives the decryption key

Then, firstly, the array is aligned

Second component ck α_j

And (3) decryption:

by using

Decryption

First component of

Images