具有隐私保护的完整性可验证的关键字搜索方案

针对传统基于属性关键字搜索(ABKS)方案存在访问结构泄密、用户侧计算量高及缺乏完整性验证问题，该文提出具有隐私保护和完整性可验证的基于属性的关键字搜索方案。该方案提出了有序多值属性访问结构和有序多值属性集，固定每个属性的位置，减少参数及相关计算，提高了方案的效率，而在密钥生成时计算具体属性取值的哈希值，从而达到区别多值属性取值的不同。同时，采用Hash和对运算实现对访问结构的隐藏，防止访问结构泄密；采用倒序索引结构和Merkle树建立数据认证树，可验证云服务器返回文档和外包解密结果的正确性。此外，支持外包解密以降低用户侧的计算量。安全分析和实验表明所提方案实现云中共享数据的可验证性、关键字不可区分性和关键字不可链接性，且是高效的。

Verifiable Attribute-based Keyword Search Scheme with Privacy Preservation

To address the problems of the leakage of access structure, high computation of user side and lack of integrity verification in current Attribute-Based Keyword Search (ABKS) scheme, a verifiable attribute-based keyword search scheme with privacy preservation is proposed. The scheme adopts the ordered multi-valued attribute access structure and ordered multi-valued attribute set, and fixes the position of each attribute to reduce the parameters and related computation cost and to improve the efficiency of the scheme, while in key generation, the Hash values of specific attributes are calculated to distinguish the different values of multi-valued attributes. At the same time, Hash and pair operation are used to hide the access structure and prevent the disclosure of the access structure. The inverted index structure and Merkle tree are used to establish the data authentication tree, which can verify the correctness of the document returned by the cloud server provider and the result of outsourced decryption. In addition, outsourced decryption is used to reduce the computation cost on the user side. Finally, formal proofs and experimental results show that the scheme achieve verifiability of shared data in the cloud, keyword undistinguishable and keyword unlinkable, and is efficient.