基于二叉树存储的多用户ORAM方案

随着大数据及数据挖掘技术的发展,云计算环境中用户访问模式成为泄露用户隐私的一种途径.不经意随机存取技术(ORAM)是保护用户访问模式的一种有效途径.现有的ORAM方案中,大部分只支持单个用户,而唯一支持多用户的ORAM方案是基于分层ORAM方案设计的,但是其混淆过程的计算复杂度高.为了避免混淆过程,在基于二叉树ORAM方案的基础上,构造了一个多用户的ORAM方案.首先,改进了一个代理加密方案,然后在多个用户和服务器之间引入一个代理,利用改进的代理加密机制,将不同用户加密的数据,通过代理再次加密成相同密钥加密的数据存储到服务器.该方案的安全性基于伪随机函数的不可区分性,其最差情况下的计算复杂度和平均计算复杂度均为O(log2n),比现有的多用户ORAM方案的效率高.

Multi-User Binary Tree Based ORAM Scheme

With the development of big data and data mining technology, the access pattern becomes a risk of leaking user''s privacy in the cloud computing environment. Oblivious random access memory (ORAM) is an effective way to protect the user''s access pattern. The existing ORAMs mostly support a single user. The only ORAM supporting multi-user is based on the hierarchical ORAM including a reshuffling phase that may cause high computational complexity. In order to avoid reshuffling, this paper designs a new multi-user ORAM based on binary tree. First, a proxy encryption scheme is improved. Second, a proxy between users and the cloud server is introduced. The data encrypted by different users is encrypted again by the proxy to obtain the final ciphertext encrypted by the same key, and the final ciphertext is stored on the server. The security of the scheme is based on the indistinguishability of the pseudorandom function, and the worst computational complexity and the amortized computational complexity are all O(log²n), achieving higher efficiency than the existing multi-user ORAM schemes.