政大機構典藏-National Chengchi University Institutional Repository(NCCUR):Item 140.119/67627
English  |  正體中文  |  简体中文  |  Post-Print筆數 : 27 |  Items with full text/Total items : 113318/144297 (79%)
Visitors : 50976892      Online Users : 875
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version
    Please use this identifier to cite or link to this item: https://nccur.lib.nccu.edu.tw/handle/140.119/67627


    Title: 一個在主從式架構下SSE協議的安全性分析與改良
    Security Analysis and Improvement on the SSE Protocol in Client-Server Model
    Authors: 邱哿振
    Chiu, Ko Cheng
    Contributors: 左瑞麟
    Tso, Ray Lin
    邱哿振
    Chiu, Ko Cheng
    Keywords: SSE
    ASE
    關鍵字搜尋
    雲端運算
    Date: 2013
    Issue Date: 2014-07-21 15:42:41 (UTC+8)
    Abstract: 所謂的SSE (Symmetric Searchable Encryption;對稱式可搜尋加密)就是將自己的資料用自己的密鑰加密外包放在一個網路或雲端上的資料庫DB,存放期間使用者能保有向DB搜尋資料的能力,而DB仍然可以在不知道資料明文的情況下,把使用者所欲搜尋的資料回傳給他。2013年林峻立等學者針對上述的雲端環境,提出了具動態維護及合取關鍵字搜尋之無連結性密文搜尋機制,此方案利用SSE的方式能讓雲端上的伺服器快速搜尋到所提交的關鍵字相關檔案,但此方案所提出之協議仍有安全上的弱點。因此,在此篇論文中,我們基於此方案,分析其安全性漏洞,並在兼顧安全性與低成本的特性下,提出新的SSE搜尋機制。
    Reference: [1] M. Abdalla, M. Bellare, D. Catalano, E. Kiltz, T. Kohno, T. Lange, J. M. Lee, G. Neven, P. Paillier, and H. Shi. “Searchable encryption revisited: Consistency properties, relation to anonymous IBE, and extensions.” Advances in Cryptology -CRYPTO `05, volume 3621 of Lecture Notes in Computer Science, pages 205-222. Springer, 2005.
    [2] G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D. Song. “Provable data possession at untrusted stores.” In P. Ning, S. De Capitani di Vimercati, and P. Syverson, editors, ACM Conference on Computer and Communication Security (CCS `07), pages 598-609. ACM Press, 2007.
    [3] G. Ateniese, S. Kamara, and J. Katz. “Proofs of storage from homomorphic identication protocols.” Advances in Cryptology - ASIACRYPT `09, volume 5912 of Lecture Notes in Computer Science, pages 319-333. Springer, 2009.
    [4] G. Ateniese, R. Di Pietro, L. V. Mancini, and G. Tsudik. “Scalable and efficient provable data possession.” In Proceedings of the 4th International Conference on Security and Privacy in Communication Networks (SecureComm `08), pages 1-10, New York, NY, USA, 2008. ACM.
    [5] J. Baek, R. Safavi-Naini, and W. Susilo. “On the integration of public key data encryption and public key encryption with keyword search.” In International Conference on Information Security (ISC `06), volume 4176 of Lecture Notes in Computer Science, pages 217-232. Springer, 2006.
    [6] J. Baek, R. Safavi-Naini, and W. Susilo. “Public key encryption with keyword search revisited.” In International conference on Computational Science and Its Applications, volume 5072 of Lecture Notes in Computer Science, pages 1249-1259. Springer, 2008.
    [7] J. Bardin, J. Callas, S. Chaput, P. Fusco, F. Gilbert, C. Hoff, D. Hurst, S. Kumaraswamy, L. Lynch, S. Matsumoto, B. O`Higgins, J. Pawluk, G. Reese, J. Reich, J. Ritter, J. Spivey, and J. Viega. “Security guidance for critical areas of focus in cloud computing.” Technical report, Cloud Security Alliance, April 2009.
    [8] M. Bellare, A. Boldyreva, and A. O`Neill. “Deterministic and efficiently searchable encryption.” Advances in Cryptology - CRYPTO `07, Lecture Notes in Computer Science, pages 535-552. Springer, 2007.
    [9] J. Benaloh, M. Chase, E. Horvitz, and K. Lauter. “Patient controlled encryption: Ensuring privacy of electronic medical records.” In ACM workshop on Cloud computing security (CCSW`09), pages 103-114. ACM, 2009.
    [10] J. Bethencourt, A. Sahai, and B. Waters. “Ciphertext-policy attribute-based encryption.” In IEEE Symposium on Security and Privacy, pages 321-334. IEEE Computer Society, 2007.
    [11] D. Boneh, G. di Crescenzo, R. Ostrovsky, and G. Persiano. “Public key encryption with keyword search.” Advances in Cryptology - EUROCRYPT `04, volume 3027 of Lecture Notes in Computer Science, pages 506-522. Springer, 2004.
    [12] D. Boneh, E. Kushilevitz, R. Ostrovsky, and W. Skeith. “Public-key encryption that allows PIR queries.” Advances in Cryptology - CRYPTO `07, volume 4622 of Lecture Notes in Computer Science, pages 50-67. Springer, 2007.
    [13] D. Boneh and B. Waters. “Conjunctive, subset, and range queries on encrypted data.” In Theory of Cryptography Conference (TCC `07), volume 4392 of Lecture Notes in Computer Science, pages 535-554. Springer, 2007.
    [14] K. Bowers, A. Juels, and A. Oprea. “Proofs of retrievability: Theory and implementation.” In ACM workshop on Cloud computing security (CCSW`09), pages 43-54. ACM, 2009..
    40
    [15] J. W. Byun, H. S. Rhee, H.-A. Park, and D. H. Lee. “Off-line keyword guessing attacks on recent keyword search schemes over encrypted data.” In Secure Data Management, volume 4165 of Lecture Notes in Computer Science, pages 75-83. Springer, 2006.
    [16] Y. Chang and M. Mitzenmacher. “Privacy preserving keyword searches on remote encrypted data.” Applied Cryptography and Network Security (ACNS `05), volume 3531 of Lecture Notes in Computer Science, pages 442-455. Springer, 2005.
    [17] M. Chase. “Multi-authority attribute based encryption.” In Theory of Cryptography Conference(TCC `07), volume 4392 of Lecture Notes in Computer Science, pages 515-534. Springer, 2007.
    [18] M. Chase and S.M. Chow. “Improving privacy and security in multi-authority attribute-based encryption.” In ACM Conference on Computer and Communications Security (CCS `09), pages 121-130, New York, NY, USA, 2009. ACM.
    [19] R. Curtmola, J. Garay, S. Kamara, and R. Ostrovsky. “Searchable symmetric encryption: Improved definitions and efficient constructions.” ACM Conference on Computer and Communications Security (CCS`06), pages 79-88. ACM, 2006.
    [20] Y. Dodis, S. Vadhan, and D. Wichs. “Proofs of retrievability via hardness ampli cation.” In Theory of Cryptography Conference, volume 5444 of Lecture Notes in Computer Science, pages 109-127. Springer, 2009.
    [21] C. Erway, A. Kupcu, C. Papamanthou, and R. Tamassia. “Dynamic provable data possession.” In ACM conference on Computer and communications security (CCS `09), pages 213-222, New York, NY, USA, 2009. ACM.
    [22] T. Fuhr and P. Paillier. “Decryptable searchable encryption.” In International
    41
    Conference on Provable Security, volume 4784 of Lecture Notes in Computer Science, pages 228-236. Springer,2007.
    [23] E-J. Goh. “Secure indexes.” Technical Report 2003/216, IACR ePrint Cryptography Archive, 2003..
    [24] P. Golle, J. Staddon, and B. Waters. “Secure conjunctive keyword search over encrypted data.” Applied Cryptography and Network Security Conference (ACNS `04), volume 3089 of Lecture Notes in Computer Science, pages 31-45. Springer, 2004.
    [25] V. Goyal, O. Pandey, A. Sahai, and B. Waters. “Attribute-based encryption for fine-grained access control of encrypted data.” In ACM conference on Computer and communications security(CCS `06), pages 89-98, New York, NY, USA, ACM, 2006.
    [26] A. Juels and B. Kaliski. “PORs: Proofs of retrievability for large files.” ACM Conference on Computer and Communication Security (CCS `07), pages 584-597, New York, NY, USA, ACM, 2007.
    [27] R. Ostrovsky, A. Sahai, and B. Waters. “Attribute-based encryption with non-monotonic access structures.” In ACM conference on Computer and communications security (CCS `07), pages 195-203, New York, NY, USA, ACM, 2007.
    [28] D. Park, K. Kim, and P. Lee. “Public key encryption with conjunctive field keyword search.” Workshop on Information Security Applications (WISA`04), volume 3325 of Lecture Notes in Computer Science, pages 73-86. Springer, 2004.
    [29] A. Sahai and B. Waters. “Fuzzy identity-based encryption.” Advances in Cryptology - EUROCRYPT `05, volume 3494 of Lecture Notes in Computer Science, pages 457-473. Springer, 2005.
    42
    [30] H. Shacham and B. Waters. “Compact proofs of retrievability.” In Advances in Cryptology - ASIACRYPT `08, volume 5350 of Lecture Notes in Computer Science, pages 90-107. Springer, 2008.
    [31] E. Shi, J. Bethencourt, T. Chan, D. Song, and A. Perrig. “Multi-dimensional range query over encrypted data.” In IEEE Symposium on Security and Privacy, pages 350-364, Washington, DC, USA, 2007. IEEE Computer Society.
    [32] D. Song, D. Wagner, and A. Perrig. “Practical techniques for searching on encrypted data.” In IEEE Symposium on Research in Security and Privacy, pages 44-55. IEEE Computer Society, 2000.
    [33] Q. Wang, C. Wang, J. Li, K. Ren, and W. Lou. “Enabling public verifiability and data dynamics for storage security in cloud computing.” In European Symposium on Research in Computer Security (ESORICS `09), volume 5789 of Lecture Notes in Computer Science, pages 355-370. Springer, 2009.
    [34] K. Zetter. “Compay caught in texas data center raid loses suit against FBI.” Wired Magazine, April 2009.
    [35] S. Kamara and K. Lauter. “Cryptographic Cloud Storage.” Financial Cryptography and Data Security, volume 6054 of Lecture Notes in Computer Science, pages 136-149. Springer, 2010.
    [36] S. T. Hsu, M.S. Hwang, and C.C. Yang. “A study of keyword Search over encrypted data in cloud storage service.” 2013
    [37] 林峻立. “Unlinkable and Conjunctive Keyword Ciphertext Searching with Dynamic Maintenance” Cryptology and Information Security Conference 2013, pages 272-275.
    Description: 碩士
    國立政治大學
    資訊科學學系
    101753038
    102
    Source URI: http://thesis.lib.nccu.edu.tw/record/#G0101753038
    Data Type: thesis
    Appears in Collections:[Department of Computer Science ] Theses

    Files in This Item:

    File SizeFormat
    303801.pdf772KbAdobe PDF2143View/Open


    All items in 政大典藏 are protected by copyright, with all rights reserved.


    社群 sharing

    著作權政策宣告 Copyright Announcement
    1.本網站之數位內容為國立政治大學所收錄之機構典藏,無償提供學術研究與公眾教育等公益性使用,惟仍請適度,合理使用本網站之內容,以尊重著作權人之權益。商業上之利用,則請先取得著作權人之授權。
    The digital content of this website is part of National Chengchi University Institutional Repository. It provides free access to academic research and public education for non-commercial use. Please utilize it in a proper and reasonable manner and respect the rights of copyright owners. For commercial use, please obtain authorization from the copyright owner in advance.

    2.本網站之製作,已盡力防止侵害著作權人之權益,如仍發現本網站之數位內容有侵害著作權人權益情事者,請權利人通知本網站維護人員(nccur@nccu.edu.tw),維護人員將立即採取移除該數位著作等補救措施。
    NCCU Institutional Repository is made to protect the interests of copyright owners. If you believe that any material on the website infringes copyright, please contact our staff(nccur@nccu.edu.tw). We will remove the work from the repository and investigate your claim.
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback