摘要
隐私数据验证场景是信息验证服务下的一类特殊场景,其实用性要求数据在第三方数据库进行存储、发布且有能力处理任意形式声明的验证,其安全性要求数据在存储、更新与证明期间提供有效的隐私保护手段。目前该场景下的隐私保护研究尚且处于空白阶段,因此本文引入可证明数据加密策略的概念,以满足隐私数据验证场景下的实用性与安全性需求。本文主要有三个贡献:(1)对可证明数据加密策略进行讨论并给出形式化定义;(2)基于非交互零知识证明构造出首个可证明数据加密方案,并同时支持高效的数据更新操作;(3)基于承诺方案、非交互零知识证明与全同态加密,提出可证明数据加密策略的两种通用构造框架并给予相关性质证明。
The privacy data verification scenario is a special scenario under the information verification service.Its practicability requires data to be stored and published in third-party database and have the ability to handle any form of statement verification.Its security requires effective privacy protection during data storage,update and certification.At present,the privacy protection research in this scenario is still blank,so this paper introduces the concept of provable data encryption scheme to meet the practicality and security requirements in the privacy data verification scenario.This paper has three main contributions:(1)discussing the provable data encryption scheme and giving its formal definition;(2)constructed the first provable data encryption scheme based on non-interactive zero-knowledge proof,which also supports efficient data update operations;(3)based on the commitment scheme,non-interactive zero-knowledge proof and fully homomorphic encryption,we propose two general construction frameworks for provable data encryption scheme and proves their relevant properties.
作者
石侃
陈洁
SHI Kan;CHEN Jie(School of Computer Science and Technology,East China Normal University,Shanghai 200241,China;School of Software Engineering,East China Normal University,Shanghai 200241,China)
出处
《信息安全学报》
CSCD
2020年第6期27-39,共13页
Journal of Cyber Security
基金
国家自然科学基金项目(No.61972156,No.U1705264)
中国科协青年人才托举工程(No.2017QNRC001)资助。
关键词
隐私数据验证场景
隐私保护
可证明数据加密策略
非交互零知识证明
privacy data validation scenario
privacy protection
provable data encryption scheme
non-interactive zero-knowledge proof
