摘要
为解决工业物联网中产生的数据安全检索和共享的挑战,以及在使用公钥加密索引时无法抵御离线关键词猜测攻击的问题,提出了一种适合工业物联网的基于区块链的用户友好型数据检索和共享方案。通过区块链和代理重加密设计了灵活、便捷的动态数据申请机制,允许数据用户对那些没有权限的数据请求授权,以合法获取数据,通过云服务器对数据进行预解密降低用户端计算开销,实现了具有细粒度访问控制和用户定义搜索精度的安全多关键词搜索。通过智能合约为用户生成临时查询ID,以及返回查询结果时随机选择用户转发结果,使攻击者无法将关键词与用户相关联,因此可以抵抗离线关键词猜测攻击。实验结果和安全性分析表明,所提方案具有更高的效率,并可以抵抗选择明文攻击、选择关键词攻击和离线关键词猜测攻击。
To address the challenges of secure data retrieval and sharing in the industrial Internet of things(IIoT),as well as the vulnerability to offline keyword guessing attacks when using public-key encrypted indexes,a blockchain-based user-friendly data retrieval and sharing scheme was proposed suitable for IIoT.The scheme leveraged blockchain and proxy re-encryption to design a flexible and convenient dynamic data request mechanism,allowing data users to request authorization for data that they do not have access to,thereby obtaining it legally.Cloud servers performed predecryption of data,reducing the computational overhead on user devices.The scheme achieved secure multi-keyword search with fine-grained access control and user-defined search precision.A smart contract was used to generate temporary query ID for users,and when returning searched results,additional users were randomly selected to forward the results,
作者
张波
李哲成
徐兴帅
ZHANG Bo;LI Zhecheng;XU Xingshuai(School of Information Science and Engineering,University of Jinan,Jinan 250022,China;Shandong Key Laboratory of Ubiquitous Intelligent Computing,University of Jinan,Jinan 250022,China)
出处
《通信学报》
北大核心
2025年第S1期56-68,共13页
Journal on Communications
基金
山东省自然科学基金资助项目(No.ZR2022MF264)。
关键词
云辅助工业物联网
加密数据检索
代理重加密
属性基加密
数据共享
区块链
cloud-assisted IIoT
encrypted data retrieval
proxy re-encryption
attribute-based encryption
data sharing
blockchain
