標題: | 一個使用HYL編碼的可比較大小的加密演算法以及混淆方法 A New Approach for Efficiently Orderable Encryption Using HYL Encoding And Obfuscation |
作者: | 楊其仁 Yang, Chi-Jan 曾文貴 Tzeng, Wen-Guey 資訊科學與工程研究所 |
關鍵字: | 排序加密;混淆;資料庫搜尋;range query;order preserving encryption;obfuscation |
公開日期: | 2012 |
摘要: | 在資料庫中,range query是一個很常被使用的搜尋功能,但是隨者資料量的增加,架設一個提供range query的資料庫的成本也隨之攀升,最終使得使用者難以負擔。而隨者雲端儲存媒介的發展,使用者便可以在雲端伺服器上架設提供range query的資料庫,減少非常多的成本。但是使用外部的儲存媒介就會有安全性上的問題,它們可能會竊取你存在上面的資料,所以你就必須使用能支援range quey的加密演算法來保障你資料的安全性,同時也能在加密的資料上執行range query。而很多提供range query的加密演算法在執行range query時都必須搜尋整個資料庫,造成執行時間太長。而我們提出一個使用HYL編碼的可比較大小的加密演算法,其可比較大小的特性使得伺服器可以直接對密文比較大小,進而建立資料索引來加速query的執行,而再使用bloom filter的技術來減少比較大小所需時間,雖然安全性會比起上述演算法差,但我們會比較我們的演算法在此類可比較大小的演算法中,在安全性、密文大小和比較大小所需時間上達到不錯的平衡。而我們的演算法仍然存在者一些問題,所以我們使用一混淆方法希望解決這個問題,並用實驗來顯示出我們混淆的效果。 Range query is one of the most frequently used search function in database, but the cost of building database server supporting range query grows as the data size increases, finally makes user hard to afford it. With the development of cloud storage, user can build database server on cloud storage, and greatly reduces their cost. But using this outsourced storage has security problem, the outsourced service provider may be curious about hosted data. To protect the hosted data and maintain the ability of executing range query, user must use some specialized encryption scheme. And most of this kind of encryption scheme require scan over the entire database when executing query, which cost a lot of time on it. We propose an efficiently orderable encryption scheme using HYL encoding. Storage server can order the ciphertexts because they are orderable, and then can build index on encrypted data to greatly reduce the time of query executing. We also use bloom filter to reduce the computation time of ordering ciphertexts. Although our scheme has the lower security than above, but we achieve a good balance among security, ciphertext size and comparison time in this kind of efficiently orderable encryption. Our scheme still has some security problem, so we adopt an obfuscation method to enhance our scheme. We also show our obfuscation effort with experiment. |
URI: | http://140.113.39.130/cdrfb3/record/nctu/#GT070056099 http://hdl.handle.net/11536/71577 |
顯示於類別: | 畢業論文 |