外包数据的密文存储及查询的关键技术研究

项目名称： 外包数据的密文存储及查询的关键技术研究

项目编号： No.61300241

项目类型： 青年科学基金项目

立项/批准年度： 2014

项目学科： 自动化技术、计算机技术

项目作者： 刘哲理

作者单位： 南开大学

项目金额： 23万元

中文摘要： 数据加密是外包数据保护的最有效的策略，但是加密会使密文存储和查询变得困难：（1）加密会改变数据类型和长度，导致密文无法满足数据库的存储要求；（2）加密会破坏明文的操作特性，导致模糊查询、范围查询等操作无法在密文上进行。 由于保留格式加密可以确保密文与明文具有相同的格式，能有效地解决密文存储的问题，鉴于此，本课题将加强保留格式加密在外包数据隐私保护中的应用研究。一方面，关注外包数据的保留格式加密方案的研究，并针对复杂域保留格式加密问题缺少有效方法的现状，试图从密码学角度提供全新的解决办法；另一方面，在保留格式的密文存储基础上，试图提出外包数据的隐私保护模型、保留格式的模糊查询及范围查询策略，期望在库结构和业务系统改造成本极小化的前提下，为传统数据库敏感信息保护、云外包数据库的数据隐私保护提供有效的解决方案。

中文关键词： 保留格式加密；可搜索加密；保序加密；隐私保护；数据库加密

英文摘要： Though data encryption is historically considered as the most effective way for protecting outsourced data, it raises a new challenge on how to storage and query on encrypted data: (1) encryption will change the data type and length, resulting in hardly meeting the storage requirements of database; (2) encryption will violate data operability, resulting in the impossibility of some frequent query operations on encrypted data, such as fuzzy query, range query, etc. For making sure ciphertext can have the same format with plaintext, format preserving encryption (FPE) can effectively solve the problem of ciphertext storage. For this reason, we will enforce the FPE research in privacy-preserving outsourced data. Specifically, on the one hand, theoretically, we will focus on the recent advances in FPE and attempt to propose novel approaches for FPE in complex domain, which is lack of attentions in the state-of-the-art. On the other hand, practically, on the basis of format-preserving ciphertext storage, we attempt to propose privacy protection model for outsourced data as well as effective strategies for fuzzy query and range query over FPE ciphertext. We expect this project will provide valid solutions to protecting privacy for both traditional database and the recent emerged cloud database, while minimizing the imp

英文关键词： Format-preserving encryption；searchable encryption；order preserving encryption；data privacy；database encryption