用于工业物联网数据共享的抗颠覆公钥可搜索加密

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture Pub Date : 2025-02-22 DOI:10.1016/j.sysarc.2025.103370

Rang Zhou , Yongkang He , Wanpeng Li , Yanping Wang , Xiaojun Zhang

{"title":"用于工业物联网数据共享的抗颠覆公钥可搜索加密","authors":"Rang Zhou , Yongkang He , Wanpeng Li , Yanping Wang , Xiaojun Zhang","doi":"10.1016/j.sysarc.2025.103370","DOIUrl":null,"url":null,"abstract":"<div><div>The rapid growth of the Industrial Internet of Things (IIoT) has driven companies to leverage its potential for enhancing manufacturing efficiency, relying heavily on data analysis. This has led to the collection of vast IIoT data volumes, often stored securely on encrypted cloud servers. To facilitate streamlined data retrieval, keyword search technology is widely employed. Traditional keyword searchable schemes focus on ensuring keyword privacy within the trapdoor and index structures. However, advanced backdoor attacks have emerged as a significant threat. These attacks exploit hidden backdoors in software or hardware, allowing random number manipulation that undermines the security of existing keyword-searchable encryption scheme. To mitigate these attacks, we propose a novel subversion-resistant public-key searchable encryption scheme that incorporates cryptographic reverse firewalls (CRFs). In our scheme, we designed a trust zone to deploy these CRFs. Moreover, the CRFs in the trust zone is randomly chosen to re-randomize the trapdoor and index values, thereby enhancing security against backdoor attacks. Additionally, our scheme facilitates data sharing in the model of one-to-one sending and receiving between different users. Performance testing demonstrates that our scheme requires only lightweight operations for the ReTrapdoor and RePEKS algorithms, making it well-suited for deployment on resource-constrained IIoT devices.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"161 ","pages":"Article 103370"},"PeriodicalIF":4.1000,"publicationDate":"2025-02-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Subversion-resistant public-key searchable encryption for data sharing in IIoT\",\"authors\":\"Rang Zhou , Yongkang He , Wanpeng Li , Yanping Wang , Xiaojun Zhang\",\"doi\":\"10.1016/j.sysarc.2025.103370\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>The rapid growth of the Industrial Internet of Things (IIoT) has driven companies to leverage its potential for enhancing manufacturing efficiency, relying heavily on data analysis. This has led to the collection of vast IIoT data volumes, often stored securely on encrypted cloud servers. To facilitate streamlined data retrieval, keyword search technology is widely employed. Traditional keyword searchable schemes focus on ensuring keyword privacy within the trapdoor and index structures. However, advanced backdoor attacks have emerged as a significant threat. These attacks exploit hidden backdoors in software or hardware, allowing random number manipulation that undermines the security of existing keyword-searchable encryption scheme. To mitigate these attacks, we propose a novel subversion-resistant public-key searchable encryption scheme that incorporates cryptographic reverse firewalls (CRFs). In our scheme, we designed a trust zone to deploy these CRFs. Moreover, the CRFs in the trust zone is randomly chosen to re-randomize the trapdoor and index values, thereby enhancing security against backdoor attacks. Additionally, our scheme facilitates data sharing in the model of one-to-one sending and receiving between different users. Performance testing demonstrates that our scheme requires only lightweight operations for the ReTrapdoor and RePEKS algorithms, making it well-suited for deployment on resource-constrained IIoT devices.</div></div>\",\"PeriodicalId\":50027,\"journal\":{\"name\":\"Journal of Systems Architecture\",\"volume\":\"161 \",\"pages\":\"Article 103370\"},\"PeriodicalIF\":4.1000,\"publicationDate\":\"2025-02-22\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Systems Architecture\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S1383762125000426\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Systems Architecture","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1383762125000426","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

摘要

工业物联网（IIoT）的快速发展促使企业充分利用其提高制造效率的潜力，这在很大程度上依赖于数据分析。这导致了大量工业物联网数据的收集，这些数据通常安全地存储在加密的云服务器上。为了简化数据检索，关键字搜索技术被广泛采用。传统的关键字可搜索方案侧重于确保活板门和索引结构中的关键字隐私。然而，先进的后门攻击已经成为一个重大威胁。这些攻击利用隐藏在软件或硬件中的后门，允许随机数字操作，从而破坏现有关键字搜索加密方案的安全性。为了减轻这些攻击，我们提出了一种新的抗颠覆的公钥可搜索加密方案，该方案包含加密反向防火墙（CRFs）。在我们的方案中，我们设计了一个信任区域来部署这些crf。同时，随机选择trust区域内的crf，使陷阱门和索引值重新随机化，从而增强了对后门攻击的安全性。此外，我们的方案在不同用户之间以一对一的发送和接收模式实现数据共享。性能测试表明，我们的方案只需要对ReTrapdoor和RePEKS算法进行轻量级操作，使其非常适合在资源受限的IIoT设备上部署。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Subversion-resistant public-key searchable encryption for data sharing in IIoT

The rapid growth of the Industrial Internet of Things (IIoT) has driven companies to leverage its potential for enhancing manufacturing efficiency, relying heavily on data analysis. This has led to the collection of vast IIoT data volumes, often stored securely on encrypted cloud servers. To facilitate streamlined data retrieval, keyword search technology is widely employed. Traditional keyword searchable schemes focus on ensuring keyword privacy within the trapdoor and index structures. However, advanced backdoor attacks have emerged as a significant threat. These attacks exploit hidden backdoors in software or hardware, allowing random number manipulation that undermines the security of existing keyword-searchable encryption scheme. To mitigate these attacks, we propose a novel subversion-resistant public-key searchable encryption scheme that incorporates cryptographic reverse firewalls (CRFs). In our scheme, we designed a trust zone to deploy these CRFs. Moreover, the CRFs in the trust zone is randomly chosen to re-randomize the trapdoor and index values, thereby enhancing security against backdoor attacks. Additionally, our scheme facilitates data sharing in the model of one-to-one sending and receiving between different users. Performance testing demonstrates that our scheme requires only lightweight operations for the ReTrapdoor and RePEKS algorithms, making it well-suited for deployment on resource-constrained IIoT devices.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Journal of Systems Architecture 工程技术-计算机：硬件

CiteScore

8.70

自引率

15.60%

发文量

226

审稿时长

46 days

期刊介绍： The Journal of Systems Architecture: Embedded Software Design (JSA) is a journal covering all design and architectural aspects related to embedded systems and software. It ranges from the microarchitecture level via the system software level up to the application-specific architecture level. Aspects such as real-time systems, operating systems, FPGA programming, programming languages, communications (limited to analysis and the software stack), mobile systems, parallel and distributed architectures as well as additional subjects in the computer and system architecture area will fall within the scope of this journal. Technology will not be a main focus, but its use and relevance to particular designs will be. Case studies are welcome but must contribute more than just a design for a particular piece of software. Design automation of such systems including methodologies, techniques and tools for their design as well as novel designs of software components fall within the scope of this journal. Novel applications that use embedded systems are also central in this journal. While hardware is not a part of this journal hardware/software co-design methods that consider interplay between software and hardware components with and emphasis on software are also relevant here.