摘要
密文查询的完整性验证机制能在保护人工智能应用数据隐私的同时,为查询结果的可靠性提供保证.然而,现有针对密文范围查询的完整性验证方法存在验证数据结构构建开销较高、数据可扩展性较差的缺陷.为此,文中分析ServeDB(Secure Verifiable and Efficient Framework)计算性能瓶颈产生的原因,并基于分析结论提出基于立方格索引的密文范围查询完整性验证方法(Cube-Cell-Based Authentication Tree,CubeTree).CubeTree采用基于分位数归一化的数据重分布优化方法,平衡数据记录在值域空间中的分布,降低数据记录的编码开销.进一步提出基于平衡K叉树的扁平化结构以及基于立方格索引的验证数据结构,合并具有相同编码的数据记录,采用立方格作为基本验证单元,大幅降低验证数据结构的冗余性,减少构造过程的计算与存储开销.在真实数据集与合成数据集上的实验表明,CubeTree能显著降低验证数据结构的构建开销以及查询完整性证明的生成与校验开销,并可高效处理亿级规模的大型数据集.
The encrypted query integrity authentication mechanism can provide assurance for the reliability of the query results while protecting the data privacy of artificial intelligence applications.However,the existing encrypted range query integrity authentication methods suffer from high overhead in authentication data structure construction and poor data scalability.To address these issues,the causes of performance bottlenecks in secure verifiable and efficient framework(ServeDB)are analyzed.Based on the analysis conclusions,a cube-cell-based authentication method(CubeTree)is proposed for the encrypted range query integrity authentication problem.A quantile-normalization-based data redistribution optimization is adopted to balance the data distribution in the domain.The encoding overheads of data records are reduced by the data redistribution optimization.Furthermore,a flat balanced K-ary tree structure and a cube-cell-based index authentication data structure are proposed.The redundancy of the authentication data structure is significantly reduced by merging data records with same codes and adopting cube cells as the basic units.Consequently,the computational and storage costs of the CubeTree construction are decreased.Experiments on real-world and synthetic datasets show that CubeTree can significantly reduce the construction costs of the authentication data structure and the generation/verification costs of query integrity proofs,while efficiently handling large-scale datasets with hundreds of millions of data records.
作者
王肇康
潘佳辉
周璐
WANG Zhaokang;PAN Jiahui;ZHOU Lu(College of Computer Science and Technology,Nanjing University of Aeronautics and Astronautics,Nanjing 211106)
出处
《模式识别与人工智能》
EI
CSCD
北大核心
2024年第1期27-46,共20页
Pattern Recognition and Artificial Intelligence
基金
国家重点研发计划项目(No.2021YFB3101100)
国家自然科学基金项目(No.62202225)资助。
关键词
应用安全
密文范围查询
查询完整性验证
验证数据结构
立方格索引
Application Security
Encrypted Range Query
Query Integrity Authentication
Authentica-tion Data Structure
Cube Cell Index
