CN102385627B

CN102385627B - Query method of disjunctive normal form in public key encryption system

Info

Publication number: CN102385627B
Application number: CN 201110350085
Authority: CN
Inventors: 路松峰; 张钰; 赵友桥; 刘阳
Original assignee: Huazhong University of Science and Technology
Current assignee: Huazhong University of Science and Technology
Priority date: 2011-11-08
Filing date: 2011-11-08
Publication date: 2013-07-24
Anticipated expiration: 2031-11-08
Also published as: CN102385627A

Abstract

The invention discloses a query method of a disjunctive paradigm in a public key encryption system, comprising the steps of: (1) randomly selecting security parameters, and selecting 2n+3 random numbers α ₀ , α ₁ ,..., α _n , β ₀ , β ₁ ,..., β _n ,

where n is an integer; (2) calculate the security parameters and random numbers to obtain the public key pk and secret key sk; (3) calculate the public key pk and a set of keywords to obtain the index I _w , and calculate the secret key sk and another set of keywords to obtain the trapdoor T _Q ; (4) Determine whether the two sets of keywords match according to the index I _w , the trapdoor T _Q and the public key pk . The invention supports the requirement of multi-keyword retrieval, and does not use the keyword field as auxiliary information.

Description

Query Method of Disjunctive Normal Form in Public Key Encryption System

技术领域 technical field

本发明涉及计算机信息安全领域，更具体地说，本发明涉及一种公钥加密系统中析取范式的查询方法。The present invention relates to the field of computer information security, more specifically, the present invention relates to a query method of disjunctive paradigm in a public key encryption system.

背景技术 Background technique

公钥系统是这样一个系统：密钥是由信息的接收者成对生成的，每对密钥由一个公钥和一个私钥组成，公钥为公开的，而私钥由接收者自己秘密保存。任何发送者可以用公钥加密信息并发送给接收者，而此加密信息只能由拥有对应私钥的接收者才能解密。析取范式关键词查询是为了检测一个文档的关键词列表中是否包含至少一个用户想要查询的关键词。假设文档关键词列表中的关键词集合为A，用户想要查询的关键词为B，那么析取范式关键词查询就是为了查询那些A∪B≠Θ的文档。此处，Θ代表空集。A public key system is a system in which keys are generated in pairs by recipients of information, each pair of keys consists of a public key and a private key, the public key is public, and the private key is kept secret by the recipient . Any sender can encrypt information with the public key and send it to the receiver, and the encrypted information can only be decrypted by the receiver who has the corresponding private key. The disjunctive normal form keyword query is to detect whether the keyword list of a document contains at least one keyword that the user wants to query. Assuming that the keyword set in the document keyword list is A, and the keyword that the user wants to query is B, then the disjunctive paradigm keyword query is to query those documents where A∪B≠Θ. Here, Θ represents the empty set.

现有的在密文上支持析取范式关键词查询使用内积的方法。该方法通过把关键词集合A映射成一组向量X，把关键词集合B映射成V，然后在不解密的情况下通过计算X·V是否为0来判断A∪B是否为空集。通过此方法，来达到在不解密的情况下进行密文上的析取范式关键词查询。The existing methods that support disjunctive normal form keyword query using inner product on ciphertext. This method maps the keyword set A into a set of vectors X, maps the keyword set B into V, and then judges whether A∪B is an empty set by calculating whether X·V is 0 without decryption. Through this method, the keyword query in the disjunctive normal form on the ciphertext can be achieved without decryption.

通过使用以上的方法，虽然能解决析取范式关键词查询，但是由于将关键词映射到一组向量上，会引起系统空间和时间复杂度的指数型上升。By using the above method, although the keyword query in the disjunctive paradigm can be solved, the system space and time complexity will increase exponentially due to the mapping of keywords to a set of vectors.

发明内容Contents of the invention

本发明的目的在于提供一种公钥加密系统中析取范式的查询方法，其能够建立一个关键词域无关的公钥密钥体制下的进行析取关键词查询体系和方法。The purpose of the present invention is to provide a query method for extracting paradigms in a public key encryption system, which can establish a query system and method for extracting keywords under a public key system that is independent of the keyword domain.

一种公钥加密系统中析取范式的查询方法，包括以下步骤：A method for querying a disjunctive paradigm in a public key encryption system, comprising the following steps:

(1)随机选取安全参数，并选择2n+3个随机数α₀，α₁，...，α_n，β₀，β₁，...，β_n，

其中n为整数，q为素数，Z_q ^*是在q上的乘法群；(1) Randomly select security parameters, and select 2n+3 random numbers α ₀ , α ₁ , ..., α _n , β ₀ , β ₁ , ..., β _n ,

Wherein n is an integer, q is a prime number, and Z _q ^* is a multiplicative group on q;

(2)根据以下公式对安全参数和随机数进行计算，以得到公共密钥pk和秘密密钥sk：(2) Calculate the security parameters and random numbers according to the following formula to obtain the public key pk and secret key sk:

$pk = {X_{0} = g^{α_{0}}, X_{1} = g^{α 1}, . . ., X_{n} = g^{α_{n}}, Y_{0} = g^{β_{0}}, Y_{1} = g^{β_{1}}, . . ., Y_{n} = g^{β_{n}}, Z = g^{θ}, μ = \hat{e} (g, g)}$ $, sk = {α_{0}, α_{1}, . . ., α_{n}, β_{0}, β_{1}, . . ., β_{n}, θ &Element; Z_{q}^{*}},$ 其中G₁，G₂为两个循环群，q是循环群的阶数且为素数，g为G₁的任一生成元，

为双线性配对函数，且

\hat{e} : G_{1} \times G_{1} &RightArrow; G_{2};

pk = {x_{0} = g^{α_{0}}, x_{1} = g^{α 1}, . . ., x_{no} = g^{α_{no}}, Y_{0} = g^{β_{0}}, Y_{1} = g^{β_{1}}, . . ., Y_{no} = g^{β_{no}}, Z = g^{θ}, μ = \hat{e} (g, g)}

, sk = {α_{0}, α_{1}, . . ., α_{no}, β_{0}, β_{1}, . . ., β_{no}, θ &Element; Z_{q}^{*}},

Among them, G ₁ and G ₂ are two cyclic groups, q is the order of the cyclic group and is a prime number, g is any generator of G ₁ ,

is a bilinear pairing function, and

\hat{e} : G_{1} \times G_{1} &Right Arrow; G_{2};

(3)对公共密钥pk和一组关键词集合W＝{W₁，W₂，...，W_n}进行计算，以得到索引I_w，并对秘密密钥sk和另一组关键词集合Q＝{Q₁，Q₂，...，Q_m}进行计算，以得到陷门T_Q，具体包括以下子步骤：(3) Calculate the public key pk and a set of keywords W={W ₁ , W ₂ ,...,W _n } to obtain the index I _w , and calculate the secret key sk and another set of keys The word set Q={Q ₁ , Q ₂ ,..., Q _m } is calculated to obtain the trapdoor T _Q , which specifically includes the following sub-steps:

(31)选择n²+2n个随机数r₁，r₂，...，r_n和

其中i∈[1，n]，j∈[0，n]；(31) Select n ² +2n random numbers r ₁ , r ₂ ,..., r _n and

where i ∈ [1, n], j ∈ [0, n];

(32)对于每个W_i∈W，计算 $A_{ij} = X_{j}^{r_{i}} \times g^{r_{i} H_{1} {(W_{i})}^{j} + u_{ij}} = g^{r_{i} (α_{j} + H_{1} {(W_{i})}^{j}) + u_{ij}},$ $B_{ij} = Y_{j}^{u_{ij}} = g^{β_{j} u_{ij}},$ $C_{i} = Z^{r_{i}} = g^{θ r_{i}},$ $D_{i} = H_{2} (μ^{r_{i}}),$ 其中i∈[1，n]，

H_{1} : {0,1} * &RightArrow; {0,1}^{\log_{2}^{q}}

和

H_{2} : G_{2} &RightArrow; {0,1}^{\log_{2}^{q}}

为两个哈希函数；(32) For each W _i ∈ W, calculate

A_{ij} = x_{j}^{r_{i}} \times g^{r_{i} h_{1} {(W_{i})}^{j} + u_{ij}} = g^{r_{i} (α_{j} + h_{1} {(W_{i})}^{j}) + u_{ij}},

B_{ij} = Y_{j}^{u_{ij}} = g^{β_{j} u_{ij}},

C_{i} = Z^{r_{i}} = g^{θ r_{i}},

{D.}_{i} = h_{2} (μ^{r_{i}}),

where i ∈ [1,n],

h_{1} : {0,1} * &Right Arrow; {0,1}^{\log_{2}^{q}}

and

h_{2} : G_{2} &Right Arrow; {0,1}^{\log_{2}^{q}}

are two hash functions;

(33)根据以上公式得到索引I_w：(33) Obtain the index I _w according to the above formula:

${I I}_{w w} = = (\begin{matrix} {A A}_{1010} & {A A}_{1111} & \cdot \cdot & \cdot &Center Dot; & \cdot &Center Dot; & {A A}_{11 n no} & {B B}_{1010} & {B B}_{1111} & \cdot &Center Dot; & \cdot \cdot & \cdot \cdot & {B B}_{11 n no} & {C C}_{11} & {D D.}_{11} \\ {A A}_{2020} & {A A}_{21 twenty one} & \cdot \cdot & \cdot \cdot & \cdot &Center Dot; & {A A}_{22 n no} & {B B}_{2020} & {B B}_{21 twenty one} & \cdot &Center Dot; & \cdot \cdot & \cdot &Center Dot; & {B B}_{22 n no} & {C C}_{22} & {D D.}_{22} \\ \cdot &Center Dot; & \cdot \cdot & \cdot \cdot & \cdot &Center Dot; & \cdot \cdot & \cdot \cdot & \cdot \cdot & \cdot \cdot & \cdot &Center Dot; & \cdot &Center Dot; \\ \cdot &Center Dot; & \cdot \cdot & \cdot \cdot & \cdot \cdot & \cdot &Center Dot; & \cdot &Center Dot; & \cdot &Center Dot; & \cdot &Center Dot; & \cdot &Center Dot; & \cdot \cdot \\ \cdot &Center Dot; & \cdot &Center Dot; & \cdot \cdot & \cdot &Center Dot; & \cdot \cdot & \cdot \cdot & \cdot \cdot & \cdot \cdot & \cdot &Center Dot; & \cdot &Center Dot; \\ {A A}_{n no 00} & {A A}_{n no 11} & \cdot &Center Dot; & \cdot &Center Dot; & \cdot &Center Dot; & {A A}_{nn n} & {B B}_{n no 00} & {B B}_{n no 11} & \cdot \cdot & \cdot \cdot & \cdot &Center Dot; & {B B}_{nn n} & {C C}_{n no} & {D D.}_{n no} \end{matrix})$

(34)选择s-m个随机关键词{w₁，w₂，...，w_s-m}，其中m≤s≤n；(34) Select sm random keywords {w ₁ , w ₂ , ..., w _sm }, where m≤s≤n;

(35)构建一个s阶多项式f(x)＝a_sx^s+a_s-1x^s-1+...+a₁x¹+a₀，f(x)具有s个根为H₁(Q₁)，H₁(Q₂)，...H₁(Q_m)，H₁(w₁)，H₁(w₂)，...，H₁(w_s-m)；(35) Construct an s-order polynomial f(x)=a _s x ^s +a _s-1 x ^s-1 +...+a ₁ x ¹ +a ₀ , f(x) has s roots as H ₁ (Q ₁ ), H ₁ (Q ₂ ), ... H ₁ (Q _m ), H ₁ (w ₁ ), H ₁ (w ₂ ), ..., H ₁ (w _sm );

(36)选择一个随机数u∈Z_q，计算出 $T_{1 j} = g^{\frac{a_{j}}{Σ_{j = 0}^{s} a_{j} a_{j} + Σ_{j = 0}^{s} a_{j} uθ}},$ $T_{2 j} = T_{1 j}^{\frac{1}{β_{j}}},$ (36) Choose a random number u∈Z _q , calculate $T_{1 j} = g^{\frac{a_{j}}{Σ_{j = 0}^{the s} a_{j} a_{j} + Σ_{j = 0}^{the s} a_{j} uθ}},$ $T_{2 j} = T_{1 j}^{\frac{1}{β_{j}}},$

其中j∈[0，s]，并令T₃＝u，Z_q是在q上的整数群；where j∈[0,s], and let T ₃ =u, Z _q is the integer group on q;

(37)根据以上公式得到陷门为T_Q＝(T₁₀，...，T_1s，T₂₀，...，T_2s，T₃)；(37) According to the above formula, the trapdoor is T _Q = (T ₁₀ ,..., T _1s , T ₂₀ ,..., T _2s , T ₃ );

(4)根据索引I_w、陷门T_Q和公共密钥pk确定关键词集合W＝{W₁，W₂，...，W_n}是否与关键词集合Q＝{Q₁，Q₂，...，Q_m}匹配，具体包括子步骤：(4) Determine whether the keyword set W={W ₁ , W ₂ ,...,W _n } is consistent with the keyword set Q={Q ₁ , Q ₂ according to the index I _w , the trapdoor T _Q and the public key pk ,...,Q _m } match, specifically including sub-steps:

(41)设置计数器v＝0；(41) setting counter v=0;

(42)判断v不大于n；(42) judging that v is not greater than n;

(43)若v不大于n，则检查以下等式是否成立： $H_{2} (\frac{{test}_{i 1}}{{test}_{i 2}}) = D_{i},$ 其中i∈[1，n]， ${test}_{i 1} = Π_{j = 0}^{s} \hat{e} (T_{1 j}, A_{ij} C_{i}^{T_{3}}),$ ${test}_{i 2} = Π_{j = 0}^{s} \hat{e} (T_{2 j}, B_{ij});$ (43) If v is not greater than n, then check whether the following equation holds true: $h_{2} (\frac{{test}_{i 1}}{{test}_{i 2}}) = {D.}_{i},$ where i ∈ [1,n], ${test}_{i 1} = Π_{j = 0}^{the s} \hat{e} (T_{1 j}, A_{ij} C_{i}^{T_{3}}),$ ${test}_{i 2} = Π_{j = 0}^{the s} \hat{e} (T_{2 j}, B_{ij});$

(44)若等式成立，则表示二者匹配，并输出1。(44) If the equation is established, it means that the two match, and output 1.

上述步骤(4)进一步包括：若v大于n，则表示二者不匹配，并输出0。The above step (4) further includes: if v is greater than n, it means that the two do not match, and 0 is output.

上述步骤(4)进一步包括：若等式不成立，则设置v＝v+1，并返回步骤(42)。The above step (4) further includes: if the equation is not established, then set v=v+1, and return to step (42).

本发明具有以下优点：The present invention has the following advantages:

1.本发明支持多关键词检索的需求；1. The present invention supports the requirement of multi-keyword retrieval;

2.本发明可以不利用关键词域作为辅助信息；2. The present invention may not use the keyword field as auxiliary information;

3.本发明空间和时间复杂度为O(n²)。这里n为一个文档的关键词列表中关键词的个数。3. The space and time complexity of the present invention is O(n ² ). Here n is the number of keywords in the keyword list of a document.

附图说明 Description of drawings

图1是本发明公钥加密系统中析取范式的查询方法的流程图。Fig. 1 is a flow chart of the query method of the disjunctive paradigm in the public key encryption system of the present invention.

图2是本发明查询方法中步骤(3)的细化流程图。Fig. 2 is a detailed flowchart of step (3) in the query method of the present invention.

图3是本发明查询方法中步骤(4)的细化流程图。Fig. 3 is a detailed flowchart of step (4) in the query method of the present invention.

具体实施方式 Detailed ways

以下结合附图对本发明进行具体描述。The present invention will be specifically described below in conjunction with the accompanying drawings.

如图1所示，本发明公钥加密系统中析取范式的查询方法包括以下步骤：As shown in Figure 1, the query method of the disjunction paradigm in the public key encryption system of the present invention comprises the following steps:

(1)随机选取安全参数，并选择2n+3个随机数α₀，α₁，...，α_n，β₀，β₁，...，β_n，其中n为整数，q为素数，Z_q ^*是在q上的乘法群；(1) Randomly select security parameters, and select 2n+3 random numbers α ₀ , α ₁ , ..., α _n , β ₀ , β ₁ , ..., β _n , Wherein n is an integer, q is a prime number, and Z _q ^* is a multiplicative group on q;

为双线性配对函数，且

\hat{e} : G_{1} \times G_{1} &RightArrow; G_{2};

pk = {x_{0} = g^{α_{0}}, x_{1} = g^{α 1}, . . ., x_{no} = g^{α_{no}}, Y_{0} = g^{β_{0}}, Y_{1} = g^{β_{1}}, . . ., Y_{no} = g^{β_{no}}, Z = g^{θ}, μ = \hat{e} (g, g)}

, sk = {α_{0}, α_{1}, . . ., α_{no}, β_{0}, β_{1}, . . ., β_{no}, θ &Element; Z_{q}^{*}},

is a bilinear pairing function, and

\hat{e} : G_{1} \times G_{1} &Right Arrow; G_{2};

(3)对公共密钥pk和一组关键词集合W＝{W₁，W₂，...，W_n}进行计算，以得到索引I_w，并对秘密密钥sk和另一组关键词集合Q＝{Q₁，Q₂，...，Q_m}进行计算，以得到陷门T_Q；(3) Calculate the public key pk and a set of keywords W={W ₁ , W ₂ ,...,W _n } to obtain the index I _w , and calculate the secret key sk and another set of keys Word set Q={Q ₁ , Q ₂ ,..., Q _m } is calculated to obtain trapdoor T _Q ;

(4)根据索引I_w、陷门T_Q和公共密钥pk确定关键词集合W＝{W₁，W₂，...，W_n}是否与关键词集合Q＝{Q₁，Q₂，...，Q_m}匹配。(4) Determine whether the keyword set W={W ₁ , W ₂ ,...,W _n } is consistent with the keyword set Q={Q ₁ , Q ₂ according to the index I _w , the trapdoor T _Q and the public key pk ,...,Q _m } matches.

如图2所示，上述步骤(3)包括以下子步骤：As shown in Figure 2, above-mentioned step (3) comprises following sub-step:

(31)选择n²+2n个随机数r₁，r₂，...，r_n和

where i ∈ [1, n], j ∈ [0, n];

(32)对于每个W_i∈W，计算 $A_{ij} = X_{j}^{r_{i}} \times g^{r_{i} H_{1} {(W_{i})}^{j} + u_{ij}} = g^{r_{i} (α_{j} + H_{1} {(W_{i})}^{j}) + u_{ij}},$ $B_{ij} = Y_{j}^{u_{ij}} = g^{β_{j} u_{ij}}, C_{i} = Z^{r_{i}} = g^{θ r_{i}}, D_{i} = H_{2} (μ^{r_{i}}),$ 其中i∈[1，n]，

H_{1} : {0,1} * &RightArrow; {0,1}^{\log_{2}^{q}}

和

H_{2} : G_{2} &RightArrow; {0,1}^{\log_{2}^{q}}

为两个哈希函数；(32) For each W _i ∈ W, calculate

A_{ij} = x_{j}^{r_{i}} \times g^{r_{i} h_{1} {(W_{i})}^{j} + u_{ij}} = g^{r_{i} (α_{j} + h_{1} {(W_{i})}^{j}) + u_{ij}},

B_{ij} = Y_{j}^{u_{ij}} = g^{β_{j} u_{ij}}, C_{i} = Z^{r_{i}} = g^{θ r_{i}}, {D.}_{i} = h_{2} (μ^{r_{i}}),

where i ∈ [1,n],

h_{1} : {0,1} * &Right Arrow; {0,1}^{\log_{2}^{q}}

and

h_{2} : G_{2} &Right Arrow; {0,1}^{\log_{2}^{q}}

are two hash functions;

${I I}_{w w} = = (\begin{matrix} {A A}_{1010} & {A A}_{1111} & \cdot &Center Dot; & \cdot &Center Dot; & \cdot &Center Dot; & {A A}_{11 n no} & {B B}_{1010} & {B B}_{1111} & \cdot &Center Dot; & \cdot &Center Dot; & \cdot \cdot & {B B}_{11 n no} & {C C}_{11} & {D D.}_{11} \\ {A A}_{2020} & {A A}_{21 twenty one} & \cdot &Center Dot; & \cdot &Center Dot; & \cdot \cdot & {A A}_{22 n no} & {B B}_{2020} & {B B}_{21 twenty one} & \cdot \cdot & \cdot \cdot & \cdot &Center Dot; & {B B}_{22 n no} & {C C}_{22} & {D D.}_{22} \\ \cdot &Center Dot; & \cdot \cdot & \cdot &Center Dot; & \cdot &Center Dot; & \cdot &Center Dot; & \cdot \cdot & \cdot \cdot & \cdot &Center Dot; & \cdot \cdot & \cdot \cdot \\ \cdot &Center Dot; & \cdot \cdot & \cdot \cdot & \cdot &Center Dot; & \cdot &Center Dot; & \cdot &Center Dot; & \cdot \cdot & \cdot &Center Dot; & \cdot &Center Dot; & \cdot &Center Dot; \\ \cdot \cdot & \cdot &Center Dot; & \cdot \cdot & \cdot \cdot & \cdot \cdot & \cdot \cdot & \cdot &Center Dot; & \cdot \cdot & \cdot \cdot & \cdot \cdot \\ {A A}_{n no 00} & {A A}_{n no 11} & \cdot &Center Dot; & \cdot \cdot & \cdot \cdot & {A A}_{nn n} & {B B}_{n no 00} & {B B}_{n no 11} & \cdot \cdot & \cdot \cdot & \cdot &Center Dot; & {B B}_{nn n} & {C C}_{n no} & {D D.}_{n no} \end{matrix})$

(36)选择一个随机数u∈Z_q，计算出 $T_{1 j} = g^{\frac{a_{j}}{Σ_{j = 0}^{s} a_{j} a_{j} + Σ_{j = 0}^{s} a_{j} uθ}},$ $T_{2 j} = T_{1 j}^{\frac{1}{β_{j}}},$ 其中j∈[0，s]，并令T₃＝u，Z_q是在q上的整数群；(36) Choose a random number u∈Z _q , calculate $T_{1 j} = g^{\frac{a_{j}}{Σ_{j = 0}^{the s} a_{j} a_{j} + Σ_{j = 0}^{the s} a_{j} uθ}},$ $T_{2 j} = T_{1 j}^{\frac{1}{β_{j}}},$ where j∈[0,s], and let T ₃ =u, Z _q is the integer group on q;

(37)根据以上公式得到陷门为T_Q＝(T₁₀，...，T_1s，T₂₀，...，T_2s，T₃)。如图3所示，上述步骤(4)包括以下子步骤：(37) According to the above formula, the trapdoor is obtained as T _Q = (T ₁₀ , . . . , T _1s , T ₂₀ , . . . , T _2s , T ₃ ). As shown in Figure 3, above-mentioned step (4) comprises following sub-step:

(41)设置计数器v＝0；(41) setting counter v=0;

(42)判断v不大于n，若v不大于n，则转入步骤(43)，否则转入步骤(46)；(42) Judging that v is not greater than n, if v is not greater than n, then proceed to step (43), otherwise proceed to step (46);

(43)检查以下等式是否成立： $H_{2} (\frac{{test}_{i 1}}{{test}_{i 2}}) = D_{i},$ 其中i∈[1，n]， ${test}_{i 1} = Π_{j = 0}^{s} \hat{e} (T_{1 j}, A_{ij} C_{i}^{T_{3}}),$ ${test}_{i 2} = Π_{j = 0}^{s} \hat{e} (T_{2 j}, B_{ij}),$ w若等式成立，则转入步骤(44)，否则转入步骤(45)；(43) Check whether the following equation holds: $h_{2} (\frac{{test}_{i 1}}{{test}_{i 2}}) = {D.}_{i},$ where i ∈ [1,n], ${test}_{i 1} = Π_{j = 0}^{the s} \hat{e} (T_{1 j}, A_{ij} C_{i}^{T_{3}}),$ ${test}_{i 2} = Π_{j = 0}^{the s} \hat{e} (T_{2 j}, B_{ij}),$ If w is set up, then proceeds to step (44), otherwise proceeds to step (45);

(44)表示二者匹配，并输出1；(44) represent that both match, and output 1;

(45)设置v＝v+1，并返回步骤(42)；(45) set v=v+1, and return to step (42);

(46)表示二者不匹配，并输出0。(46) indicates that the two do not match, and outputs 0.

Claims

1. A query method of a disjunctive paradigm in a public key encryption system, comprising the following steps:

(1) Randomly select security parameters, and select 2n+3 random numbers α ₀ , α ₁ , .., α _n , β ₀ , β ₁ , ..., β _n , Wherein n is an integer, q is a prime number, and Z _q ^* is a multiplicative group on q;

(2) According to the following formula, the security parameter and the random number are calculated to obtain the public key pk and the secret key sk:

pk pk = = {{{X x}_{00} = = {g g}^{{α α}_{00}},, {X x}_{11} = = {g g}^{α α 11},, . . . . . .,, {X x}_{n no} = = {g g}^{{α α}_{n no}},, {Y Y}_{00} = = {g g}^{{β β}_{00}},, {Y Y}_{11} = = {g g}^{{β β}_{11}},, . . . . . .,, {Y Y}_{n no} = = {g g}^{{β β}_{n no}},,,, Z Z = = {g g}^{θ θ},, μ μ = = \overset{^^}{e e} ((g g,, g g))}}

sk = {α_{0}, α_{1}, . . ., α_{no}, β_{0}, β_{1}, . . ., β_{no}, θ &Element; Z_{q}^{*}},

Where G ₁ and G ₂ are two cyclic groups, q is the order of the cyclic group and is a prime number, g is any generator of G ₁ ,

is a bilinear pairing function, and

\hat{e} : G_{1} \times G_{1} &Right Arrow; G_{2};

(3) Calculate the public key pk and a set of keywords W={W ₁ , W ₂ ,...,W _n } to obtain the index I _w , and calculate the secret key sk and Another set of keywords set Q={Q ₁ , Q ₂ ,...,Q _m } is calculated to obtain the trapdoor T _Q , which specifically includes the following sub-steps:

(31) Select n ² +2n random numbers r ₁ , r ₂ ,..., r _n and

where i ∈ [1, n], j ∈ [0, n];

(32) For each W _i ∈ W, calculate

A_{ij} = x_{j}^{r_{i}} \times g^{r_{i} h_{1} {(W_{i})}^{j} + u_{ij}} = g^{r_{i} (α_{j} + h_{1} {(W_{i})}^{j}) + u_{ij}},

B_{ij} = Y_{j}^{u_{ij}} = g^{β_{j} u_{ij}},

C_{i} = Z^{r_{i}} = g^{θ r_{i}},

{D.}_{i} = h_{2} (μ^{r_{i}}),

where i ∈ [1, n], j ∈ [0, n],

h_{1} : {0,1} * &Right Arrow; {0,1}^{\log_{2}^{q}}

and

h_{2} : G_{2} &Right Arrow; {0,1}^{\log_{2}^{q}}

are two hash functions;

(33) Obtain the index I _w according to the above formula:

{I I}_{w w} = = (\begin{matrix} {A A}_{1010} & {A A}_{1111} & \cdot \cdot & \cdot \cdot & \cdot \cdot & {A A}_{11 n no} & {B B}_{1010} & {B B}_{1111} & \cdot \cdot & \cdot \cdot & \cdot \cdot & {B B}_{11 n no} & {C C}_{11} & {D D.}_{11} \\ {A A}_{2020} & {A A}_{21 twenty one} & \cdot &Center Dot; & \cdot &Center Dot; & \cdot &Center Dot; & {A A}_{22 n no} & {B B}_{2020} & {B B}_{21 twenty one} & \cdot \cdot & \cdot &Center Dot; & \cdot &Center Dot; & {B B}_{22 n no} & {C C}_{22} & {D D.}_{22} \\ \cdot &Center Dot; & \cdot &Center Dot; & \cdot \cdot & \cdot &Center Dot; & \cdot &Center Dot; & \cdot &Center Dot; & \cdot &Center Dot; & \cdot &Center Dot; & \cdot \cdot & \cdot &Center Dot; \\ \cdot \cdot & \cdot &Center Dot; & \cdot &Center Dot; & \cdot &Center Dot; & \cdot &Center Dot; & \cdot &Center Dot; & \cdot &Center Dot; & \cdot &Center Dot; & \cdot \cdot & \cdot \cdot \\ \cdot &Center Dot; & \cdot &Center Dot; & \cdot &Center Dot; & \cdot &Center Dot; & \cdot \cdot & \cdot \cdot & \cdot &Center Dot; & \cdot &Center Dot; & \cdot \cdot & \cdot &Center Dot; \\ {A A}_{n no 00} & {A A}_{n no 11} & \cdot &Center Dot; & \cdot &Center Dot; & \cdot &Center Dot; & {A A}_{nn n} & {B B}_{n no 00} & {B B}_{n no 11} & \cdot &Center Dot; & \cdot &Center Dot; & \cdot &Center Dot; & {B B}_{nn n} & {C C}_{n no} & {D D.}_{n no} \end{matrix})

(34) Select sm random keywords {w ₁ , w ₂ , ..., w _sm }, where m≤s≤n;

(35) Construct an s-order polynomial f(x)=a _s x ^s +a _s-1 x ^s-1 +...+a ₁ x ¹ +a ₀ , f(x) has s roots as H ₁ (Q ₁ ), H ₁ (Q ₂ ), ... H ₁ (Q _m ), H ₁ (w ₁ ), H ₁ (w ₂ ), ..., H ₁ (w _sm );

(36) Choose a random number u∈Z _q , calculate

T_{1 j} = g^{\frac{a_{j}}{Σ_{j = 0}^{the s} a_{j} a_{j} + Σ_{j = 0}^{the s} a_{j} uθ}},

T_{2 j} = T_{1 j}^{\frac{1}{β_{j}}},

where j∈[0,s], and T ₃ =u, Z _q is the integer group on q;

(37) According to the above formula, the trapdoor is T _Q = (T ₁₀ , ..., T _1s , T ₂₀ , ..., T _2s , T ₃ );

(4) According to the index I _w , the trapdoor T _Q and the public key pk, determine whether the keyword set W={W ₁ , W ₂ ,...,W _n } is the same as the keyword set Q= {Q ₁ , Q ₂ , ..., Q _m } match, specifically including sub-steps:

(41) setting counter v=0;

(42) judging that v is not greater than n;

(43) If v is not greater than n, then check whether the following equation holds true:

h_{2} (\frac{{test}_{i 1}}{{test}_{i 2}}) = {D.}_{i},

where i ∈ [1,n],

{test}_{i 1} = Π_{j = 0}^{the s} \hat{e} (T_{1 j}, A_{ij} C_{i}^{T_{3}}),

{test}_{i 2} = Π_{j = 0}^{the s} \hat{e} (T_{2 j}, B_{ij});

(44) If the equation is established, it means that the two match, and output 1.

2. The query method according to claim 1, wherein the step (4) further comprises: if v is greater than n, it means that the two do not match, and 0 is output.

3. The inquiry method according to claim 1, characterized in that said step (4) further comprises: if the equation is not established, then setting v=v+1, and returning to said step (42).