• <tr id="yyy80"></tr>
  • <sup id="yyy80"></sup>
  • <tfoot id="yyy80"><noscript id="yyy80"></noscript></tfoot>
  • 99热精品在线国产_美女午夜性视频免费_国产精品国产高清国产av_av欧美777_自拍偷自拍亚洲精品老妇_亚洲熟女精品中文字幕_www日本黄色视频网_国产精品野战在线观看 ?

    Enabling Comparable Search Over Encrypted Data for IoT with Privacy-Preserving

    2019-08-13 05:55:00LeiXuChungenXuhongyiLiuYunlingWangandJianfengWang
    Computers Materials&Continua 2019年8期

    LeiXu,ChungenXu,,ΖhongyiLiu,YunlingWangandJianfengWang

    Abstract: With the rapid development of cloud computing and Internet of Things (IoT)technology,massive data raises and shuttles on the network every day.To ensure the confidentiality and utilization of these data,industries and companies users encrypt their data and store them in an outsourced party.However,simple adoption of encryption scheme makes the original lose its flexibility and utilization.To address these problems,the searchable encryption scheme is proposed.Different from traditional encrypted data search scheme,this paper focuses on providing a solution to search the data from one or more IoT device by comparing their underlying numerical values.We present a multiclient comparable search scheme over encrypted numerical data which supports range queries.This scheme is mainly designed for keeping the confidentiality and searchability of numeric data,it enables authorized clients to fetch the data from different data owners by a generated token.Furthermore,to rich the scheme’s functionality,we exploit the idea of secret sharing to realize cross-domain search which improves the data’s utilization.The proposed scheme has also been proven to be secure through a series of security games.Moreover,we conduct experiments to demonstrate that our scheme is more practical than the existed similar schemes and achieves a balance between functionality and efficiency.

    Keywords: Internet of things,encrypted data search,multi-client,privacy-preserving.

    1 Introduction

    With the increasing development of cloud computing [Popovi? and Hocenski (2010);Buyya,Yeo,Venugopal et al.(2009)] and Internet of Things application [Lin,Yu,Zhang et al.(2017);Farooq,Waseem,Khairi et al.(2015)],data security is getting more and more attention all over the world.As we know,in an IoT scenario,data is collected from different devices and aggregated into the network and stored on the cloud.To save local cost and improve computing power,industries begin to outsource their data to third parties for storage and management.Along with this trend,various of cryptography protocols and schemes [Song,Li,Mei et al.(2017);Liu,Peng and Wang (2018)] are proposed to keep the privacy of the data,searchable encryption [Chor,Goldreich,Kushilevitz et al.(1995);Boneh,Di Crescenzo,Ostrovsky et al.(2004)] is one of those which focuses on maintaining searchability of the encrypted data on the cloud.It enables an authorized client to search the encrypted data by a token of the expected keyword without leaking anything of the keyword.After a long period of research,searchable encryption has evolved many variants based on the demands of different scenarios and functions [Wang,Cao,Li et al.(2010);Baek,Safavi-Naini and Susilo (2008);Golle,Staddon and Waters (2004)].For example,public key encryption scheme with keyword search provides a solution to the problem of data searching in email system,encrypted search scheme with conjunctive keywords allows the users to search a file which contains both keyword “urgent” and“important”.All of them can provide convenient services for people.

    However,with the highly developed of the information technology,existing searchable encryption constructions cannot satisfy people’s requirements any more.Traditional searchable encryption schemes always provide an exactly search method,which can only lock to the keyword you want [Li,Yu,Cao et al.(2011);Li,Li,Chen et al.(2012)].While for a special scenario on encrypted numeric data that a doctor wants to find the records of the patients,whose body temperature is higher than 36oC,to help him analyze the cause,he needs to find all the possible values and computes the corresponding token of them,then sends the query application to the service provider to get the search results.This approach is undoubtedly too complicated to be adopted for massive data search.To address this problem,a protocol called order-preserving encryption (OPE) scheme[Agrawal,Kiernan,Srikant et al.(2004);Boldyreva,Chenette and O’Neill (2011)] was proposed to solve the problem of these numeric data search.As its name suggests,the ciphertext produced by order-preserving encryption preserves the order of the underlying value.However,it was soon discovered that this ORE cryptography system had a fatal flaw [Naveed,Kamara and Wright (2015);Li,Zhang,Yang et al.(2015)],that is,an attacker,just like the service provider can recover the plaintext database by comparing and ordering the total dataset without authorization.Fortunately,some improvements,such as comparable encryption [Furukawa (2014)] and order-revealing encryption (ORE),were quickly put forward to replace the ORE scheme to alleviate the above dilemma,the mainly difference is that these two schemes both need an addition token to performs the comparing operation.By this,only the authorized client with the token can performs comparable search.

    Motivations.Although comparable encryption scheme provides us the capability to make range queries by comparable search,there are also several shortcomings which are not addressed well.The first thing is that traditional basic comparable encryption or order revealing encryption schemes are always built under the model of single writer/single reader,i.e.,only the data owner herself can search or perform comparing search their data.This will limit the utilization of the data and not meet the concept of data sharing or create opportunities for conditional sharing.Nowadays,some work has been done to improve the practice of the scheme by allowing more users to enjoy data sharing and searching service,one general approach is to add the access control policy which cannot address the problem of data security essentially.Once an attacker goes past all the access control policy and gains the right of visiting the database,he can fetch all the data which he is interested in.So the best way to overcome this trouble is to adopt cryptographic protocols to eliminate these threats fundamentally.However,the use of cryptographic technique will inevitably introduce addition computation and communication overhead.Finding a practical,secure and efficient comparable searchable encryption scheme is an interesting and urgent.Fortunately,these problems have attracted the attention of some researchers,and many classical schemes were proposed to solve them.The main idea is to introduce a private key generator (PKG) to manage the keys of the users that will raise another problem,the right of PKG is so strong that all the users’ private keys are in her control.There will be irreparable damage if she is attacked or leaks the private key of the user.In this regard,how to design a private key generation method is also crucial.

    Contributions.To address the problems mentioned above and provide a practical solution for encrypted data search,we propose a new comparable searchable encryption scheme in this paper with some superior properties.First,we deploy the idea of comparable encryption to design a comparable search encryption scheme which can support range queries.Then for the demanding of practice,we also improve the basic scheme to make it support multi-clients.We achieve this by leveraging the secret sharing scheme to distribute partial private keys to the service user and then combining them with a random key selected by the user.The private keys generated in our work have two functions.On the one hand,the clients can use their private keys to encrypt the data and generate tokens for the keywords needed to search.On the other hand,with this private key setting,the data owner can also authorize another client to query the expected data in her domain by sending the authorized clients a search capability.With this search capability,the authorized clients can compute the search token for those data encrypted by authorizer.Finally,we also conduct a series of experiments to show that our comparable searchable encryption scheme is available and efficient enough to support daily use.

    Related work.Searchable encryption [Bellare,Boldyreva and O’Neill (2007)] has been the focus of scholars since its generation.Comparable encryption [Furukawa (2013)],as an important part of searchable encryption,was first proposed by Furukawa,and has provided a sorting encryption method.Unlike the traditional order-preserving searchable scheme [Boldyreva,Chenette,Lee et al.(2009)],comparable encryption scheme aims at providing a conditional order-preserving encryption scheme that requires authorization.That is to say,only the authorized user can learn the order of the encrypted data.At that time,a concept called order-revealing encryption scheme [Lewi and Wu (2016)] was also underway,and its appearance was also to eliminate the drawbacks of the traditional OPE schemes.And since then,more and more programs have been proposed to meet the needs of the application,which mainly moves in two directions,one is functional design and the other is safety analysis [Grubbs,Sekniqi,Bindschaedler et al.(2017)].For example,Ye et al.[Ye,Miao,Chen et al.(2018)] effort to extend the basic comparable encryption to support multi-user and Furukawa improved their original scheme to make it more efficient with small storage overhead.However,their improvements also have some unsolvable problems,our work in this paper is just to optimize the existed schemes and attempts to achieve a trade-off between the efficiency and functionality.

    Organization.The rest of this paper is organized as follows.Section 2 describes the proposed system model,corresponding threat model and design goals.In Section 3 we introduce related background of our scheme and cryptographic protocols.In Section 4,we present our basis scheme and introduce how to extend it to realize multiple clients setting.The formal security proof is given in Section 5 and following with the complexity analysis and experiment evaluation in Section 6.Finally,we end the paper with a brief conclusion in Section 7.

    2 Problem statement

    2.1 System model

    Our target scheme for secure IoT numerical data search involves the following four parties as depicted in Fig.1,i.e.,data terminal equipment (DTE),data sub-management center (DMC),Cloud Server (CS),and a private key generator (PKG).

    Figure1:Overview of the system architecture

    · DMC:DMCs are IoT service provider and data owner.They collect the data from the application or device and encrypt it before uploading it to the cloud server.

    · DTE:DTEs are IoT applications or sensor devices (such as heart rate monitor,thermometer and sphygmomanometer,etc.) that serve as data sources or data sink.They detect events or changes in its environment and send the information to the data management center.

    · CS:CS is the cloud service provider,it stores all the data and helps perform encrypted data query.

    · PKG:PKG is just like an authority center who is responsible for generating system parameters and deriving the private key for each DMC.

    Overview.The overview of our scheme is illustrated in Fig.1.Without loss of generality,taking medical scenarios as an example,our system framework and functional module descriptions are described below.When a DMC wants to interconnect with our datastore to get the system service,it sends the registration application and get a partial key as the response from the PKG.Observe that,in our scheme each DMC (doctor) has multiple DTE (devices) such as heart rate monitor,thermometer and sphygmomanometer,these devices collect the data from the patients and import it to data sub-management center.DMC encrypts the received data and uploads them to the cloud.While a DMC wants to filter the eligible data (For instance,medical records with a body temperature greater than 36°C) that satisfies appropriate conditions,she can generate a search token and send the token along with the query to the cloud server.Once the cloud server receives the query and corresponding token,it executes search algorithm to match the eligible data and returns the search results to the DMC.Furthermore,our system also supports multi-user data sharing to utilize their data,i.e.,while a userDiwould like to exploit the medical data of another userDj,to help her analyze the patient’s condition,Dican apply for the authorized search capability,a conversion key,from the data ownerDjby negotiating or paying a certain fee.Then she can use this conversion key to compute the token which can be used to compare with the data ofDj.

    2.2 Threat model

    Considering the confidentiality and privacy of medical data,we are concerning on the semi-honest threat model including legal users who are curious but not malicious.In our system,we assume that the PKG will never reveal her master secret key to the unauthorized user even the cloud server.Furthermore,the user’s private keys also should be kept secret and cannot be stolen by attackers.The service server in the designed system is honest and takes action according to the rules.

    2.3 Design goals

    The designed MCSE system over encrypted IOT data should achieve the following main security,functionality and performance goals.

    ·Data and query privacy:The privacy of the data stored in the datastore must be guaranteed,that is,the cloud server cannot learn any underlying information except the encrypted data and query themselves.

    ·Comparability of encrypt data:The encrypted data stored in our MCSE datastore can be compared to the size through an authorized token.

    ·Scalability and efficiency:To enhance the practice of the proposed comparable encryption,our system is also required to support multi-user.With the authorization of the data owner,users can search the target data through our comparable encryption schemes.

    3 Preliminaries

    3.1 Bilinear pairings

    Definition 3.1.Let G1,G2be two cyclic groups with the same prime orderp,andgbe a generator ofG.Lete:G1×G1→G2be a map from G1to G2.We say that the mapeis cryptographic bilinear if the following three properties hold:

    · Non-degeneracy.If G =g,then G2=e(g,g),i.e.e(g,g)≠1,where “1” denotes the unity element of the groupG2.

    · Computability.For allg1,g2∈G1,there exists an efficient polynomial time algorithm to computee(g1,g2).

    For reducing the security of our scheme to a standard hard math problem formally,some classical hardness assumptions and technique are needed to be introduced in our paper,such discrete logarithm problem,secret sharing problem.

    3.2 Comparable searchable encryption and security definitions

    According to the description above and some related works,the definition of our designed comparable search encryption scheme can be described as follows:

    Definition 3.2.The proposed Comparable search encryption scheme with multi-user consists of the following four functions and proceeds as follows:

    · Setup:This algorithm takes the security parameterλand range parametersnas input,outputs the system parametersspand master secret keymsk.

    ·Derive:This algorithm takesmskas input,and generates a partial private keysk1to the user,then user chooses a randomsk2and setssk=(sk1,sk2)be her private key.

    ·Encrypt:This algorithm takes data owner's private key,system parameters and numeric datamas input,and outputs the ciphertextEmi.

    ·TokGen:This algorithm takes data owner's private key and expected keyworddas input,and outputs the search tokenTd.

    ·Compare:This algorithm takes the search tokenTd1,ciphertextEd1and another ciphertextEd2as input,outputs -1,0,1.Here -1meansd1<d2,0meansd1=d2,1 meansd1>d2.

    From the definition,we know that comparable searchable encryption scheme provides an approach to perform ranger query,i.e.,search a data set which is smaller/bigger than some certain values.Then for the security,we introduce a IND-CKA security game between the adversary and the simulator in the absence of a token,which is defined as follows:

    Definition 3.3For a given security parameterλand a range parameterN,letΣ=(Setup,Derive,Encrypt,TokGen,Compare) be a comparable search encryption scheme.Assume thatA = (A1,… ,Aq)is an adversary who can make at mostqtimes queries and S is a simulator,then the security games proceeds as follows:

    We say that a comparable encryption scheme CES=(Setup,Derive,Encrypt,TokGen,Compare) is secure if for any polynomial time adversary can distinguish GameRealand GameIdeal,i.e.,

    Pr[RealA(λ)= 1 ]-Pr[I dealA,S(λ)= 1 ] <negl(λ)

    wherenegl(λ)is a negligible function in security parameterλ.

    4 Our construction

    Let G1,G2be two cyclic groups with the prime orderpande:G1×G1→G2be a bilinear map from G1to G2.Our MCSE scheme on an IoT scenario as Fig.1 consists of five protocols and can be described as follows:

    4.1 System initialization

    In the initialization stage, PKG executes as described in Setup protocol in Fig.2.First, it selects a bilinear map e:G1×G1→G2with a randomly generator g∈G1.Then an integern is selected as the range parameters which defines the upper bound of the number that can be compared in our system.This means that our construction enables to compare size for the encrypted data of whose underlying data no more thann .PKG also chooses one cryptographic hash function H:{0,1}*→{0,1}λand three key-based pseudorandom functionwhereλis the security parameter.Random integers a, s ∈Zpare selected as the master secret keymsk in our system.In the derivation stage, PKG solves the equation ax + s = y m odpto find a pair of solution (x, y)to compute the private key for each DMC.Finally, PKG publishes the system parameters sp ={n, g1,H1,H2, H3, e}and keeps msk =(a, s)to itself.

    Figure2:Our basic encrypted data search scheme

    4.2 Private key derivation

    For a data sub-management centerDito be connected to the system, she needs to apply to be a legal user and get a corresponding private key from PKG. As described in Derive protocol in Fig. 2, PKG choosesx,y∈Zprandomly, which satisfiesy=ax+sm odp.Then it computes the's partial private key (gx,gy)and sends it toAfter receiving the partial key from PKG,randomly chooses an integert∈Zpand compose its own private key(gx,gy,t)with them. In the following Encrypt and Search protocols,will use the obtained private key to encrypt the data which is imported by various devices(heart rate monitor, thermometer and sphygmomanometer) under its jurisdiction, and compute search token to perform received query.

    4.3 Encrypted comparable datastore generation

    For each DTE,we present the generation of the encrypted comparable datastore by Encryption protocol in Fig.2.Note that,all data in our system should be an integer or can be converted to an integer by a certain mapping that means the original data in our scheme can be compared in size.Our goal is to ensure that the encrypted data stored in datastore not only reveals its underlying information,but also can compare size with each other by a given search token.Take a medical scene as an example,in our system,each device collects the data (body temperature,heart rate) from patient and aggregates it to a DMCDiwho may be an attending physician.

    As shown in Fig.2,to keep the privacy of the data,next we will describe how to encrypt an integermby Encrypt protocol.First,Diconvertsmto its binary form (b0,… ,bn-1)which satisfiesA random variabler∈Zis selected to guarantee the randomness of encrypted data.Then forifromn-1to1,PKG computesdi+1andeiin turn,wheremod2andH2(Ks,di+1) +bimod3.The last step in Encrypt protocol is to compress to get a short ciphertextE,whereLater,uploads all encrypted data to the cloud server.Unlike ordinary order-preserving encryption scheme,our encrypted data will not reveal the order of the plaintext while protecting data privacy.The only thing she will know is the size relationship of the ciphertext and the data that corresponds to the given token.

    4.4 Token generation and multi-client setting

    The last functional module of our system is the comparable search over encrypted data which is generally composed of two protocols,token generation and search.For example,when a doctor wants to search for the medical record of the patients whose temperature is greater thand°C to analyze the condition,she needs to compute a token fordand send it to the server.Then the server helps her to complete the search operation and returns the search result.Considering that the token generation protocol in our system will vary depending on the target database,we separate this part into a section and elaborate on our token generation scheme in different scenarios,i.e.,which data the user wants to query,her own or other data including hers? Combined with Fig.1 and different scenes,the token generation protocol TokGen works as follows:

    For the first case,if the doctor only wants to search the data of her own which is encrypted by her private key,she just takes her private key and the expected data as inputs and invokes TokGen protocol to compute the search token.As shown in Fig.2,is the binary form of numberd,letThen forifromnto1,DMC calculatesin turn,whereandThe obtained arrayis the search tokenTK.

    Note that this token can only be used to compare the size for encrypted data which encrypted with the same private key.For the data encrypted with other keys,it cannot directly compare them.Fortunately,we have an approach to compare the size of data encrypted with different private keys,which is what we will discuss later.

    In the case that a doctorDiwants to search for the medical record of more patients whose temperature is greater thand°Cin another hospital, then the search results consist of two parts. One is her own data, this part of the data can be searched directly with token generated by her private key. While the other part of the data comes from another hospital, which cannot be filtered by that token anymore. To solve this problem, we exploit a transformation technique to convert our token into a token that can be compared to the encrypted data of another hospital. LetDi,Djbe two different users with private keyrespectively, whereNow we illustrate this interaction in detail. First,Djsends an application toDifor searching her encrypted data stored in the cloud. In response,calculatesas the conversion key and sends it toThencomputesto get thei.e.,above, which is the key to calculating token forFinally,Djperforms the remaining operations in the TokGen protocol as usual to get a new token, this token can be used to compare withDi’s encrypted data. Observe that, this process of authorized search requires that both users must be legitimate users in the system, they have got the private keys distributed by PKG, and successful authorization requires the consent of the data owner and obtains the conversion key. The entire process requires only one interaction to achieve data sharing with high efficiency.

    4.5 Comparable search

    The last functional module of our system is the comparable search over encrypted data which is generally composed of two protocols,token generation and search.And the token generation is completed by different participants depending on the situation.As shown in Fig.2,the specific description of the search module is as follows:

    If the initiator is the data owner,then she directly computes the search token by calling the TokGen protocol with the inputs of her private key and the expected keyword.Then she takes theas input and performs the search algorithm to retrieve the goal data.Specifically,for the given ciphertextandwhereEis the ciphertext corresponding to the number whose token isTK.The cloud server computesmod3 forkfromnto 0.If there exist a certainksuch thatwe can decideEE′>andforE<E′.Otherwise,E=E′if allck=0.Then she collects the data with the calculation results “1” and return them to the user.While the search initiator is not the data owner,she needs to ask for the authorization from the data owner first,and then computes the search token by the later protocol mentioned in the token generation part.After that she can use that token to perform the data search normally.

    5 Security analysis

    This section we will present the security of our CSE scheme in the following two theorems.For the sake of limited space,we only provide a simple explanation of the security of the solution and no longer give formal proof.

    Theorem 5.1.The proposed comparable search encryption scheme CSE= (Setup,Derive,Encrypt,Token,Search) isL -semantic secure ifH:{0,1}*→{0,1}λis cryptographic hash function and{0,1}*→{0,1}λare three key-based pseudo random function.

    Since our proposed comparable searchable encryption scheme is constructed based on the work of Furukawa’s [Furukawa (2014)],so the proposed scheme is secure under the security model of Furukawa [Furukawa (2014)].The detailed security proof is to prove that no polynomial adversary can distinguish the security game Ideal and Real which will not be detailed here.In addition,as our scheme extends the basic comparable encryption scheme to support multiple users.So the proposed scheme must ensure that the unauthorized user cannot search the data beyond their authority.

    Theorem 5.2.Assume that the DL assumption holds and the CSE=(Setup,Derive,Encrypt,Token,Search) is aL -semantic secure scheme,then the search token in our scheme CSE is unforgeable against adaptive attacks.

    This theorem ensures that our scheme provides fine-grained access control on encrypted data,only the authorized users can compute the valid tokens to perform search query.In our construction,we achieve this by dividing the private key into two parts,one is assigned by the PKG and the other is an integer selected by the users themselves.Then we exploit the secret sharing technique to distribute the system parameters and hide the selected part by the exponential operation.Then we can know that no polynomial time adversary can fetch this private key,otherwise he can break the DL problem.Furthermore,this setting also weakens the dominance of PKG which guarantees that the user’s key will not be revealed even if someone will eavesdrop on the communication channel.

    6 Efficiency analysis and experiment evaluation

    In this section,we present our analysis results by making efficiency comparison with some related work,and conduct the corresponding experiment to evaluate its practice.

    6.1 Efficiency comparison

    To show the efficiency of the proposed scheme in Section 4,we simply analyze the efficiency of our scheme by comparing with some classical comparable searchable encryption scheme.Let |G1|,|G2|,|Zp|respectively be the size of the element ofG1,G2,Zp,letP,E,Hrepresent the computation cost of a bilinear pairing operation,an exponentiation operation on pairing and hash computation cost.Letλandndenote the security and range parameters.Then the detailed comparative analysis is listed in Tab.1.

    Table1:Comparison with several classical schemes

    6.2 Experiment results

    To evaluate the performance of the proposed scheme in Section 4,we will show all the experimental results in this part.In our work,all the experiments are conducted on a Windows 10 laptop with Core i5 Processor,8 GB Memory and 256 GB SSD.Letλ=256be the security parameter andn=128be the range parameter.A synthetic dataset of 10000 integers selected by the range parameter is our test set.Our pairing implementation uses the jPBC library for Java.In addition,we choose SHA256 as hash functionHand AES-CBC encryption mode for key-based cryptography functionH1,H2,H3.Then the detail experiment results are described as follows.

    For the user of our system,she needs to register to get an authorized private key.We realize this by running the Derivation protocol as Fig.2.In this stage,we do the experiment of generating private keys for 1000 users.The mainly computation overhead is two exponential operations and some additions and subtractions on a selected finite fields.Fig.3(a) shows the time cost for 1000 users.From the figure we can see that it takes about 29.3 s for total 1000 users and 29.3 ms per user.Fig.4(a) demonstrates that almost 99% of tests can complete key generation in 5 seconds.

    Figure3:Performance of private key deriving and encryption

    Figure4:Performance of private key deriving,encryption and encrypted data search

    For a synthetic dataset DS consists of 10,000 integers from 0 to 2128,we take valid private keys generated above to encrypt the DS by performing Encrypt protocols.The line in Fig.3(b) shows the time cost of encrypt total dataset.In addition,we also record the time for each integer.It takes about 3-5ms to encrypt each data,which is much faster than the results in Ye et al.[Ye,Miao,Chen et al.(2018)].

    While for the search stage,we randomly choose a integer “d” from the dataset DS randomly,then perform the search protocol to find out the record whose underlying value is bigger than “d” from the encrypted dataset EDS.Fig.4(b) records the time cost of retrieving all the data which is bigger than “d”,it takes about 594 ms to return all the search results,i.e.,each search test only cost 0.059 ms in our construction.

    7 Conclusion

    In this paper we discuss the encrypted data search problem in cloud and provide a multiclient comparable searchable encryption scheme which gives a solution for encrypted data sharing and retrieve.Compared with related schemes,our scheme improves efficiency of the key distribution process by adopting a modified secret sharing technique.This paper also gives detailed experimental results of the scheme and demonstrates that it can adapt to current application requirements.For future work,it is interesting to consider the searchable encryption with multi-keywords and small leakage.

    Acknowledgement:This work is partially supported by the Fundamental Research Funds for the Central Universities (Nos.30918012204,XJS17053,JBF181501).The authors also gratefully acknowledge the helpful comments and suggestions of the reviewers,which have improved the presentation.

    99九九线精品视频在线观看视频| 国产精品蜜桃在线观看| 亚洲av成人av| 日韩欧美精品v在线| 国产精品.久久久| 啦啦啦观看免费观看视频高清| 久久人人爽人人片av| 校园人妻丝袜中文字幕| 色噜噜av男人的天堂激情| 一个人看的www免费观看视频| 中文在线观看免费www的网站| 欧美xxxx黑人xx丫x性爽| 国产成人福利小说| 亚洲精品亚洲一区二区| 黄色配什么色好看| 亚洲人成网站高清观看| 成人二区视频| 大香蕉97超碰在线| 亚洲国产欧美人成| 日韩精品有码人妻一区| 国产又色又爽无遮挡免| 欧美另类亚洲清纯唯美| 亚洲av免费高清在线观看| 成人漫画全彩无遮挡| 久久久久精品久久久久真实原创| 午夜福利网站1000一区二区三区| 尾随美女入室| 久久精品国产鲁丝片午夜精品| 99在线视频只有这里精品首页| 丰满乱子伦码专区| www日本黄色视频网| 国产免费福利视频在线观看| 久久鲁丝午夜福利片| 免费黄网站久久成人精品| 男插女下体视频免费在线播放| 久久久久久大精品| 美女国产视频在线观看| 国产高清国产精品国产三级 | 久久久久久久午夜电影| 少妇裸体淫交视频免费看高清| 成人无遮挡网站| 99热6这里只有精品| 亚洲va在线va天堂va国产| 日本一二三区视频观看| 三级国产精品片| 女的被弄到高潮叫床怎么办| av在线老鸭窝| 色5月婷婷丁香| 国内精品一区二区在线观看| 中文字幕av在线有码专区| 女人被狂操c到高潮| 最近手机中文字幕大全| 校园人妻丝袜中文字幕| 中文精品一卡2卡3卡4更新| 日韩中字成人| 亚洲av成人av| 国国产精品蜜臀av免费| 久久韩国三级中文字幕| 国产精品日韩av在线免费观看| 少妇裸体淫交视频免费看高清| 99国产精品一区二区蜜桃av| 国产亚洲av嫩草精品影院| 免费观看的影片在线观看| 亚洲aⅴ乱码一区二区在线播放| 久久韩国三级中文字幕| 97热精品久久久久久| 久久久国产成人免费| 国产精品国产三级国产专区5o | 青春草视频在线免费观看| 国产精品电影一区二区三区| 色尼玛亚洲综合影院| 精品久久久噜噜| 国产伦理片在线播放av一区| 日韩一区二区视频免费看| 久久久午夜欧美精品| 欧美不卡视频在线免费观看| 麻豆一二三区av精品| 成人鲁丝片一二三区免费| 免费搜索国产男女视频| 国产av不卡久久| 一区二区三区高清视频在线| 亚洲av二区三区四区| 国产探花极品一区二区| 亚洲国产精品合色在线| 国产免费福利视频在线观看| 亚洲精品日韩在线中文字幕| av在线观看视频网站免费| 亚洲国产精品sss在线观看| 久久精品国产自在天天线| 美女大奶头视频| 国产一区二区在线观看日韩| 少妇丰满av| 日韩精品有码人妻一区| 国产一区二区三区av在线| 日韩av在线免费看完整版不卡| 欧美日韩一区二区视频在线观看视频在线 | av在线观看视频网站免费| 日韩国内少妇激情av| 亚洲在线观看片| 中文字幕免费在线视频6| 国产成人aa在线观看| 国产精品久久视频播放| 少妇裸体淫交视频免费看高清| 日韩大片免费观看网站 | 久久久成人免费电影| 又粗又爽又猛毛片免费看| 国产白丝娇喘喷水9色精品| 日韩在线高清观看一区二区三区| 久久久a久久爽久久v久久| 成人鲁丝片一二三区免费| 国产人妻一区二区三区在| 国产黄片视频在线免费观看| 丰满乱子伦码专区| 99久久中文字幕三级久久日本| 亚洲乱码一区二区免费版| 久久久亚洲精品成人影院| 我的老师免费观看完整版| 一个人看的www免费观看视频| 亚洲成av人片在线播放无| 乱码一卡2卡4卡精品| 中文字幕人妻熟人妻熟丝袜美| 亚洲成人久久爱视频| 日日干狠狠操夜夜爽| 欧美性猛交╳xxx乱大交人| 精品久久久久久久末码| 18禁在线无遮挡免费观看视频| 国产精华一区二区三区| 能在线免费观看的黄片| 蜜桃久久精品国产亚洲av| 久久久a久久爽久久v久久| 亚洲欧美成人精品一区二区| 精品不卡国产一区二区三区| 日韩人妻高清精品专区| 久久热精品热| 国产成人精品久久久久久| h日本视频在线播放| 久久久久久久久中文| 国产又黄又爽又无遮挡在线| 色视频www国产| 老司机影院成人| 国产精品熟女久久久久浪| 毛片女人毛片| 六月丁香七月| av又黄又爽大尺度在线免费看 | 99久久精品热视频| 少妇被粗大猛烈的视频| 美女大奶头视频| 男的添女的下面高潮视频| 精品酒店卫生间| 波野结衣二区三区在线| 精品久久久久久久人妻蜜臀av| 联通29元200g的流量卡| 欧美高清性xxxxhd video| 中文在线观看免费www的网站| 国产精品永久免费网站| 久久精品国产99精品国产亚洲性色| 免费黄色在线免费观看| 欧美激情在线99| 国国产精品蜜臀av免费| 国产成人精品婷婷| 男人舔女人下体高潮全视频| 亚洲国产精品sss在线观看| 1000部很黄的大片| 午夜福利在线观看免费完整高清在| 亚洲最大成人中文| 如何舔出高潮| 国产日韩欧美在线精品| 欧美日韩综合久久久久久| 欧美最新免费一区二区三区| 在线观看66精品国产| 亚洲真实伦在线观看| 少妇被粗大猛烈的视频| 国产成人免费观看mmmm| 成年女人永久免费观看视频| 舔av片在线| 国产亚洲最大av| 亚洲av一区综合| 最近中文字幕高清免费大全6| 国产高清有码在线观看视频| 国产精品爽爽va在线观看网站| 国产精品一区二区三区四区久久| 亚洲欧美成人综合另类久久久 | 美女内射精品一级片tv| 亚洲av熟女| 亚洲av电影在线观看一区二区三区 | 美女黄网站色视频| 自拍偷自拍亚洲精品老妇| 国产亚洲5aaaaa淫片| 精品人妻偷拍中文字幕| 两个人的视频大全免费| 久久久久久九九精品二区国产| 欧美最新免费一区二区三区| 亚洲av二区三区四区| 欧美精品一区二区大全| 国产精品久久久久久久电影| 九草在线视频观看| 国产精品国产高清国产av| 一级黄色大片毛片| 91久久精品电影网| 1000部很黄的大片| 亚洲精品aⅴ在线观看| 天堂中文最新版在线下载 | 日韩av不卡免费在线播放| 寂寞人妻少妇视频99o| 国产午夜福利久久久久久| 亚洲精品aⅴ在线观看| 波野结衣二区三区在线| 高清午夜精品一区二区三区| 欧美激情久久久久久爽电影| 久久久久久久久中文| 亚洲av中文字字幕乱码综合| 国产成人a区在线观看| 国产高清三级在线| 青春草视频在线免费观看| 久久亚洲国产成人精品v| 麻豆成人av视频| 国产毛片a区久久久久| 黄色一级大片看看| 国产老妇女一区| 国产一级毛片七仙女欲春2| 精品人妻偷拍中文字幕| 男人舔奶头视频| av在线观看视频网站免费| 免费观看a级毛片全部| 日本wwww免费看| 色吧在线观看| 国产精品人妻久久久影院| 国产一区二区亚洲精品在线观看| 国产一区二区在线av高清观看| 国产精品精品国产色婷婷| 一夜夜www| 国产精品久久视频播放| 国产美女午夜福利| 久久精品国产亚洲av天美| 午夜免费男女啪啪视频观看| 99久久九九国产精品国产免费| 日本与韩国留学比较| 久久久久久伊人网av| 国产一区亚洲一区在线观看| 色哟哟·www| 在线观看美女被高潮喷水网站| 欧美zozozo另类| 99久久精品国产国产毛片| 乱系列少妇在线播放| 国产精品国产三级国产专区5o | 色网站视频免费| 久久精品人妻少妇| 五月伊人婷婷丁香| 亚洲av.av天堂| 一级毛片久久久久久久久女| 91久久精品国产一区二区成人| 六月丁香七月| 日本欧美国产在线视频| 女的被弄到高潮叫床怎么办| 国产高清三级在线| 内射极品少妇av片p| 国内精品美女久久久久久| av播播在线观看一区| av免费观看日本| 精品一区二区免费观看| 国产精品人妻久久久影院| 欧美性感艳星| 插阴视频在线观看视频| 三级毛片av免费| 国产三级中文精品| 日本五十路高清| 久久99热这里只有精品18| 噜噜噜噜噜久久久久久91| 久久韩国三级中文字幕| 麻豆av噜噜一区二区三区| 亚洲精华国产精华液的使用体验| www.av在线官网国产| 国内少妇人妻偷人精品xxx网站| 久久99精品国语久久久| 深夜a级毛片| 精品国产三级普通话版| 97在线视频观看| 一区二区三区乱码不卡18| 国产精品熟女久久久久浪| 亚洲图色成人| 国产精品乱码一区二三区的特点| 高清午夜精品一区二区三区| 男人舔奶头视频| 两个人的视频大全免费| eeuss影院久久| 精品午夜福利在线看| 观看美女的网站| 亚洲国产精品成人综合色| 69av精品久久久久久| 能在线免费观看的黄片| 亚洲精品乱码久久久v下载方式| 麻豆一二三区av精品| 成人亚洲欧美一区二区av| 91久久精品电影网| 看非洲黑人一级黄片| 国产一区二区在线av高清观看| 99国产精品一区二区蜜桃av| 精品一区二区三区视频在线| 久久久久久久国产电影| 欧美一级a爱片免费观看看| 两性午夜刺激爽爽歪歪视频在线观看| 两个人的视频大全免费| 黄片wwwwww| 91久久精品国产一区二区三区| 亚洲av电影在线观看一区二区三区 | 国产黄a三级三级三级人| 久久久久久国产a免费观看| 69人妻影院| 最近的中文字幕免费完整| 久久精品国产鲁丝片午夜精品| 精品少妇黑人巨大在线播放 | 免费电影在线观看免费观看| 99在线人妻在线中文字幕| 有码 亚洲区| 久久午夜福利片| 99热全是精品| 免费黄网站久久成人精品| 啦啦啦韩国在线观看视频| 亚洲国产精品合色在线| 日产精品乱码卡一卡2卡三| 婷婷六月久久综合丁香| 国产国拍精品亚洲av在线观看| 亚洲熟妇中文字幕五十中出| 男插女下体视频免费在线播放| 一二三四中文在线观看免费高清| 男女视频在线观看网站免费| 好男人视频免费观看在线| 一边摸一边抽搐一进一小说| 亚洲欧美精品综合久久99| 亚洲av不卡在线观看| 欧美高清成人免费视频www| 黄片无遮挡物在线观看| 69av精品久久久久久| 99久久成人亚洲精品观看| 99视频精品全部免费 在线| 色综合亚洲欧美另类图片| 天天躁日日操中文字幕| 亚洲av成人精品一区久久| 久久精品91蜜桃| 亚洲自偷自拍三级| 久久久国产成人免费| 淫秽高清视频在线观看| 国产精华一区二区三区| 观看免费一级毛片| 亚洲欧美精品自产自拍| 免费电影在线观看免费观看| 观看美女的网站| 中文字幕免费在线视频6| 亚洲在久久综合| 日韩欧美精品v在线| 亚洲av电影在线观看一区二区三区 | 中文字幕熟女人妻在线| 大香蕉97超碰在线| av线在线观看网站| 欧美人与善性xxx| 日本黄大片高清| 久久99热这里只有精品18| 超碰av人人做人人爽久久| 国产成人aa在线观看| 欧美97在线视频| 夜夜看夜夜爽夜夜摸| 亚洲av成人精品一二三区| 一个人免费在线观看电影| 一级黄片播放器| 内地一区二区视频在线| 久久亚洲国产成人精品v| 午夜福利在线观看免费完整高清在| eeuss影院久久| 色播亚洲综合网| 18禁动态无遮挡网站| 少妇熟女aⅴ在线视频| 国产极品天堂在线| 国产av不卡久久| 51国产日韩欧美| 啦啦啦韩国在线观看视频| 夜夜看夜夜爽夜夜摸| 亚洲精品自拍成人| 中文字幕熟女人妻在线| 乱系列少妇在线播放| 老司机影院毛片| 国产欧美另类精品又又久久亚洲欧美| 国语对白做爰xxxⅹ性视频网站| 啦啦啦韩国在线观看视频| 亚洲成人精品中文字幕电影| 亚洲精品国产av成人精品| 尾随美女入室| 搡女人真爽免费视频火全软件| 国产亚洲av嫩草精品影院| 美女被艹到高潮喷水动态| 日韩欧美精品v在线| 亚洲精品影视一区二区三区av| 国产高清三级在线| 日本免费在线观看一区| 亚洲一级一片aⅴ在线观看| 久久久国产成人免费| 成人午夜精彩视频在线观看| 欧美精品一区二区大全| 色哟哟·www| 大香蕉97超碰在线| 亚洲美女搞黄在线观看| 国产探花极品一区二区| 国产极品天堂在线| 国产黄a三级三级三级人| 国产精品美女特级片免费视频播放器| 亚洲美女搞黄在线观看| 三级经典国产精品| 国产精品久久久久久精品电影| 丝袜美腿在线中文| 精品久久久久久成人av| 精品不卡国产一区二区三区| 免费播放大片免费观看视频在线观看 | h日本视频在线播放| 蜜臀久久99精品久久宅男| 欧美性感艳星| 韩国高清视频一区二区三区| 国产成人精品一,二区| 国产精品一区二区在线观看99 | 精品国内亚洲2022精品成人| 91久久精品电影网| 免费观看性生交大片5| 老司机福利观看| 欧美激情久久久久久爽电影| 91aial.com中文字幕在线观看| 欧美一区二区亚洲| 直男gayav资源| 身体一侧抽搐| 日本免费a在线| 亚洲久久久久久中文字幕| 最近中文字幕2019免费版| av免费在线看不卡| 久久精品夜色国产| 亚洲,欧美,日韩| av免费观看日本| 日韩成人av中文字幕在线观看| 一区二区三区四区激情视频| 久久草成人影院| 亚洲欧美日韩东京热| 欧美bdsm另类| 国产在视频线精品| 免费人成在线观看视频色| av在线观看视频网站免费| 综合色丁香网| 欧美另类亚洲清纯唯美| 国产精品久久久久久久电影| 美女黄网站色视频| 18禁裸乳无遮挡免费网站照片| 国产久久久一区二区三区| 精品熟女少妇av免费看| 床上黄色一级片| 一级av片app| 99视频精品全部免费 在线| 国产精品三级大全| 国产精品久久久久久久久免| 成年女人看的毛片在线观看| 婷婷色综合大香蕉| 欧美激情在线99| 亚洲在线自拍视频| 久久欧美精品欧美久久欧美| 毛片一级片免费看久久久久| 成人一区二区视频在线观看| 日韩制服骚丝袜av| 99热全是精品| 国产成人freesex在线| 97超视频在线观看视频| 99热这里只有是精品在线观看| www.av在线官网国产| 国产精品一区二区三区四区久久| 非洲黑人性xxxx精品又粗又长| 国产成人午夜福利电影在线观看| 国产免费一级a男人的天堂| 黑人高潮一二区| 99热6这里只有精品| 91精品国产九色| 一级黄色大片毛片| 听说在线观看完整版免费高清| 久久精品夜色国产| 久久久久久久久久久免费av| 国产一区亚洲一区在线观看| 久久精品国产鲁丝片午夜精品| 亚洲精品久久久久久婷婷小说 | 亚洲欧美中文字幕日韩二区| 亚洲国产高清在线一区二区三| 亚洲精品乱久久久久久| 欧美3d第一页| 在线观看66精品国产| 日本熟妇午夜| 亚洲国产欧洲综合997久久,| 韩国av在线不卡| 精品酒店卫生间| 有码 亚洲区| 中文字幕免费在线视频6| 免费观看在线日韩| 久久久久久久久久黄片| 干丝袜人妻中文字幕| 一区二区三区高清视频在线| 91在线精品国自产拍蜜月| 在线播放无遮挡| 亚洲欧洲日产国产| 国产在线一区二区三区精 | 亚洲真实伦在线观看| 欧美成人一区二区免费高清观看| 不卡视频在线观看欧美| a级毛片免费高清观看在线播放| 亚洲精品一区蜜桃| 国产午夜福利久久久久久| 欧美性猛交黑人性爽| 成人美女网站在线观看视频| 婷婷六月久久综合丁香| 干丝袜人妻中文字幕| 身体一侧抽搐| 18禁裸乳无遮挡免费网站照片| 欧美激情国产日韩精品一区| 长腿黑丝高跟| 亚洲在线自拍视频| 亚洲av.av天堂| 国产在视频线在精品| 七月丁香在线播放| 久久久国产成人精品二区| 亚洲欧美精品专区久久| 亚洲国产精品成人久久小说| 精品一区二区三区人妻视频| 亚洲国产最新在线播放| 在线观看66精品国产| av视频在线观看入口| 国产精品乱码一区二三区的特点| 最近视频中文字幕2019在线8| 看黄色毛片网站| 亚洲一级一片aⅴ在线观看| 乱码一卡2卡4卡精品| www日本黄色视频网| 成人亚洲精品av一区二区| 国产精品福利在线免费观看| 午夜激情欧美在线| 免费观看a级毛片全部| 日韩视频在线欧美| av又黄又爽大尺度在线免费看 | 男的添女的下面高潮视频| 嘟嘟电影网在线观看| 中文精品一卡2卡3卡4更新| 赤兔流量卡办理| 好男人视频免费观看在线| 亚洲av二区三区四区| 久久精品夜色国产| 亚洲综合色惰| 国产精品电影一区二区三区| 一个人观看的视频www高清免费观看| 日本免费一区二区三区高清不卡| 日韩一区二区三区影片| 一本—道久久a久久精品蜜桃钙片 精品乱码久久久久久99久播 | 搡老妇女老女人老熟妇| 女人久久www免费人成看片 | 亚洲精品乱码久久久久久按摩| 亚洲欧美精品综合久久99| 亚洲欧美成人综合另类久久久 | 亚洲内射少妇av| 亚洲国产精品合色在线| 能在线免费看毛片的网站| 蜜臀久久99精品久久宅男| 亚洲国产成人一精品久久久| 成年女人永久免费观看视频| 国产午夜精品论理片| 亚洲av免费高清在线观看| 深夜a级毛片| 亚洲国产精品久久男人天堂| 狂野欧美激情性xxxx在线观看| 久久精品国产亚洲av涩爱| 99在线视频只有这里精品首页| 汤姆久久久久久久影院中文字幕 | 一级爰片在线观看| a级毛片免费高清观看在线播放| 欧美日韩综合久久久久久| 成人性生交大片免费视频hd| 久久99热这里只有精品18| 中文字幕久久专区| 卡戴珊不雅视频在线播放| 精品熟女少妇av免费看| 亚洲国产成人一精品久久久| 欧美性猛交黑人性爽| 欧美激情久久久久久爽电影| 热99re8久久精品国产| 国产真实伦视频高清在线观看| 国产成人精品一,二区| 狂野欧美激情性xxxx在线观看| 国产精品久久久久久久电影| 国产麻豆成人av免费视频| 我的女老师完整版在线观看| 18禁动态无遮挡网站| av又黄又爽大尺度在线免费看 | 国产国拍精品亚洲av在线观看| 少妇的逼水好多| 美女cb高潮喷水在线观看| 日韩av不卡免费在线播放| 国产综合懂色| 亚洲欧美日韩卡通动漫| 国产极品精品免费视频能看的| 国产91av在线免费观看| 久久久久久久久久黄片| 精品酒店卫生间| 久久国内精品自在自线图片| 久久精品久久久久久噜噜老黄 | 久久久精品94久久精品| 欧美日韩综合久久久久久| 亚洲四区av| 热99在线观看视频| 国产探花在线观看一区二区| 欧美成人一区二区免费高清观看| 大话2 男鬼变身卡| 韩国av在线不卡| 亚洲激情五月婷婷啪啪| 男人的好看免费观看在线视频| 久久久久免费精品人妻一区二区| 国产黄色小视频在线观看| 国产伦一二天堂av在线观看| 青青草视频在线视频观看| 国产精品不卡视频一区二区|