CN105678194B - Data integrity check system and method - Google Patents

Data integrity check system and method Download PDF

Info

Publication number
CN105678194B
CN105678194B CN201610081995.8A CN201610081995A CN105678194B CN 105678194 B CN105678194 B CN 105678194B CN 201610081995 A CN201610081995 A CN 201610081995A CN 105678194 B CN105678194 B CN 105678194B
Authority
CN
China
Prior art keywords
matrix
server
data
redundant
inspection
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201610081995.8A
Other languages
Chinese (zh)
Other versions
CN105678194A (en
Inventor
吕春利
曾子川
张博
刘瑜
申长虹
马钦
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Agricultural University
Original Assignee
China Agricultural University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Agricultural University filed Critical China Agricultural University
Priority to CN201610081995.8A priority Critical patent/CN105678194B/en
Publication of CN105678194A publication Critical patent/CN105678194A/en
Application granted granted Critical
Publication of CN105678194B publication Critical patent/CN105678194B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Abstract

The present invention provides a kind of data integrity check system, including:Data processing server is used for according to data generator matrix M to be tested, and is stored into s common server;Data processing server is additionally operable to according to pseudo-random function f, secret key kprfAnd seedMatrix R is obtained, matrix is obtained according to matrix R and generation member gRedundant matrices S is obtained according to matrix M, s × k rank Cauchy matrix A and matrix R, and by redundant matrices S and matrixIt is stored into k redundant server;Data processing server is additionally operable to obtain matrix V according to Cauchy matrix A and generation member g, and matrix V is sent to inspection server;It examines server to be used for, treats inspection data and test, and export inspection result.The method achieve the integrity checks to data, while protecting privacy information, and by generating redundant matrices S and matrixIn case data inspection and reduction.

Description

Data integrity check system and method
Technical field
The present invention relates to cloud storage technical field more particularly to a kind of data integrity check system and methods.
Background technology
In cloud storage technical field, data safety and privacy concern that user worries increasingly are taken seriously, and data Integrality be information security an important essential attribute.
The public and private key encryption systems of RSA are generally used in the prior art, carry out the data integrity check of distributed cloud storage, And in deblocking, as long as extracting a portion, you can evidence is intact to higher ratios guarantee totally.But It is during inspection data integrality, to entrust the safety that cannot be guaranteed private data while third party inspection, and nothing Method carries out the dynamic update and reduction of file.
Therefore, how to provide it is a kind of avoid examine server obtain key message data integrity check method be badly in need of It solves the problems, such as.
Invention content
(1) technical problems to be solved
The technical problem to be solved in the present invention is to provide a kind of data that can avoid that server is examined to obtain key message Integrity check system and method.
(2) technical solution
In a first aspect, in order to solve the above technical problems, technical scheme of the present invention provides a kind of data integrity check System, including:Data processing server, s common server, k redundant server and inspection server;
The data processing server, for generating n × s rank matrix M, the matrix according to data to be testedAnd matrix M is stored into the s common server;
The data processing server is additionally operable to obtain pseudo-random function f and its secret key kprf, the pseudo-random function pair The seed answeredAnd random s × k rank Cauchy matrixs A;Wherein,Middle ver indicates that version number, i are in matrix M Rower, 1≤i≤n, p are the label of the k redundant server, and 1≤p≤k;
The data processing server is additionally operable to according to the pseudo-random function f, the secret key kprfAnd the seedMatrix R is obtained, matrix is obtained according to the generation member g of matrix R and the default finite fieldAccording to the matrix M, institute It states the s × k rank Cauchy matrix A and matrix R and obtains redundant matrices S, and by the redundant matrices S and the matrixStorage It is stored in the k redundant server;
The data processing server is additionally operable to the generation according to s × k rank Cauchy matrix A and the default finite field First g obtains matrix V, and the matrix V is sent to the inspection server;
The inspection server, the matrix V sent for receiving the data processor carry out the data to be tested It examines, and exports inspection result.
Preferably, the data processing server is specifically used for:
N × s rank matrix M, the matrix are generated according to data to be testedBy the matrix M according to Row and column is divided into n × s blocks of files, and each common server is divided into n blocks;
N × s the blocks of files is stored in a predetermined sequence and arrives the s common server.
Preferably, the data processing server is specifically used for:Obtain pseudo-random function f and its secret key kprf, it is described it is pseudo- with The corresponding seed of machine functionAnd random s × k rank Cauchy matrixs A;
The matrix R is n × k rank matrixes, and wherein each elementIt obtains:
Wherein, i is the rower in matrix M, and 1≤i≤n, p are the label of the k redundant server, and 1≤p≤k,It indicates with kprfFor key, withThe random number obtained for seed and according to the pseudo-random function f;
Matrix is obtained according to the generation member g of matrix R and default finite fieldI.e.:
Redundant matrices S is obtained according to described matrix M, s × k rank Cauchy matrix A and matrix R;
The redundant matrices S is:
Wherein, the Cauchy matrix A of s × k ranks is:
Wherein, x1, x2..., xsIndicate different numerical value, y1, y2..., ykIndicate different numerical value;
And by the redundant matrices S and the matrixK redundant server is stored into after division.
Preferably, the data processing server is specifically used for:According to s × k rank Cauchy matrix A and described default limited The generation member g in domain obtains matrix V, i.e.,:
Wherein, the Cauchy matrix A of s × k ranks is:
Wherein, x1, x2..., xsIndicate different numerical value, y1, y2..., ykIndicate different numerical value;
And the matrix V is sent to the inspection server.
Preferably, the inspection server is specifically used for random generation a subsetIt is each in the I Element i ∈ I generate a random value zi, note Q is { (i, zi)};
The s common server, for being calculate by the following formula first message polymerizing value μ respectivelyj,
And by μjResult of calculation be sent to the inspection server;
The k redundant server, for being calculate by the following formula second message polymerizing value σ respectivelyp,
Wherein,For the matrixIn the i-th row pth arrange element,
And by σpResult of calculation be sent to the inspection server;
It tests to the integrality of data according to formula is examined;The inspection formula is:
Wherein, 1≤p≤k, vpjFor the element in the matrix V at pth row jth row;
If μj、σpAnd vpjMeet the inspection formula, then the data to be tested have integrality;If μj、σpAnd vpj It is unsatisfactory for the inspection formula, then the data to be tested do not have integrality;
The inspection server is additionally operable to output inspection result.
Preferably, the system also includes:
Data restoring module is that the data to be tested do not have integrality, and always malfunction for the inspection result Number of servers is no more than k, then according to the data convert erroneous part stored in the redundant server;
The data restoring module determines the text to malfunction in common server specifically for traversing all common servers Part block position;Select the row { j in the corresponding matrix A of common server of error1,…,ja, and select all not malfunction The corresponding matrix A of redundant server in row { i1,…,ib, wherein b ﹥ a;Form the sub- square formation for matrix A of an a rankAnd obtain the sub- square formationIt is inverse
It takes out matrix S in redundant server and corresponds to { i1,…,ibObtain vectorWith corresponding { i in matrix R1,…,ib The vector arrivedObtain the vector of the error in common server
It willIt stores in corresponding common server;
The data processing server is additionally operable to recalculate matrix S;
The inspection server is additionally operable to re-start verification to the data to be tested.
Preferably, the system also includes:
Data update module, for when needing to be updated the data to be tested, changing blocks of files m to be updatedij SeedThe value of corresponding version number ver, is used in combination blocks of filesInstead of the blocks of files to be updated mij
Second aspect, in order to solve the above technical problems, technical scheme of the present invention, which additionally provides one kind, being based on above system Data integrity check method, including:
S1:The data processing server generates n × s rank matrix M according to data to be tested,
The matrixAnd matrix M is stored into the s common server;
S2:The data processing server obtains pseudo-random function f and its secret key kprf, the pseudo-random function it is corresponding SeedAnd random s × k rank Cauchy matrixs A;Wherein,Middle ver indicates that version number, i are in matrix M Rower, 1≤i≤n, p are the label of the k redundant server, and 1≤p≤k;
The data processing server is according to the pseudo-random function f, the secret key kprfAnd the seedIt obtains Matrix R obtains matrix according to the generation member g of matrix R and the default finite fieldAnd according to the matrix M, the s × k The rank Cauchy matrix A and matrix R obtains redundant matrices S, and by the redundant matrices S and the matrixIt is stored into k In a redundant server;
S3:The data processing server is used for the generation according to s × k rank Cauchy matrix A and the default finite field First g obtains matrix V, and the matrix V is sent to the inspection server;
S4:It is described that server is examined to receive the matrix V that the data processor is sent, the data to be tested are examined It tests, and exports inspection result.
Preferably, the method further includes:
S5:If the inspection result, which is the data to be tested, does not have integrality, and always malfunctions number of servers not More than k, then data restoring module is according to the data convert erroneous part stored in the redundant server;
Step S5 is specifically included:The data restoring module traverses all common servers to determine in common server Wrong blocks of files position;Select the row { j in the corresponding matrix A of common server of error1,…,ja, and select all Row { i in the corresponding matrix A of redundant server not malfunctioned1,…,ib, wherein b ﹥ a;One a rank of composition for matrix A Sub- square formationAnd obtain the sub- square formationIt is inverse
It takes out matrix S in redundant server and corresponds to { i1,…,ibObtain vectorWith corresponding { i in matrix R1,…,ib The vector arrivedObtain the vector of the error in common server
It willIt stores in corresponding common server;
The data processing server recalculates matrix S;
The inspection server re-starts verification to the data to be tested.
Preferably, the method further includes:
S6:When needing to be updated the data to be tested, the data update module changes blocks of files to be updated mijSeedThe value of corresponding version number ver, is used in combination blocks of filesInstead of the file to be updated Block mij
(3) advantageous effect
A kind of data integrity check method provided by the invention generates n × s rank matrixes according to data to be tested first M, and matrix M is stored into s common server, while according to the pseudo-random function f and its secret key k of acquisitionprfAnd kind SonMatrix R is obtained, matrix is obtained according to member g is generatedIt is obtained according to matrix M, s × k rank Cauchy matrix A and matrix R Redundant matrices S, and by redundant matrices S and matrixRedundancy as inspection and reduction is sent on k redundant server, Then it examines server to treat inspection data to test.Method provided by the invention realizes the integrity check to data, It is all the encryption data by deformation to be sent to simultaneously and examine the data of server, avoids and server is examined to obtain crucial letter Breath, and by generating redundant matrices S and matrixIn case data inspection and reduction.
Description of the drawings
Fig. 1 is a kind of schematic diagram for data integrity check system that embodiment of the present invention provides;
Fig. 2 is that the matrix M that embodiment of the present invention provides is stored to the correspondence schematic diagram in s common server;
Fig. 3 is the redundant matrices S and matrix that embodiment of the present invention providesStore pair in s common server Answer relation schematic diagram;
Fig. 4 is the inspection figure schematic diagram for examining server random selection inspection data that embodiment of the present invention provides;
Fig. 5 is a kind of schematic diagram for data integrity check method that embodiment of the present invention provides.
Specific implementation mode
With reference to the accompanying drawings and examples, the specific implementation mode of the present invention is described in further detail.Implement below Example is not limited to the scope of the present invention for illustrating the present invention.
Fig. 1 is a kind of schematic diagram for data integrity check system that embodiment of the present invention provides, including:Data processing Server 101, s common server 102, k redundant server 103 and inspection server 104;
The data processing server 101, for generating n × s rank matrix M according to data to be tested,
The matrixAnd matrix M is stored into the s common server 102;
The data processing server 101 is additionally operable to obtain pseudo-random function f and its secret key kprf, the pseudo-random function Corresponding seedAnd random s × k rank Cauchy matrixs A;Wherein,Middle ver indicates version number, and i is matrix Rower in M, 1≤i≤n, p are the label of the k redundant server 103, and 1≤p≤k;
The data processing server 101 is additionally operable to according to the pseudo-random function f, the secret key kprfAnd described kind SonMatrix R is obtained, matrix is obtained according to the generation member g of matrix R and the default finite fieldAccording to the matrix M, S × k ranks Cauchy matrix A and matrix the R obtains redundant matrices S, and by the redundant matrices S and the matrix It is stored into the k redundant server 103;
The data processing server 101 is additionally operable to the life according to s × k rank Cauchy matrix A and the default finite field Matrix V is obtained at first g, and the matrix V is sent to the inspection server 104;
The inspection server 104, the matrix V sent for receiving the data processor, to the data to be tested It tests, and exports inspection result.
The method that present embodiment provides realizes the integrity check to data, while being sent to and examining server 104 Data be all encryption data by deformation, avoid and server 104 examined to obtain key message, and pass through and generate redundancy Matrix S and matrixIn case data inspection and reduction.
It should be noted that the data integrity check system that present embodiment provides, the distributed cloud based on finite field are deposited Storage, calculating process therein all carry out in preset finite field G.
In the specific implementation, above-mentioned secret key kprfSeed corresponding with pseudo-random functionAll it is to pass through pseudo-random function It obtains, seedIt is one and is based on blocks of files mijFilename and its rower i and k redundant server 103 label p and The seed that newer version number ver is obtained, wherein blocks of files mijFile i.e. after matrix M piecemeals, seedIt is calculating matrix S In each element necessary condition, the rower of subscript i corresponding matrix M and matrix S, the length phase of the row of matrix M and matrix S Together, and subscript p can be understood as the row mark of matrix S, i.e. p-th of redundant server (1≤p≤k).
It will be appreciated that the data processing server 101 is specifically used for:
N × s rank matrix M, the matrix are generated according to data to be testedBy the matrix M according to Row and column is divided into n × s blocks of files, and each common server 102 is divided into n blocks;
N × s the blocks of files is stored in a predetermined sequence and arrives the s common server 102.
In the specific implementation, the n × s blocks of files is stored in a predetermined sequence and arrives the s common server A kind of 102 preferred mode is as shown in Fig. 2, each common server 102 is divided into n blocks in Fig. 2, each row in matrix M Corresponding to be put into a common server 102, such storage mode is more advantageous to subsequent calculating.
In the specific implementation, the data processing server 101 is specifically used for:Obtain pseudo-random function f and its secret key kprf, the corresponding seed of the pseudo-random functionAnd random s × k rank Cauchy matrixs A;
The matrix R is n × k rank matrixes, and wherein each elementIt obtains:
Wherein, i is the rower in matrix M, and 1≤i≤n, p are the label of the k redundant server 103, and 1≤p≤ K,It indicates with kprfFor key, withThe random number obtained for seed and according to the pseudo-random function f;
Matrix is obtained according to the generation member g of matrix R and default finite fieldI.e.:
Redundant matrices S is obtained according to described matrix M, s × k rank Cauchy matrix A and matrix R;
The redundant matrices S is:
Wherein, the Cauchy matrix A of s × k ranks is:
Wherein, x1, x2..., xsIndicate different numerical value, y1, y2..., ykIndicate different numerical value;
And by the redundant matrices S and the matrixK redundant server 103 is stored into after division.
As shown in figure 3, by redundant matrices S and the matrixIt is divided according to row and column, and by each redundant server After 103 are divided into n parts, it can be stored into k redundant server 103 according to correspondence shown in Fig. 3, such storage side Formula can further be conducive to subsequent calculating.
Such benefit is to obtain matrix according to the generation member g of matrix R and the default finite fieldObtained matrixIn conceal information in matrix R, also, redundant matrices S is obtained according to matrix M, s × k rank Cauchy matrix A and matrix R, Make inspection server 104 that cannot obtain pseudo-random function f, secret key k in checkout procedureprfAnd seedEqual important informations. Redundant matrices S and matrixBeing sent on k redundant server 103 can be as the redundancy of inspection and reduction.
In practical applications, the data processing server 101 is specifically used for:According to s × k rank Cauchy matrix A and institute The generation member g for stating default finite field obtains matrix V, i.e.,:
Wherein, the Cauchy matrix A of s × k ranks is:
Wherein, x1, x2…xsIndicate different numerical value, y1, y2…ykIndicate different numerical value;
And the matrix V is sent to the inspection server 104.
Such benefit is to be directly transmitted Cauchy matrix A by the way that matrix V is sent to inspection server 104 To server 104 is examined, the content of Cauchy matrix A is protected, is to examine server 104 that cannot obtain Cauchy in checkout procedure The information of matrix A.
It should be noted that the inspection server 104 is specifically used for random generation a subsetIt is described Each element i ∈ I generate a random value z in Ii, note Q is { (i, zi)};
For example, choosing a subset I={ 2,4,5,8,11,15 } for n=15.And it is given birth to by pseudo-random function At corresponding ZiWherein i takes 2,4,5,8,11,15 respectively.By (i, Zi) be recorded in set Q.
The s common server 102, for being calculate by the following formula first message polymerizing value μ respectivelyj,
And by μjResult of calculation be sent to the inspection server 104;
The k redundant server 103, for being calculate by the following formula second message polymerizing value σ respectivelyp,
Wherein,For the matrixIn the i-th row pth arrange element,
And by σpResult of calculation be sent to the inspection server 104;
It tests to the integrality of data according to formula is examined;The inspection formula is:
Wherein, 1≤p≤k, vpjFor the element in the matrix V at pth row jth row;
If μj、σpAnd vpjMeet the inspection formula, then the data to be tested have integrality;If μj、σpAnd vpj It is unsatisfactory for the inspection formula, then the data to be tested do not have integrality;
The inspection server is additionally operable to output inspection result.
Above-mentioned s common server 102 calculates separately μjAnd k redundant server 103 calculates separately σp, will after calculating As a result it is sent to and examines server 104, avoid mass data being sent to and examine server 104, reduce calculation amount, improve Computational efficiency.
It examines server 104 to treat inspection data using the mode that probability is spot-check to test, that is, examines server 104 to make It is tested with the mode of " challenge-is corresponding ", keeps inspection result more secure, server 104 is examined to randomly choose check number According to process it is as shown in Figure 4.
According to the data integrity check system in the above embodiment, it can realize that treating inspection data carries out integrality It examines, still, is that above-mentioned data to be tested do not have integrality when there is inspection result, erroneous part cannot be restored, therefore, be Solve the problems, such as this, the system that present embodiment provides can also include data restoring module;
Data restoring module is that the data to be tested do not have integrality, and always malfunction for the inspection result Number of servers is no more than k, then according to the data convert erroneous part stored in the redundant server 103;
The data restoring module determines in common server 102 specifically for traversing all common servers 102 Wrong blocks of files position;Select the row { j in the 102 corresponding matrix A of common server of error1,…,ja, and select institute There is the row { i in the 103 corresponding matrix A of redundant server not malfunctioned1,…,ib, wherein b ﹥ a;One a rank of composition for square The sub- square formation of battle array AAnd obtain the sub- square formationIt is inverse
It takes out matrix S in redundant server 103 and corresponds to { i1,…,ibObtain vectorWith corresponding { i in matrix R1,…,ib} Obtained vectorObtain the vector of the error in common server 102
It willIt stores in corresponding common server 102;
The data processing server is additionally operable to recalculate matrix S;
The inspection server 104 is additionally operable to re-start verification to the data to be tested.
It should be noted that reduction when above-mentioned data convert process is only applicable to fixed rower i, because reduction process is all It is to be restored with rower same section, herewith situation carries out if mistake occurs in other rows i`.Note that if error server is super K is crossed, then can not be restored.
In practical applications, the data integrity check system that present embodiment provides can also include data update mould Block, for when needing to be updated the data to be tested, changing blocks of files m to be updatedijSeedCorresponding version The value of number ver, is used in combination blocks of filesInstead of the blocks of files m to be updatedij, then again to updated Data to be tested carry out integrity check.
A kind of data integrity check method that present embodiment provides realizes the integrality inspection for treating inspection data It tests, and ensure that the safety of private data, while can also realize the reduction to file.
Fig. 5 is a kind of schematic diagram for data integrity check method that embodiment of the present invention provides, with reference to Fig. 5, the party Method includes:
S1:The data processing server generates n × s rank matrix M according to data to be tested,
The matrixAnd matrix M is stored into the s common server;
S2:The data processing server obtains pseudo-random function f and its secret key kprf, the pseudo-random function it is corresponding SeedAnd random s × k rank Cauchy matrixs A;Wherein,Middle ver indicates that version number, i are in matrix M Rower, 1≤i≤n, p are the label of the k redundant server, and 1≤p≤k;
The data processing server is according to the pseudo-random function f, the secret key kprfAnd the seedIt obtains Matrix R obtains matrix according to the generation member g of matrix R and the default finite fieldAnd according to the matrix M, the s × k The rank Cauchy matrix A and matrix R obtains redundant matrices S, and by the redundant matrices S and the matrixIt is stored into k In a redundant server;
S3:The data processing server is used for the generation according to s × k rank Cauchy matrix A and the default finite field First g obtains matrix V, and the matrix V is sent to the inspection server;
S4:It is described that server is examined to receive the matrix V that the data processor is sent, the data to be tested are examined It tests, and exports inspection result.
The device that present embodiment provides realizes the integrity check to data, while being sent to the number for examining server According to being all encryption data by deformation, avoid and server examined to obtain key message, and by generate redundant matrices S with And matrixIn case data inspection and reduction.
Preferably, the method can also include not shown in the figure:
S5:If the inspection result, which is the data to be tested, does not have integrality, and always malfunctions number of servers not More than k, then data restoring module is according to the data convert erroneous part stored in the redundant server;
Step S5 is specifically included:The data restoring module traverses all common servers to determine in common server Wrong blocks of files position;Select the row { j in the corresponding matrix A of common server of error1,…,ja, and select all Row { i in the corresponding matrix A of redundant server not malfunctioned1,…,ib, wherein b ﹥ a;One a rank of composition for matrix A Sub- square formationAnd obtain the sub- square formationIt is inverse
It takes out matrix S in redundant server and corresponds to { i1,…,ibObtain vectorWith corresponding { i in matrix R1,…,ib The vector arrivedObtain the vector of the error in common server
It willIt stores in corresponding common server;
The data processing server recalculates matrix S;
The inspection server re-starts verification to the data to be tested.
Preferably, described device can also include not shown in the figure:
S6:When needing to be updated the data to be tested, the data update module changes blocks of files to be updated mijSeedThe value of corresponding version number ver, is used in combination blocks of filesInstead of the file to be updated Block mij
A kind of data integrity check method that present embodiment provides realizes the integrality inspection for treating inspection data It tests, and ensure that the safety of private data, while can also realize the reduction to file.
A kind of data integrity check method of the present embodiment can be used for executing the implementation of method shown in above-mentioned Fig. 1 to Fig. 4 The technical solution of example, implementing principle and technical effect are similar, and details are not described herein again.
Embodiment of above is merely to illustrate the present invention, and not limitation of the present invention, in relation to the common of technical field Technical staff can also make a variety of changes and modification without departing from the spirit and scope of the present invention, therefore all Equivalent technical solution also belongs to scope of the invention, and scope of patent protection of the invention should be defined by the claims.

Claims (10)

1. a kind of data integrity check system, which is characterized in that including:Data processing server, s common server, k Redundant server and inspection server;
The data processing server, for generating n × s rank matrix M, the matrix according to data to be tested And matrix M is stored into the s common server;
The data processing server is additionally operable to obtain pseudo-random function f and its secret key kprf, the pseudo-random function it is corresponding SeedAnd random s × k rank Cauchy matrixs A;Wherein,Middle ver indicates that version number, i are the row in matrix M Mark, 1≤i≤n, p are the label of the k redundant server, and 1≤p≤k;
The data processing server is additionally operable to according to the pseudo-random function f, the secret key kprfAnd the seed To matrix R, matrix is obtained according to the generation member g of matrix R and default finite fieldAccording to the matrix M, s × k ranks Ke Western matrix A and the matrix R obtain redundant matrices S, and by the redundant matrices S and the matrixIt is stored into the k In redundant server;
The data processing server is additionally operable to be obtained according to the generation member g of s × k rank Cauchy matrix A and the default finite field It is sent to the inspection server to matrix V, and by the matrix V;
The inspection server, the matrix V sent for receiving the data processor, examines the data to be tested It tests, and exports inspection result.
2. system according to claim 1, which is characterized in that the data processing server is specifically used for:
N × s rank matrix M, the matrix are generated according to data to be testedBy the matrix M according to row and Row are divided into n × s blocks of files, and each common server is divided into n blocks;
N × s the blocks of files is stored in a predetermined sequence and arrives the s common server.
3. system according to claim 1, which is characterized in that the data processing server is specifically used for:Obtain it is pseudo- with Machine function f and its secret key kprf, the corresponding seed of the pseudo-random functionAnd random s × k rank Cauchy matrixs A;
The matrix R is n × k rank matrixes, and wherein each elementIt obtains:
Wherein, i is the rower in matrix M, and 1≤i≤n, p are the label of the k redundant server, and 1≤p≤k,It indicates with kprfFor key, withThe random number obtained for seed and according to the pseudo-random function f;
Matrix is obtained according to the generation member g of matrix R and default finite fieldI.e.:
Redundant matrices S is obtained according to described matrix M, s × k rank Cauchy matrix A and matrix R;
The redundant matrices S is:
Wherein, the Cauchy matrix A of s × k ranks is:
Wherein, x1, x2..., xsIndicate different numerical value, y1, y2..., ykIndicate different numerical value;
And by the redundant matrices S and the matrixK redundant server is stored into after division.
4. system according to claim 1, which is characterized in that the data processing server is specifically used for:According to s × k Rank Cauchy matrix A and the generation member g of the default finite field obtain matrix V, i.e.,:
Wherein, the Cauchy matrix A of s × k ranks is:
Wherein, x1, x2..., xsIndicate different numerical value, y1, y2..., ykIndicate different numerical value;
And the matrix V is sent to the inspection server.
5. system according to claim 1, which is characterized in that the inspection server is specifically used for random generation one SubsetEach element i ∈ I generate a random value z in the Ii, note Q is { (i, zi)};
The s common server, for being calculate by the following formula first message polymerizing value μ respectivelyj,
And by μjResult of calculation be sent to the inspection server;
The k redundant server, for being calculate by the following formula second message polymerizing value σ respectivelyp,
Wherein,For the matrixIn the i-th row pth arrange element,
And by σpResult of calculation be sent to the inspection server;
The inspection server is additionally operable to the μ of the s common server that will be received transmissionjComposition of vector And the σ for sending the k redundant server receivedpComposition of vector
It tests to the integrality of data according to formula is examined;The inspection formula is:
Wherein, 1≤p≤k, vpjFor the element in the matrix V at pth row jth row;
If μj、σpAnd vpjMeet the inspection formula, then the data to be tested have integrality;If μj、σpAnd vpjIt is discontented The foot inspection formula, then the data to be tested are without integrality;
The inspection server is additionally operable to output inspection result.
6. system according to claim 1, which is characterized in that the system also includes:
Data restoring module is that the data to be tested do not have integrality, and always error service for the inspection result Device quantity is no more than k, then according to the data convert erroneous part stored in the redundant server;
The data restoring module determines the blocks of files to malfunction in common server specifically for traversing all common servers Position;Select the row { j in the corresponding matrix A of common server of error1,…,ja, and select it is all do not malfunction it is superfluous Row { i in the corresponding matrix A of remaining server1,…,ib, wherein b ﹥ a;Form the sub- square formation for matrix A of an a rank And obtain the sub- square formationIt is inverse
It takes out matrix S in redundant server and corresponds to { i1,…,ibObtain vectorWith corresponding { i in matrix R1,…,ibObtain to AmountObtain the vector of the error in common server
It willIt stores in corresponding common server;
The data processing server is additionally operable to recalculate matrix S;
The inspection server is additionally operable to re-start verification to the data to be tested.
7. system according to claim 1, which is characterized in that the system also includes:
Data update module, for when needing to be updated the data to be tested, changing blocks of files m to be updatedijKind SonThe value of corresponding version number ver, is used in combination blocks of filesInstead of the blocks of files mij to be updated.
8. a kind of data integrity check method based on the system described in any one of claim 1-7, which is characterized in that packet It includes:
S1:The data processing server generates n × s rank matrix M according to data to be tested,
The matrixAnd matrix M is stored into the s common server;
S2:The data processing server obtains pseudo-random function f and its secret key kprf, the corresponding seed of the pseudo-random functionAnd random s × k rank Cauchy matrixs A;Wherein,Middle ver indicates version number, and i is the rower in matrix M, 1 ≤ i≤n, p are the label of the k redundant server, and 1≤p≤k;
The data processing server is according to the pseudo-random function f, the secret key kprfAnd the seedObtain matrix R obtains matrix according to the generation member g of matrix R and default finite fieldAnd according to the matrix M, s × k ranks Cauchy's square The battle array A and matrix R obtains redundant matrices S, and by the redundant matrices S and the matrixIt is stored into k redundancy services In device;
S3:The data processing server according to the generation member g of s × k rank Cauchy matrix A and the default finite field for obtaining It is sent to the inspection server to matrix V, and by the matrix V;
S4:It is described that server is examined to receive the matrix V that the data processor is sent, it tests to the data to be tested, And export inspection result.
9. according to the method described in claim 8, it is characterized in that, the method further includes:
S5:Do not have integrality if the inspection result is the data to be tested, and always error number of servers is no more than K, then data restoring module is according to the data convert erroneous part stored in the redundant server;
Step S5 is specifically included:The data restoring module traverses all common servers and malfunctions in common server to determine Blocks of files position;Select the row { j in the corresponding matrix A of common server of error1,…,ja, and select all not go out Row { i in the wrong corresponding matrix A of redundant server1,…,ib, wherein b ﹥ a;Form the son side for matrix A of an a rank Battle arrayAnd obtain the sub- square formationIt is inverse
It takes out matrix S in redundant server and corresponds to { i1,…,ibObtain vectorWith corresponding { i in matrix R1,…,ibObtain to AmountObtain the vector of the error in common server
It willIt stores in corresponding common server;
The data processing server recalculates matrix S;
The inspection server re-starts verification to the data to be tested.
10. according to the method described in claim 8, it is characterized in that, the method further includes:
S6:When needing to be updated the data to be tested, data update module changes blocks of files m to be updatedijSeedThe value of corresponding version number ver, is used in combination blocks of filesInstead of the blocks of files m to be updatedij
CN201610081995.8A 2016-02-05 2016-02-05 Data integrity check system and method Expired - Fee Related CN105678194B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610081995.8A CN105678194B (en) 2016-02-05 2016-02-05 Data integrity check system and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610081995.8A CN105678194B (en) 2016-02-05 2016-02-05 Data integrity check system and method

Publications (2)

Publication Number Publication Date
CN105678194A CN105678194A (en) 2016-06-15
CN105678194B true CN105678194B (en) 2018-08-28

Family

ID=56304241

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610081995.8A Expired - Fee Related CN105678194B (en) 2016-02-05 2016-02-05 Data integrity check system and method

Country Status (1)

Country Link
CN (1) CN105678194B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106372233B (en) * 2016-09-09 2019-09-20 北京奇虎科技有限公司 Data acquisition system storage method and device

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101882992A (en) * 2010-06-21 2010-11-10 中国农业大学 Threshold secret information distribution and recovery method and device
CN103067161A (en) * 2013-01-16 2013-04-24 电子科技大学 Secret key distribution method and system

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4692297B2 (en) * 2006-01-23 2011-06-01 ブラザー工業株式会社 Information distribution system, information distribution method, node device, and node processing program
US9021257B2 (en) * 2009-06-19 2015-04-28 Nec Corporation Secret information distribution system, secret information distribution method and program

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101882992A (en) * 2010-06-21 2010-11-10 中国农业大学 Threshold secret information distribution and recovery method and device
CN103067161A (en) * 2013-01-16 2013-04-24 电子科技大学 Secret key distribution method and system

Also Published As

Publication number Publication date
CN105678194A (en) 2016-06-15

Similar Documents

Publication Publication Date Title
Yu et al. Enhanced privacy of a remote data integrity-checking protocol for secure cloud storage
Groth et al. Cryptography in the multi-string model
CN106254374B (en) A kind of cloud data public audit method having duplicate removal function
Yuan et al. Proofs of retrievability with public verifiability and constant communication cost in cloud
CN102170356B (en) Authentication system realizing method supporting exclusive control of digital signature key
Ezerman et al. A provably secure group signature scheme from code-based assumptions
CN107615285B (en) Authentication system and apparatus including physically unclonable function and threshold encryption
CN109286490A (en) Support close state data deduplication and integrity verification method and system
CN105516340B (en) A kind of cloud storage data restorability verification method and system
CN110099048B (en) Cloud storage method and equipment
CN105406966B (en) A kind of distribution of threshold secret information, reduction, integrity verification method and device
CN106650503A (en) Cloud side data integrity verification and restoration method based on IDA
CN116318617B (en) Medical rescue material charity donation method based on RFID and blockchain
CN113704357A (en) Smart city data sharing method and system based on block chain
CN109274504B (en) Multi-user big data storage sharing method and system based on cloud platform
Zang et al. Improved dynamic remote data auditing protocol for smart city security
CN105210071B (en) Knowledge/factor for the secret protection of lasting certification possesses test
CN105653983B (en) Information distribution, reduction, integrity verification method and device based on cloud storage
CN114760052A (en) Bank Internet of things platform key generation method and device, electronic equipment and medium
CN105678194B (en) Data integrity check system and method
Sun et al. Public data integrity auditing without homomorphic authenticators from indistinguishability obfuscation
Balmany et al. Dynamic proof of retrievability based on public auditing for coded secure cloud storage
CN105227549B (en) A kind of data property held method of proof
Zhao Improvement of cloud computing medical data protection technology based on symmetric encryption algorithm
CN105227308B (en) A kind of encryption and decryption method and electronic equipment

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20180828

CF01 Termination of patent right due to non-payment of annual fee