CN105678194B - Data integrity check system and method - Google Patents
Data integrity check system and method Download PDFInfo
- Publication number
- CN105678194B CN105678194B CN201610081995.8A CN201610081995A CN105678194B CN 105678194 B CN105678194 B CN 105678194B CN 201610081995 A CN201610081995 A CN 201610081995A CN 105678194 B CN105678194 B CN 105678194B
- Authority
- CN
- China
- Prior art keywords
- matrix
- server
- data
- redundant
- inspection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000000034 method Methods 0.000 title claims abstract description 31
- 239000011159 matrix material Substances 0.000 claims abstract description 216
- 238000007689 inspection Methods 0.000 claims abstract description 82
- 238000012545 processing Methods 0.000 claims abstract description 45
- 238000012360 testing method Methods 0.000 claims abstract description 13
- 102000002274 Matrix Metalloproteinases Human genes 0.000 claims abstract description 8
- 108010000684 Matrix Metalloproteinases Proteins 0.000 claims abstract description 8
- 230000007257 malfunction Effects 0.000 claims description 9
- 230000000379 polymerizing effect Effects 0.000 claims description 6
- 238000012795 verification Methods 0.000 claims description 6
- 230000015572 biosynthetic process Effects 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 7
- 230000000694 effects Effects 0.000 description 2
- WCUXLLCKKVVCTQ-UHFFFAOYSA-M Potassium chloride Chemical group [Cl-].[K+] WCUXLLCKKVVCTQ-UHFFFAOYSA-M 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000011946 reduction process Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
Abstract
The present invention provides a kind of data integrity check system, including:Data processing server is used for according to data generator matrix M to be tested, and is stored into s common server;Data processing server is additionally operable to according to pseudo-random function f, secret key kprfAnd seedMatrix R is obtained, matrix is obtained according to matrix R and generation member gRedundant matrices S is obtained according to matrix M, s × k rank Cauchy matrix A and matrix R, and by redundant matrices S and matrixIt is stored into k redundant server;Data processing server is additionally operable to obtain matrix V according to Cauchy matrix A and generation member g, and matrix V is sent to inspection server;It examines server to be used for, treats inspection data and test, and export inspection result.The method achieve the integrity checks to data, while protecting privacy information, and by generating redundant matrices S and matrixIn case data inspection and reduction.
Description
Technical field
The present invention relates to cloud storage technical field more particularly to a kind of data integrity check system and methods.
Background technology
In cloud storage technical field, data safety and privacy concern that user worries increasingly are taken seriously, and data
Integrality be information security an important essential attribute.
The public and private key encryption systems of RSA are generally used in the prior art, carry out the data integrity check of distributed cloud storage,
And in deblocking, as long as extracting a portion, you can evidence is intact to higher ratios guarantee totally.But
It is during inspection data integrality, to entrust the safety that cannot be guaranteed private data while third party inspection, and nothing
Method carries out the dynamic update and reduction of file.
Therefore, how to provide it is a kind of avoid examine server obtain key message data integrity check method be badly in need of
It solves the problems, such as.
Invention content
(1) technical problems to be solved
The technical problem to be solved in the present invention is to provide a kind of data that can avoid that server is examined to obtain key message
Integrity check system and method.
(2) technical solution
In a first aspect, in order to solve the above technical problems, technical scheme of the present invention provides a kind of data integrity check
System, including:Data processing server, s common server, k redundant server and inspection server;
The data processing server, for generating n × s rank matrix M, the matrix according to data to be testedAnd matrix M is stored into the s common server;
The data processing server is additionally operable to obtain pseudo-random function f and its secret key kprf, the pseudo-random function pair
The seed answeredAnd random s × k rank Cauchy matrixs A;Wherein,Middle ver indicates that version number, i are in matrix M
Rower, 1≤i≤n, p are the label of the k redundant server, and 1≤p≤k;
The data processing server is additionally operable to according to the pseudo-random function f, the secret key kprfAnd the seedMatrix R is obtained, matrix is obtained according to the generation member g of matrix R and the default finite fieldAccording to the matrix M, institute
It states the s × k rank Cauchy matrix A and matrix R and obtains redundant matrices S, and by the redundant matrices S and the matrixStorage
It is stored in the k redundant server;
The data processing server is additionally operable to the generation according to s × k rank Cauchy matrix A and the default finite field
First g obtains matrix V, and the matrix V is sent to the inspection server;
The inspection server, the matrix V sent for receiving the data processor carry out the data to be tested
It examines, and exports inspection result.
Preferably, the data processing server is specifically used for:
N × s rank matrix M, the matrix are generated according to data to be testedBy the matrix M according to
Row and column is divided into n × s blocks of files, and each common server is divided into n blocks;
N × s the blocks of files is stored in a predetermined sequence and arrives the s common server.
Preferably, the data processing server is specifically used for:Obtain pseudo-random function f and its secret key kprf, it is described it is pseudo- with
The corresponding seed of machine functionAnd random s × k rank Cauchy matrixs A;
The matrix R is n × k rank matrixes, and wherein each elementIt obtains:
Wherein, i is the rower in matrix M, and 1≤i≤n, p are the label of the k redundant server, and 1≤p≤k,It indicates with kprfFor key, withThe random number obtained for seed and according to the pseudo-random function f;
Matrix is obtained according to the generation member g of matrix R and default finite fieldI.e.:
Redundant matrices S is obtained according to described matrix M, s × k rank Cauchy matrix A and matrix R;
The redundant matrices S is:
Wherein, the Cauchy matrix A of s × k ranks is:
Wherein, x1, x2..., xsIndicate different numerical value, y1, y2..., ykIndicate different numerical value;
And by the redundant matrices S and the matrixK redundant server is stored into after division.
Preferably, the data processing server is specifically used for:According to s × k rank Cauchy matrix A and described default limited
The generation member g in domain obtains matrix V, i.e.,:
Wherein, the Cauchy matrix A of s × k ranks is:
Wherein, x1, x2..., xsIndicate different numerical value, y1, y2..., ykIndicate different numerical value;
And the matrix V is sent to the inspection server.
Preferably, the inspection server is specifically used for random generation a subsetIt is each in the I
Element i ∈ I generate a random value zi, note Q is { (i, zi)};
The s common server, for being calculate by the following formula first message polymerizing value μ respectivelyj,
And by μjResult of calculation be sent to the inspection server;
The k redundant server, for being calculate by the following formula second message polymerizing value σ respectivelyp,
Wherein,For the matrixIn the i-th row pth arrange element,
And by σpResult of calculation be sent to the inspection server;
It tests to the integrality of data according to formula is examined;The inspection formula is:
Wherein, 1≤p≤k, vpjFor the element in the matrix V at pth row jth row;
If μj、σpAnd vpjMeet the inspection formula, then the data to be tested have integrality;If μj、σpAnd vpj
It is unsatisfactory for the inspection formula, then the data to be tested do not have integrality;
The inspection server is additionally operable to output inspection result.
Preferably, the system also includes:
Data restoring module is that the data to be tested do not have integrality, and always malfunction for the inspection result
Number of servers is no more than k, then according to the data convert erroneous part stored in the redundant server;
The data restoring module determines the text to malfunction in common server specifically for traversing all common servers
Part block position;Select the row { j in the corresponding matrix A of common server of error1,…,ja, and select all not malfunction
The corresponding matrix A of redundant server in row { i1,…,ib, wherein b ﹥ a;Form the sub- square formation for matrix A of an a rankAnd obtain the sub- square formationIt is inverse
It takes out matrix S in redundant server and corresponds to { i1,…,ibObtain vectorWith corresponding { i in matrix R1,…,ib
The vector arrivedObtain the vector of the error in common server
It willIt stores in corresponding common server;
The data processing server is additionally operable to recalculate matrix S;
The inspection server is additionally operable to re-start verification to the data to be tested.
Preferably, the system also includes:
Data update module, for when needing to be updated the data to be tested, changing blocks of files m to be updatedij
SeedThe value of corresponding version number ver, is used in combination blocks of filesInstead of the blocks of files to be updated
mij。
Second aspect, in order to solve the above technical problems, technical scheme of the present invention, which additionally provides one kind, being based on above system
Data integrity check method, including:
S1:The data processing server generates n × s rank matrix M according to data to be tested,
The matrixAnd matrix M is stored into the s common server;
S2:The data processing server obtains pseudo-random function f and its secret key kprf, the pseudo-random function it is corresponding
SeedAnd random s × k rank Cauchy matrixs A;Wherein,Middle ver indicates that version number, i are in matrix M
Rower, 1≤i≤n, p are the label of the k redundant server, and 1≤p≤k;
The data processing server is according to the pseudo-random function f, the secret key kprfAnd the seedIt obtains
Matrix R obtains matrix according to the generation member g of matrix R and the default finite fieldAnd according to the matrix M, the s × k
The rank Cauchy matrix A and matrix R obtains redundant matrices S, and by the redundant matrices S and the matrixIt is stored into k
In a redundant server;
S3:The data processing server is used for the generation according to s × k rank Cauchy matrix A and the default finite field
First g obtains matrix V, and the matrix V is sent to the inspection server;
S4:It is described that server is examined to receive the matrix V that the data processor is sent, the data to be tested are examined
It tests, and exports inspection result.
Preferably, the method further includes:
S5:If the inspection result, which is the data to be tested, does not have integrality, and always malfunctions number of servers not
More than k, then data restoring module is according to the data convert erroneous part stored in the redundant server;
Step S5 is specifically included:The data restoring module traverses all common servers to determine in common server
Wrong blocks of files position;Select the row { j in the corresponding matrix A of common server of error1,…,ja, and select all
Row { i in the corresponding matrix A of redundant server not malfunctioned1,…,ib, wherein b ﹥ a;One a rank of composition for matrix A
Sub- square formationAnd obtain the sub- square formationIt is inverse
It takes out matrix S in redundant server and corresponds to { i1,…,ibObtain vectorWith corresponding { i in matrix R1,…,ib
The vector arrivedObtain the vector of the error in common server
It willIt stores in corresponding common server;
The data processing server recalculates matrix S;
The inspection server re-starts verification to the data to be tested.
Preferably, the method further includes:
S6:When needing to be updated the data to be tested, the data update module changes blocks of files to be updated
mijSeedThe value of corresponding version number ver, is used in combination blocks of filesInstead of the file to be updated
Block mij。
(3) advantageous effect
A kind of data integrity check method provided by the invention generates n × s rank matrixes according to data to be tested first
M, and matrix M is stored into s common server, while according to the pseudo-random function f and its secret key k of acquisitionprfAnd kind
SonMatrix R is obtained, matrix is obtained according to member g is generatedIt is obtained according to matrix M, s × k rank Cauchy matrix A and matrix R
Redundant matrices S, and by redundant matrices S and matrixRedundancy as inspection and reduction is sent on k redundant server,
Then it examines server to treat inspection data to test.Method provided by the invention realizes the integrity check to data,
It is all the encryption data by deformation to be sent to simultaneously and examine the data of server, avoids and server is examined to obtain crucial letter
Breath, and by generating redundant matrices S and matrixIn case data inspection and reduction.
Description of the drawings
Fig. 1 is a kind of schematic diagram for data integrity check system that embodiment of the present invention provides;
Fig. 2 is that the matrix M that embodiment of the present invention provides is stored to the correspondence schematic diagram in s common server;
Fig. 3 is the redundant matrices S and matrix that embodiment of the present invention providesStore pair in s common server
Answer relation schematic diagram;
Fig. 4 is the inspection figure schematic diagram for examining server random selection inspection data that embodiment of the present invention provides;
Fig. 5 is a kind of schematic diagram for data integrity check method that embodiment of the present invention provides.
Specific implementation mode
With reference to the accompanying drawings and examples, the specific implementation mode of the present invention is described in further detail.Implement below
Example is not limited to the scope of the present invention for illustrating the present invention.
Fig. 1 is a kind of schematic diagram for data integrity check system that embodiment of the present invention provides, including:Data processing
Server 101, s common server 102, k redundant server 103 and inspection server 104;
The data processing server 101, for generating n × s rank matrix M according to data to be tested,
The matrixAnd matrix M is stored into the s common server 102;
The data processing server 101 is additionally operable to obtain pseudo-random function f and its secret key kprf, the pseudo-random function
Corresponding seedAnd random s × k rank Cauchy matrixs A;Wherein,Middle ver indicates version number, and i is matrix
Rower in M, 1≤i≤n, p are the label of the k redundant server 103, and 1≤p≤k;
The data processing server 101 is additionally operable to according to the pseudo-random function f, the secret key kprfAnd described kind
SonMatrix R is obtained, matrix is obtained according to the generation member g of matrix R and the default finite fieldAccording to the matrix M,
S × k ranks Cauchy matrix A and matrix the R obtains redundant matrices S, and by the redundant matrices S and the matrix
It is stored into the k redundant server 103;
The data processing server 101 is additionally operable to the life according to s × k rank Cauchy matrix A and the default finite field
Matrix V is obtained at first g, and the matrix V is sent to the inspection server 104;
The inspection server 104, the matrix V sent for receiving the data processor, to the data to be tested
It tests, and exports inspection result.
The method that present embodiment provides realizes the integrity check to data, while being sent to and examining server 104
Data be all encryption data by deformation, avoid and server 104 examined to obtain key message, and pass through and generate redundancy
Matrix S and matrixIn case data inspection and reduction.
It should be noted that the data integrity check system that present embodiment provides, the distributed cloud based on finite field are deposited
Storage, calculating process therein all carry out in preset finite field G.
In the specific implementation, above-mentioned secret key kprfSeed corresponding with pseudo-random functionAll it is to pass through pseudo-random function
It obtains, seedIt is one and is based on blocks of files mijFilename and its rower i and k redundant server 103 label p and
The seed that newer version number ver is obtained, wherein blocks of files mijFile i.e. after matrix M piecemeals, seedIt is calculating matrix S
In each element necessary condition, the rower of subscript i corresponding matrix M and matrix S, the length phase of the row of matrix M and matrix S
Together, and subscript p can be understood as the row mark of matrix S, i.e. p-th of redundant server (1≤p≤k).
It will be appreciated that the data processing server 101 is specifically used for:
N × s rank matrix M, the matrix are generated according to data to be testedBy the matrix M according to
Row and column is divided into n × s blocks of files, and each common server 102 is divided into n blocks;
N × s the blocks of files is stored in a predetermined sequence and arrives the s common server 102.
In the specific implementation, the n × s blocks of files is stored in a predetermined sequence and arrives the s common server
A kind of 102 preferred mode is as shown in Fig. 2, each common server 102 is divided into n blocks in Fig. 2, each row in matrix M
Corresponding to be put into a common server 102, such storage mode is more advantageous to subsequent calculating.
In the specific implementation, the data processing server 101 is specifically used for:Obtain pseudo-random function f and its secret key
kprf, the corresponding seed of the pseudo-random functionAnd random s × k rank Cauchy matrixs A;
The matrix R is n × k rank matrixes, and wherein each elementIt obtains:
Wherein, i is the rower in matrix M, and 1≤i≤n, p are the label of the k redundant server 103, and 1≤p≤
K,It indicates with kprfFor key, withThe random number obtained for seed and according to the pseudo-random function f;
Matrix is obtained according to the generation member g of matrix R and default finite fieldI.e.:
Redundant matrices S is obtained according to described matrix M, s × k rank Cauchy matrix A and matrix R;
The redundant matrices S is:
Wherein, the Cauchy matrix A of s × k ranks is:
Wherein, x1, x2..., xsIndicate different numerical value, y1, y2..., ykIndicate different numerical value;
And by the redundant matrices S and the matrixK redundant server 103 is stored into after division.
As shown in figure 3, by redundant matrices S and the matrixIt is divided according to row and column, and by each redundant server
After 103 are divided into n parts, it can be stored into k redundant server 103 according to correspondence shown in Fig. 3, such storage side
Formula can further be conducive to subsequent calculating.
Such benefit is to obtain matrix according to the generation member g of matrix R and the default finite fieldObtained matrixIn conceal information in matrix R, also, redundant matrices S is obtained according to matrix M, s × k rank Cauchy matrix A and matrix R,
Make inspection server 104 that cannot obtain pseudo-random function f, secret key k in checkout procedureprfAnd seedEqual important informations.
Redundant matrices S and matrixBeing sent on k redundant server 103 can be as the redundancy of inspection and reduction.
In practical applications, the data processing server 101 is specifically used for:According to s × k rank Cauchy matrix A and institute
The generation member g for stating default finite field obtains matrix V, i.e.,:
Wherein, the Cauchy matrix A of s × k ranks is:
Wherein, x1, x2…xsIndicate different numerical value, y1, y2…ykIndicate different numerical value;
And the matrix V is sent to the inspection server 104.
Such benefit is to be directly transmitted Cauchy matrix A by the way that matrix V is sent to inspection server 104
To server 104 is examined, the content of Cauchy matrix A is protected, is to examine server 104 that cannot obtain Cauchy in checkout procedure
The information of matrix A.
It should be noted that the inspection server 104 is specifically used for random generation a subsetIt is described
Each element i ∈ I generate a random value z in Ii, note Q is { (i, zi)};
For example, choosing a subset I={ 2,4,5,8,11,15 } for n=15.And it is given birth to by pseudo-random function
At corresponding ZiWherein i takes 2,4,5,8,11,15 respectively.By (i, Zi) be recorded in set Q.
The s common server 102, for being calculate by the following formula first message polymerizing value μ respectivelyj,
And by μjResult of calculation be sent to the inspection server 104;
The k redundant server 103, for being calculate by the following formula second message polymerizing value σ respectivelyp,
Wherein,For the matrixIn the i-th row pth arrange element,
And by σpResult of calculation be sent to the inspection server 104;
It tests to the integrality of data according to formula is examined;The inspection formula is:
Wherein, 1≤p≤k, vpjFor the element in the matrix V at pth row jth row;
If μj、σpAnd vpjMeet the inspection formula, then the data to be tested have integrality;If μj、σpAnd vpj
It is unsatisfactory for the inspection formula, then the data to be tested do not have integrality;
The inspection server is additionally operable to output inspection result.
Above-mentioned s common server 102 calculates separately μjAnd k redundant server 103 calculates separately σp, will after calculating
As a result it is sent to and examines server 104, avoid mass data being sent to and examine server 104, reduce calculation amount, improve
Computational efficiency.
It examines server 104 to treat inspection data using the mode that probability is spot-check to test, that is, examines server 104 to make
It is tested with the mode of " challenge-is corresponding ", keeps inspection result more secure, server 104 is examined to randomly choose check number
According to process it is as shown in Figure 4.
According to the data integrity check system in the above embodiment, it can realize that treating inspection data carries out integrality
It examines, still, is that above-mentioned data to be tested do not have integrality when there is inspection result, erroneous part cannot be restored, therefore, be
Solve the problems, such as this, the system that present embodiment provides can also include data restoring module;
Data restoring module is that the data to be tested do not have integrality, and always malfunction for the inspection result
Number of servers is no more than k, then according to the data convert erroneous part stored in the redundant server 103;
The data restoring module determines in common server 102 specifically for traversing all common servers 102
Wrong blocks of files position;Select the row { j in the 102 corresponding matrix A of common server of error1,…,ja, and select institute
There is the row { i in the 103 corresponding matrix A of redundant server not malfunctioned1,…,ib, wherein b ﹥ a;One a rank of composition for square
The sub- square formation of battle array AAnd obtain the sub- square formationIt is inverse
It takes out matrix S in redundant server 103 and corresponds to { i1,…,ibObtain vectorWith corresponding { i in matrix R1,…,ib}
Obtained vectorObtain the vector of the error in common server 102
It willIt stores in corresponding common server 102;
The data processing server is additionally operable to recalculate matrix S;
The inspection server 104 is additionally operable to re-start verification to the data to be tested.
It should be noted that reduction when above-mentioned data convert process is only applicable to fixed rower i, because reduction process is all
It is to be restored with rower same section, herewith situation carries out if mistake occurs in other rows i`.Note that if error server is super
K is crossed, then can not be restored.
In practical applications, the data integrity check system that present embodiment provides can also include data update mould
Block, for when needing to be updated the data to be tested, changing blocks of files m to be updatedijSeedCorresponding version
The value of number ver, is used in combination blocks of filesInstead of the blocks of files m to be updatedij, then again to updated
Data to be tested carry out integrity check.
A kind of data integrity check method that present embodiment provides realizes the integrality inspection for treating inspection data
It tests, and ensure that the safety of private data, while can also realize the reduction to file.
Fig. 5 is a kind of schematic diagram for data integrity check method that embodiment of the present invention provides, with reference to Fig. 5, the party
Method includes:
S1:The data processing server generates n × s rank matrix M according to data to be tested,
The matrixAnd matrix M is stored into the s common server;
S2:The data processing server obtains pseudo-random function f and its secret key kprf, the pseudo-random function it is corresponding
SeedAnd random s × k rank Cauchy matrixs A;Wherein,Middle ver indicates that version number, i are in matrix M
Rower, 1≤i≤n, p are the label of the k redundant server, and 1≤p≤k;
The data processing server is according to the pseudo-random function f, the secret key kprfAnd the seedIt obtains
Matrix R obtains matrix according to the generation member g of matrix R and the default finite fieldAnd according to the matrix M, the s × k
The rank Cauchy matrix A and matrix R obtains redundant matrices S, and by the redundant matrices S and the matrixIt is stored into k
In a redundant server;
S3:The data processing server is used for the generation according to s × k rank Cauchy matrix A and the default finite field
First g obtains matrix V, and the matrix V is sent to the inspection server;
S4:It is described that server is examined to receive the matrix V that the data processor is sent, the data to be tested are examined
It tests, and exports inspection result.
The device that present embodiment provides realizes the integrity check to data, while being sent to the number for examining server
According to being all encryption data by deformation, avoid and server examined to obtain key message, and by generate redundant matrices S with
And matrixIn case data inspection and reduction.
Preferably, the method can also include not shown in the figure:
S5:If the inspection result, which is the data to be tested, does not have integrality, and always malfunctions number of servers not
More than k, then data restoring module is according to the data convert erroneous part stored in the redundant server;
Step S5 is specifically included:The data restoring module traverses all common servers to determine in common server
Wrong blocks of files position;Select the row { j in the corresponding matrix A of common server of error1,…,ja, and select all
Row { i in the corresponding matrix A of redundant server not malfunctioned1,…,ib, wherein b ﹥ a;One a rank of composition for matrix A
Sub- square formationAnd obtain the sub- square formationIt is inverse
It takes out matrix S in redundant server and corresponds to { i1,…,ibObtain vectorWith corresponding { i in matrix R1,…,ib
The vector arrivedObtain the vector of the error in common server
It willIt stores in corresponding common server;
The data processing server recalculates matrix S;
The inspection server re-starts verification to the data to be tested.
Preferably, described device can also include not shown in the figure:
S6:When needing to be updated the data to be tested, the data update module changes blocks of files to be updated
mijSeedThe value of corresponding version number ver, is used in combination blocks of filesInstead of the file to be updated
Block mij。
A kind of data integrity check method that present embodiment provides realizes the integrality inspection for treating inspection data
It tests, and ensure that the safety of private data, while can also realize the reduction to file.
A kind of data integrity check method of the present embodiment can be used for executing the implementation of method shown in above-mentioned Fig. 1 to Fig. 4
The technical solution of example, implementing principle and technical effect are similar, and details are not described herein again.
Embodiment of above is merely to illustrate the present invention, and not limitation of the present invention, in relation to the common of technical field
Technical staff can also make a variety of changes and modification without departing from the spirit and scope of the present invention, therefore all
Equivalent technical solution also belongs to scope of the invention, and scope of patent protection of the invention should be defined by the claims.
Claims (10)
1. a kind of data integrity check system, which is characterized in that including:Data processing server, s common server, k
Redundant server and inspection server;
The data processing server, for generating n × s rank matrix M, the matrix according to data to be tested
And matrix M is stored into the s common server;
The data processing server is additionally operable to obtain pseudo-random function f and its secret key kprf, the pseudo-random function it is corresponding
SeedAnd random s × k rank Cauchy matrixs A;Wherein,Middle ver indicates that version number, i are the row in matrix M
Mark, 1≤i≤n, p are the label of the k redundant server, and 1≤p≤k;
The data processing server is additionally operable to according to the pseudo-random function f, the secret key kprfAnd the seed
To matrix R, matrix is obtained according to the generation member g of matrix R and default finite fieldAccording to the matrix M, s × k ranks Ke
Western matrix A and the matrix R obtain redundant matrices S, and by the redundant matrices S and the matrixIt is stored into the k
In redundant server;
The data processing server is additionally operable to be obtained according to the generation member g of s × k rank Cauchy matrix A and the default finite field
It is sent to the inspection server to matrix V, and by the matrix V;
The inspection server, the matrix V sent for receiving the data processor, examines the data to be tested
It tests, and exports inspection result.
2. system according to claim 1, which is characterized in that the data processing server is specifically used for:
N × s rank matrix M, the matrix are generated according to data to be testedBy the matrix M according to row and
Row are divided into n × s blocks of files, and each common server is divided into n blocks;
N × s the blocks of files is stored in a predetermined sequence and arrives the s common server.
3. system according to claim 1, which is characterized in that the data processing server is specifically used for:Obtain it is pseudo- with
Machine function f and its secret key kprf, the corresponding seed of the pseudo-random functionAnd random s × k rank Cauchy matrixs A;
The matrix R is n × k rank matrixes, and wherein each elementIt obtains:
Wherein, i is the rower in matrix M, and 1≤i≤n, p are the label of the k redundant server, and 1≤p≤k,It indicates with kprfFor key, withThe random number obtained for seed and according to the pseudo-random function f;
Matrix is obtained according to the generation member g of matrix R and default finite fieldI.e.:
Redundant matrices S is obtained according to described matrix M, s × k rank Cauchy matrix A and matrix R;
The redundant matrices S is:
Wherein, the Cauchy matrix A of s × k ranks is:
Wherein, x1, x2..., xsIndicate different numerical value, y1, y2..., ykIndicate different numerical value;
And by the redundant matrices S and the matrixK redundant server is stored into after division.
4. system according to claim 1, which is characterized in that the data processing server is specifically used for:According to s × k
Rank Cauchy matrix A and the generation member g of the default finite field obtain matrix V, i.e.,:
Wherein, the Cauchy matrix A of s × k ranks is:
Wherein, x1, x2..., xsIndicate different numerical value, y1, y2..., ykIndicate different numerical value;
And the matrix V is sent to the inspection server.
5. system according to claim 1, which is characterized in that the inspection server is specifically used for random generation one
SubsetEach element i ∈ I generate a random value z in the Ii, note Q is { (i, zi)};
The s common server, for being calculate by the following formula first message polymerizing value μ respectivelyj,
And by μjResult of calculation be sent to the inspection server;
The k redundant server, for being calculate by the following formula second message polymerizing value σ respectivelyp,
Wherein,For the matrixIn the i-th row pth arrange element,
And by σpResult of calculation be sent to the inspection server;
The inspection server is additionally operable to the μ of the s common server that will be received transmissionjComposition of vector
And the σ for sending the k redundant server receivedpComposition of vector
It tests to the integrality of data according to formula is examined;The inspection formula is:
Wherein, 1≤p≤k, vpjFor the element in the matrix V at pth row jth row;
If μj、σpAnd vpjMeet the inspection formula, then the data to be tested have integrality;If μj、σpAnd vpjIt is discontented
The foot inspection formula, then the data to be tested are without integrality;
The inspection server is additionally operable to output inspection result.
6. system according to claim 1, which is characterized in that the system also includes:
Data restoring module is that the data to be tested do not have integrality, and always error service for the inspection result
Device quantity is no more than k, then according to the data convert erroneous part stored in the redundant server;
The data restoring module determines the blocks of files to malfunction in common server specifically for traversing all common servers
Position;Select the row { j in the corresponding matrix A of common server of error1,…,ja, and select it is all do not malfunction it is superfluous
Row { i in the corresponding matrix A of remaining server1,…,ib, wherein b ﹥ a;Form the sub- square formation for matrix A of an a rank
And obtain the sub- square formationIt is inverse
It takes out matrix S in redundant server and corresponds to { i1,…,ibObtain vectorWith corresponding { i in matrix R1,…,ibObtain to
AmountObtain the vector of the error in common server
It willIt stores in corresponding common server;
The data processing server is additionally operable to recalculate matrix S;
The inspection server is additionally operable to re-start verification to the data to be tested.
7. system according to claim 1, which is characterized in that the system also includes:
Data update module, for when needing to be updated the data to be tested, changing blocks of files m to be updatedijKind
SonThe value of corresponding version number ver, is used in combination blocks of filesInstead of the blocks of files mij to be updated.
8. a kind of data integrity check method based on the system described in any one of claim 1-7, which is characterized in that packet
It includes:
S1:The data processing server generates n × s rank matrix M according to data to be tested,
The matrixAnd matrix M is stored into the s common server;
S2:The data processing server obtains pseudo-random function f and its secret key kprf, the corresponding seed of the pseudo-random functionAnd random s × k rank Cauchy matrixs A;Wherein,Middle ver indicates version number, and i is the rower in matrix M, 1
≤ i≤n, p are the label of the k redundant server, and 1≤p≤k;
The data processing server is according to the pseudo-random function f, the secret key kprfAnd the seedObtain matrix
R obtains matrix according to the generation member g of matrix R and default finite fieldAnd according to the matrix M, s × k ranks Cauchy's square
The battle array A and matrix R obtains redundant matrices S, and by the redundant matrices S and the matrixIt is stored into k redundancy services
In device;
S3:The data processing server according to the generation member g of s × k rank Cauchy matrix A and the default finite field for obtaining
It is sent to the inspection server to matrix V, and by the matrix V;
S4:It is described that server is examined to receive the matrix V that the data processor is sent, it tests to the data to be tested,
And export inspection result.
9. according to the method described in claim 8, it is characterized in that, the method further includes:
S5:Do not have integrality if the inspection result is the data to be tested, and always error number of servers is no more than
K, then data restoring module is according to the data convert erroneous part stored in the redundant server;
Step S5 is specifically included:The data restoring module traverses all common servers and malfunctions in common server to determine
Blocks of files position;Select the row { j in the corresponding matrix A of common server of error1,…,ja, and select all not go out
Row { i in the wrong corresponding matrix A of redundant server1,…,ib, wherein b ﹥ a;Form the son side for matrix A of an a rank
Battle arrayAnd obtain the sub- square formationIt is inverse
It takes out matrix S in redundant server and corresponds to { i1,…,ibObtain vectorWith corresponding { i in matrix R1,…,ibObtain to
AmountObtain the vector of the error in common server
It willIt stores in corresponding common server;
The data processing server recalculates matrix S;
The inspection server re-starts verification to the data to be tested.
10. according to the method described in claim 8, it is characterized in that, the method further includes:
S6:When needing to be updated the data to be tested, data update module changes blocks of files m to be updatedijSeedThe value of corresponding version number ver, is used in combination blocks of filesInstead of the blocks of files m to be updatedij。
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610081995.8A CN105678194B (en) | 2016-02-05 | 2016-02-05 | Data integrity check system and method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610081995.8A CN105678194B (en) | 2016-02-05 | 2016-02-05 | Data integrity check system and method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105678194A CN105678194A (en) | 2016-06-15 |
CN105678194B true CN105678194B (en) | 2018-08-28 |
Family
ID=56304241
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610081995.8A Expired - Fee Related CN105678194B (en) | 2016-02-05 | 2016-02-05 | Data integrity check system and method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105678194B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106372233B (en) * | 2016-09-09 | 2019-09-20 | 北京奇虎科技有限公司 | Data acquisition system storage method and device |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101882992A (en) * | 2010-06-21 | 2010-11-10 | 中国农业大学 | Threshold secret information distribution and recovery method and device |
CN103067161A (en) * | 2013-01-16 | 2013-04-24 | 电子科技大学 | Secret key distribution method and system |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4692297B2 (en) * | 2006-01-23 | 2011-06-01 | ブラザー工業株式会社 | Information distribution system, information distribution method, node device, and node processing program |
US9021257B2 (en) * | 2009-06-19 | 2015-04-28 | Nec Corporation | Secret information distribution system, secret information distribution method and program |
-
2016
- 2016-02-05 CN CN201610081995.8A patent/CN105678194B/en not_active Expired - Fee Related
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101882992A (en) * | 2010-06-21 | 2010-11-10 | 中国农业大学 | Threshold secret information distribution and recovery method and device |
CN103067161A (en) * | 2013-01-16 | 2013-04-24 | 电子科技大学 | Secret key distribution method and system |
Also Published As
Publication number | Publication date |
---|---|
CN105678194A (en) | 2016-06-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Yu et al. | Enhanced privacy of a remote data integrity-checking protocol for secure cloud storage | |
Groth et al. | Cryptography in the multi-string model | |
CN106254374B (en) | A kind of cloud data public audit method having duplicate removal function | |
Yuan et al. | Proofs of retrievability with public verifiability and constant communication cost in cloud | |
CN102170356B (en) | Authentication system realizing method supporting exclusive control of digital signature key | |
Ezerman et al. | A provably secure group signature scheme from code-based assumptions | |
CN107615285B (en) | Authentication system and apparatus including physically unclonable function and threshold encryption | |
CN109286490A (en) | Support close state data deduplication and integrity verification method and system | |
CN105516340B (en) | A kind of cloud storage data restorability verification method and system | |
CN110099048B (en) | Cloud storage method and equipment | |
CN105406966B (en) | A kind of distribution of threshold secret information, reduction, integrity verification method and device | |
CN106650503A (en) | Cloud side data integrity verification and restoration method based on IDA | |
CN116318617B (en) | Medical rescue material charity donation method based on RFID and blockchain | |
CN113704357A (en) | Smart city data sharing method and system based on block chain | |
CN109274504B (en) | Multi-user big data storage sharing method and system based on cloud platform | |
Zang et al. | Improved dynamic remote data auditing protocol for smart city security | |
CN105210071B (en) | Knowledge/factor for the secret protection of lasting certification possesses test | |
CN105653983B (en) | Information distribution, reduction, integrity verification method and device based on cloud storage | |
CN114760052A (en) | Bank Internet of things platform key generation method and device, electronic equipment and medium | |
CN105678194B (en) | Data integrity check system and method | |
Sun et al. | Public data integrity auditing without homomorphic authenticators from indistinguishability obfuscation | |
Balmany et al. | Dynamic proof of retrievability based on public auditing for coded secure cloud storage | |
CN105227549B (en) | A kind of data property held method of proof | |
Zhao | Improvement of cloud computing medical data protection technology based on symmetric encryption algorithm | |
CN105227308B (en) | A kind of encryption and decryption method and electronic equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20180828 |
|
CF01 | Termination of patent right due to non-payment of annual fee |