CN107395355B - Cloud storage data integrity verification method based on implicit trusted third party - Google Patents
Cloud storage data integrity verification method based on implicit trusted third party Download PDFInfo
- Publication number
- CN107395355B CN107395355B CN201710436973.3A CN201710436973A CN107395355B CN 107395355 B CN107395355 B CN 107395355B CN 201710436973 A CN201710436973 A CN 201710436973A CN 107395355 B CN107395355 B CN 107395355B
- Authority
- CN
- China
- Prior art keywords
- verification
- div
- csp
- evidence
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
Abstract
At present, data integrity verification methods at home and abroad are mainly classified into two types according to functions: private authentication is supported and public authentication is supported. The former has lower calculation overhead than the latter, but is not suitable for a real data verification scenario because of the incredibility of the data verifier; in practical applications, since the amount of data stored in the cloud service is huge, the verification efficiency of the latter becomes lower and lower as the amount of data increases, resulting in low practicality. The invention provides a cloud storage data integrity verification method based on an implicit trusted third party. The method realizes public verification through an implicit trusted third party verification framework and tamper-evident logs, and reduces the online requirements of users to the maximum extent. Compared with other existing methods, the method has the advantages that the ECC encryption algorithm is used for completing verification, efficiency can be improved, and the feasibility of public verification is improved while the efficiency is guaranteed.
Description
Technical Field
The invention relates to the technical field of cloud storage, in particular to a verification method for cloud storage data integrity.
Background
With the wide application of cloud storage technology, the threat caused by the data security stored in the cloud server is attracting more and more attention. When the stored data relates to enterprise sensitive data (such as hospital medical business or financial conditions contained in an electronic medical record) or personal privacy information (such as patient privacy symptoms contained in the electronic medical record), how to ensure the integrity of the data is particularly important.
At present, data integrity verification methods at home and abroad are mainly classified into two types according to functions: private authentication is supported and public authentication is supported. The former has lower computational overhead than the latter, but is not suitable for a realistic data verification scenario because of the untrusted data verifier itself. The latter introduces trusted third party (TTP for short) verification data, combines the encryption algorithm and bilinear pairing technology, and makes the TTP complete verification and return the result to the user under the condition that the TTP cannot obtain data. However, since efficient e-operations are involved in bilinear pairings, the computation overhead of the latter is much larger than that of the former. In practical applications, since the amount of data stored in the cloud service is huge, the verification efficiency of the latter becomes lower and lower as the amount of data increases, resulting in low practicality.
Disclosure of Invention
Aiming at the defects in the prior art, the invention provides a cloud storage data integrity verification method based on an implicit trusted third party, which reduces the calculation overhead while realizing the public verification function.
A cloud storage data integrity verification method based on an implicit trusted third party comprises the following technical steps:
(1) introducing a PKI mechanism, and respectively generating a pair of RSA secret keys for a data integrity verification module (DIV) and a User: (dpk, dsk) and (upk, usk);
(2) the user selects a secret key, encrypts data by using an ECC (error correction code) encryption algorithm, calculates a label, and encrypts a private key by using dpk of a DIV (digital information television);
(3) during verification, the DIV initiates a challenge to the CSP, and the server calculates a data evidence according to the requirement after receiving the challenge and returns a verification evidence;
(4) and the DIV verification evidence generates a corresponding verification log item according to the result and sends the verification log item to the CSP to be written into the log by the CSP.
Drawings
FIG. 1 is a three-party interaction process for an implicit trusted third party authentication architecture;
FIG. 2 is an authentication service flow diagram;
FIG. 3 is a verification log chain for a tamper evident log.
Detailed Description
An implicit trusted third party authentication architecture, and a three-party interaction process of the implicit trusted third party authentication architecture are shown in fig. 1.
The ECC-based verification method comprises the following steps:
let λ be the security parameter, H and f be the pseudo-random function (PRF), per be the pseudo-random permutation (PRP), and H be the hash function. We input security parameters λ and l to the pseudorandom function and the pseudorandom permutation function. h: {0, 1}*→{0,1}m
(1) Initialization processing
Introducing a PKI mechanism to generate a pair of RSA secret keys for DIV and User respectively: (dpk, dsk) and (upk, usk), divide file m into n chunks of equal length, { m1,m2...mn}。
KeyGen(1λ)→(pk,sk):
1. The user selects a field F defined inqElliptic curve E (F) ofq) Get a pointAs a base point on the curve;
2. then, for a given security parameter λ (here, key length), d is chosen as the private key sk, and P (x, y) ═ d · G (x, y) is chosen as the public key pk.
3. The user encrypts the key d using the DIV's upk.
(2) Generating labels
TagGen(pk,sk,m)→Tm
2. computing k.G (x, y) and T using public keysi=k·P(x,y)+mi+h(i);
3. Output tag TiAnd G0And (x, y) ═ k · G (x, y), and transmits it to the cloud server.
(3) Generating challenges
Upon verification, the DIV issues a challenge Q ═ c, k to the server1,k2),k1,k2Are randomly selected numbers, respectivelyThe keys of the random permutation function per and the pseudo-random function f are used for the server to calculate the coefficient i of the sampling blockjAnd a correlation coefficient alphajAnd c is the number of challenge data blocks.
(4) Generating proofs
GenProof(pk,F,Q)→Tm
When DIV sends out challenge to server, server will calculate corresponding proof according to challenge, and remember F ═ m1,m2…mn) And T ═ T (T)1,T2…Tn)。
(5) Proof of verification
VeriProof(pk,sk,Q,ρ)→{success,″failure″}
1. User computingObtaining the serial number and the corresponding coefficient of the sampled block;
2. computing
Verification log
The verification log is generated by the DIV according to the data integrity check result, and the audit log is generated by the DIV according to the data possession check result, and is a structured record stored on the disk medium (FIG. 3). A log entry (LE for short) is a log entry generated according to the result of the ownership check, and all log entries corresponding to the same file group form a log linked list. The user can check the holding audit history of the file by looking up the log linked list of the file. LE is composed of 5 fields, wherein result is the result of the current holdability check, 1 indicates that the file is intact, and 0 indicates that the file is damaged; the time is the time of log generation and is used for ensuring the freshness and the non-replicability of log items; eid is the unique identification of the log entry in the cloud; prev _ eid is a log item identifier corresponding to the previous audit of the same file and is used for forming a log linked list; sig is the RSA signature of the DIV with its private key dsk for result, time, eid, and prev eid together.
An Entry Reference (ER) uniquely corresponds to a file and is composed of 5 fields, wherein the UID is an identity of a user, the GID is an identity of the file, and the UID and the GID are unique in the cloud; eid is a journal entry identification; time is the timestamp at which the ER was created or modified; sig is the RSA signature of the first 4 fields by the DIV using its private key dsk; ER always has the same eid as the log entry LE generated by the latest one-time holding audit of the document, when the document is created, the DIV generates a document corresponding to the document which has no audit by ER, namely no corresponding log entry, wherein er.eid is 1, and er.sig is null.
DIV implementation
We propose to implement implicit DIV with tamper-resistant trusted hardware with the following properties: other entities cannot change the internal programs and states thereof and cannot acquire key information thereof; when a physical attack against itself is detected, the DIV should be able to perform self-destruction of the secret information. Existing security co-processor products, such as IBM 4764[17], can meet the above-mentioned functional requirements of DIV. Because the DIV is deployed at the cloud, SSP should ensure the normal work of the DIV and not be attacked from the outside. Therefore, whether the log chain table is incomplete due to DIV self-destruction or user data corruption, it is determined that the DIV has not performed the relevant duties.
DIV and CSP interaction protocol
Assuming that PKI has been successfully deployed, each party can successfully acquire the public key of the other party, and the interactive protocol only involves a data integrity verification flow as shown in fig. 2. The CSP periodically sends verification requests to the DIV, each period being denoted by epoch. Upon receiving the verification request, the DIV generates a challenge to launch the challenge to the CSP. The CSP calculates the evidence P from the received challenge and sends it to the DIV along with the ER for the set of files. If the file is the first audit accepted, the ER.eid is set to NULL and the LE.prev _ eid is set to NULL. And after the DIV receives the evidence and the ER, verifying the freshness and the authenticity of the ER (passing through the time and sig fields), and if the verification is passed, generating a new log entry LE, writing a verification result into the log entry LE, and updating the time and sig fields of the ER. The LE is returned to the CSP, along with the ER, which writes a verification log.
The foregoing description of specific embodiments of the present invention has been presented. It is to be understood that the present invention is not limited to the specific embodiments described above, and that various changes and modifications may be made by one skilled in the art within the scope of the appended claims without departing from the spirit of the invention.
Claims (4)
1. A cloud storage data integrity verification method based on an implicit trusted third party is characterized by comprising the following steps: the method comprises the following steps:
1) introducing a PKI mechanism, and respectively generating a pair of RSA secret keys for a data integrity verification module (DIV) and a User: (dpk, dsk) and (upk, usk);
2) the user selects a secret key, encrypts data by using an ECC (error correction code) encryption algorithm, calculates a label, and encrypts a private key by using dpk of a DIV (digital information television);
3) CSP requires verification regularly, DIV initiates challenge to CSP during verification, and the server calculates data evidence and returns verification evidence according to requirement after accepting the challenge, specifically includes:
the CSP periodically sends a verification request to the DIV, and the DIV generates a challenge and sends the challenge to the CSP after receiving the verification request; the CSP calculates an evidence P according to the received challenge and sends the evidence P to the DIV together with an item reference ER of the challenge calculation evidence P; after receiving the evidence P and the evidence ER, the DIV verifies the freshness and the authenticity of the ER, if the verification is passed, a new log item LE is generated, the verification result is written into the log item LE, the LE and the ER are returned to the CSP, and the verification log is written into the CSP;
4) the DIV decrypts by using the self key dsk to obtain a user key, verifies the evidence by using the key, generates a corresponding verification log item according to the result, sends the verification log item to the CSP and writes the verification log item into the log by the CSP, and finally the user can check the log verification result at any time according to the requirement;
implicit DIV is implemented using tamper-resistant trusted hardware having the following characteristics:
other entities cannot change the internal programs and states thereof and cannot acquire key information thereof; when a physical attack against itself is detected, the DIV should be able to perform self-destruction of the secret information.
2. The cloud storage data integrity verification method based on the implicit trusted third party as claimed in claim 1, wherein: a PKI mechanism is utilized to generate a pair of RSA keys for a data integrity verification module (DIV) and a User: (dpk, dsk) and (upk, usk), and the corresponding data is decrypted by using the key in the subsequent verification.
3. The cloud storage data integrity verification method based on the implicit trusted third party as claimed in claim 1, wherein: the data is encrypted using the ECC encryption algorithm, the tag is computed and sent to the CSP, and the private key is encrypted using the DIV's dpk and sent to the DIV.
4. The cloud storage data integrity based on the implicit trusted third party as claimed in claim 1The sex verification method is characterized by comprising the following steps: the CSP sends out a verification requirement at regular time, the DIV sends out a challenge to the CSP after receiving the requirement, and a challenge set Q is (c, k)1,k2) After receiving the selection, the server calculates the data evidence and returns the verification evidence, k1,k2Is a randomly chosen number and c is the number of challenge data blocks.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710436973.3A CN107395355B (en) | 2017-06-12 | 2017-06-12 | Cloud storage data integrity verification method based on implicit trusted third party |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710436973.3A CN107395355B (en) | 2017-06-12 | 2017-06-12 | Cloud storage data integrity verification method based on implicit trusted third party |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107395355A CN107395355A (en) | 2017-11-24 |
CN107395355B true CN107395355B (en) | 2020-12-11 |
Family
ID=60331735
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710436973.3A Active CN107395355B (en) | 2017-06-12 | 2017-06-12 | Cloud storage data integrity verification method based on implicit trusted third party |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107395355B (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108171078B (en) * | 2017-12-27 | 2021-08-31 | 中国信息安全测评中心 | Data preservation method and device of cloud platform evaluation system facing third party |
US10877672B2 (en) | 2018-07-31 | 2020-12-29 | International Business Machines Corporation | Auditing stored data slices in a dispersed storage network |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103414690A (en) * | 2013-07-15 | 2013-11-27 | 北京航空航天大学 | Publicly-verifiable cloud data possession checking method |
CN103699851A (en) * | 2013-11-22 | 2014-04-02 | 杭州师范大学 | Remote data completeness verification method facing cloud storage |
CN103986732A (en) * | 2014-06-04 | 2014-08-13 | 青岛大学 | Cloud storage data auditing method for preventing secret key from being revealed |
CN106301789A (en) * | 2016-08-16 | 2017-01-04 | 电子科技大学 | Apply the dynamic verification method of the cloud storage data that linear homomorphism based on lattice signs |
-
2017
- 2017-06-12 CN CN201710436973.3A patent/CN107395355B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103414690A (en) * | 2013-07-15 | 2013-11-27 | 北京航空航天大学 | Publicly-verifiable cloud data possession checking method |
CN103699851A (en) * | 2013-11-22 | 2014-04-02 | 杭州师范大学 | Remote data completeness verification method facing cloud storage |
CN103986732A (en) * | 2014-06-04 | 2014-08-13 | 青岛大学 | Cloud storage data auditing method for preventing secret key from being revealed |
CN106301789A (en) * | 2016-08-16 | 2017-01-04 | 电子科技大学 | Apply the dynamic verification method of the cloud storage data that linear homomorphism based on lattice signs |
Also Published As
Publication number | Publication date |
---|---|
CN107395355A (en) | 2017-11-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109194466B (en) | Block chain-based cloud data integrity detection method and system | |
CN109067524B (en) | Public and private key pair generation method and system | |
Li et al. | Privacy preserving cloud data auditing with efficient key update | |
CN110213042B (en) | Cloud data deduplication method based on certificate-free proxy re-encryption | |
Chen | Using algebraic signatures to check data possession in cloud storage | |
EP3130104B1 (en) | System and method for sequential data signatures | |
CN111066046A (en) | Replay attack resistant authentication protocol | |
Azraoui et al. | Stealthguard: Proofs of retrievability with hidden watchdogs | |
Chen et al. | Data dynamics for remote data possession checking in cloud storage | |
Nirmala et al. | Data confidentiality and integrity verification using user authenticator scheme in cloud | |
Shen et al. | An effective integrity check scheme for secure erasure code-based storage systems | |
Chen et al. | Towards usable cloud storage auditing | |
Du et al. | Towards privacy-assured and lightweight on-chain auditing of decentralized storage | |
Yang et al. | Zero knowledge based client side deduplication for encrypted files of secure cloud storage in smart cities | |
Yu et al. | Veridedup: A verifiable cloud data deduplication scheme with integrity and duplication proof | |
Yu et al. | Efficient dynamic multi-replica auditing for the cloud with geographic location | |
CN107395355B (en) | Cloud storage data integrity verification method based on implicit trusted third party | |
Mishra et al. | MPoWS: Merged proof of ownership and storage for block level deduplication in cloud storage | |
CN110519040B (en) | Anti-quantum computation digital signature method and system based on identity | |
Abo-Alian et al. | Auditing-as-a-service for cloud storage | |
Xu et al. | A generic integrity verification algorithm of version files for cloud deduplication data storage | |
Homoliak et al. | Aquareum: A centralized ledger enhanced with blockchain and trusted computing | |
Vineela et al. | Data Integrity Auditing Scheme for Preserving Security in Cloud based Big Data | |
Long et al. | Integrity verification for multiple data copies in cloud storage based on spatiotemporal chaos | |
Kanagamani et al. | Zero knowledge based data deduplication using in-line Block Matching protocolfor secure cloud storage |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |