CN108540291A - Data integrity verification method in the cloud storage of identity-based - Google Patents
Data integrity verification method in the cloud storage of identity-based Download PDFInfo
- Publication number
- CN108540291A CN108540291A CN201810243552.3A CN201810243552A CN108540291A CN 108540291 A CN108540291 A CN 108540291A CN 201810243552 A CN201810243552 A CN 201810243552A CN 108540291 A CN108540291 A CN 108540291A
- Authority
- CN
- China
- Prior art keywords
- data
- user
- data block
- indicate
- cloud storage
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3066—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3297—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
Abstract
The present invention proposes data integrity verification method in a kind of cloud storage of identity-based, the technical issues of for solving excessively high data integrity validation cost existing in the prior art and data integrity validation inefficiency, realizes that step is:User setting verifies systematic parameter, and obtains system master key;User obtains private key and public key, the data label key and authentication secret of oneself;User carries out piecemeal to data to be uploaded;User calculates the corresponding data label of each data block, and data block and corresponding data label are sent to cloud storage;Trusted third party initiates data integrity validation challenge;Cloud storage obtains challenge data block and proves to prove with label;Trusted third party to data integrity verify and verification result is sent to user.Present invention reduces data integrity validation costs, improve the integrity verification efficiency of data.
Description
Technical field
The invention belongs to cloud storage security technology area, it is related to data integrity verification method in a kind of cloud storage, specifically
It is related to data integrity verification method in a kind of cloud storage of identity-based, can be used for the safely outsourced field of storage of data.
Background technology
With the rapid development of Internet technology, user begins participating in manufacture and the editor of information so that individual subscriber number
Increase according to amount exponentially, the expense that data are stored and managed is caused to gradually increase, when PC is not enough to preserve the sea of user
When measuring data, cloud storage technology generates therewith.Cloud storage is in new general of the conceptive extension of cloud computing and developed one
It reads, is a kind of emerging Network storage technology, refer to through functions such as cluster application, network technology or distributed file systems, it will
A large amount of various types of storage devices gather collaborative work by application software in network, common externally to provide data
The system of storage and Operational Visit function.Cloud storage technology is in Rapid development stage can by providing various services to the user
For solving storage and the computational problem of large-scale data, to become the object that all big enterprises chase one after another, such as Amazon
AWS provides the elastic cloud service of a set of business maturation, and user need to only pay close attention to the business demand of oneself, on-demand customization, without
The purchase and maintenance of interested devices, greatly reduce enterprise development cost;The App Engine of Google are that programmer has made one
A unlimited virtual execution environment, the problem of making programmer that need to frequently be reconstructed because of the expansion of business scale without having to worry about system;
In addition there are Azure, Facebook of Microsoft, Ali's clouds etc. of the country, and important work is all played in respective field
With.Due to advantages such as it is accessed whenever and wherever possible, large capacity, on-demand service and low costs, data in cloud storage exponentially on
Rise trend.
Although user stores data into cloud storage, local memory consumption is saved, since user is to data
It loses and monitors in real time, so be possible to carry out safety problem to data band, such as when the loss of data of storage, cloud storage
It may select to hide this loss to user, or the data that user is not accessed for a long time are deleted.In order to eliminate these safety
Hidden danger, user just need aperiodically to carry out integrity verification to the data in cloud storage.Existing frequently-used data integrity is tested
In card method, the key of user oneself is generally generated by key generation centre, also needs to generate key while generating key
Certificate, in the data integrity validation stage, trusted third party needs first to test key certificate when using key
Card, this will increase the cost of data integrity validation, and in addition to this, in the generation phase of data label, there is also a large amount of and multiple
Miscellaneous arithmetic operation, for user and trusted third party, this will be no small computation burden, while it is complete to will also result in data
Property verification efficiency is low.Such as Zhang et al. in 2017 in periodical《Cluster Computing》On delivered it is entitled
“Achieving public verifiability and data dynamics for cloud data in the
Paper (2017,20 (1) of standard model ":1-13), it is complete that data in disclosed cloud storage may be implemented in proposition one kind
Property verification method, this method include user key generation, data label generation, data integrity challenge, generate challenge prove, test
Five stages of integrity of verified data.In user key generation phase, user needs key generation centre while generating key
Also key certificate is generated, then in trusted third party when carrying out data integrity validation using key, needs first to demonstrate,prove key
Book is verified, and in addition to this, in key expiration, user will also be updated key and key certificate, this results in huge
The key certificate of volume generates, verification and update are spent, to increase the cost of data integrity validation.In addition to this, it is counting
Data label and data integrity validation stage are calculated, data label is calculated using bilinear map and realizes the complete of data
Integrity verification, and bilinear map includes a large amount of exponent arithmetic, this brings huge calculate to bear to user and trusted third party
Load, to cause the inefficiency of data integrity validation.
Invention content
The purpose of the present invention is in view of the above shortcomings of the prior art, propose data integrity in the cloud storage of identity-based
Verification method, for solving, data integrity validation cost existing in the prior art is excessively high and data integrity validation efficiency
Low technical problem.
To achieve the above object, the technical solution that the present invention takes includes the following steps:
(1) user sets verification systematic parameter, and obtains the master key msk of verification system:
(1a) user sets verification systematic parameter:
User sets verification system finite field FpOn elliptic curve be Ep(a, b), elliptic curve EpThe basic point of (a, b) is
G, wherein a and b indicates that the coefficient of elliptic curve, p indicate finite field FpIncluding first prime number, and be odd prime, q indicate base
The odd prime power order of point G;
(1b) user obtains the master key msk of verification system:
User generates set of integers A, A=[1, q-1] according to q, and randomly chooses master of the integer as verification system from A
Key msk;
(2) user obtains the private key sk and public key pk of oneself:
(2a) user randomly selects integer r from set of integers A, while establishing hash function according to the odd prime power order q of basic point G
H1(·);
(2b) user calculates the private key sk and public key pk of oneself:
The master key msk, integer r, hash function H that user passes through system1The identity ID of () and user oneself, meter
The private key sk of oneself is calculated, and by sk and basic point G, calculates the public key pk of oneself
(3) user calculates the authentication secret tpk of the label key tsk and data M to be verified of data F to be uploaded:
User passes through hash function H1The identity F of (), the private key sk of oneself and data F to be uploadedID, calculate and wait for
The label key tsk of data F is passed, and by tsk and basic point G, calculates the authentication secret tpk of data M to be verified;
(4) user carries out piecemeal to data F to be uploaded:
The length of (4a) user setup data block is l, and carries out piecemeal to data F to be uploaded by l, obtains multiple wait for
Pass data block;
(4b) user judges whether the length of the last one data block of multiple data blocks to be uploaded is less than l, and less than l
Data block after mend 0, obtain data block set F ', F ' to be uploaded=(m1,m2,…mi,…mn), wherein miIt indicates to wait for for i-th
Data block is passed, n indicates the sum of data block to be uploaded;
(5) user calculates each data block m to be uploadediCorresponding data label σi:
User passes through hash function H1The label key tsk of (), the private key sk of oneself and data F to be uploaded are calculated every
A data block m to be uploadediCorresponding data label σi;
(6) user sends each data block m to be uploaded to cloud storageiAnd miCorresponding data label σi, while to credible
Tripartite sends each data block miCorresponding version number viWith timestamp ti:
User will each data block m to be uploadediAnd miCorresponding data label σiIt is sent in cloud storage, while will be each
Data block miCorresponding version number viWith timestamp tiIt is sent to trusted third party;
(7) trusted third party initiates data integrity validation challenge to cloud storage:
(7a) trusted third party is according to each data block m to be verifiediCorresponding version number viWith timestamp ti, determine to be tested
Demonstrate,prove the total n of data block;
(7b) trusted third party randomly selects c data block as challenge data block from n data blocks to be verified, and will
The sequence number value of c challenge data block forms serial number value set S, then is sent to cloud storage using S as challenge information chal, wherein
S={ s1,s2,…sc, 1≤c≤n;
(8) cloud storage, which calculates challenge data block, proves PmLabel corresponding with challenge data block proves PtAnd it sends:
(8a) cloud storage, which calculates challenge data block, proves PmLabel corresponding with challenge data block proves Pt:
For cloud storage by the public key pk of challenge information chal and user oneself, calculating challenge data block proves Pm, lead to simultaneously
Challenge information chal is crossed, calculating the corresponding label of challenge data block proves Pt;
(8b) cloud storage sends challenge data block number it is demonstrated that P to trusted third partymLabel corresponding with challenge data block
Prove Pt;
(9) trusted third party verifies the data integrity in cloud storage, and sends verification result:
(9a) trusted third party calculates challenge data block mjCorresponding version number vjWith timestamp tjThe sum of cryptographic Hash H:
Trusted third party passes through challenge information chal and hash function H1() calculates challenge data block mjCorresponding version
Number and timestamp the sum of cryptographic Hash H, and by judging Pm+ tpkH=PtIt is whether true, to the data integrity in cloud storage
It is verified, if so, the data in cloud storage are partial data, otherwise, the data in cloud storage are deficiency of data;
(9b) trusted third party sends verification result:
Judging result of the trusted third party by the data in cloud storage for partial data or deficiency of data is sent to user.
Compared with prior art, the present invention haing the following advantages:
First, in of the invention, in private key and the public key stage that user generates oneself, generated by the way of identity-based
The identity ID of oneself is fused in the private key and public key of user by the private key and public key of oneself, user, is just given birth to without key
At the key certificate being centrally generated, solve the problems, such as that expensive key certificate generates, verifies and update cost, with the prior art
It compares, reduces the cost of the integrity verification of data.
Second, in of the invention, asked in calculating data label and verification of data integrity stage, only simple dot product
With and modulo operation, reduce the computation burden of user and trusted third party, compared with prior art, it is complete to improve data
The verification efficiency of property.
Description of the drawings
Fig. 1 is the implementation flow chart of the present invention.
Specific implementation mode
In the following with reference to the drawings and specific embodiments, the present invention is described in further detail:
Referring to Fig.1, data integrity verification method in a kind of cloud storage of identity-based, includes the following steps:
Step 1) user sets verification systematic parameter, and obtains the master key msk of verification system:
Step 1a) user's setting verification systematic parameter:
User sets verification system finite field FpOn elliptic curve be Ep(a, b), elliptic curve EpThe basic point of (a, b) is
G, wherein a and b indicates that the coefficient of elliptic curve, p indicate finite field FpIncluding first prime number, and be odd prime, q indicate base
The odd prime power order of point G;
User sets verification system finite field FpFor F37, setting finite field F37On elliptic curve be E37(1,1), basic point G
For (0,1), wherein the coefficient a=1, b=1, odd prime power order q of elliptic curve are 37;
Step 1b) user obtain system master key msk:
User generates set of integers A, A=[1, q-1] according to q, and randomly chooses master key of the integer as system from A
msk;
User generates set of integers A=[1,36] according to odd prime power order 37, and the master key msk of system is selected in A, if
The system master key msk=17 of user's selection;
Step 2) user obtains the private key sk and public key pk of oneself:
Step 2a) user randomly selects integer r from set of integers A, while establishing Hash according to the odd prime power order q of basic point G
Function H1(·);
If the integer r=19 that user randomly selects in set of integers A=[1,36], meanwhile, user establishes Hash according to 37
Function H1(·):{0,1}*→Z37;
Step 2b) user calculates the private key sk and public key pk of oneself:
Master key msk, integer r, the hash function H that user passes through verification system1() and, calculate the private key sk of oneself,
And by sk and basic point G, the public key pk of oneself is calculated:
Sk=msk+rH1(ID)modq
Pk=skG
User is by verifying system master key msk=17, integer r=19, hash function H1The identity mark of () and user
Know ID=0001, calculates the private key sk=17+19H of oneself1(0001) mod37 consults, is denoted as sk ', user passes through for convenience
Sk ' and basic point G=(0,1) calculates the public key pk=sk ' (0,1) of oneself;
Step 3) user calculates the authentication secret tpk of the label key tsk and data M to be verified of data F to be uploaded:
Tsk=(sk+H1(FID))modq
Tpk=tskG
User passes through the private key sk ' of oneself, hash function H1The identity F of () and data F to be uploadedID=0010,
Calculate the label key tsk=(sk '+H of data F to be uploaded1(0010)) mod37 consults, is denoted as tsk ', user for convenience
By tsk ' and basic point G=(0,1), the authentication secret tpk=tsk ' (0,1) of data M to be verified is calculated;
Step 4) user carries out piecemeal to data F to be uploaded:
Step 4a) user setup data block length be l, and by l to data F to be uploaded carry out piecemeal, obtain multiple
Data block to be uploaded;
Step 4b) user judges whether the length of the last one data block of multiple data blocks to be uploaded is less than l, and small
0 is mended after the data block of l, obtains data block set F ', F ' to be uploaded=(m1,m2,…mi,…mn), wherein miIt indicates i-th
Data block to be uploaded, n indicate the sum of data block to be uploaded;
It is 3 couples of data F to be uploaded according to length if the length of packet is 3, data F=00101010 to be uploaded
Piecemeal is carried out, the last one data block is 10, and length is less than 3, carries out 0 operation of benefit and obtains data block 100, obtains data to be uploaded
The sum of set of blocks F '=(001,010,100), data block is 3;
Step 5) user calculates each data block m to be uploadediCorresponding data label σi:
User passes through hash function H1The label key tsk of (), the private key sk of oneself and data F to be uploaded are calculated every
A data block m to be uploadediCorresponding data label σi:
σi=[(mi·sk+H1(vi||ti)·tsk)modq]·G
User generates key tsk ' and hash function H using data label1() calculates 001 corresponding data of data block
Label σ1=[(1sk ')+H1(0001 | | 0001) tsk ' mod37] (0,1), (the 001 corresponding decimal system of data block is 1,
It is denoted as m1=1, corresponding version number v1=0001, timestamp t1=0001), 010 corresponding data label σ of data block2=
[(2·sk′)+H1(0001 | | 0010) tsk ' mod37] (0,1), (the 010 corresponding decimal system is 2, is denoted as m2=2, it is corresponding
Version number v1=0001, timestamp t1=0010), 100 corresponding data label σ of data block3=[(4sk ')+H1(0001|
| 0011) tsk ' mod37] (0,1), (the 100 corresponding decimal systems are 4, are denoted as m3=4, corresponding version number v1=0001,
Timestamp t1=0011) it, consults for convenience, is denoted as σ ' respectively1, σ '2, σ '3;
Step 6) user sends each data block m to be uploaded to cloud storageiAnd miCorresponding data label σi, while to can
Believe that third party sends each data block miCorresponding version number viWith timestamp ti:
User will each data block m to be uploadediAnd miCorresponding data label σiIt is sent in cloud storage, while will be each
Data block miCorresponding version number viWith timestamp tiIt is sent to trusted third party;
User uploads data block 001,010,100 and corresponding data label σ '1, σ '2, σ '3Into cloud storage, user
Send { v1=0001, t1=0001;v2=0001, t2=0010;v3=0001, t3=0011 } believable third party is arrived;
Step 7) trusted third party initiates data integrity validation challenge to cloud storage:
Step 7a) trusted third party is according to each data block m to be verifiediCorresponding version number viWith timestamp ti, determining to wait for
The total n of verify data block;
Step 7b) trusted third party randomly selects c data block as challenge data block from n data blocks to be verified,
And the sequence number value of c challenge data block is formed into serial number value set S, then it is sent to cloud storage using S as challenge information chal,
Wherein, S={ s1,s2,…sc, 1≤c≤n;
Trusted third party is according to { v1=0001, t1=0001;v2=0001, t2=0010;v3=0001, t3=0011 }
Determine that the sum of data block to be verified is 3;
2 data blocks are randomly selected from 3 data blocks to be verified, it is assumed that selection is the 2nd piece and the 3rd piece, this 2
Challenge data block sequence number value forms serial number value set set S={ 2,3 }, and cloud storage is sent to using S as challenge information chal;
Step 8) cloud storage, which calculates challenge data block, proves PmLabel corresponding with challenge data block proves PtAnd it sends:
Step 8a) cloud storage calculating challenge data block proof PmLabel corresponding with challenge data block proves Pt:
For cloud storage by the public key pk of challenge information chal and user oneself, calculating challenge data block proves Pm, lead to simultaneously
Challenge information chal is crossed, calculating the corresponding label of challenge data block proves Pt:
Cloud storage finds corresponding data block m according to challenge information chal={ 2,3 }2, m3, m2=2, m3=4, it calculates
P is proved to datam=((2+4) mod37) pk ' consult, are denoted as P ' for conveniencem;Cloud storage is according to challenge information chal=
{ 2,3 } find corresponding data block label σ '2, σ '3, the corresponding label of challenge data block, which is calculated, proves Pt=σ '2+σ′3,
In order to facilitate access, it is denoted as P 't;
Step 8b) cloud storage to trusted third party send challenge data block number it is demonstrated that PmMark corresponding with challenge data block
The bright P of visat;
Step 9) trusted third party verifies the data integrity in cloud storage, and sends verification result:
Step 9a) trusted third party calculating challenge data block mjCorresponding version number vjWith timestamp tjThe sum of cryptographic Hash
H:
Trusted third party passes through challenge information chal and hash function H1() calculates challenge data block mjCorresponding version
Number and timestamp the sum of cryptographic Hash H:
And by judging Pm+ tpkH=PtIt is whether true, the data integrity in cloud storage is verified, if so,
Data in cloud storage are partial data, and otherwise, the data in cloud storage are deficiency of data;
Trusted third party calculates challenge data block version number and timestamp corresponds to according to challenge information chal=S={ 2,3 }
The sum of cryptographic Hash H=[H1(0001||0010)+H1(0001 | | 0011)] mod37, it consults for convenience, is denoted as H ';Therefore will
Above-mentioned known symbol all brings P ' intom+ tpkH ', then
P′m+ tpkH '=((2+4) mod37) pk '+[H1(0001||0010)+H1(0001||0011)]mod37·
tpk
=[(2sk ')+H1(0001||0010)·tsk′mod37]·(0,1)
+[(4·sk′)+H1(0001||0011)·tsk′mod37]·(0,1)
=σ '2+σ′3=P 't
Equation P 'm+ tpkH '=P 'tIt sets up, then the data in cloud storage are partial data;
Step 9c) trusted third party's transmission verification result:
Judging result of the trusted third party by the data in cloud storage for partial data or deficiency of data is sent to user.
The result that data in cloud storage are partial data is sent to user by trusted third party.
Claims (8)
1. data integrity verification method in a kind of cloud storage of identity-based, which is characterized in that be by user, cloud storage and
What trusted third party realized, include the following steps:
(1) user sets verification systematic parameter, and obtains the master key msk of verification system:
(1a) user sets verification systematic parameter:
User sets verification system finite field FpOn elliptic curve be Ep(a, b), elliptic curve EpThe basic point of (a, b) is G,
In, the coefficient of a and b expression elliptic curves, p indicate finite field FpIncluding first prime number, and be odd prime, q indicates basic point G's
Odd prime power order;
(1b) user obtains the master key msk of verification system:
User generates set of integers A, A=[1, q-1] according to q, and randomly chooses master key of the integer as verification system from A
msk;
(2) user obtains the private key sk and public key pk of oneself:
(2a) user randomly selects integer r from set of integers A, while establishing hash function H according to the odd prime power order q of basic point G1
(·);
(2b) user calculates the private key sk and public key pk of oneself:
The master key msk, integer r, hash function H that user passes through system1The identity ID of () and user oneself are calculated certainly
Oneself private key sk, and by sk and basic point G, calculate the public key pk of oneself;
(3) user calculates the authentication secret tpk of the label key tsk and data M to be verified of data F to be uploaded:
User passes through hash function H1The identity F of (), the private key sk of oneself and data F to be uploadedID, calculate number to be uploaded
According to the label key tsk of F, and by tsk and basic point G, calculate the authentication secret tpk of data M to be verified;
(4) user carries out piecemeal to data F to be uploaded:
The length of (4a) user setup data block is l, and carries out piecemeal to data F to be uploaded by l, obtains multiple numbers to be uploaded
According to block;
(4b) user judges whether the length of the last one data block of multiple data blocks to be uploaded is less than l, and in the number less than l
According to mending 0 after block, data block set F ', F ' to be uploaded=(m are obtained1,m2,…mi,…mn), wherein miIndicate i-th of number to be uploaded
According to block, n indicates the sum of data block to be uploaded;
(5) user calculates each data block m to be uploadediCorresponding data label σi:
User passes through hash function H1The label key tsk of (), the private key sk of oneself and data F to be uploaded, calculating each wait for
Pass data block miCorresponding data label σi;
(6) user sends each data block m to be uploaded to cloud storageiAnd miCorresponding data label σi, while to trusted third party
Send each data block miCorresponding version number viWith timestamp ti:
User will each data block m to be uploadediAnd miCorresponding data label σiIt is sent in cloud storage, while by each data
Block miCorresponding version number viWith timestamp tiIt is sent to trusted third party;
(7) trusted third party initiates data integrity validation challenge to cloud storage:
(7a) trusted third party is according to each data block m to be verifiediCorresponding version number viWith timestamp ti, determine number to be verified
According to the total n of block;
(7b) trusted third party randomly selects c data block as challenge data block from n data blocks to be verified, and by c
The sequence number value of challenge data block forms serial number value set S, then is sent to cloud storage using S as challenge information chal, wherein S=
{s1,s2,…sc, 1≤c≤n;
(8) cloud storage, which calculates challenge data block, proves PmLabel corresponding with challenge data block proves PtAnd it sends:
(8a) cloud storage, which calculates challenge data block, proves PmLabel corresponding with challenge data block proves Pt:
For cloud storage by the public key pk of challenge information chal and user oneself, calculating challenge data block proves Pm, while passing through challenge
Information chal, calculating the corresponding label of challenge data block proves Pt;
(8b) cloud storage sends challenge data block number it is demonstrated that P to trusted third partymLabel corresponding with challenge data block proves
Pt;
(9) trusted third party verifies the data integrity in cloud storage, and sends verification result:
(9a) trusted third party calculates challenge data block mjCorresponding version number vjWith timestamp tjThe sum of cryptographic Hash H:
Trusted third party passes through challenge information chal and hash function H1() calculates challenge data block mjCorresponding version number and
The sum of cryptographic Hash of timestamp H, and by judging Pm+ tpkH=PtIt is whether true, the data integrity in cloud storage is carried out
Verification, if so, the data in cloud storage are partial data, otherwise, the data in cloud storage are deficiency of data;
(9b) trusted third party sends verification result:
Judging result of the trusted third party by the data in cloud storage for partial data or deficiency of data is sent to user.
2. data integrity verification method in the cloud storage of identity-based according to claim 1, which is characterized in that step
Hash function H described in (2a)1(), expression formula are:
H1(·):{0,1}*→Zq
Wherein, { 0,1 }*Indicate the Bit String of random length, → indicate to generate operation, ZqIndicate that the addition of integer group of mould q, q indicate
Elliptic curve EpThe odd prime power order of the basic point G of (a, b).
3. data integrity verification method in the cloud storage of identity-based according to claim 1, which is characterized in that step
User described in (2b) calculate oneself private key sk and public key pk, calculation formula be respectively:
Sk=msk+rH1(ID)mod q
Pk=skG
Wherein, msk indicates that the master key of verification system, r indicate the integer randomly selected from set of integers A, H1() indicates Hash letter
Number, ID indicate that the identity of user, mod indicate that modulo operation, G indicate elliptic curve EpThe basic point of (a, b), q indicate basic point G
Odd prime power order.
4. data integrity verification method in the cloud storage of identity-based according to claim 1, which is characterized in that step
(3) user described in calculates the authentication secret tpk of the label key tsk and data M to be verified of data F to be uploaded, calculates public
Formula is respectively:
Tsk=(sk+H1(FID))mod q
Tpk=tskG
Wherein, sk indicates the private key of user oneself, H1() indicates hash function, FIDIndicate the identity of data F to be uploaded,
Mod indicates that modulo operation, G indicate elliptic curve EpThe basic point of (a, b), q indicate the odd prime power order of basic point G.
5. data integrity verification method in the cloud storage of identity-based according to claim 1, which is characterized in that step
(5) data block m to be uploaded each of described iniCorresponding data label σi, calculation formula is:
σi=[(mi·sk+H1(vi||ti)·tsk)mod q]·G
Wherein, miIndicate that i-th of data block to be uploaded, sk indicate the private key of user oneself, H1() indicates hash function, viTable
Show data block m to be uploadediVersion number, tiIndicate data block m to be uploadediTimestamp, | | indicate cascaded operational, tsk expression wait for
The label key of data F is uploaded, mod indicates that modulo operation, G indicate elliptic curve EpThe basic point of (a, b), q indicate that basic point G's is strange
Prime Orders.
6. data integrity verification method in the cloud storage of identity-based according to claim 1, which is characterized in that step
Challenge data block described in (8a) proves Pm, calculation formula is:
Wherein, mjIndicate j-th of challenge data block, s1…scIndicate that the element in serial number value set S, Σ indicate summation operation, q
Indicate that the odd prime power order of basic point G, pk indicate the public key of user oneself.
7. data integrity verification method in the cloud storage of identity-based according to claim 1, which is characterized in that step
The corresponding label of challenge data block described in (8b) proves Pt, calculation formula is:
Wherein, s1…scIndicate that the element in serial number value set S, Σ indicate summation operation, σjIndicate j-th of challenge data block pair
The data label answered.
8. data integrity verification method in the cloud storage of identity-based according to claim 1, which is characterized in that step
Challenge data block m described in (9a)jCorresponding version number vjWith timestamp tjThe sum of cryptographic Hash H, calculation formula be:
Wherein, s1…scIndicate that the element in serial number value set S, Σ indicate summation operation, H1() indicates hash function, vjIt indicates
Challenge data block mjVersion number, tjIndicate challenge data block mjTimestamp, | | indicate that cascaded operational, q indicate that basic point G's is strange
Prime Orders.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810243552.3A CN108540291B (en) | 2018-03-23 | 2018-03-23 | Identity-based data integrity verification method in cloud storage |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810243552.3A CN108540291B (en) | 2018-03-23 | 2018-03-23 | Identity-based data integrity verification method in cloud storage |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108540291A true CN108540291A (en) | 2018-09-14 |
CN108540291B CN108540291B (en) | 2020-08-04 |
Family
ID=63483666
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810243552.3A Active CN108540291B (en) | 2018-03-23 | 2018-03-23 | Identity-based data integrity verification method in cloud storage |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108540291B (en) |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110163602A (en) * | 2019-04-04 | 2019-08-23 | 阿里巴巴集团控股有限公司 | A kind of verification method of account book, device and equipment |
CN111447072A (en) * | 2020-03-27 | 2020-07-24 | 苏州链原信息科技有限公司 | Method, apparatus and storage medium for generating data equivalent zero knowledge proof |
CN111444547A (en) * | 2020-03-20 | 2020-07-24 | 苏州链原信息科技有限公司 | Method, apparatus and computer storage medium for data integrity attestation |
CN111444548A (en) * | 2020-03-20 | 2020-07-24 | 苏州链原信息科技有限公司 | Method, apparatus and computer storage medium for data integrity attestation |
CN111475567A (en) * | 2020-03-09 | 2020-07-31 | 上海能链众合科技有限公司 | Internet of things data sequential recording method |
CN111526146A (en) * | 2020-04-24 | 2020-08-11 | 天津易维数科信息科技有限公司 | Data holding verification method, data searching method and corresponding system |
US10790968B2 (en) | 2019-04-04 | 2020-09-29 | Alibaba Group Holding Limited | Ledger verification method and apparatus, and device |
US10917231B2 (en) | 2019-04-04 | 2021-02-09 | Advanced New Technologies Co., Ltd. | Data storage method, apparatus, system and device |
CN112910632A (en) * | 2021-02-18 | 2021-06-04 | 金陵科技学院 | Novel cloud data integrity verification protocol facing multiple data users and protecting user privacy |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103414559A (en) * | 2013-05-20 | 2013-11-27 | 广州中长康达信息技术有限公司 | Identity authentication method based on IBE-like system in cloud computing environment |
CN106357701A (en) * | 2016-11-25 | 2017-01-25 | 西安电子科技大学 | Integrity verification method for data in cloud storage |
US20170286717A1 (en) * | 2016-04-05 | 2017-10-05 | Vchain Technology Limited | Method and system for managing personal information within independent computer systems and digital networks |
-
2018
- 2018-03-23 CN CN201810243552.3A patent/CN108540291B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103414559A (en) * | 2013-05-20 | 2013-11-27 | 广州中长康达信息技术有限公司 | Identity authentication method based on IBE-like system in cloud computing environment |
US20170286717A1 (en) * | 2016-04-05 | 2017-10-05 | Vchain Technology Limited | Method and system for managing personal information within independent computer systems and digital networks |
CN106357701A (en) * | 2016-11-25 | 2017-01-25 | 西安电子科技大学 | Integrity verification method for data in cloud storage |
Non-Patent Citations (1)
Title |
---|
乔丹丹: "无可信中心的基于身份的门限签名方案", 《电子科技》 * |
Cited By (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10917231B2 (en) | 2019-04-04 | 2021-02-09 | Advanced New Technologies Co., Ltd. | Data storage method, apparatus, system and device |
US10790968B2 (en) | 2019-04-04 | 2020-09-29 | Alibaba Group Holding Limited | Ledger verification method and apparatus, and device |
CN110163602A (en) * | 2019-04-04 | 2019-08-23 | 阿里巴巴集团控股有限公司 | A kind of verification method of account book, device and equipment |
CN111475567A (en) * | 2020-03-09 | 2020-07-31 | 上海能链众合科技有限公司 | Internet of things data sequential recording method |
CN111444548A (en) * | 2020-03-20 | 2020-07-24 | 苏州链原信息科技有限公司 | Method, apparatus and computer storage medium for data integrity attestation |
CN111444547A (en) * | 2020-03-20 | 2020-07-24 | 苏州链原信息科技有限公司 | Method, apparatus and computer storage medium for data integrity attestation |
CN111444548B (en) * | 2020-03-20 | 2024-03-19 | 苏州链原信息科技有限公司 | Method, apparatus and computer storage medium for data integrity attestation |
CN111444547B (en) * | 2020-03-20 | 2024-03-19 | 苏州链原信息科技有限公司 | Method, apparatus and computer storage medium for data integrity attestation |
CN111447072A (en) * | 2020-03-27 | 2020-07-24 | 苏州链原信息科技有限公司 | Method, apparatus and storage medium for generating data equivalent zero knowledge proof |
CN111526146A (en) * | 2020-04-24 | 2020-08-11 | 天津易维数科信息科技有限公司 | Data holding verification method, data searching method and corresponding system |
CN111526146B (en) * | 2020-04-24 | 2022-05-17 | 天津易维数科信息科技有限公司 | Data holding verification method, data searching method and corresponding system |
CN112910632A (en) * | 2021-02-18 | 2021-06-04 | 金陵科技学院 | Novel cloud data integrity verification protocol facing multiple data users and protecting user privacy |
CN112910632B (en) * | 2021-02-18 | 2022-10-11 | 金陵科技学院 | Novel cloud data integrity verification method facing multiple data users and protecting user privacy |
Also Published As
Publication number | Publication date |
---|---|
CN108540291B (en) | 2020-08-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108540291A (en) | Data integrity verification method in the cloud storage of identity-based | |
KR100960578B1 (en) | Identity-based key generating methods and devices | |
Li et al. | Privacy preserving cloud data auditing with efficient key update | |
CN110505046B (en) | Multi-data provider encrypted data cross-platform zero-knowledge verification method, device and medium | |
JP2023113804A (en) | Cryptographic method and system for secure extraction of data from block chain | |
US11133936B1 (en) | Methods and systems for introducing self-contained intent functionality into decentralized computer networks | |
CN105515778B (en) | Cloud storage data integrity services signatures method | |
WO2019110399A1 (en) | Two-party signature device and method | |
US20220052921A1 (en) | Methods and systems for introducing self-contained intent functionality into decentralized computer networks | |
CN108985102A (en) | Data integrity verification method, device, system and storage medium | |
CN112149156B (en) | System and selector for disclosing recorded attributes and data entries and method therefor | |
CN110505061A (en) | A kind of Digital Signature Algorithm and system | |
TW202318833A (en) | Threshold signature scheme | |
CN114880715A (en) | Power data security sharing method and system based on homomorphic encryption intelligent contract | |
CN113901424A (en) | Method and device for selectively disclosing digital identity attribute | |
CN111245626B (en) | Zero knowledge proving method, device and storage medium | |
CN108847933A (en) | Mark based on SM9 cryptographic algorithm signs and issues method | |
Xu et al. | A generic integrity verification algorithm of version files for cloud deduplication data storage | |
CN113792282B (en) | Identity data verification method and device, computer equipment and storage medium | |
CN108667624A (en) | A kind of compact torus endorsement method under master pattern and system | |
CN113507367B (en) | Online/offline integrity auditing method for outsourcing data in cloud environment | |
KR20150112315A (en) | Batch verification method and apparatus thereof | |
CN105338004B (en) | The applicable public audit method with secret protection of low-performance equipment under cloud environment | |
CN111082932B (en) | Anti-repudiation identification private key generation and digital signature method, system and device | |
CN113992389A (en) | SGX data integrity auditing method based on dynamic frequency table |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |