CN108540291A - Data integrity verification method in the cloud storage of identity-based - Google Patents

Data integrity verification method in the cloud storage of identity-based Download PDF

Info

Publication number
CN108540291A
CN108540291A CN201810243552.3A CN201810243552A CN108540291A CN 108540291 A CN108540291 A CN 108540291A CN 201810243552 A CN201810243552 A CN 201810243552A CN 108540291 A CN108540291 A CN 108540291A
Authority
CN
China
Prior art keywords
data
user
data block
indicate
cloud storage
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810243552.3A
Other languages
Chinese (zh)
Other versions
CN108540291B (en
Inventor
卢珂
王保仓
詹宇
刘鹤群
高梓渊
柴延廷
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xidian University
Original Assignee
Xidian University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University filed Critical Xidian University
Priority to CN201810243552.3A priority Critical patent/CN108540291B/en
Publication of CN108540291A publication Critical patent/CN108540291A/en
Application granted granted Critical
Publication of CN108540291B publication Critical patent/CN108540291B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps

Abstract

The present invention proposes data integrity verification method in a kind of cloud storage of identity-based, the technical issues of for solving excessively high data integrity validation cost existing in the prior art and data integrity validation inefficiency, realizes that step is:User setting verifies systematic parameter, and obtains system master key;User obtains private key and public key, the data label key and authentication secret of oneself;User carries out piecemeal to data to be uploaded;User calculates the corresponding data label of each data block, and data block and corresponding data label are sent to cloud storage;Trusted third party initiates data integrity validation challenge;Cloud storage obtains challenge data block and proves to prove with label;Trusted third party to data integrity verify and verification result is sent to user.Present invention reduces data integrity validation costs, improve the integrity verification efficiency of data.

Description

Data integrity verification method in the cloud storage of identity-based
Technical field
The invention belongs to cloud storage security technology area, it is related to data integrity verification method in a kind of cloud storage, specifically It is related to data integrity verification method in a kind of cloud storage of identity-based, can be used for the safely outsourced field of storage of data.
Background technology
With the rapid development of Internet technology, user begins participating in manufacture and the editor of information so that individual subscriber number Increase according to amount exponentially, the expense that data are stored and managed is caused to gradually increase, when PC is not enough to preserve the sea of user When measuring data, cloud storage technology generates therewith.Cloud storage is in new general of the conceptive extension of cloud computing and developed one It reads, is a kind of emerging Network storage technology, refer to through functions such as cluster application, network technology or distributed file systems, it will A large amount of various types of storage devices gather collaborative work by application software in network, common externally to provide data The system of storage and Operational Visit function.Cloud storage technology is in Rapid development stage can by providing various services to the user For solving storage and the computational problem of large-scale data, to become the object that all big enterprises chase one after another, such as Amazon AWS provides the elastic cloud service of a set of business maturation, and user need to only pay close attention to the business demand of oneself, on-demand customization, without The purchase and maintenance of interested devices, greatly reduce enterprise development cost;The App Engine of Google are that programmer has made one A unlimited virtual execution environment, the problem of making programmer that need to frequently be reconstructed because of the expansion of business scale without having to worry about system; In addition there are Azure, Facebook of Microsoft, Ali's clouds etc. of the country, and important work is all played in respective field With.Due to advantages such as it is accessed whenever and wherever possible, large capacity, on-demand service and low costs, data in cloud storage exponentially on Rise trend.
Although user stores data into cloud storage, local memory consumption is saved, since user is to data It loses and monitors in real time, so be possible to carry out safety problem to data band, such as when the loss of data of storage, cloud storage It may select to hide this loss to user, or the data that user is not accessed for a long time are deleted.In order to eliminate these safety Hidden danger, user just need aperiodically to carry out integrity verification to the data in cloud storage.Existing frequently-used data integrity is tested In card method, the key of user oneself is generally generated by key generation centre, also needs to generate key while generating key Certificate, in the data integrity validation stage, trusted third party needs first to test key certificate when using key Card, this will increase the cost of data integrity validation, and in addition to this, in the generation phase of data label, there is also a large amount of and multiple Miscellaneous arithmetic operation, for user and trusted third party, this will be no small computation burden, while it is complete to will also result in data Property verification efficiency is low.Such as Zhang et al. in 2017 in periodical《Cluster Computing》On delivered it is entitled “Achieving public verifiability and data dynamics for cloud data in the Paper (2017,20 (1) of standard model ":1-13), it is complete that data in disclosed cloud storage may be implemented in proposition one kind Property verification method, this method include user key generation, data label generation, data integrity challenge, generate challenge prove, test Five stages of integrity of verified data.In user key generation phase, user needs key generation centre while generating key Also key certificate is generated, then in trusted third party when carrying out data integrity validation using key, needs first to demonstrate,prove key Book is verified, and in addition to this, in key expiration, user will also be updated key and key certificate, this results in huge The key certificate of volume generates, verification and update are spent, to increase the cost of data integrity validation.In addition to this, it is counting Data label and data integrity validation stage are calculated, data label is calculated using bilinear map and realizes the complete of data Integrity verification, and bilinear map includes a large amount of exponent arithmetic, this brings huge calculate to bear to user and trusted third party Load, to cause the inefficiency of data integrity validation.
Invention content
The purpose of the present invention is in view of the above shortcomings of the prior art, propose data integrity in the cloud storage of identity-based Verification method, for solving, data integrity validation cost existing in the prior art is excessively high and data integrity validation efficiency Low technical problem.
To achieve the above object, the technical solution that the present invention takes includes the following steps:
(1) user sets verification systematic parameter, and obtains the master key msk of verification system:
(1a) user sets verification systematic parameter:
User sets verification system finite field FpOn elliptic curve be Ep(a, b), elliptic curve EpThe basic point of (a, b) is G, wherein a and b indicates that the coefficient of elliptic curve, p indicate finite field FpIncluding first prime number, and be odd prime, q indicate base The odd prime power order of point G;
(1b) user obtains the master key msk of verification system:
User generates set of integers A, A=[1, q-1] according to q, and randomly chooses master of the integer as verification system from A Key msk;
(2) user obtains the private key sk and public key pk of oneself:
(2a) user randomly selects integer r from set of integers A, while establishing hash function according to the odd prime power order q of basic point G H1(·);
(2b) user calculates the private key sk and public key pk of oneself:
The master key msk, integer r, hash function H that user passes through system1The identity ID of () and user oneself, meter The private key sk of oneself is calculated, and by sk and basic point G, calculates the public key pk of oneself
(3) user calculates the authentication secret tpk of the label key tsk and data M to be verified of data F to be uploaded:
User passes through hash function H1The identity F of (), the private key sk of oneself and data F to be uploadedID, calculate and wait for The label key tsk of data F is passed, and by tsk and basic point G, calculates the authentication secret tpk of data M to be verified;
(4) user carries out piecemeal to data F to be uploaded:
The length of (4a) user setup data block is l, and carries out piecemeal to data F to be uploaded by l, obtains multiple wait for Pass data block;
(4b) user judges whether the length of the last one data block of multiple data blocks to be uploaded is less than l, and less than l Data block after mend 0, obtain data block set F ', F ' to be uploaded=(m1,m2,…mi,…mn), wherein miIt indicates to wait for for i-th Data block is passed, n indicates the sum of data block to be uploaded;
(5) user calculates each data block m to be uploadediCorresponding data label σi
User passes through hash function H1The label key tsk of (), the private key sk of oneself and data F to be uploaded are calculated every A data block m to be uploadediCorresponding data label σi
(6) user sends each data block m to be uploaded to cloud storageiAnd miCorresponding data label σi, while to credible Tripartite sends each data block miCorresponding version number viWith timestamp ti
User will each data block m to be uploadediAnd miCorresponding data label σiIt is sent in cloud storage, while will be each Data block miCorresponding version number viWith timestamp tiIt is sent to trusted third party;
(7) trusted third party initiates data integrity validation challenge to cloud storage:
(7a) trusted third party is according to each data block m to be verifiediCorresponding version number viWith timestamp ti, determine to be tested Demonstrate,prove the total n of data block;
(7b) trusted third party randomly selects c data block as challenge data block from n data blocks to be verified, and will The sequence number value of c challenge data block forms serial number value set S, then is sent to cloud storage using S as challenge information chal, wherein S={ s1,s2,…sc, 1≤c≤n;
(8) cloud storage, which calculates challenge data block, proves PmLabel corresponding with challenge data block proves PtAnd it sends:
(8a) cloud storage, which calculates challenge data block, proves PmLabel corresponding with challenge data block proves Pt
For cloud storage by the public key pk of challenge information chal and user oneself, calculating challenge data block proves Pm, lead to simultaneously Challenge information chal is crossed, calculating the corresponding label of challenge data block proves Pt
(8b) cloud storage sends challenge data block number it is demonstrated that P to trusted third partymLabel corresponding with challenge data block Prove Pt
(9) trusted third party verifies the data integrity in cloud storage, and sends verification result:
(9a) trusted third party calculates challenge data block mjCorresponding version number vjWith timestamp tjThe sum of cryptographic Hash H:
Trusted third party passes through challenge information chal and hash function H1() calculates challenge data block mjCorresponding version Number and timestamp the sum of cryptographic Hash H, and by judging Pm+ tpkH=PtIt is whether true, to the data integrity in cloud storage It is verified, if so, the data in cloud storage are partial data, otherwise, the data in cloud storage are deficiency of data;
(9b) trusted third party sends verification result:
Judging result of the trusted third party by the data in cloud storage for partial data or deficiency of data is sent to user.
Compared with prior art, the present invention haing the following advantages:
First, in of the invention, in private key and the public key stage that user generates oneself, generated by the way of identity-based The identity ID of oneself is fused in the private key and public key of user by the private key and public key of oneself, user, is just given birth to without key At the key certificate being centrally generated, solve the problems, such as that expensive key certificate generates, verifies and update cost, with the prior art It compares, reduces the cost of the integrity verification of data.
Second, in of the invention, asked in calculating data label and verification of data integrity stage, only simple dot product With and modulo operation, reduce the computation burden of user and trusted third party, compared with prior art, it is complete to improve data The verification efficiency of property.
Description of the drawings
Fig. 1 is the implementation flow chart of the present invention.
Specific implementation mode
In the following with reference to the drawings and specific embodiments, the present invention is described in further detail:
Referring to Fig.1, data integrity verification method in a kind of cloud storage of identity-based, includes the following steps:
Step 1) user sets verification systematic parameter, and obtains the master key msk of verification system:
Step 1a) user's setting verification systematic parameter:
User sets verification system finite field FpOn elliptic curve be Ep(a, b), elliptic curve EpThe basic point of (a, b) is G, wherein a and b indicates that the coefficient of elliptic curve, p indicate finite field FpIncluding first prime number, and be odd prime, q indicate base The odd prime power order of point G;
User sets verification system finite field FpFor F37, setting finite field F37On elliptic curve be E37(1,1), basic point G For (0,1), wherein the coefficient a=1, b=1, odd prime power order q of elliptic curve are 37;
Step 1b) user obtain system master key msk:
User generates set of integers A, A=[1, q-1] according to q, and randomly chooses master key of the integer as system from A msk;
User generates set of integers A=[1,36] according to odd prime power order 37, and the master key msk of system is selected in A, if The system master key msk=17 of user's selection;
Step 2) user obtains the private key sk and public key pk of oneself:
Step 2a) user randomly selects integer r from set of integers A, while establishing Hash according to the odd prime power order q of basic point G Function H1(·);
If the integer r=19 that user randomly selects in set of integers A=[1,36], meanwhile, user establishes Hash according to 37 Function H1(·):{0,1}*→Z37
Step 2b) user calculates the private key sk and public key pk of oneself:
Master key msk, integer r, the hash function H that user passes through verification system1() and, calculate the private key sk of oneself, And by sk and basic point G, the public key pk of oneself is calculated:
Sk=msk+rH1(ID)modq
Pk=skG
User is by verifying system master key msk=17, integer r=19, hash function H1The identity mark of () and user Know ID=0001, calculates the private key sk=17+19H of oneself1(0001) mod37 consults, is denoted as sk ', user passes through for convenience Sk ' and basic point G=(0,1) calculates the public key pk=sk ' (0,1) of oneself;
Step 3) user calculates the authentication secret tpk of the label key tsk and data M to be verified of data F to be uploaded:
Tsk=(sk+H1(FID))modq
Tpk=tskG
User passes through the private key sk ' of oneself, hash function H1The identity F of () and data F to be uploadedID=0010, Calculate the label key tsk=(sk '+H of data F to be uploaded1(0010)) mod37 consults, is denoted as tsk ', user for convenience By tsk ' and basic point G=(0,1), the authentication secret tpk=tsk ' (0,1) of data M to be verified is calculated;
Step 4) user carries out piecemeal to data F to be uploaded:
Step 4a) user setup data block length be l, and by l to data F to be uploaded carry out piecemeal, obtain multiple Data block to be uploaded;
Step 4b) user judges whether the length of the last one data block of multiple data blocks to be uploaded is less than l, and small 0 is mended after the data block of l, obtains data block set F ', F ' to be uploaded=(m1,m2,…mi,…mn), wherein miIt indicates i-th Data block to be uploaded, n indicate the sum of data block to be uploaded;
It is 3 couples of data F to be uploaded according to length if the length of packet is 3, data F=00101010 to be uploaded Piecemeal is carried out, the last one data block is 10, and length is less than 3, carries out 0 operation of benefit and obtains data block 100, obtains data to be uploaded The sum of set of blocks F '=(001,010,100), data block is 3;
Step 5) user calculates each data block m to be uploadediCorresponding data label σi
User passes through hash function H1The label key tsk of (), the private key sk of oneself and data F to be uploaded are calculated every A data block m to be uploadediCorresponding data label σi
σi=[(mi·sk+H1(vi||ti)·tsk)modq]·G
User generates key tsk ' and hash function H using data label1() calculates 001 corresponding data of data block Label σ1=[(1sk ')+H1(0001 | | 0001) tsk ' mod37] (0,1), (the 001 corresponding decimal system of data block is 1, It is denoted as m1=1, corresponding version number v1=0001, timestamp t1=0001), 010 corresponding data label σ of data block2= [(2·sk′)+H1(0001 | | 0010) tsk ' mod37] (0,1), (the 010 corresponding decimal system is 2, is denoted as m2=2, it is corresponding Version number v1=0001, timestamp t1=0010), 100 corresponding data label σ of data block3=[(4sk ')+H1(0001| | 0011) tsk ' mod37] (0,1), (the 100 corresponding decimal systems are 4, are denoted as m3=4, corresponding version number v1=0001, Timestamp t1=0011) it, consults for convenience, is denoted as σ ' respectively1, σ '2, σ '3
Step 6) user sends each data block m to be uploaded to cloud storageiAnd miCorresponding data label σi, while to can Believe that third party sends each data block miCorresponding version number viWith timestamp ti
User will each data block m to be uploadediAnd miCorresponding data label σiIt is sent in cloud storage, while will be each Data block miCorresponding version number viWith timestamp tiIt is sent to trusted third party;
User uploads data block 001,010,100 and corresponding data label σ '1, σ '2, σ '3Into cloud storage, user Send { v1=0001, t1=0001;v2=0001, t2=0010;v3=0001, t3=0011 } believable third party is arrived;
Step 7) trusted third party initiates data integrity validation challenge to cloud storage:
Step 7a) trusted third party is according to each data block m to be verifiediCorresponding version number viWith timestamp ti, determining to wait for The total n of verify data block;
Step 7b) trusted third party randomly selects c data block as challenge data block from n data blocks to be verified, And the sequence number value of c challenge data block is formed into serial number value set S, then it is sent to cloud storage using S as challenge information chal, Wherein, S={ s1,s2,…sc, 1≤c≤n;
Trusted third party is according to { v1=0001, t1=0001;v2=0001, t2=0010;v3=0001, t3=0011 } Determine that the sum of data block to be verified is 3;
2 data blocks are randomly selected from 3 data blocks to be verified, it is assumed that selection is the 2nd piece and the 3rd piece, this 2 Challenge data block sequence number value forms serial number value set set S={ 2,3 }, and cloud storage is sent to using S as challenge information chal;
Step 8) cloud storage, which calculates challenge data block, proves PmLabel corresponding with challenge data block proves PtAnd it sends:
Step 8a) cloud storage calculating challenge data block proof PmLabel corresponding with challenge data block proves Pt
For cloud storage by the public key pk of challenge information chal and user oneself, calculating challenge data block proves Pm, lead to simultaneously Challenge information chal is crossed, calculating the corresponding label of challenge data block proves Pt
Cloud storage finds corresponding data block m according to challenge information chal={ 2,3 }2, m3, m2=2, m3=4, it calculates P is proved to datam=((2+4) mod37) pk ' consult, are denoted as P ' for conveniencem;Cloud storage is according to challenge information chal= { 2,3 } find corresponding data block label σ '2, σ '3, the corresponding label of challenge data block, which is calculated, proves Pt=σ '2+σ′3, In order to facilitate access, it is denoted as P 't
Step 8b) cloud storage to trusted third party send challenge data block number it is demonstrated that PmMark corresponding with challenge data block The bright P of visat
Step 9) trusted third party verifies the data integrity in cloud storage, and sends verification result:
Step 9a) trusted third party calculating challenge data block mjCorresponding version number vjWith timestamp tjThe sum of cryptographic Hash H:
Trusted third party passes through challenge information chal and hash function H1() calculates challenge data block mjCorresponding version Number and timestamp the sum of cryptographic Hash H:
And by judging Pm+ tpkH=PtIt is whether true, the data integrity in cloud storage is verified, if so, Data in cloud storage are partial data, and otherwise, the data in cloud storage are deficiency of data;
Trusted third party calculates challenge data block version number and timestamp corresponds to according to challenge information chal=S={ 2,3 } The sum of cryptographic Hash H=[H1(0001||0010)+H1(0001 | | 0011)] mod37, it consults for convenience, is denoted as H ';Therefore will Above-mentioned known symbol all brings P ' intom+ tpkH ', then
P′m+ tpkH '=((2+4) mod37) pk '+[H1(0001||0010)+H1(0001||0011)]mod37· tpk
=[(2sk ')+H1(0001||0010)·tsk′mod37]·(0,1)
+[(4·sk′)+H1(0001||0011)·tsk′mod37]·(0,1)
=σ '2+σ′3=P 't
Equation P 'm+ tpkH '=P 'tIt sets up, then the data in cloud storage are partial data;
Step 9c) trusted third party's transmission verification result:
Judging result of the trusted third party by the data in cloud storage for partial data or deficiency of data is sent to user.
The result that data in cloud storage are partial data is sent to user by trusted third party.

Claims (8)

1. data integrity verification method in a kind of cloud storage of identity-based, which is characterized in that be by user, cloud storage and What trusted third party realized, include the following steps:
(1) user sets verification systematic parameter, and obtains the master key msk of verification system:
(1a) user sets verification systematic parameter:
User sets verification system finite field FpOn elliptic curve be Ep(a, b), elliptic curve EpThe basic point of (a, b) is G, In, the coefficient of a and b expression elliptic curves, p indicate finite field FpIncluding first prime number, and be odd prime, q indicates basic point G's Odd prime power order;
(1b) user obtains the master key msk of verification system:
User generates set of integers A, A=[1, q-1] according to q, and randomly chooses master key of the integer as verification system from A msk;
(2) user obtains the private key sk and public key pk of oneself:
(2a) user randomly selects integer r from set of integers A, while establishing hash function H according to the odd prime power order q of basic point G1 (·);
(2b) user calculates the private key sk and public key pk of oneself:
The master key msk, integer r, hash function H that user passes through system1The identity ID of () and user oneself are calculated certainly Oneself private key sk, and by sk and basic point G, calculate the public key pk of oneself;
(3) user calculates the authentication secret tpk of the label key tsk and data M to be verified of data F to be uploaded:
User passes through hash function H1The identity F of (), the private key sk of oneself and data F to be uploadedID, calculate number to be uploaded According to the label key tsk of F, and by tsk and basic point G, calculate the authentication secret tpk of data M to be verified;
(4) user carries out piecemeal to data F to be uploaded:
The length of (4a) user setup data block is l, and carries out piecemeal to data F to be uploaded by l, obtains multiple numbers to be uploaded According to block;
(4b) user judges whether the length of the last one data block of multiple data blocks to be uploaded is less than l, and in the number less than l According to mending 0 after block, data block set F ', F ' to be uploaded=(m are obtained1,m2,…mi,…mn), wherein miIndicate i-th of number to be uploaded According to block, n indicates the sum of data block to be uploaded;
(5) user calculates each data block m to be uploadediCorresponding data label σi
User passes through hash function H1The label key tsk of (), the private key sk of oneself and data F to be uploaded, calculating each wait for Pass data block miCorresponding data label σi
(6) user sends each data block m to be uploaded to cloud storageiAnd miCorresponding data label σi, while to trusted third party Send each data block miCorresponding version number viWith timestamp ti
User will each data block m to be uploadediAnd miCorresponding data label σiIt is sent in cloud storage, while by each data Block miCorresponding version number viWith timestamp tiIt is sent to trusted third party;
(7) trusted third party initiates data integrity validation challenge to cloud storage:
(7a) trusted third party is according to each data block m to be verifiediCorresponding version number viWith timestamp ti, determine number to be verified According to the total n of block;
(7b) trusted third party randomly selects c data block as challenge data block from n data blocks to be verified, and by c The sequence number value of challenge data block forms serial number value set S, then is sent to cloud storage using S as challenge information chal, wherein S= {s1,s2,…sc, 1≤c≤n;
(8) cloud storage, which calculates challenge data block, proves PmLabel corresponding with challenge data block proves PtAnd it sends:
(8a) cloud storage, which calculates challenge data block, proves PmLabel corresponding with challenge data block proves Pt
For cloud storage by the public key pk of challenge information chal and user oneself, calculating challenge data block proves Pm, while passing through challenge Information chal, calculating the corresponding label of challenge data block proves Pt
(8b) cloud storage sends challenge data block number it is demonstrated that P to trusted third partymLabel corresponding with challenge data block proves Pt
(9) trusted third party verifies the data integrity in cloud storage, and sends verification result:
(9a) trusted third party calculates challenge data block mjCorresponding version number vjWith timestamp tjThe sum of cryptographic Hash H:
Trusted third party passes through challenge information chal and hash function H1() calculates challenge data block mjCorresponding version number and The sum of cryptographic Hash of timestamp H, and by judging Pm+ tpkH=PtIt is whether true, the data integrity in cloud storage is carried out Verification, if so, the data in cloud storage are partial data, otherwise, the data in cloud storage are deficiency of data;
(9b) trusted third party sends verification result:
Judging result of the trusted third party by the data in cloud storage for partial data or deficiency of data is sent to user.
2. data integrity verification method in the cloud storage of identity-based according to claim 1, which is characterized in that step Hash function H described in (2a)1(), expression formula are:
H1(·):{0,1}*→Zq
Wherein, { 0,1 }*Indicate the Bit String of random length, → indicate to generate operation, ZqIndicate that the addition of integer group of mould q, q indicate Elliptic curve EpThe odd prime power order of the basic point G of (a, b).
3. data integrity verification method in the cloud storage of identity-based according to claim 1, which is characterized in that step User described in (2b) calculate oneself private key sk and public key pk, calculation formula be respectively:
Sk=msk+rH1(ID)mod q
Pk=skG
Wherein, msk indicates that the master key of verification system, r indicate the integer randomly selected from set of integers A, H1() indicates Hash letter Number, ID indicate that the identity of user, mod indicate that modulo operation, G indicate elliptic curve EpThe basic point of (a, b), q indicate basic point G Odd prime power order.
4. data integrity verification method in the cloud storage of identity-based according to claim 1, which is characterized in that step (3) user described in calculates the authentication secret tpk of the label key tsk and data M to be verified of data F to be uploaded, calculates public Formula is respectively:
Tsk=(sk+H1(FID))mod q
Tpk=tskG
Wherein, sk indicates the private key of user oneself, H1() indicates hash function, FIDIndicate the identity of data F to be uploaded, Mod indicates that modulo operation, G indicate elliptic curve EpThe basic point of (a, b), q indicate the odd prime power order of basic point G.
5. data integrity verification method in the cloud storage of identity-based according to claim 1, which is characterized in that step (5) data block m to be uploaded each of described iniCorresponding data label σi, calculation formula is:
σi=[(mi·sk+H1(vi||ti)·tsk)mod q]·G
Wherein, miIndicate that i-th of data block to be uploaded, sk indicate the private key of user oneself, H1() indicates hash function, viTable Show data block m to be uploadediVersion number, tiIndicate data block m to be uploadediTimestamp, | | indicate cascaded operational, tsk expression wait for The label key of data F is uploaded, mod indicates that modulo operation, G indicate elliptic curve EpThe basic point of (a, b), q indicate that basic point G's is strange Prime Orders.
6. data integrity verification method in the cloud storage of identity-based according to claim 1, which is characterized in that step Challenge data block described in (8a) proves Pm, calculation formula is:
Wherein, mjIndicate j-th of challenge data block, s1…scIndicate that the element in serial number value set S, Σ indicate summation operation, q Indicate that the odd prime power order of basic point G, pk indicate the public key of user oneself.
7. data integrity verification method in the cloud storage of identity-based according to claim 1, which is characterized in that step The corresponding label of challenge data block described in (8b) proves Pt, calculation formula is:
Wherein, s1…scIndicate that the element in serial number value set S, Σ indicate summation operation, σjIndicate j-th of challenge data block pair The data label answered.
8. data integrity verification method in the cloud storage of identity-based according to claim 1, which is characterized in that step Challenge data block m described in (9a)jCorresponding version number vjWith timestamp tjThe sum of cryptographic Hash H, calculation formula be:
Wherein, s1…scIndicate that the element in serial number value set S, Σ indicate summation operation, H1() indicates hash function, vjIt indicates Challenge data block mjVersion number, tjIndicate challenge data block mjTimestamp, | | indicate that cascaded operational, q indicate that basic point G's is strange Prime Orders.
CN201810243552.3A 2018-03-23 2018-03-23 Identity-based data integrity verification method in cloud storage Active CN108540291B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810243552.3A CN108540291B (en) 2018-03-23 2018-03-23 Identity-based data integrity verification method in cloud storage

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810243552.3A CN108540291B (en) 2018-03-23 2018-03-23 Identity-based data integrity verification method in cloud storage

Publications (2)

Publication Number Publication Date
CN108540291A true CN108540291A (en) 2018-09-14
CN108540291B CN108540291B (en) 2020-08-04

Family

ID=63483666

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810243552.3A Active CN108540291B (en) 2018-03-23 2018-03-23 Identity-based data integrity verification method in cloud storage

Country Status (1)

Country Link
CN (1) CN108540291B (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110163602A (en) * 2019-04-04 2019-08-23 阿里巴巴集团控股有限公司 A kind of verification method of account book, device and equipment
CN111447072A (en) * 2020-03-27 2020-07-24 苏州链原信息科技有限公司 Method, apparatus and storage medium for generating data equivalent zero knowledge proof
CN111444547A (en) * 2020-03-20 2020-07-24 苏州链原信息科技有限公司 Method, apparatus and computer storage medium for data integrity attestation
CN111444548A (en) * 2020-03-20 2020-07-24 苏州链原信息科技有限公司 Method, apparatus and computer storage medium for data integrity attestation
CN111475567A (en) * 2020-03-09 2020-07-31 上海能链众合科技有限公司 Internet of things data sequential recording method
CN111526146A (en) * 2020-04-24 2020-08-11 天津易维数科信息科技有限公司 Data holding verification method, data searching method and corresponding system
US10790968B2 (en) 2019-04-04 2020-09-29 Alibaba Group Holding Limited Ledger verification method and apparatus, and device
US10917231B2 (en) 2019-04-04 2021-02-09 Advanced New Technologies Co., Ltd. Data storage method, apparatus, system and device
CN112910632A (en) * 2021-02-18 2021-06-04 金陵科技学院 Novel cloud data integrity verification protocol facing multiple data users and protecting user privacy

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103414559A (en) * 2013-05-20 2013-11-27 广州中长康达信息技术有限公司 Identity authentication method based on IBE-like system in cloud computing environment
CN106357701A (en) * 2016-11-25 2017-01-25 西安电子科技大学 Integrity verification method for data in cloud storage
US20170286717A1 (en) * 2016-04-05 2017-10-05 Vchain Technology Limited Method and system for managing personal information within independent computer systems and digital networks

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103414559A (en) * 2013-05-20 2013-11-27 广州中长康达信息技术有限公司 Identity authentication method based on IBE-like system in cloud computing environment
US20170286717A1 (en) * 2016-04-05 2017-10-05 Vchain Technology Limited Method and system for managing personal information within independent computer systems and digital networks
CN106357701A (en) * 2016-11-25 2017-01-25 西安电子科技大学 Integrity verification method for data in cloud storage

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
乔丹丹: "无可信中心的基于身份的门限签名方案", 《电子科技》 *

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10917231B2 (en) 2019-04-04 2021-02-09 Advanced New Technologies Co., Ltd. Data storage method, apparatus, system and device
US10790968B2 (en) 2019-04-04 2020-09-29 Alibaba Group Holding Limited Ledger verification method and apparatus, and device
CN110163602A (en) * 2019-04-04 2019-08-23 阿里巴巴集团控股有限公司 A kind of verification method of account book, device and equipment
CN111475567A (en) * 2020-03-09 2020-07-31 上海能链众合科技有限公司 Internet of things data sequential recording method
CN111444548A (en) * 2020-03-20 2020-07-24 苏州链原信息科技有限公司 Method, apparatus and computer storage medium for data integrity attestation
CN111444547A (en) * 2020-03-20 2020-07-24 苏州链原信息科技有限公司 Method, apparatus and computer storage medium for data integrity attestation
CN111444548B (en) * 2020-03-20 2024-03-19 苏州链原信息科技有限公司 Method, apparatus and computer storage medium for data integrity attestation
CN111444547B (en) * 2020-03-20 2024-03-19 苏州链原信息科技有限公司 Method, apparatus and computer storage medium for data integrity attestation
CN111447072A (en) * 2020-03-27 2020-07-24 苏州链原信息科技有限公司 Method, apparatus and storage medium for generating data equivalent zero knowledge proof
CN111526146A (en) * 2020-04-24 2020-08-11 天津易维数科信息科技有限公司 Data holding verification method, data searching method and corresponding system
CN111526146B (en) * 2020-04-24 2022-05-17 天津易维数科信息科技有限公司 Data holding verification method, data searching method and corresponding system
CN112910632A (en) * 2021-02-18 2021-06-04 金陵科技学院 Novel cloud data integrity verification protocol facing multiple data users and protecting user privacy
CN112910632B (en) * 2021-02-18 2022-10-11 金陵科技学院 Novel cloud data integrity verification method facing multiple data users and protecting user privacy

Also Published As

Publication number Publication date
CN108540291B (en) 2020-08-04

Similar Documents

Publication Publication Date Title
CN108540291A (en) Data integrity verification method in the cloud storage of identity-based
KR100960578B1 (en) Identity-based key generating methods and devices
Li et al. Privacy preserving cloud data auditing with efficient key update
CN110505046B (en) Multi-data provider encrypted data cross-platform zero-knowledge verification method, device and medium
JP2023113804A (en) Cryptographic method and system for secure extraction of data from block chain
US11133936B1 (en) Methods and systems for introducing self-contained intent functionality into decentralized computer networks
CN105515778B (en) Cloud storage data integrity services signatures method
WO2019110399A1 (en) Two-party signature device and method
US20220052921A1 (en) Methods and systems for introducing self-contained intent functionality into decentralized computer networks
CN108985102A (en) Data integrity verification method, device, system and storage medium
CN112149156B (en) System and selector for disclosing recorded attributes and data entries and method therefor
CN110505061A (en) A kind of Digital Signature Algorithm and system
TW202318833A (en) Threshold signature scheme
CN114880715A (en) Power data security sharing method and system based on homomorphic encryption intelligent contract
CN113901424A (en) Method and device for selectively disclosing digital identity attribute
CN111245626B (en) Zero knowledge proving method, device and storage medium
CN108847933A (en) Mark based on SM9 cryptographic algorithm signs and issues method
Xu et al. A generic integrity verification algorithm of version files for cloud deduplication data storage
CN113792282B (en) Identity data verification method and device, computer equipment and storage medium
CN108667624A (en) A kind of compact torus endorsement method under master pattern and system
CN113507367B (en) Online/offline integrity auditing method for outsourcing data in cloud environment
KR20150112315A (en) Batch verification method and apparatus thereof
CN105338004B (en) The applicable public audit method with secret protection of low-performance equipment under cloud environment
CN111082932B (en) Anti-repudiation identification private key generation and digital signature method, system and device
CN113992389A (en) SGX data integrity auditing method based on dynamic frequency table

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant