CN108540291B - Identity-based data integrity verification method in cloud storage - Google Patents

Identity-based data integrity verification method in cloud storage Download PDF

Info

Publication number
CN108540291B
CN108540291B CN201810243552.3A CN201810243552A CN108540291B CN 108540291 B CN108540291 B CN 108540291B CN 201810243552 A CN201810243552 A CN 201810243552A CN 108540291 B CN108540291 B CN 108540291B
Authority
CN
China
Prior art keywords
data
user
cloud storage
data block
uploaded
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810243552.3A
Other languages
Chinese (zh)
Other versions
CN108540291A (en
Inventor
卢珂
王保仓
詹宇
刘鹤群
高梓渊
柴延廷
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xidian University
Original Assignee
Xidian University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University filed Critical Xidian University
Priority to CN201810243552.3A priority Critical patent/CN108540291B/en
Publication of CN108540291A publication Critical patent/CN108540291A/en
Application granted granted Critical
Publication of CN108540291B publication Critical patent/CN108540291B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Mathematical Optimization (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Algebra (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Power Engineering (AREA)
  • Storage Device Security (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention provides a method for verifying data integrity in cloud storage based on identity, which is used for solving the technical problems of high data integrity verification cost and low data integrity verification efficiency in the prior art, and comprises the following steps: a user sets verification system parameters and obtains a system master key; a user acquires a private key and a public key of the user, a data tag key and a verification key; a user divides data to be uploaded into blocks; the user calculates a data tag corresponding to each data block, and sends the data block and the corresponding data tag to the cloud storage; a trusted third party initiates a data integrity verification challenge; the cloud storage acquires a challenge data block certificate and a tag certificate; and the trusted third party verifies the data integrity and sends the verification result to the user. The invention reduces the cost of data integrity verification and improves the efficiency of data integrity verification.

Description

Identity-based data integrity verification method in cloud storage
Technical Field
The invention belongs to the technical field of cloud storage safety, relates to a data integrity verification method in cloud storage, and particularly relates to a data integrity verification method in cloud storage based on identity, which can be used in the field of safe outsourcing storage of data.
Background
With the rapid development of the internet technology, users begin to participate in the manufacturing and editing of information, so that the personal data volume of the users grows exponentially, the overhead of data storage and management is gradually increased, and when a personal computer is not enough to store the mass data of the users, the cloud storage technology is generated. Cloud storage is a new concept extended and developed on the cloud computing concept, is an emerging network storage technology, and refers to a system which integrates a large number of different types of storage devices in a network through application software to cooperatively work through functions such as cluster application, network technology or distributed file system and the like, and provides data storage and service access functions to the outside. The cloud storage technology is in a rapid development stage, various services are provided for users, the cloud storage technology can be used for solving the storage and calculation problems of large-scale data, and becomes an object pursued by various manufacturers, for example, amazon AWS provides a set of elastic cloud services with mature business, and users only need to pay attention to own business requirements and customize the business requirements according to needs without paying attention to equipment purchase and maintenance, so that the enterprise development cost is greatly reduced; app Engine of Google creates an infinite virtual operating environment for programmers, so that the programmers do not need to worry about the problem that the system needs to be frequently reconstructed due to the expansion of the service scale; in addition, Microsoft Azure, Facebook, domestic Aliskiren and the like play important roles in respective fields. Due to the advantages of access anytime and anywhere, large capacity, on-demand service, low cost and the like, data in cloud storage tends to rise exponentially.
Although the user stores data in the cloud storage, the local memory consumption is saved, but the user loses real-time monitoring on the data, so that a security problem may be brought to the data, for example, when the stored data is lost, the cloud storage may choose to hide the loss from the user, or delete the data which is not accessed by the user for a long time. To eliminate these security risks, the user needs to perform integrity verification on the data in the cloud storage at irregular intervals. In the existing common data integrity verification method, a key of a user is generally generated by a key generation center, a key certificate needs to be generated while the key is generated, and in a data integrity verification stage, a trusted third party needs to verify the key certificate first when using the key, which increases the cost of data integrity verification. For example, Zhang et al published a paper entitled "improving public validation and data dynamics for closed data in the standard model" in 2017 in the publication of Cluster Computing (2017,20(1):1-13), and proposed a method for verifying data integrity in public cloud storage, which includes five stages, i.e., user key generation, data tag generation, data integrity challenge, challenge generation certification, and data integrity verification. In the user key generation stage, the user needs the key generation center to generate the key and also generate the key certificate at the same time, and then the trusted third party needs to verify the key certificate first when using the key to verify the data integrity, and in addition, the user needs to update the key and the key certificate when the key is out of date, which causes huge cost for generating, verifying and updating the key certificate, thereby increasing the cost for verifying the data integrity. In addition, in the stages of data tag calculation and data integrity verification, bilinear mapping is adopted to calculate the data tag and realize data integrity verification, and the bilinear mapping comprises a large number of exponential operations, which brings huge calculation burden to users and trusted third parties, thereby causing low efficiency of data integrity verification.
Disclosure of Invention
The invention aims to provide a data integrity verification method in cloud storage based on identity aiming at the defects of the prior art, and is used for solving the technical problems of high data integrity verification cost and low data integrity verification efficiency in the prior art.
In order to achieve the purpose, the technical scheme adopted by the invention comprises the following steps:
(1) the user sets the parameters of the verification system and obtains a master key msk of the verification system:
(1a) user setting verification system parameters:
user setting verification system finite field FpThe elliptic curve of (A) is Ep(a, b), elliptic curve EpThe base point of (a, b) is G, where a and b represent the coefficients of an elliptic curve and p represents a finite field FpThe number of elements contained is odd prime number, and q represents the odd prime order of the base point G;
(1b) the user acquires a master key msk of the verification system:
the user generates an integer set A according to q, A is [1, q-1], and randomly selects an integer from A as a master key msk of the verification system;
(2) the user acquires the private key sk and the public key pk of the user:
(2a) the user randomly selects an integer r from an integer set A, and simultaneously establishes a hash function H according to the odd prime order q of a base point G1(·);
(2b) The user calculates the own private key sk and public key pk:
user passes through master key msk, integer r and hash function H of system1(. to) and the user's own ID, calculate the own private key sk, and through sk and base point G, calculate the own public key pk
(3) The user calculates a tag key tsk of the data F to be uploaded and a verification key tpk of the data M to be verified:
user passes hash function H1(. the self private key sk and the identity F of the data F to be uploadedIDCalculating a label key tsk of the data F to be uploaded, and calculating a verification key tpk of the data M to be verified through tsk and a base point G;
(4) the user blocks the data F to be uploaded:
(4a) the user sets the length of a data block to be l, and blocks data F to be uploaded through l to obtain a plurality of data blocks to be uploaded;
(4b) the user judges whether the length of the last data block of the multiple data blocks to be uploaded is less than l, and supplements 0 after the data block less than l to obtain a data block set F 'to be uploaded, wherein F' is (m)1,m2,…mi,…mn) Wherein m isiRepresenting the ith data block to be uploaded, and n representing the total number of the data blocks to be uploaded;
(5) the user calculates each data block m to be uploadediCorresponding data label sigmai
User passes hash function H1(. the self private key sk and the label key tsk of the data F to be uploaded calculate each data block m to be uploadediCorresponding data label sigmai
(6) The user sends each data block m to be uploaded to the cloud storageiAnd miCorresponding data label sigmaiSimultaneously sending each data block m to a trusted third partyiCorresponding version number viAnd a time stamp ti
The user uploads each data block m to be uploadediAnd miCorresponding data label sigmaiSending the data blocks to cloud storage, and simultaneously sending each data block miCorresponding version number viAnd a time stamp tiSending the information to a trusted third party;
(7) the trusted third party initiates a data integrity verification challenge to the cloud storage:
(7a) the trusted third party verifies the data block m according to each data block m to be verifiediCorresponding version number viAnd a time stamp tiDetermining the total number n of the data blocks to be verified;
(7b) a trusted third party randomly selects c data blocks from n data blocks to be verified as challenge data blocks, combines sequence numbers of the c challenge data blocks into a sequence number set S, and sends the sequence number set S as challenge information chal to cloud storage, wherein S is { S ═ S } S1,s2,…sc},1≤c≤n;
(8) Cloud storage computing challenge data block attestation PmTag certificate P corresponding to challenge data blocktAnd sending:
(8a) cloud storage computing challenge data block attestation PmTag certificate P corresponding to challenge data blockt
The cloud storage calculates challenge data block proof P through challenge information chal and a public key pk of a usermMeanwhile, through the challenge information chal, calculating a label proof P corresponding to the challenge data blockt
(8b) Cloud storage sending challenge data block data proof P to trusted third partymTag certificate P corresponding to challenge data blockt
(9) The trusted third party verifies the integrity of the data in the cloud storage and sends a verification result:
(9a) trusted third party computing challenge data block mjCorresponding version number vjAnd a time stamp tjSum of hash values of H:
the trusted third party passes the challenge information chal and the hash function H1(. to) compute challenge data block mjThe sum H of the corresponding version number and the hash value of the timestamp is judged by Pm+tpk·H=PtIf the data integrity in the cloud storage is not established, verifying the data integrity in the cloud storage, if so, determining that the data in the cloud storage is complete data, otherwise, determining that the data in the cloud storage is incomplete data;
(9b) the trusted third party sends a verification result:
and the trusted third party sends the judgment result that the data in the cloud storage is complete data or incomplete data to the user.
Compared with the prior art, the invention has the following advantages:
first, in the present invention, at the stage of generating its own private key and public key, the user generates its own private key and public key in an identity-based manner, and the user fuses its own identity ID into the private key and public key of the user, so that a key certificate generated by a key generation center is not needed, thereby solving the problem of expensive key certificate generation, verification and update cost.
Secondly, in the stages of calculating the data label and verifying the data integrity, only simple point multiplication, summation and modulus operation are performed, so that the calculation burden of a user and a trusted third party is reduced, and the verification efficiency of the data integrity is improved compared with the prior art.
Drawings
FIG. 1 is a flow chart of an implementation of the present invention.
Detailed Description
The invention is described in further detail below with reference to the following figures and specific examples:
referring to fig. 1, a method for verifying data integrity in identity-based cloud storage includes the following steps:
step 1) a user sets parameters of a verification system and acquires a master key msk of the verification system:
step 1a) user setting verification system parameters:
user setting verification system finite field FpThe elliptic curve of (A) is Ep(a, b), elliptic curve EpThe base point of (a, b) is G, where a and b represent the coefficients of an elliptic curve and p represents a finite field FpThe number of elements contained is odd prime number, and q represents the odd prime order of the base point G;
user setting verification system finite field FpIs F37Setting a finite field F37The elliptic curve of (A) is E37(1,1), the base point G is (0,1), wherein the coefficient a of the elliptic curve is 1, b is 1, and the odd prime order q is 37;
step 1b) the user obtains the master key msk of the system:
the user generates an integer set A according to q, A is [1, q-1], and randomly selects an integer from A as a master key msk of the system;
the user generates an integer set A ═ 1,36 according to the odd prime number order 37, selects a system master key msk in A, and sets the system master key msk selected by the user to be 17;
step 2) the user obtains the private key sk and the public key pk of the user:
step 2a) a user randomly selects an integer r from an integer set A, and simultaneously establishes a hash function H according to the odd prime number order q of a base point G1(·);
Let the user be [1,36] in the integer set A]Wherein the randomly selected integer r is 19, and the user establishes a hash function H according to 371(·):{0,1}*→Z37
Step 2b) the user calculates the own private key sk and public key pk:
master key msk, integer r and hash function H of user passing verification system1(. and) calculating its own private key sk and calculating itself from sk and base point GOwn public key pk:
sk=msk+rH1(ID)modq
pk=sk·G
the user passes the verification system master key msk is 17, the integer r is 19, and the hash function H1(. to) and the user's ID 0001, calculate its own private key sk 17+19H1(0001) mod37, for convenience of reference, denoted as sk ', calculates its public key pk ═ sk ' (0,1) from sk ' and the base point G ═ 0, 1;
step 3), the user calculates a tag key tsk of the data F to be uploaded and a verification key tpk of the data M to be verified:
tsk=(sk+H1(FID))modq
tpk=tsk·G
the user passes his own private key sk', the hash function H1(. DEG) and identity F of data F to be uploadedID0010, the tag key tsk ═ of the data F to be uploaded is calculated (sk' + H)1(0010) Mod37, for ease of reference, denoted tsk ', the user calculates the authentication key tpk tsk ' of the data M to be authenticated (0,1) by tsk ' and the base point G ═ 0, 1;
step 4), the user blocks the data F to be uploaded:
step 4a) setting the length of a data block to be l by a user, and partitioning data F to be uploaded by the length l to obtain a plurality of data blocks to be uploaded;
step 4b) the user judges whether the length of the last data block of the plurality of data blocks to be uploaded is less than l, and supplements 0 after the data block less than l to obtain a data block set F 'to be uploaded, wherein F' is (m)1,m2,…mi,…mn) Wherein m isiRepresenting the ith data block to be uploaded, and n representing the total number of the data blocks to be uploaded;
setting the length of a data packet to be 3, and the length of data to be uploaded to be 00101010, partitioning the data to be uploaded to be F according to the length of 3, setting the last data block to be 10 and the length to be less than 3, performing a 0 supplementing operation to obtain a data block 100, and obtaining a set of data blocks to be uploaded to be F' ═ 001,010,100, wherein the total number of the data blocks is 3;
step 5) the user calculates each data block m to be uploadediCorresponding data label sigmai
User passes hash function H1(. the self private key sk and the label key tsk of the data F to be uploaded calculate each data block m to be uploadediCorresponding data label sigmai
σi=[(mi·sk+H1(vi||ti)·tsk)modq]·G
User generates key tsk' and hash function H using data tag1(. to calculate the data tag σ corresponding to data Block 0011=[(1·sk′)+H1(0001||0001)·tsk′mod37](0,1), (data block 001 corresponding decimal number 1, denoted m11, corresponding version number v10001, time stamp t10001), the data tag σ corresponding to the data block 0102=[(2·sk′)+H1(0001||0010)·tsk′mod37]0,1), (010 corresponds to decimal number 2, denoted m22, corresponding version number v10001, time stamp t10010), the data tag σ corresponding to the data block 1003=[(4·sk′)+H1(0001||0011)·tsk′mod37]0,1, (100 corresponds to a decimal number of 4, denoted m34, corresponding version number v10001, time stamp t10011), for convenience of review, respectively denoted as σ'1,σ′2,σ′3
Step 6) the user sends each data block m to be uploaded to the cloud storageiAnd miCorresponding data label sigmaiSimultaneously sending each data block m to a trusted third partyiCorresponding version number viAnd a time stamp ti
The user uploads each data block m to be uploadediAnd miCorresponding data label sigmaiSending the data blocks to cloud storage, and simultaneously sending each data block miCorresponding version number viAnd a time stamp tiSending the information to a trusted third party;
user upload data blocks 001,010,100 and corresponding data tags σ'1,σ′2,σ′3To cloud storage, user sends { v }1=0001,t1=0001;v2=0001,t2=0010;v3=0001,t30011} to a trusted third party;
step 7), the trusted third party initiates a data integrity verification challenge to the cloud storage:
step 7a) the trusted third party verifies the data block m according to each oneiCorresponding version number viAnd a time stamp tiDetermining the total number n of the data blocks to be verified;
step 7b) the trusted third party randomly selects c data blocks from the n data blocks to be verified as challenge data blocks, combines the serial numbers of the c challenge data blocks into a serial number value set S, and sends the serial number value set S as challenge information chal to the cloud storage, wherein S is { S ═ S }1,s2,…sc},1≤c≤n;
Trusted third party according to { v }1=0001,t1=0001;v2=0001,t2=0010;v3=0001,t30011, determining that the total number of the data blocks to be verified is 3;
randomly selecting 2 data blocks from 3 data blocks to be verified, assuming that the selected data blocks are the 2 nd block and the 3 rd block, forming a sequence number value set S (2, 3) by the sequence number values of the 2 challenge data blocks, and sending the S as challenge information chal to cloud storage;
step 8) cloud storage computing challenge data block certification PmTag certificate P corresponding to challenge data blocktAnd sending:
step 8a) cloud storage computing challenge data block proof PmTag certificate P corresponding to challenge data blockt
The cloud storage calculates challenge data block proof P through challenge information chal and a public key pk of a usermMeanwhile, through the challenge information chal, calculating a label proof P corresponding to the challenge data blockt
Figure GDA0001717135640000081
Figure GDA0001717135640000082
And the cloud storage finds the corresponding data block m according to the challenge information chal ═ {2,3}, and2,m3,m2=2,m3calculated data proof P4m(2+4) mod37) pk ', for ease of reference, denoted as P'm(ii) a The cloud storage finds the corresponding data block tag sigma' according to the challenge information chal ═ {2,3 }.2,σ′3Calculating to obtain the corresponding label proof P of the challenge data blockt=σ′2+σ′3For convenience of reference, is recorded as P't
Step 8b) the cloud storage sends a challenge data block data proof P to the trusted third partymTag certificate P corresponding to challenge data blockt
Step 9), the trusted third party verifies the integrity of the data in the cloud storage and sends a verification result:
step 9a) the trusted third party calculates the challenge data block mjCorresponding version number vjAnd a time stamp tjSum of hash values of H:
the trusted third party passes the challenge information chal and the hash function H1(. to) compute challenge data block mjSum H of corresponding version number and hash value of timestamp:
Figure GDA0001717135640000083
and by judging Pm+tpk·H=PtIf the data integrity in the cloud storage is not established, verifying the data integrity in the cloud storage, if so, determining that the data in the cloud storage is complete data, otherwise, determining that the data in the cloud storage is incomplete data;
and the trusted third party calculates the sum H of the version number of the challenge data block and the hash value corresponding to the timestamp according to the challenge information chal which is S which is 2,31(0001||0010)+H1(0001||0011)]mod37, for ease of reference, denoted H'; thus, it is possible to provideAll the known symbols are substituted into P'm+ tpk. H', then
P′m+tpk·H′=((2+4)mod37)·pk′+[H1(0001||0010)+H1(0001||0011)]mod37·tpk
=[(2·sk′)+H1(0001||0010)·tsk′mod37]·(0,1)
+[(4·sk′)+H1(0001||0011)·tsk′mod37]·(0,1)
=σ′2+σ′3=P′t
Equation P'm+tpk·H′=P′tIf yes, the data in the cloud storage is complete data;
step 9c), the trusted third party sends a verification result:
and the trusted third party sends the judgment result that the data in the cloud storage is complete data or incomplete data to the user.
And the trusted third party sends the result that the data in the cloud storage is complete data to the user.

Claims (8)

1. A data integrity verification method in identity-based cloud storage is realized by a user, the cloud storage and a trusted third party, and comprises the following steps:
(1) the user sets the parameters of the verification system and obtains a master key msk of the verification system:
(1a) user setting verification system parameters:
user setting verification system finite field FpThe elliptic curve of (A) is Ep(a, b), elliptic curve EpThe base point of (a, b) is G, where a and b represent the coefficients of an elliptic curve and p represents a finite field FpThe number of elements contained is odd prime number, and q represents the odd prime order of the base point G;
(1b) the user acquires a master key msk of the verification system:
the user generates an integer set A according to q, A is [1, q-1], and randomly selects an integer from A as a master key msk of the verification system;
(2) the user acquires the private key sk and the public key pk of the user:
(2a) the user randomly selects an integer r from an integer set A, and simultaneously establishes a hash function H according to the odd prime order q of a base point G1(·);
(2b) The user calculates the own private key sk and public key pk:
user passes through master key msk, integer r and hash function H of system1(-) and the user's own ID, calculating own private key sk, and calculating own public key pk through sk and base point G;
(3) the user calculates a tag key tsk of the data F to be uploaded and a verification key tpk of the data M to be verified:
user passes hash function H1(. the self private key sk and the identity F of the data F to be uploadedIDCalculating a label key tsk of the data F to be uploaded, and calculating a verification key tpk of the data M to be verified through tsk and a base point G;
(4) the user blocks the data F to be uploaded:
(4a) the user sets the length of a data block to be l, and blocks data F to be uploaded through l to obtain a plurality of data blocks to be uploaded;
(4b) the user judges whether the length of the last data block of the multiple data blocks to be uploaded is less than l, and supplements 0 after the data block less than l to obtain a data block set F 'to be uploaded, wherein F' is (m)1,m2,…mi,…mn) Wherein m isiRepresenting the ith data block to be uploaded, and n representing the total number of the data blocks to be uploaded;
(5) the user calculates each data block m to be uploadediCorresponding data label sigmai
User passes hash function H1(. the self private key sk and the label key tsk of the data F to be uploaded calculate each data block m to be uploadediCorresponding data label sigmai
(6) The user sends each data block m to be uploaded to the cloud storageiAnd miCorresponding data label sigmaiSimultaneously sending each data block m to a trusted third partyiCorresponding version number viAnd a time stamp ti
The user uploads each data block m to be uploadediAnd miCorresponding data label sigmaiSending the data blocks to cloud storage, and simultaneously sending each data block miCorresponding version number viAnd a time stamp tiSending the information to a trusted third party;
(7) the trusted third party initiates a data integrity verification challenge to the cloud storage:
(7a) the trusted third party verifies the data block m according to each data block m to be verifiediCorresponding version number viAnd a time stamp tiDetermining the total number n of the data blocks to be verified;
(7b) a trusted third party randomly selects c data blocks from n data blocks to be verified as challenge data blocks, combines sequence numbers of the c challenge data blocks into a sequence number set S, and sends the sequence number set S as challenge information chal to cloud storage, wherein S is { S ═ S } S1,s2,…sc},1≤c≤n;
(8) Cloud storage computing challenge data block attestation PmTag certificate P corresponding to challenge data blocktAnd sending:
(8a) cloud storage computing challenge data block attestation PmTag certificate P corresponding to challenge data blockt
The cloud storage calculates challenge data block proof P through challenge information chal and a public key pk of a usermMeanwhile, through the challenge information chal, calculating a label proof P corresponding to the challenge data blockt
(8b) Cloud storage sending challenge data block data proof P to trusted third partymTag certificate P corresponding to challenge data blockt
(9) The trusted third party verifies the integrity of the data in the cloud storage and sends a verification result:
(9a) trusted third party computing challenge data block mjCorresponding version number vjAnd a time stamp tjSum of hash values of H:
the trusted third party passes the challenge information chal and the hash function H1(. to) compute challenge data block mjThe sum H of the corresponding version number and the hash value of the timestamp is judged by Pm+tpk·H=PtIf the data integrity in the cloud storage is not established, verifying the data integrity in the cloud storage, if so, determining that the data in the cloud storage is complete data, otherwise, determining that the data in the cloud storage is incomplete data;
(9b) the trusted third party sends a verification result:
and the trusted third party sends the judgment result that the data in the cloud storage is complete data or incomplete data to the user.
2. The identity-based data integrity verification method in cloud storage according to claim 1, wherein the hash function H in step (2a)1(. the expression is:
H1(·):{0,1}*→Zq
wherein, {0,1}*Bit string representing an arbitrary length, → representing a generation operation, ZqInteger additive groups representing modulo q, q representing an elliptic curve EpOdd prime order of base point G of (a, b).
3. The identity-based data integrity verification method in cloud storage according to claim 1, wherein the user in step (2b) calculates its own private key sk and public key pk, and the calculation formulas are:
sk=msk+rH1(ID)mod q
pk=sk·G
where msk denotes the master key of the authentication system, r denotes an integer randomly chosen from the set of integers A, H1(. -) represents a hash function, ID represents the identity of the user, mod represents the modulo operation, G represents the elliptic curve EpAnd q represents the odd prime order of the base point G.
4. The identity-based data integrity verification method in cloud storage according to claim 1, wherein the user calculates the tag key tsk of the data F to be uploaded and the verification key tpk of the data M to be verified in step (3), and the calculation formulas are respectively:
tsk=(sk+H1(FID))mod q
tpk=tsk·G
where sk denotes the user's own private key, H1(. represents a hash function, FIDThe identity of the data F to be uploaded is represented, mod represents the modular operation, and G represents the elliptic curve EpAnd q represents the odd prime order of the base point G.
5. The identity-based data integrity verification method in cloud storage according to claim 1, wherein each data block m to be uploaded in step (5)iCorresponding data label sigmaiThe calculation formula is as follows:
σi=[(mi·sk+H1(vi||ti)·tsk)mod q]·G
wherein m isiThe ith data block to be uploaded is shown, sk shows the private key of the user, and H1(. represents a hash function, viRepresenting a block of data m to be uploadediVersion number of (1), tiRepresenting a block of data m to be uploadediThe timestamp, | | represents the cascading operation, tsk represents the tag key of the data F to be uploaded, mod represents the modular operation, and G represents the elliptic curve EpAnd q represents the odd prime order of the base point G.
6. The identity-based data integrity verification method in cloud storage according to claim 1, wherein the challenge data block in step (8a) proves PmThe calculation formula is as follows:
Figure FDA0001605931880000041
wherein m isjRepresents the jth challenge data block, s1…scRepresents the elements in the set S of sequence numbers, Σ represents the summation operation, q represents the odd prime order of the base point G, and pk represents the user' S own public key.
7. The base of claim 1The method for verifying the data integrity in the identity cloud storage is characterized in that the label proof P corresponding to the challenge data block in the step (8b)tThe calculation formula is as follows:
Figure FDA0001605931880000042
wherein s is1…scRepresenting elements of the set S of sequence numbers, sigma, summation operation, sigmajAnd indicating the data label corresponding to the jth challenge data block.
8. The identity-based data integrity verification method in cloud storage according to claim 1, wherein the challenge data block m in step (9a)jCorresponding version number vjAnd a time stamp tjThe calculation formula of the sum H of the hash values is as follows:
Figure FDA0001605931880000043
wherein s is1…scRepresenting elements in the set S of sequence numbers, sigma, summation, H1(. represents a hash function, vjRepresenting challenge data block mjVersion number of (1), tjRepresenting challenge data block mjThe time stamp of (c) is, | | represents the concatenation operation, and q represents the odd prime order of the base point G.
CN201810243552.3A 2018-03-23 2018-03-23 Identity-based data integrity verification method in cloud storage Active CN108540291B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810243552.3A CN108540291B (en) 2018-03-23 2018-03-23 Identity-based data integrity verification method in cloud storage

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810243552.3A CN108540291B (en) 2018-03-23 2018-03-23 Identity-based data integrity verification method in cloud storage

Publications (2)

Publication Number Publication Date
CN108540291A CN108540291A (en) 2018-09-14
CN108540291B true CN108540291B (en) 2020-08-04

Family

ID=63483666

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810243552.3A Active CN108540291B (en) 2018-03-23 2018-03-23 Identity-based data integrity verification method in cloud storage

Country Status (1)

Country Link
CN (1) CN108540291B (en)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10917231B2 (en) 2019-04-04 2021-02-09 Advanced New Technologies Co., Ltd. Data storage method, apparatus, system and device
CN110163602A (en) * 2019-04-04 2019-08-23 阿里巴巴集团控股有限公司 A kind of verification method of account book, device and equipment
US10790968B2 (en) 2019-04-04 2020-09-29 Alibaba Group Holding Limited Ledger verification method and apparatus, and device
CN111475567B (en) * 2020-03-09 2021-07-23 上海能链众合科技有限公司 Internet of things data sequential recording method
CN111444547B (en) * 2020-03-20 2024-03-19 苏州链原信息科技有限公司 Method, apparatus and computer storage medium for data integrity attestation
CN111444548B (en) * 2020-03-20 2024-03-19 苏州链原信息科技有限公司 Method, apparatus and computer storage medium for data integrity attestation
CN111447072B (en) * 2020-03-27 2022-04-15 苏州链原信息科技有限公司 Method, apparatus and storage medium for generating data equivalent zero knowledge proof
CN111526146B (en) * 2020-04-24 2022-05-17 天津易维数科信息科技有限公司 Data holding verification method, data searching method and corresponding system
CN112910632B (en) * 2021-02-18 2022-10-11 金陵科技学院 Novel cloud data integrity verification method facing multiple data users and protecting user privacy

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103414559A (en) * 2013-05-20 2013-11-27 广州中长康达信息技术有限公司 Identity authentication method based on IBE-like system in cloud computing environment
CN106357701A (en) * 2016-11-25 2017-01-25 西安电子科技大学 Integrity verification method for data in cloud storage

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017175073A1 (en) * 2016-04-05 2017-10-12 Vchain Technology Limited Method and system for managing personal information within independent computer systems and digital networks

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103414559A (en) * 2013-05-20 2013-11-27 广州中长康达信息技术有限公司 Identity authentication method based on IBE-like system in cloud computing environment
CN106357701A (en) * 2016-11-25 2017-01-25 西安电子科技大学 Integrity verification method for data in cloud storage

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
无可信中心的基于身份的门限签名方案;乔丹丹;《电子科技》;20140315;第2012卷(第12期);全文 *

Also Published As

Publication number Publication date
CN108540291A (en) 2018-09-14

Similar Documents

Publication Publication Date Title
CN108540291B (en) Identity-based data integrity verification method in cloud storage
CN111106936B (en) SM 9-based attribute encryption method and system
CN110912706B (en) Identity-based dynamic data integrity auditing method
CN112822014B (en) Data processing method and device, electronic equipment and storage medium
CN106357701B (en) The integrity verification method of data in cloud storage
EP2302834B1 (en) System and method for providing credentials
CN104378374B (en) A kind of method and system that communication is set up based on SSL
US9705683B2 (en) Verifiable implicit certificates
JPH10133576A (en) Open key ciphering method and device therefor
CN110896351B (en) Identity-based digital signature method based on global hash
KR20210063378A (en) Computer-implemented systems and methods that share common secrets
CN113726517A (en) Information sharing method and device
CN112152813A (en) Certificateless content extraction signcryption method supporting privacy protection
CN112800482B (en) Identity-based online/offline security cloud storage auditing method
CN112184441A (en) Data processing method, data processing device, node equipment and storage medium
CN111147240A (en) Privacy protection method and system with traceability
CN111314080A (en) SM9 algorithm-based collaborative signature method, device and medium
CN115834058A (en) Communication encryption method and device and computer equipment
CN117795901A (en) Generating digital signature shares
CN114362962A (en) Block chain workload proof generation method
CN112184440A (en) Data processing method, data processing device, node equipment and storage medium
CN115174052B (en) Adapter signature generation method and device based on SM9 signature
CN111711524A (en) Certificate-based lightweight outsourcing data auditing method
CN117118637B (en) Data processing method, device, equipment and computer readable storage medium
CN112784314B (en) Data integrity detection method and device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant