Disclosure of Invention
In order to realize lightweight operation of a mobile terminal, improve the operation efficiency and communication efficiency of a mobile cloud computing data sharing system and guarantee the safety and privacy in the data sharing process, the invention provides a safe and efficient data sharing system and method suitable for the mobile cloud computing system.
The invention provides a safe and efficient data sharing method in a mobile cloud computing system, which comprises the following steps:
firstly, initializing a system, and generating public parameters, a master key and other entity keys by a trust center;
encrypting the shared information, wherein the data owner and the cloud operation server jointly encrypt the shared information;
thirdly, generating a user key, and generating the key for the user by the trust center;
fourthly, verifying the integrity of the shared information, and calculating the integrity of the shared information by the cloud operation server;
and fifthly, decrypting the shared information, and if the cloud operation server verifies that the shared information is complete, downloading the ciphertext from the cloud storage server and decrypting the ciphertext by the user.
The first step is to output the public parameter, the master key and the private keys of the data owner, the cloud storage server and the cloud computing server by using the security parameter and the attribute space as input through the trust center.
The second step is further specifically that in order to reduce communication and calculation burden of the mobile terminal, the data owner only performs lightweight operation, including encrypting plaintext of shared data and defining an access control structure, and operations such as ciphertext blocking and calculating a block tag by using algebraic signatures are realized by the cloud operation server.
The third step is further specifically that each user accessing the shared information can send a key generation request to the trust center, and the trust center generates a corresponding user identifier, a public key and a decryption key for the user according to the attribute of the user and the master key.
The fourth stepping step is specifically that the user sends an integrity verification request to the cloud operation server, the cloud operation server verifies whether the identity of the user is legal or not after receiving the verification request, if the identity is illegal, the reverse sign T is returned, otherwise, the cloud operation server randomly selects c data blocks and corresponding random numbers and sends an integrity challenge to the cloud storage server. And after receiving the challenge, the cloud storage server calculates the data certificate and the tag certificate and sends the certificate to the cloud operation server. And finally, the cloud operation server verifies the integrity of the shared information according to the certificate and the locally stored information, and returns a verification result to the user, wherein the step is completed by the interaction of the cloud operation server and the cloud storage server.
Advantageous technical effects
The invention realizes the lightweight operation of the mobile terminal, can improve the operation efficiency and the communication efficiency of the mobile cloud computing data sharing system, and simultaneously ensures the safety and the privacy in the data sharing process.
Detailed Description
The invention provides a safe and efficient data sharing method in a mobile cloud computing system, which comprises the following steps:
firstly, initializing a system, and outputting public parameters, a master key and private keys of a data owner, a cloud storage server and a cloud operation server by taking security parameters and an attribute space as input through a trust center;
secondly, encryption of shared information is realized by a data owner and a cloud operation server together, in order to reduce communication and calculation burden of a mobile terminal, the data owner only carries out light-weight operation, including encryption on plaintext of shared data and definition of an access control structure, and operations of dividing ciphertext into blocks, calculating block tags by utilizing algebraic signatures and the like are realized by the cloud operation server;
thirdly, generating a user key, wherein each user accessing the shared information can send a key generation request to a trust center, and the trust center can generate a corresponding user identifier, a public key and a decryption key for the user according to the attribute of the user and the master key;
and fourthly, verifying the integrity of the shared information, wherein the step is completed by the interaction of the cloud operation server and the cloud storage server, the user sends an integrity verification request to the cloud operation server, the cloud operation server verifies whether the identity of the user is legal or not after receiving the verification request, if the identity is illegal, the returned value is inverted T, and otherwise, the cloud operation server randomly selects c data blocks and corresponding random numbers and sends an integrity challenge to the cloud storage server. And after receiving the challenge, the cloud storage server calculates the data certificate and the tag certificate and sends the certificate to the cloud operation server. Finally, the cloud operation server verifies the integrity of the shared information according to the certificate and the locally stored information, and returns a verification result to the user;
and fifthly, decrypting the shared information, and if the cloud operation server verifies that the shared information is complete, downloading the ciphertext from the cloud storage server and decrypting the ciphertext by the user.
The trust center is used by a trusted third party and is responsible for generating a master key and public parameters for the system through the security parameters and simultaneously responsible for generating, updating and revoking keys of other entities.
The data owner is responsible for generating and collecting shared information, particularly has intelligent terminals such as sensor equipment, a wireless network, a mobile phone and a pad, and is responsible for defining an access structure and performing lightweight operation on the shared information.
And only the user registered in the trust center can entrust the cloud operation server to carry out integrity verification on the shared information, and the shared information is downloaded from the cloud storage server and is decrypted for use.
The cloud storage server is responsible for providing a safe and reliable large-capacity storage environment for storing the shared data and the integrity verification tag.
The cloud operation server is mainly responsible for carrying out complex operations in the system, and the complex operations comprise grouping ciphertexts obtained after data owner encryption and calculating blocks by utilizing algebraic signatures.
The first step is further specifically to take the security parameter para and the attribute space U as input, and output the public parameter PK, the master key MK, and the private key k of the data owner, the cloud storage server and the cloud computing server1、k2And k3。
The trust center completes the following steps:
step 1-a, selecting a cyclic group G with the same prime order q
1And G
2And G is G
1A generator of (2); selecting random number alpha, beta belongs to Z
q,f
1,f
2,...,f
U∈G
1And calculating σ ═ g
βAnd θ ═ e (g, g)
α(ii) a Selecting a secure cryptographic hash function h:
and bilinear map e: g
1×G
1→G
2Defining a keyed xor homomorphic function d:
and algebraic signature sig
γWherein γ is a primitive in the Galois field; random selection
Respectively as the data owner, the cloud computing server and the cloud storage server
In step 1-b, the trust center sets the public parameter PK to (e, g, theta, sigma, f)1,f2,...,fUH, d), with MK ═ α, β as the master key, and k as the master key1Secure transfer to data owner, k2K is transmitted to a cloud computing server, k3And transmitting the data to a cloud storage server.
The second step comprises the following specific steps:
in step 2-a, in order to enable a user with access right to access shared data, a data owner encrypts shared information through PK and an access structure a, and the owner first defines an access control structure a as (M, ρ), where M is a matrix of l rows and n columns, ρ: [1, l]→[1,U]To map rows of the matrix M to functions of attributes, s ∈ Z is then randomly selected
qAnd column vector
And calculate
If the shared information is F, the length is r
1Data owner calculation ciphertext C ═ F · θ
s,C′=g
sFinally, C and C' are transmitted to the cloud storage server, and info is equal to (C, A, lambda)
i) Transmitting to a cloud computing server;
step 2-b, the cloud computing server randomly selects r
i∈Z
q,i∈[1,l]And calculate
Step 2-C, in order to verify the integrity of the shared information, the cloud operation server needs to divide the ciphertext C of the shared information into blocks and calculate a block tag through algebraic signature, firstly, the cloud operation server divides the ciphertext C into N data blocks m
i∈Z
qAnd randomly selecting R
i,i∈[1,N]Calculate b
i=h(i),
And
wherein i is a block number, and then the cloud operation server sends t
iSending to the data owner, the data owner calculates
And v'
iReturning to the cloud operation server, and finally calculating a block tag T by the cloud operation server
i=sig
γ(v
i||b
i);
Step 2-d, the cloud computing server sends pf1=(mi,Ti,i∈[1,N]) And pf2=(Ci,Di,i∈[1,l]) Sending to a cloud storage server。
The third step is further specifically that each user accessing the shared information can send a key generation request to the trust centerKeyGen(S). The trust center generates a corresponding key SK for the user according to the attribute S of the user and the master key MK. The specific implementation process is as follows:
the user set is U, and when the user U with the attribute of S belongs to U, the user U belongs to U and sends a key generation request to the trust center
KeyGen(S) the trust center is randomly selected
As the user's identity, and calculates Upk ═ g
UidAs the public key of the corresponding user, and simultaneously, the trust center randomly selects t e to Z
qCalculate the secret key of user u
And will (Uid, SK, g)
tUt · t) is sent to the user in secret.
And fourthly, the user requests the cloud operation server to carry out integrity verification on the shared information before downloading the shared information. The integrity verification steps are as follows:
step 4-a, the user sends an integrity verification request to the cloud computing serverInteVer(Upk,S,gt,Ut);
Step 4-b, the cloud computing server passes the formula e (Upk, g)
t)=e(g,g)
UtVerifying whether the identity of the user is legitimate. If the identity is legal, the cloud operation server randomly selects c data blocks and corresponding random numbers
And sends an integrity challenge ch ═ i, l to the cloud storage server
i),i∈[1,c];
Step 4-c, after the cloud storage server receives the challenge ch, calculating data certification
And label certification
And converting proof to (mu)
iEta) to a cloud operation server;
step 4-d, after receiving proof, cloud computing server computing
And verifies the equation
Whether or not this is true. If the equation is true, the shared information F is complete, otherwise returns ^ T.
And fifthly, decrypting the shared information, and if the private information is complete, downloading the ciphertext from the cloud storage server and decrypting by the user, specifically:
step 5-a, defining
S is the attribute of the user. Let { omega
i∈Z
qIs constant for I ∈ I, if the effective fraction λ of s
iIf present, then the equation ∑
i∈Iω
iλ
iIf s is true, the cloud operation server firstly verifies the equation sigma
i∈Iω
iM
iIf the equation is not true, returning to the unit of T, and if not, entering the next step to decrypt the ciphertext;
step 5-b, user calculation
And calculating F ═ C/CK' to obtain a plaintext corresponding to the shared information.
Embodiments of the present invention will be described in detail below with reference to examples and drawings, by which how to apply technical means to solve technical problems and achieve a technical effect can be fully understood and implemented.
As shown in fig. 1 and 2, the specific steps of the present invention are implemented as follows:
the first step, system initialization, is run by the trust center. The security parameter para and the attribute space U are used as input to output a public parameter PK, a master key MK, a data owner, a cloud storage server and a private key k of a cloud operation server1、k2And k3。
(1) The trust center performs the following operations: selecting cyclic groups G having the same prime order q
1And G
2And G is G
1A generator of (2); selecting random number alpha, beta belongs to Z
q,f
1,f
2,...,f
U∈G
1And calculating σ ═ g
βAnd θ ═ e (g, g)
α(ii) a Selecting a secure cryptographic hash function h:
and bilinear map e: g
1×G
1→G
2Defining a keyed xor homomorphic function d:
and algebraic signature sig
γWherein γ is a primitive in the Galois field; random selection
Respectively as the data owner, the cloud computing server and the cloud storage server
(2) The trust center sets the public parameter PK to (e, g, theta, sigma, f)1,f2,...,fUH, d), with MK ═ α, β as the master key, and k as the master key1Secure transfer to data owner, k2K is transmitted to a cloud computing server, k3And transmitting the data to a cloud storage server.
And secondly, encryption of shared information, wherein in order to reduce communication burden and calculation burden of a mobile terminal, a data owner only performs light-weight operation. The operations of partitioning the ciphertext into blocks, calculating block tags according to algebraic signatures and the like are realized by the cloud operation server.
(1) In order to enable a user with access rights to access shared data, a data owner encrypts shared information through PK and an access structure a, the owner first defines an access control structure a ═ M, ρ, where M is a matrix of l rows and n columns, ρ: [1, l]→[1,U]To map rows of the matrix M to functions of attributes, s ∈ Z is then randomly selected
qAnd column vector
And calculate
If the shared information is F, the length is r
1Data owner calculation ciphertext C ═ F · θ
s,C′=g
sFinally, C and C' are transmitted to the cloud storage server, and info is equal to (C, A, lambda)
i) And transmitting the data to a cloud computing server.
(2) Random selection r of cloud operation server
i∈Z
q,i∈[1,l]And calculate
(3) In order to verify the integrity of the shared information, the cloud computing server needs to divide the ciphertext C of the shared information into blocks and calculate a block tag through algebraic signatures, and firstly, the cloud computing server divides the ciphertext C into N data blocks m
i∈Z
qAnd randomly selecting R
i,i∈[1,N]Calculate b
i=h(i),
And
wherein i is a block number, and then the cloud operation server sends t
iSending to the data owner, the data owner calculates
And v'
iReturning to the cloud operation server, and finally calculating a block tag T by the cloud operation server
i=sig
γ(v
i||b
i)。
(4) The cloud operation server sends pf1=(mi,Ti,i∈[1,N]) And pf2=(Ci,Di,i∈[1,l]) And sending the data to a cloud storage server.
Thirdly, each user accessing the shared information can send a key generation request to the trust centerKeyGen(S). The trust center generates a corresponding key SK for the user according to the attribute S of the user and the master key MK. The specific implementation process is as follows:
the user set is U, and when the user U with the attribute of S belongs to U, the user U belongs to U and sends a key generation request to the trust center
KeyGen(S) the trust center is randomly selected
As the user's identity, and calculates Upk ═ g
UidAs the public key of the corresponding user, and simultaneously, the trust center randomly selects t e to Z
qCalculate the secret key of user u
And will (Uid, SK, g)
tUt · t) is sent to the user in secret.
And fourthly, the user requests the cloud operation server to carry out integrity verification on the shared information before downloading the shared information. The integrity verification steps are as follows:
(1) user sends integrity verification request to cloud operation serverInteVer(Upk,S,gt,Ut);
(2) The cloud operation server passes the formula e (Upk, g)
t)=e(g,g)
UtVerifying whether the identity of the user is legitimate. If the identity is legal, the cloud operation server randomly selects c data blocks and corresponding random numbers
And sends the data to a cloud storage serverSend integrity challenge ch ═ i, l
i),i∈[1,c];
(3) After the cloud storage server receives the challenge ch, the data certification is calculated
And label certification
And converting proof to (mu)
iEta) to a cloud operation server;
(4) after receiving proof of, cloud computing server calculates
And verifies the equation
Whether or not this is true. If the equation is true, it indicates that the shared information F is complete, otherwise it returns.
And fifthly, decrypting the shared information, and if the private information is complete, downloading the ciphertext from the cloud storage server and decrypting by the user, specifically:
(1) definition of
S is the attribute of the user. Let { omega
i∈Z
qIs constant for I ∈ I, if the effective fraction λ of s
iIf present, then the equation ∑
i∈Iω
iλ
iIf s is true, the cloud operation server firstly verifies the equation sigma
i∈Iω
iM
iIf the equation is not true, returning to the unit of T, and if not, entering the next step to decrypt the ciphertext;
(2) user computing
And calculating F ═ C/CK' to obtain a plaintext corresponding to the shared information.
All of the above mentioned intellectual property rights are not intended to be restrictive to other forms of implementing the new and/or new products. Those skilled in the art will take advantage of this important information, and the foregoing will be modified to achieve similar performance. However, all modifications or alterations are based on the new products of the invention and belong to the reserved rights.
The foregoing is directed to preferred embodiments of the present invention, other and further embodiments of the invention may be devised without departing from the basic scope thereof, and the scope thereof is determined by the claims that follow. However, any simple modification, equivalent change and modification of the above embodiments according to the technical essence of the present invention are within the protection scope of the technical solution of the present invention.