CN110460447A - Edge calculations data accountability system and auditing method based on Hash binary tree - Google Patents

Edge calculations data accountability system and auditing method based on Hash binary tree Download PDF

Info

Publication number
CN110460447A
CN110460447A CN201910756888.4A CN201910756888A CN110460447A CN 110460447 A CN110460447 A CN 110460447A CN 201910756888 A CN201910756888 A CN 201910756888A CN 110460447 A CN110460447 A CN 110460447A
Authority
CN
China
Prior art keywords
data
data block
tpa
csp
hbbt
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910756888.4A
Other languages
Chinese (zh)
Other versions
CN110460447B (en
Inventor
刘明曦
史闻博
范宽
白撰彦
张永欣
王庆豪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Northeastern University Qinhuangdao Branch
Original Assignee
Northeastern University Qinhuangdao Branch
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Northeastern University Qinhuangdao Branch filed Critical Northeastern University Qinhuangdao Branch
Priority to CN201910756888.4A priority Critical patent/CN110460447B/en
Publication of CN110460447A publication Critical patent/CN110460447A/en
Application granted granted Critical
Publication of CN110460447B publication Critical patent/CN110460447B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • H04L9/3073Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data

Abstract

The invention discloses a kind of edge calculations data accountability systems and auditing method based on Hash binary tree, belong to information security field.The present invention proposes a new public audit agreement according to MEC feature, which can not only resist Replay Attack, forgery attack and the substitution attack that traditional audit agreement is subject to, can also resist Network Intrusion in MEC environment, meets the safety requirements of MEC.The present invention also proposes a kind of new dynamic data structure, can reduce the height of MHT in traditional audit agreement (Merkel Hash tree Merkle Hash Tree), improve audit efficiency.

Description

Edge calculations data accountability system and auditing method based on Hash binary tree
Technical field
The present invention relates to technical field of network security, and in particular to a kind of edge calculations data based on Hash binary tree are careful Meter systems and auditing method.
Background technique
With the rapid development of cloud computing, there is service much based on cloud computing, such as cloud storage service, the service Single user or tissue storage mass data can be helped, and is not limited by access locations and time, cloud user is at any time Their data can be accessed on cloud.However more and more applications need to access the data service of low latency to provide at present More advanced real-time application, such as vehicular communication networks, the intelligence sensor in vehicular communication networks can generate largely in real time Data, intelligence control system can dynamically update these data.In addition, user to cloud it is remote transmission also increase data by A possibility that attack, this will affect the safety of data and associated storage service.
In order to meet the requirement of low latency high-bandwidth service, cloud service is gradually mobile to network edge, and produces referred to as The technology of MEC (the mobile edge calculations of Mobile Edge Computing), it is mentioned nearby for user using Radio Access Network For service and cloud computing function needed for IT, consumer is allowed to enjoy continual high network quality experience.The practical of MEC answers at present With very much, such as video monitoring, the analysis of real-time mobile data, smart grid, vehicular communication networks, these are all real-time properties With the very high application of bandwidth requirement, more accurate experience can be provided for user.
Although mobile edge calculations network can provide the service relatively high to requirement of real-time for user, it also can By many security challenges.Data integrity challenge is one of MEC most important challenge in need of consideration.CSP(Cloud Server Provider cloud service provider) the outsourcing number that user is of little use may be deleted for economic or other reasons According to mobile Edge Server may suffer from the outsourcing number that Network Intrusion sabotages DO (Data Owner data owner) According to.In traditional public audit model, it is only necessary to three entities can simulate audit process, but in the public of MEC environment In audit model, it would be desirable to which audit process could be simulated by additionally increasing an Edge Server entity, so traditional audit Agreement is not suitable in MEC environment.
Summary of the invention
In order to solve prior art problem, the present invention provides a kind of edge calculations Data Audit system based on Hash binary tree System and auditing method propose a new public audit agreement according to MEC feature, which can not only resist tradition and examine Replay Attack, forgery attack and the substitution attack that meter agreement is subject to, can also resist Network Intrusion in MEC environment, meet The safety requirements of MEC.The present invention also proposes a kind of new dynamic data structure, can reduce MHT (Merck in traditional audit agreement Your Hash tree Merkle Hash Tree) height, improve audit efficiency.
In order to solve the above technical problems, the technical solution used in the present invention is:
A kind of edge calculations data accountability system based on Hash binary tree, including DO, MS, CSP and TPA;The DO handle The data being sent on CSP are divided into several data blocks, and generate signature for these data blocks, then these data blocks It is sent in MS with signature;After the MS receives data, verify data source saves the mark of all data blocks after verifying is legal Data block, is then sent to Cloud Server again by label and the common data block of DO;When audit cycle carrys out interim, one group of TPA generation Challenge information is simultaneously sent to MS, after MS receives challenge information, generates a part according to the data block of oneself caching and data label Evidence, then the challenge information of another part is sent to CSP, CSP is sent to MS after generating evidence, and MS sends out mixed evidence It gives TPA and completes audit.
A kind of edge calculations Data Audit method based on Hash binary tree, comprising the following steps:
S1. initiation parameter: DO generates key pair, and private key is SK={ α, ssk }, and public key is PK={ y, g, μ, spk }, In (ssk, spk) be the randomly selected asymmetric cryptographic key pair of DO;
Wherein, α ∈ ZpIt is the value that DO is selected at random, g and μ are crowd G1On random element, y=gαIt is G1On element;G1 And G2To have the two of Prime Orders p multiplicative cyclic groups, e:G1×G1→G2For Bilinear map mapping;
S2. generate the audit signature of data block: the outer bag data F of DO is divided into n data block M={ m1,m2,..., mn, DO is according to formulaFor miGenerate homomorphism can verify that signature, then homomorphism signature set for Φ= {σi, 1≤i≤n, data block hash value collection is θ={ H (mi)},1≤i≤n;
H:{0,1}*→G1Binary number is mapped to crowd G for safety1On hash function;
Calculate t=name | | n | | SSigssk(name | | n) is the label of outer bag data F, and wherein name is outer bag data F Unique identifier, DO sends { M, Φ, t } to MS, while sending after θ receives related data to TPA, CSP and TPA, and DO is local It deletes { M, Φ, θ };
S3. outsourcing file label is verified, DO identity is confirmed: when MS receives data { M, Φ, t }, using the public key spk of DO Verify outsourcing data label;If authentication failed, MS requires DO to retransmit data, conversely, MS stores signature set Φ, and handle Outer bag data indicates that { F, name } is sent to CSP with it;
S4. generate the challenge information of audit: when reaching the audit time, TPA checks whether HBBT locally constructs successfully, If it is unsuccessful generating HBBT using θ;TPA randomly chooses c challenge data block in outer bag data serial number set, Generate set I={ s1,s2,...,sc}1≤c≤n, then TPA is that each challenge data block selects c random number v at random againi, { vi ∈Zp}i∈I, form challenge data setIt is sent to MS;
S5.MS generates audit evidence: after MS receives the challenge information from TPA, challenge data collection being first divided into two Subset chal={ C1,C2, C1Outsourcing data-block cache represented by challenge data block serial number in challenge information in MS, C2It is to indicate the outsourcing data block to be audited of CSP comprising remaining challenge information;After the completion of challenge data divides, MS gives CSP again Send challenge subset C2, signature evidence Θ is then generated according to chal, according to subset C1Generate data block evidence
S6.CSP receives the challenge subset C of MS transmission2Data evidence is generated afterwardsCalculation formula is as follows:
CSP sends data evidence to MS
S7.MS receives the data evidence of CSPAfterwards, aggregated data evidenceWith
MS sends evidence { Θ, U } to TPA;
After S8.TPA receives the evidence { Θ, U } of MS transmission, it is corresponding that challenge data block serial number is first found from HBBT tree Cryptographic Hash { H (mi) (i ∈ chal), it calculatesThe audit of Bilinear map property is recycled to choose by the audit of following equation War data block:
If equation left and right ends are equal, TPA exports TRUE, otherwise TPA exports FALSE.
Further, in the step S4, the TPA generates Hash according to the newest cryptographic Hash of DO outsourcing data block and balances Binary tree (HBBT), and it is stored in local;The node of the HBBT includes two parts, is data block sequence number i and data respectively Block cryptographic Hash H (mi);The TPA receives { i, the H (m of DO transmissioni) after, according to the requirement of Adelson-Velskii-Landis tree, using the size of i as HBBT The order standard of data block generates HBBT.
Further, the data block sequence number of the HBBT tree be (1,2,3 ..., k, i, j ... n), wherein k, i, j be by Sequence arranges, and be divided into following several situation insertions: (1) when needing to be inserted into a data block between i and j, serial number be can be changed to (1,2,3 ... k, i, i-1, j ... n), wherein i < i-1 < j;(2) when needing to be inserted into a data block between i-1 and j, sequence Number can be changed to (1,2,3 ..., k, i, i-1, i-2, j ... n), wherein i-1 < i-2 < j;(3) when needing to be inserted between i and i-1 When one data block, serial number can be changed to (1,2,3 ..., k, i, i-1-1, i-1, i-2, j ... n), wherein i < i-1-1 < i-1; (4) when needing to be inserted into a data block between i-2 and j, serial number can be changed to (1,2,3 ..., k, i, i-1-1, i-1, i-2, i- 3, j ... n), wherein i-2 < i-3 < j;(5) when need between i-2 and i-3 be inserted into a data block when, serial number can be changed to (1,2, 3 ..., k, i, i-1-1, i-1, i-2, i-3-1, i-3, j ... n), wherein i-2 < i-3-1 < i-3, and so on.
Further, in the step S4, after the TPA receives the θ of DO transmission, HBBT is constructed, when DO is needed No. i-th Data block miIt is revised as mi' when, modify process are as follows:
DO generates character string γ=Mo | | i | | N, wherein Mo indicates modification operation, N ∈ ZpIt is a random number;DO according to γ calculates H (mi' | | h (γ)), generate data block m to be modifiedi' signatureThen DO is sent out Send { Mo, i, H (mi' | | h (γ)) } TPA is given, send { γ, mi′,σi' give MS;After TPA receives the data from DO, examined according to i Rope local HBBT finds corresponding node, and uses H (mi' | | h (γ)) replacement node H (mi);MS receives the number from DO According to rear, σ is usedi' more new data block miSignature, and send { γ, mi′,σi' give CSP, CSP to verify more new data block:
If equation is equal, CSP enables mi'=mi' | | h (γ) uses mi' replacement mi, otherwise refusal modification operation.
Further, in the step S4, after the TPA receives the θ of DO transmission, HBBT is constructed, when DO is needed data Block mxIt is inserted into data block miAnd mi+1Between when, modify process are as follows:
DO generates character string γ=I | | i | | y | | N, wherein I indicates modification operation, and y indicates the insertion label of data block, N ∈ZpIt is a random number;DO calculates H (m according to γx| | h (γ)), generation is inserted into data block mxSignatureThen DO sends { I, i, y, H (mx| | h (γ)) } TPA is given, send { γ, mxxGive MS;After TPA receives the data from DO, a new node no is generatedx, use { y, H (mx| | h (γ)) } initialize the node; TPA retrieves local HBBT according to i, finds corresponding node n oi, noxIt is inserted into noiLater, it is adjusted according to the requirement of Adelson-Velskii-Landis tree HBBT;After MS receives the data from DO, σ is locally storedx, and send { γ, mxxCSP, CSP is given to verify more new data block:
If equation is equal, CSP enables mx=mx| h (γ), mxIt is inserted into miLater, otherwise refuse insertion operation.
Further, in the step S4, after the TPA receives the θ of DO transmission, HBBT is constructed, when DO needs to delete i-th Number block miWhen, modify process are as follows:
DO generates character string γ=D | | i | | N, wherein D indicates modification operation, N ∈ ZpIt is a random number;DO is according to γ It calculates H (γ), generates insertion operation signature sigmaD=(H (γ))α, then DO sends { D, i, H (γ) } to TPA, send γ, i, σDGive MS;After TPA receives { D, i, H (γ) }, local HBBT is retrieved according to i, corresponding node is found and deletes the node, TPA HBBT is adjusted according to the requirement of Adelson-Velskii-Landis tree;After MS receives the data from DO, the signature sigma of corresponding node is deletedi, and data D, I, H (γ) } it is then forwarded to CSP, CSP verifies more new data block:
If equation is equal, CSP deletes data block miLater, otherwise refuse delete operation.
The beneficial effects of adopting the technical scheme are that
(1) present invention proposes that a novel public audit agreement suitable for MEC environment, the agreement are signed using BLS Ensure safety and the privacy of outer bag data with Bilinear map technology.(2) consider that certain services need support in MEC environment Dynamic operation, the present invention propose a new dynamic data structure Hash balanced binary tree (Hash Balanced Binary Tree, HBBT), HBBT is similar with Adelson-Velskii-Landis tree, can reduce the height of conventional dynamic Audit data structure MHT, efficient storage and looks into Outsourcing data block relevant information is looked for, audit efficiency is improved.(3) for the MEC environment the characteristics of, the present invention proposes a kind of to occur to exist Novel attack in dynamic updating process.(4) safety analysis proves that agreement of the invention not only can correctly audit outsourcing Data, and common attack and the present invention can be resisted and propose new attack.Performance evaluation and experimental result all show this hair Bright agreement has the lower traffic and calculation amount, and efficiency is outstanding.
The functional parameter that the present invention realizes: (1) public audit: it is any be trusted have certain computing capability and memory space Third party can be authorized by DO, its outer bag data of auditing.(2) no data block is audited: audit person does not need retrieval DO number The audit of external bag data fast integrality and correctness can be completed according to block.(3) dynamic operation: support DO to long-range outsourcing Data block is inserted into, is deleted, modifying dynamic operation, and guarantees that outsourcing data block correctly stores.(4) it lightweight: is examined public During meter and dynamic operation, agreement may insure that communication overhead and computing cost are minimum.
The safety index that the present invention realizes: (1) data correctness: only correct outsourcing data block and corresponding signature Audit can be passed through, it is ensured that the outer bag data of DO is correctly stored in EMS and CSP.(2) data-privacy is protected: in entire audit process In, TPA can not understand the content of outsourcing data block.(3) identification: when MS is manipulated by opponent, transmission fallacious message is to CSP When, CSP can identify this malicious act.
Detailed description of the invention
Fig. 1 is present system model structure schematic diagram;
Fig. 2 is the structural schematic diagram of Hash balanced binary tree (HBBT) of the present invention;
Fig. 3-1 is the HBBT schematic diagram with eight nodes;
Fig. 3-2 is the schematic diagram that node 4-1 is inserted into HBBT;
Fig. 3-3 is the schematic diagram that node 4-2 is inserted into HBBT;
Fig. 3-4 is the schematic diagram that node 4-1-1 is inserted into HBBT;
Fig. 3-5 is the schematic diagram that node 4-3 is inserted into HBBT;
Fig. 3-6 is the schematic diagram that node 4-3-1 is inserted into HBBT;
Fig. 3-7 is the schematic diagram that node 5 is deleted in HBBT;
Fig. 4 is audit agreement flow chart of the invention;
Fig. 5 is dynamic auditing agreement flow chart of the invention;
Fig. 6 is the test assessment figure of setup phase computing cost;
Fig. 7 is the test assessment figure that CSP calculates the comparison of polymerization evidence time;
Fig. 8 is the test assessment figure of TPA audit time comparison;
Fig. 9-1 is the test assessment figure of the dynamic operation time comparison (modification time) of different data block;
Fig. 9-2 is the test assessment figure of the dynamic operation time comparison (insertion time) of different data block;
The test assessment figure of the dynamic operation time comparison (erasing time) of Fig. 9-3 different data block.
Specific embodiment
The present invention will be further described in detail below with reference to the accompanying drawings and specific embodiments.
A kind of edge calculations data accountability system based on Hash binary tree, including DO, MS, CSP and TPA;The DO handle The data being sent on CSP are divided into several data blocks, and generate signature for these data blocks, then these data blocks It is sent in MS with signature;After MS receives data, verify data source, verify it is legal after, save all data blocks label and Data block, is then sent to Cloud Server again by the common data block of DO;When audit cycle carrys out interim, TPA one group of challenge of generation Information is simultaneously sent to MS, after MS receives challenge information, generates a part of evidence according to the data block of oneself caching and data label, The challenge information of another part is sent to CSP again, CSP is sent to MS after generating evidence, and MS is sent to mixed evidence TPA completes audit.
In Fig. 1, the protocol model in MEC network includes four entities: DO (Data Owner data owner), MS (MEC Network server), CSP (Cloud Server Provider cloud service provider) and TPA (auditing by third party person Third Party Auditor).Each entity is described in detail below:
DO: equipped with sensor and the equipment relatively high to requirement of real-time, such as the vehicle in vehicle-mounted net.DO storage is empty Between it is limited, while to data have low latency memory requirement.
CSP: having the entity of certain memory space and computing capability, and for the data requirements for guaranteeing low delay application, CSP permits Perhaps some frequently-used data is stored on the closer fringe node of distance DO.
TPA: the entity of audit outsourcing data permission is trusted and authorized by DO, with certain computing resource and storage energy Power.
Edge Server (MS): an entity in MEC network is under the jurisdiction of CSP, and compared with CSP, distance DO's is closer, The data that caching DO is commonly used while providing low delay service for DO, are also responsible for audit request of the processing from TPA.
Threat modeling: in the protocol, TPA is " honest curious ", and DO, CSP are " half is honest ";MS is " half is honest " It is easy to be controlled by opponent;TPA is curious, it is meant that again good to its data simultaneously in the outer bag data of correctly audit DO It is odd, it is desirable to calculate these data.DO is that half honesty illustrates that it can deny last auditing result, slanders the letter of CSP and MS Expenditure;CSP is that half honesty illustrates it to initiate forgery attack, Replay Attack and substitution attack by the audit of TPA. MS is half honesty and is easy to be steered, and means following several situations: 1, in order to which by the audit of TOA, it can also initiate puppet It makes, reset, substitution attack;2, it can be controlled by opponent, send the dynamic operation of mistake to CSP to destroy the outsourcing number of user According to;3, it can be controlled by opponent, and the evidence or malice of malicious modification CSP generates evidence and audit is caused to fail, and slander CSP's Creditworthiness.
A kind of edge calculations Data Audit method based on Hash binary tree, comprising the following steps:
S1. initiation parameter: DO generates key pair, and private key is SK={ α, ssk }, and public key is PK={ y, g, μ, spk }, In (ssk, spk) be the randomly selected asymmetric cryptographic key pair of DO;
Wherein, α ∈ ZpIt is the value that DO is selected at random, g and μ are crowd G1On random element, y=gαIt is G1On element;G1 And G2To have the two of Prime Orders p multiplicative cyclic groups, e:G1×G1→G2For Bilinear map mapping;
S2. generate the audit signature of data block: the outer bag data F of DO is divided into n data block M={ m1,m2,..., mn, DO is according to formulaFor miGenerate homomorphism can verify that signature, then homomorphism signature set for Φ= {σi, 1≤i≤n, data block hash value collection is θ={ H (mi)},1≤i≤n;
H:{0,1}*→G1Binary number is mapped to crowd G for safety1On hash function;
Calculate t=name | | n | | SSigssk(name | | n) is the label of outer bag data F, and wherein name is outer bag data F Unique identifier, DO sends { M, Φ, t } to MS, while sending after θ receives related data to TPA, CSP and TPA, and DO is local It deletes { M, Φ, θ };
S3. outsourcing file label is verified, DO identity is confirmed: when MS receives data { M, Φ, t }, using the public key spk of DO Verify outsourcing data label;If authentication failed, MS requires DO to retransmit data, conversely, MS stores signature set Φ, and handle Outer bag data indicates that { F, name } is sent to CSP with it;
S4. generate the challenge information of audit: when reaching the audit time, TPA checks whether HBBT locally constructs successfully, If it is unsuccessful generating HBBT using θ;TPA randomly chooses c challenge data block in outer bag data serial number set, Generate set I={ s1,s2,...,sc}1≤c≤n, then TPA is that each challenge data block selects c random number v at random againi, { vi ∈Zp}i∈I, form challenge data setIt is sent to MS;
S5.MS generates audit evidence: after MS receives the challenge information from TPA, challenge data collection being first divided into two Subset chal={ C1,C2, C1Outsourcing data-block cache represented by challenge data block serial number in challenge information in MS, C2It is to indicate the outsourcing data block to be audited of CSP comprising remaining challenge information;After the completion of challenge data divides, MS gives CSP again Send challenge subset C2, signature evidence Θ is then generated according to chal, according to subset C1Generate data block evidence
S6.CSP receives the challenge subset C of MS transmission2Data evidence is generated afterwardsCalculation formula is as follows:
CSP sends data evidence to MS
S7.MS receives the data evidence of CSPAfterwards, aggregated data evidenceWith
MS sends evidence { Θ, U } to TPA;
After S8.TPA receives the evidence { Θ, U } of MS transmission, it is corresponding that challenge data block serial number is first found from HBBT tree Cryptographic Hash { H (mi) (i ∈ chal), it calculatesThe audit of Bilinear map property is recycled to choose by the audit of following equation War data block:
If equation left and right ends are equal, TPA exports TRUE, otherwise TPA exports FALSE.
In order to support after guaranteeing dynamic operation, data block is still correctly that agreement must be introduced into dynamic data structure.Perhaps The dynamic auditing of more audit agreements is all based on MHT, but in order to save the memory space of dynamic data structure and audit effect Rate, the present invention propose a kind of referred to as Hash balanced binary tree for being more focused on audit efficiency on the basis of balanced binary tree (HBBT) new data structure.
Hash balanced binary tree (HBBT): TPA generates HBBT according to the newest cryptographic Hash of DO outsourcing data block, and is stored in It is local.As shown in Fig. 2, the node of HBBT includes two parts, it is data block sequence number i and data block cryptographic Hash H (m respectivelyi)。 TPA receives { i, the H (m of DO transmissioni) after, according to the requirement of Adelson-Velskii-Landis tree, using the size of i as the order standard of HBBT data block, Generate HBBT.(note: the "-" in Fig. 2 is not minus sign, is a kind of label)
The Hash hashed value of the leaf node storage outsourcing data block of MHT tree, father node storage is left and right child node Hash hashed value, when to Knots inserting, delete operation, it is only necessary to change the hash of several leaf nodes or internal node Value, the serial number without updating each leaf node.However, HBBT tree no matter leaf node, root node or internal node Data block sequence number and Hash hashed value are all stored, when insertion or delete operation occurs, needs to update under normal circumstances every The serial number of a node and the degree of balance for adjusting whole tree, are equivalent to rebuild a HBBT tree in this way, ask to solve this Topic, the present invention devise a kind of new data block sequence number.
Data block sequence number: assuming that outsourcing data sequence number be (1,2,3 ..., k, i, j ... n), wherein k, i, j are by suitable Sequence arrangement is divided into following several situations insertion: (1) when need i and j between be inserted into a data block, serial number can be changed to (1, 2,3 ... k, i, i-1, j ... n), wherein i < i-1 < j;(2) when needing to be inserted into a data block between i-1 and j, serial number can Become (1,2,3 ..., k, i, i-1, i-2, j ... n), wherein i-1 < i-2 < j;(3) when need between i and i-1 be inserted into one When data block, serial number can be changed to (1,2,3 ..., k, i, i-1-1, i-1, i-2, j ... n), wherein i < i-1-1 < i-1.(4) when Need between i-2 and j be inserted into a data block when, serial number can be changed to (1,2,3 ..., k, i, i-1-1, i-1, i-2, i-3, J ... n), wherein i-2 < i-3 < j;(5) when need between i-2 and i-3 be inserted into a data block when, serial number can be changed to (1,2, 3 ..., k, i, i-1-1, i-1, i-2, i-3-1, i-3, j ... n), wherein i-2 < i-3-1 < i-3, and so on.Delete node Only need to adjust the degree of balance of HBBT tree;Modification operation is general only to modify node Hash hashed value, does not modify node serial number, so HBBT tree does not adjust.
The insertion of HBBT, delete operation are as shown in Fig. 3-1 to 3-7.Assuming that HBBT tree is formed by 8 data blocks, in order to clear The description of Chu is used only data block sequence number and marks HBBT, as shown in figure 3-1, node Serial No. (1,2,3,4,5,6,7,8);According to According to above-mentioned 5 kinds of situations, node is inserted into this.It is one node of insertion, serial number between No. 4 nodes and No. 5 nodes shown in Fig. 3-2 For 4-1, serial number (1,2,3,4,4-1,5,6,7,8) after insertion;It is to be inserted between 4-1 node and No. 5 nodes shown in Fig. 3-3 One node, serial number 4-2, serial number (1,2,3,4,4-1,4-2,5,6,7,8) after insertion;Be shown in Fig. 3-4 in No. 4 nodes and It is inserted into a node between 4-1 node, serial number 4-1-1, serial number after insertion (1,2,3,4,4-1,4-1-1,4-2,5,6,7, 8);It is one node of insertion between 4-2 node and No. 5 nodes shown in Fig. 3-5, serial number 4-3, serial number after insertion (1,2, 3,4,4-1,4-1-1,4-2,4-3,5,6,7,8);It is that one is inserted between 4-2 node and 4-3 node shown in Fig. 3-6 Node, serial number 4-3-1, serial number (1,2,3,4,4-1,4-1-1,4-2,4-3-1,4-3,5,6,7,8) after insertion;Delete operation As shown in fig. 3 to 7, No. 5 nodes are deleted, Serial No. after deletion (1,2,3,4,4-1,4-1-1,4-2,4-3-1,4-3,6,7, 8) it is similar that other node operations, are deleted.
Agreement of the invention supports dynamic of the outsourcing data block in MEC environment to update, since MC server is easy to be opposed Hand manipulation is attacked, so dynamic updates agreement while completing each update operation, also to identify this malicious act. In above-mentioned steps S4, it is assumed that DO completes initialization, after TPA receives the θ of DO transmission, constructs HBBT, specific dynamic updating process It is as follows: when DO is needed the i-th number block miIt is revised as m 'iWhen, modification process is as shown in figure 5, DO generates character string γ=Mo | | I | | N, wherein Mo indicates modification operation, N ∈ ZpIt is a random number;DO calculates H (m according to γi' | | h (γ)), it generates to be modified Data block m 'iSignatureThen DO sends { Mo, i, H (mi' | | h (γ)) } give TPA, hair Send { γ, mi′,σi' give MS;After TPA receives the data from DO, local HBBT is retrieved according to i, finds corresponding node, and make With H (mi' | | h (γ)) replacement node H (mi);After MS receives the data from DO, σ is usedi' more new data block miSignature, And send { γ, mi′,σi' give CSP, CSP to verify more new data block:
If equation is equal, CSP enables mi'=mi' | | h (γ) uses mi' replacement mi, otherwise refusal modification operation.
When DO is needed data block mxIt is inserted into data block miAnd mi+1Between when, DO generate character string γ=I | | i | | y | | N, wherein I indicates modification operation, and y indicates the insertion label of data block, N ∈ ZpIt is a random number;DO calculates H (m according to γx|| H (γ)), generation is inserted into data block mxSignatureThen DO sends { I, i, y, H (mx|| H (γ)) } TPA is given, send { γ, mxxGive MS;After TPA receives the data from DO, a new node no is generatedx, use {y,H(mx| | h (γ)) } initialize the node;TPA retrieves local HBBT according to i, finds corresponding node n oi, noxInsertion noiLater, HBBT is adjusted according to the requirement of Adelson-Velskii-Landis tree;After MS receives the data from DO, σ is locally storedx, and send { γ, mx, σxCSP, CSP is given to verify more new data block:
If equation is equal, CSP enables mx=mx| h (γ), mxIt is inserted into miLater, otherwise refuse insertion operation.
When DO needs to delete the i-th number block miWhen, DO generates character string γ=D | | i | | N, wherein D indicates modification behaviour Make, N ∈ ZpIt is a random number;DO calculates H (γ) according to γ, generates insertion operation signature sigmaD=(H (γ))α, then DO is sent { D, i, H (γ) } gives TPA, sends { γ, i, σDGive MS;After TPA receives { D, i, H (γ) }, local HBBT is retrieved according to i, is looked for To corresponding node and the node is deleted, TPA adjusts HBBT according to the requirement of Adelson-Velskii-Landis tree;After MS receives the data from DO, delete The signature sigma of corresponding nodei, and data { D, i, H (γ) } are then forwarded to CSP, CSP verifies more new data block:
If equation is equal, CSP deletes data block miLater, otherwise refuse delete operation.
The performance of experimental evaluation agreement of the present invention: experiment is run under Linux virtual platform, and is introduced based on the close of pairing Code learns the library (PBC) and constructs agreement in C language environment.Experiment uses Core (TM) i7-4710HQ CPU@2.50GHz processor With the hardware machine simulation MEC server and CSP server in 12GB RAM.Experiment is initialized using MNT d159 parameter of curve Bilinear map is constructed, the security parameter of agreement is set as 80bit.
Comparison scheme [1]-[3] used in test assessment are respectively as follows:
[1]Wang,Q.,Wang,C.,Ren,K.,Lou,W.,&Li,J.(2011).Enabling public auditability and data dynamics for storage security in cloud computing.IEEE transactions on parallel and distributed systems,22(5),847-859.
[2]Tian,H.,Chen,Y.,Chang,C.C.,Jiang,H.,Huang,Y.,Chen,Y.,&Liu,J. (2017).Dynamic-hash-table based public auditing for secure cloud storage.IEEE Transactions on Services Computing,10(5),701-714.
[3]Tian,H.,Nan,F.,Chang,C.C.,Huang,Y.,Lu,J.,&Du,Y.(2019).Privacy- preserving public auditing for secure data storage in fog-to-cloud computing.Journal of Network and Computer Applications,127,59-69.
(1) test assessment: the computing cost of initial phase
Fig. 6 is initial phase, and each agreement is that the data block of different number generates the time of signature.It can be with from Fig. 6 Find out, with the increase of data block, initialization time linear increase.10,000 data block is handled, agreement of the invention is spent 5.108 seconds, agreement [1] and agreement [3] were respectively necessary for 5.366 seconds and 9.91 seconds, and agreement [2] then spends 31.781 seconds.This hair The time of bright agreement essentially coincides with agreement [1], and the time that agreement [2] needs is most, and the time of agreement [3] is placed in the middle.This be because It needing to calculate n-pair than agreement of the invention for agreement [2] moreG, agreement [3] then index more than agreement of the invention Operate EGTime.
(2) test assessment: the computing cost of evidence is generated
Fig. 7 is to generate the evidence stage, and each agreement is that the challenge data block of different number generates the time of evidence.From Fig. 7 In as can be seen that agreement of the present invention has apparent advantage with other three agreements compared with, this is because MS cache it is a part of Data, it assists CSP to calculate this half-proof, alleviates the computing cost of CSP.And it can also be seen that with challenge data The computing cost of the increase of block, each agreement slowly increases, and 400 to 1,000 challenge data block agreement of the invention of processing is opened The time of pin is 8.7 milliseconds and 20.1 milliseconds respectively.
(3) test assessment: the time overhead of audit
Fig. 8 illustrates audit phase, and each agreement audit different number data block generates the time of evidence.It can from Fig. 8 With, it is evident that the calculating cost of agreement of the invention is slightly less than agreement [1] and [3] are not much different, but to be far superior to agreement [2].The main reason for causing such result is: 1) due to business demand, agreement [3] needs also to generate signature for mist node, this The evidence that sample TPA is generated in addition to challenge data block to be audited signature, the evidence that the mist node that also to audit signature generates, increases meter Calculate expense;2) in audit process, the TPA in agreement [1], will also be according to the cryptographic Hash of challenge data block in addition to wanting audit evidence It is calculated with secondary path and the root node for the MHT that audits, additional computing cost is increased to the processing of root node;3) it was auditing Cheng Zhong, agreement [2] need to find the Hash H (m of each challenge data block in DHT tablei), time complexity is O (n), this hair Although bright agreement is also required to this process, but the HBBT that the present invention uses stores H (mi), retrieve the time of data block cryptographic Hash Complexity is only O (logn), and the required time is less than agreement [2].
(4) test assessment: the time overhead of dynamic operation
Fig. 9-1 to Fig. 9-3 is the time of modification, insertion and the deletion of data block respectively.Due to the data of agreement of the present invention Structure and agreement [1] are tree structure, so experimental selection agreement [1] is compared with agreement of the invention.It can from 3 figures To find out, the time used in agreement of the invention is better than agreement [1], this is because HBBT tree height is lower than MHT, so finding The dynamic operation destination node time is fewer than agreement [1];When CSP receives update request, agreement of the invention needs only assure that number It is correct according to label and operation requests, and agreement [1] then needs to confirm respectively the correctness of MHT root node and data block before updating. So the dynamic of agreement of the invention updates efficiency and is higher than agreement [1].

Claims (7)

1. a kind of edge calculations data accountability system based on Hash binary tree, it is characterised in that: the system comprises DO, MS, CSP and TPA;Data on CSP to be sent to are divided into several data blocks by the DO, and generate label for these data blocks Name, is then sent to these data blocks and signature in MS;After the MS receives data, verify data source, after verifying is legal, Data block, is then sent to Cloud Server again by the label and the common data block of DO for saving all data blocks;Work as audit cycle Come interim, TPA generates one group of challenge information and is simultaneously sent to MS, after MS receives challenge information, according to the data block of oneself caching and Data label generates a part of evidence, then the challenge information of another part is sent to CSP, and CSP is sent to MS after generating evidence, Mixed evidence is sent to TPA and completes audit by MS.
2. a kind of edge calculations Data Audit method based on Hash binary tree, it is characterised in that: the method includes following steps It is rapid:
S1. initiation parameter: DO generates key pair, and private key is SK={ α, ssk }, and public key is PK={ y, g, μ, spk }, wherein (ssk, spk) is the randomly selected asymmetric cryptographic key pair of DO;
Wherein, α ∈ ZpIt is the value that DO is selected at random, g and μ are crowd G1On random element, y=gαIt is G1On element;G1And G2 To have the two of Prime Orders p multiplicative cyclic groups, e:G1×G1→G2For Bilinear map mapping;
S2. generate the audit signature of data block: the outer bag data F of DO is divided into n data block M={ m1,m2,...,mn, DO According to formulaFor miGenerating homomorphism can verify that signature, then homomorphism signature set is Φ={ σi},1≤i ≤ n, data block hash value collection are θ={ H (mi)},1≤i≤n;
H:{0,1}*→G1Binary number is mapped to crowd G for safety1On hash function;
Calculate t=name | | n | | SSigssk(name | | n) is the label of outer bag data F, wherein name be outer bag data F only One identifier, DO send { M, Φ, t } to MS, while sending after θ receives related data to TPA, CSP and TPA, and DO is locally deleted {M,Φ,θ};
S3. outsourcing file label is verified, confirms DO identity: when MS receives data { M, Φ, t }, being verified using the public key spk of DO Outsourcing data label;If authentication failed, MS requires DO to retransmit data, conversely, MS stores signature set Φ, and outsourcing Data indicate that { F, name } is sent to CSP with it;
S4. generate the challenge information of audit: when reaching the audit time, TPA checks whether HBBT locally constructs successfully, if Do not succeed, then generates HBBT using θ;TPA randomly chooses c challenge data block in outer bag data serial number set, generates Set I={ s1,s2,...,sc}1≤c≤n, then TPA is that each challenge data block selects c random number v at random againi, { vi∈ Zp}i∈I, form challenge data setIt is sent to MS;
S5.MS generates audit evidence: after MS receives the challenge information from TPA, challenge data collection being first divided into two subsets Chal={ C1,C2, C1Outsourcing data-block cache represented by challenge data block serial number in challenge information is in MS, C2It is Comprising remaining challenge information, the outsourcing data block to be audited of CSP is indicated;After the completion of challenge data divides, MS is sent to CSP again Challenge subset C2, signature evidence Θ is then generated according to chal, according to subset C1Generate data block evidence
S6.CSP receives the challenge subset C of MS transmission2Data evidence is generated afterwardsCalculation formula is as follows:
CSP sends data evidence to MS
S7.MS receives the data evidence of CSPAfterwards, aggregated data evidenceWith
MS sends evidence { Θ, U } to TPA;
After S8.TPA receives the evidence { Θ, U } of MS transmission, the corresponding Hash of challenge data block serial number is first found from HBBT tree It is worth { H (mi) (i ∈ chal), it calculatesRecycle the audit of Bilinear map property by following equation audit challenge number According to block:
If equation left and right ends are equal, TPA exports TRUE, otherwise TPA exports FALSE.
3. the edge calculations Data Audit method according to claim 2 based on Hash binary tree, it is characterised in that: described In step S4, the TPA generates Hash balanced binary tree (HBBT) according to the newest cryptographic Hash of DO outsourcing data block, and is stored in It is local;The node of the HBBT includes two parts, is data block sequence number i and data block cryptographic Hash H (m respectivelyi);The TPA Receive { i, the H (m of DO transmissioni) after, it is raw using the size of i as the order standard of HBBT data block according to the requirement of Adelson-Velskii-Landis tree At HBBT.
4. the edge calculations Data Audit method according to claim 3 based on Hash binary tree, it is characterised in that: described The data block sequence number of HBBT tree be (1,2,3 ..., k, i, j ... n), wherein k, i, j are to be arranged in order, and are divided into following several Situation insertion: (1) when need between i and j be inserted into a data block when, serial number can be changed to (1,2,3 ... k, i, i-1, J ... n), wherein i < i-1 < j;(2) when need between i-1 and j be inserted into a data block when, serial number can be changed to (1,2,3 ..., K, i, i-1, i-2, j ... n), wherein i-1 < i-2 < j;(3) when needing to be inserted into a data block between i and i-1, serial number can Become (1,2,3 ..., k, i, i-1-1, i-1, i-2, j ... n), wherein i < i-1-1 < i-1;(4) when needing between i-2 and j When being inserted into a data block, serial number can be changed to (1,2,3 ..., k, i, i-1-1, i-1, i-2, i-3, j ... n), wherein i-2 < i-3<j;(5) when needing to be inserted into a data block between i-2 and i-3, serial number can be changed to (1,2,3 ..., k, i, i-1-1, i- 1, i-2, i-3-1, i-3, j ... n), wherein i-2 < i-3-1 < i-3, and so on.
5. the edge calculations Data Audit method according to claim 2 based on Hash binary tree, it is characterised in that: described In step S4, after the TPA receives the θ of DO transmission, HBBT is constructed, when DO is needed the i-th number block miIt is revised as m 'iWhen, it repairs It corrects one's mistakes journey are as follows:
DO generates character string γ=Mo | | i | | N, wherein Mo indicates modification operation, N ∈ ZpIt is a random number;DO is calculated according to γ H(mi' | | h (γ)), generate data block m ' to be modifiediSignatureThen DO send Mo, i,H(mi' | | h (γ)) } TPA is given, send { γ, mi′,σi' give MS;After TPA receives the data from DO, retrieved according to i local HBBT finds corresponding node, and uses H (mi' | | h (γ)) replacement node H (mi);After MS receives the data from DO, make Use σi' more new data block miSignature, and send { γ, mi′,σi' give CSP, CSP to verify more new data block:
If equation is equal, CSP enables mi'=mi' | | h (γ) uses mi' replacement mi, otherwise refusal modification operation.
6. the edge calculations Data Audit method according to claim 2 based on Hash binary tree, it is characterised in that: described In step S4, after the TPA receives the θ of DO transmission, HBBT is constructed, when DO is needed data block mxIt is inserted into data block miAnd mi+1 Between when, modify process are as follows:
DO generates character string γ=I | | i | | y | | N, wherein I indicates modification operation, and y indicates the insertion label of data block, N ∈ ZpIt is One random number;DO calculates H (m according to γx| | h (γ)), generation is inserted into data block mxSignatureThen DO sends { I, i, y, H (mx| | h (γ)) } TPA is given, send { γ, mxxGive MS;After TPA receives the data from DO, a new node no is generatedx, use { y, H (mx| | h (γ)) } initialize the node; TPA retrieves local HBBT according to i, finds corresponding node n oi, noxIt is inserted into noiLater, it is adjusted according to the requirement of Adelson-Velskii-Landis tree HBBT;After MS receives the data from DO, σ is locally storedx, and send { γ, mxxCSP, CSP is given to verify more new data block:
If equation is equal, CSP enables mx=mx| h (γ), mxIt is inserted into miLater, otherwise refuse insertion operation.
7. the edge calculations Data Audit method according to claim 2 based on Hash binary tree, it is characterised in that: described In step S4, after the TPA receives the θ of DO transmission, HBBT is constructed, when DO needs to delete the i-th number block miWhen, modify process Are as follows:
DO generates character string γ=D | | i | | N, wherein D indicates modification operation, N ∈ ZpIt is a random number;DO calculates H according to γ (γ) generates insertion operation signature sigmaD=(H (γ))α, then DO sends { D, i, H (γ) } to TPA, sends { γ, i, σDGive MS;After TPA receives { D, i, H (γ) }, according to i retrieve local HBBT, find corresponding node and delete the node, TPA according to The requirement of Adelson-Velskii-Landis tree adjusts HBBT;After MS receives the data from DO, the signature sigma of corresponding node is deletedi, and data { D, i, H (γ) } it is then forwarded to CSP, CSP verifies more new data block:
If equation is equal, CSP deletes data block miLater, otherwise refuse delete operation.
CN201910756888.4A 2019-08-16 2019-08-16 Hash binary tree-based edge calculation data auditing system and auditing method Active CN110460447B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910756888.4A CN110460447B (en) 2019-08-16 2019-08-16 Hash binary tree-based edge calculation data auditing system and auditing method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910756888.4A CN110460447B (en) 2019-08-16 2019-08-16 Hash binary tree-based edge calculation data auditing system and auditing method

Publications (2)

Publication Number Publication Date
CN110460447A true CN110460447A (en) 2019-11-15
CN110460447B CN110460447B (en) 2022-07-08

Family

ID=68487105

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910756888.4A Active CN110460447B (en) 2019-08-16 2019-08-16 Hash binary tree-based edge calculation data auditing system and auditing method

Country Status (1)

Country Link
CN (1) CN110460447B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111898164A (en) * 2020-07-02 2020-11-06 武汉纺织大学 Data integrity auditing method supporting tag block chain storage and query
CN113609533A (en) * 2021-08-23 2021-11-05 东北大学秦皇岛分校 Integrity auditing method for smart power grid data
EP4211588A4 (en) * 2020-09-30 2023-10-25 Huawei Technologies Co., Ltd. Method for verifying software security of electronic device(s) in vehicle and related device

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120324230A1 (en) * 2011-03-16 2012-12-20 International Business Machines Corporation System for enabling digital signature auditing
CN103501352A (en) * 2013-10-22 2014-01-08 北京航空航天大学 Cloud storage data security auditing method allowing group-user identity revocation
CN104023044A (en) * 2014-01-01 2014-09-03 电子科技大学 Cloud-storage data lightweight-level public auditing method with privacy protection
CN105791321A (en) * 2016-05-03 2016-07-20 西南石油大学 Cloud storage data common auditing method possessing secret key leakage resistance characteristic
CN106254374A (en) * 2016-09-05 2016-12-21 电子科技大学 A kind of cloud data public audit method possessing duplicate removal function
CN106845280A (en) * 2017-03-14 2017-06-13 广东工业大学 A kind of Merkle Hash trees cloud data integrity auditing method and system

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120324230A1 (en) * 2011-03-16 2012-12-20 International Business Machines Corporation System for enabling digital signature auditing
CN103501352A (en) * 2013-10-22 2014-01-08 北京航空航天大学 Cloud storage data security auditing method allowing group-user identity revocation
CN104023044A (en) * 2014-01-01 2014-09-03 电子科技大学 Cloud-storage data lightweight-level public auditing method with privacy protection
CN105791321A (en) * 2016-05-03 2016-07-20 西南石油大学 Cloud storage data common auditing method possessing secret key leakage resistance characteristic
CN106254374A (en) * 2016-09-05 2016-12-21 电子科技大学 A kind of cloud data public audit method possessing duplicate removal function
CN106845280A (en) * 2017-03-14 2017-06-13 广东工业大学 A kind of Merkle Hash trees cloud data integrity auditing method and system

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111898164A (en) * 2020-07-02 2020-11-06 武汉纺织大学 Data integrity auditing method supporting tag block chain storage and query
CN111898164B (en) * 2020-07-02 2024-03-29 武汉纺织大学 Data integrity auditing method supporting label block chain storage and query
EP4211588A4 (en) * 2020-09-30 2023-10-25 Huawei Technologies Co., Ltd. Method for verifying software security of electronic device(s) in vehicle and related device
CN113609533A (en) * 2021-08-23 2021-11-05 东北大学秦皇岛分校 Integrity auditing method for smart power grid data
CN113609533B (en) * 2021-08-23 2024-02-27 东北大学秦皇岛分校 Integrity auditing method for smart grid data

Also Published As

Publication number Publication date
CN110460447B (en) 2022-07-08

Similar Documents

Publication Publication Date Title
EP4120114A1 (en) Data processing method and apparatus, smart device and storage medium
CN110602138B (en) Data processing method and device for block chain network, electronic equipment and storage medium
CN103501352B (en) A kind of cloud storage data method for auditing safely allowing group user identity to cancel
CN111914027B (en) Block chain transaction keyword searchable encryption method and system
CN106254374B (en) A kind of cloud data public audit method having duplicate removal function
CN113162768B (en) Intelligent Internet of things equipment authentication method and system based on block chain
CN110069908A (en) A kind of authority control method and device of block chain
CN111970299A (en) Block chain-based distributed Internet of things equipment identity authentication device and method
CN110460447A (en) Edge calculations data accountability system and auditing method based on Hash binary tree
CN109600366A (en) The method and device of protection user data privacy based on block chain
EP3869376B1 (en) System and method for blockchain based decentralized storage with dynamic data operations
CN113312574A (en) Cloud data integrity auditing method based on block chain
CN111211905A (en) Identity management method for Fabric alliance chain members based on certificate-free authentication
CN112613601B (en) Neural network model updating method, equipment and computer storage medium
CN111222879A (en) Certificateless authentication method and certificateless authentication system suitable for alliance chain
CN104899525A (en) Cloud data integrity proving scheme with improved dynamic operations
CN106611136A (en) Data tampering verification method in cloud storage
CN108768975A (en) Support the data integrity verification method of key updating and third party&#39;s secret protection
CN115208628B (en) Data integrity verification method based on block chain
Lee et al. Privacy-preserving identity management system
CN109302286B (en) Fido equipment key index generation method
Xie et al. A novel blockchain-based and proxy-oriented public audit scheme for low performance terminal devices
CN106533681B (en) A kind of attribute method of proof and system that support section is shown
CN113779637B (en) Attribute data processing method, attribute data processing device, attribute data processing equipment and attribute data processing medium
CN116488816A (en) Data processing method, device and storage medium based on blockchain network

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant