CN110460447A - Edge calculations data accountability system and auditing method based on Hash binary tree - Google Patents
Edge calculations data accountability system and auditing method based on Hash binary tree Download PDFInfo
- Publication number
- CN110460447A CN110460447A CN201910756888.4A CN201910756888A CN110460447A CN 110460447 A CN110460447 A CN 110460447A CN 201910756888 A CN201910756888 A CN 201910756888A CN 110460447 A CN110460447 A CN 110460447A
- Authority
- CN
- China
- Prior art keywords
- data
- data block
- tpa
- csp
- hbbt
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3066—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
- H04L9/3073—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/126—Applying verification of the received information the source of the received data
Abstract
The invention discloses a kind of edge calculations data accountability systems and auditing method based on Hash binary tree, belong to information security field.The present invention proposes a new public audit agreement according to MEC feature, which can not only resist Replay Attack, forgery attack and the substitution attack that traditional audit agreement is subject to, can also resist Network Intrusion in MEC environment, meets the safety requirements of MEC.The present invention also proposes a kind of new dynamic data structure, can reduce the height of MHT in traditional audit agreement (Merkel Hash tree Merkle Hash Tree), improve audit efficiency.
Description
Technical field
The present invention relates to technical field of network security, and in particular to a kind of edge calculations data based on Hash binary tree are careful
Meter systems and auditing method.
Background technique
With the rapid development of cloud computing, there is service much based on cloud computing, such as cloud storage service, the service
Single user or tissue storage mass data can be helped, and is not limited by access locations and time, cloud user is at any time
Their data can be accessed on cloud.However more and more applications need to access the data service of low latency to provide at present
More advanced real-time application, such as vehicular communication networks, the intelligence sensor in vehicular communication networks can generate largely in real time
Data, intelligence control system can dynamically update these data.In addition, user to cloud it is remote transmission also increase data by
A possibility that attack, this will affect the safety of data and associated storage service.
In order to meet the requirement of low latency high-bandwidth service, cloud service is gradually mobile to network edge, and produces referred to as
The technology of MEC (the mobile edge calculations of Mobile Edge Computing), it is mentioned nearby for user using Radio Access Network
For service and cloud computing function needed for IT, consumer is allowed to enjoy continual high network quality experience.The practical of MEC answers at present
With very much, such as video monitoring, the analysis of real-time mobile data, smart grid, vehicular communication networks, these are all real-time properties
With the very high application of bandwidth requirement, more accurate experience can be provided for user.
Although mobile edge calculations network can provide the service relatively high to requirement of real-time for user, it also can
By many security challenges.Data integrity challenge is one of MEC most important challenge in need of consideration.CSP(Cloud
Server Provider cloud service provider) the outsourcing number that user is of little use may be deleted for economic or other reasons
According to mobile Edge Server may suffer from the outsourcing number that Network Intrusion sabotages DO (Data Owner data owner)
According to.In traditional public audit model, it is only necessary to three entities can simulate audit process, but in the public of MEC environment
In audit model, it would be desirable to which audit process could be simulated by additionally increasing an Edge Server entity, so traditional audit
Agreement is not suitable in MEC environment.
Summary of the invention
In order to solve prior art problem, the present invention provides a kind of edge calculations Data Audit system based on Hash binary tree
System and auditing method propose a new public audit agreement according to MEC feature, which can not only resist tradition and examine
Replay Attack, forgery attack and the substitution attack that meter agreement is subject to, can also resist Network Intrusion in MEC environment, meet
The safety requirements of MEC.The present invention also proposes a kind of new dynamic data structure, can reduce MHT (Merck in traditional audit agreement
Your Hash tree Merkle Hash Tree) height, improve audit efficiency.
In order to solve the above technical problems, the technical solution used in the present invention is:
A kind of edge calculations data accountability system based on Hash binary tree, including DO, MS, CSP and TPA;The DO handle
The data being sent on CSP are divided into several data blocks, and generate signature for these data blocks, then these data blocks
It is sent in MS with signature;After the MS receives data, verify data source saves the mark of all data blocks after verifying is legal
Data block, is then sent to Cloud Server again by label and the common data block of DO;When audit cycle carrys out interim, one group of TPA generation
Challenge information is simultaneously sent to MS, after MS receives challenge information, generates a part according to the data block of oneself caching and data label
Evidence, then the challenge information of another part is sent to CSP, CSP is sent to MS after generating evidence, and MS sends out mixed evidence
It gives TPA and completes audit.
A kind of edge calculations Data Audit method based on Hash binary tree, comprising the following steps:
S1. initiation parameter: DO generates key pair, and private key is SK={ α, ssk }, and public key is PK={ y, g, μ, spk },
In (ssk, spk) be the randomly selected asymmetric cryptographic key pair of DO;
Wherein, α ∈ ZpIt is the value that DO is selected at random, g and μ are crowd G1On random element, y=gαIt is G1On element;G1
And G2To have the two of Prime Orders p multiplicative cyclic groups, e:G1×G1→G2For Bilinear map mapping;
S2. generate the audit signature of data block: the outer bag data F of DO is divided into n data block M={ m1,m2,...,
mn, DO is according to formulaFor miGenerate homomorphism can verify that signature, then homomorphism signature set for Φ=
{σi, 1≤i≤n, data block hash value collection is θ={ H (mi)},1≤i≤n;
H:{0,1}*→G1Binary number is mapped to crowd G for safety1On hash function;
Calculate t=name | | n | | SSigssk(name | | n) is the label of outer bag data F, and wherein name is outer bag data F
Unique identifier, DO sends { M, Φ, t } to MS, while sending after θ receives related data to TPA, CSP and TPA, and DO is local
It deletes { M, Φ, θ };
S3. outsourcing file label is verified, DO identity is confirmed: when MS receives data { M, Φ, t }, using the public key spk of DO
Verify outsourcing data label;If authentication failed, MS requires DO to retransmit data, conversely, MS stores signature set Φ, and handle
Outer bag data indicates that { F, name } is sent to CSP with it;
S4. generate the challenge information of audit: when reaching the audit time, TPA checks whether HBBT locally constructs successfully,
If it is unsuccessful generating HBBT using θ;TPA randomly chooses c challenge data block in outer bag data serial number set,
Generate set I={ s1,s2,...,sc}1≤c≤n, then TPA is that each challenge data block selects c random number v at random againi, { vi
∈Zp}i∈I, form challenge data setIt is sent to MS;
S5.MS generates audit evidence: after MS receives the challenge information from TPA, challenge data collection being first divided into two
Subset chal={ C1,C2, C1Outsourcing data-block cache represented by challenge data block serial number in challenge information in MS,
C2It is to indicate the outsourcing data block to be audited of CSP comprising remaining challenge information;After the completion of challenge data divides, MS gives CSP again
Send challenge subset C2, signature evidence Θ is then generated according to chal, according to subset C1Generate data block evidence
S6.CSP receives the challenge subset C of MS transmission2Data evidence is generated afterwardsCalculation formula is as follows:
CSP sends data evidence to MS
S7.MS receives the data evidence of CSPAfterwards, aggregated data evidenceWith
MS sends evidence { Θ, U } to TPA;
After S8.TPA receives the evidence { Θ, U } of MS transmission, it is corresponding that challenge data block serial number is first found from HBBT tree
Cryptographic Hash { H (mi) (i ∈ chal), it calculatesThe audit of Bilinear map property is recycled to choose by the audit of following equation
War data block:
If equation left and right ends are equal, TPA exports TRUE, otherwise TPA exports FALSE.
Further, in the step S4, the TPA generates Hash according to the newest cryptographic Hash of DO outsourcing data block and balances
Binary tree (HBBT), and it is stored in local;The node of the HBBT includes two parts, is data block sequence number i and data respectively
Block cryptographic Hash H (mi);The TPA receives { i, the H (m of DO transmissioni) after, according to the requirement of Adelson-Velskii-Landis tree, using the size of i as HBBT
The order standard of data block generates HBBT.
Further, the data block sequence number of the HBBT tree be (1,2,3 ..., k, i, j ... n), wherein k, i, j be by
Sequence arranges, and be divided into following several situation insertions: (1) when needing to be inserted into a data block between i and j, serial number be can be changed to
(1,2,3 ... k, i, i-1, j ... n), wherein i < i-1 < j;(2) when needing to be inserted into a data block between i-1 and j, sequence
Number can be changed to (1,2,3 ..., k, i, i-1, i-2, j ... n), wherein i-1 < i-2 < j;(3) when needing to be inserted between i and i-1
When one data block, serial number can be changed to (1,2,3 ..., k, i, i-1-1, i-1, i-2, j ... n), wherein i < i-1-1 < i-1;
(4) when needing to be inserted into a data block between i-2 and j, serial number can be changed to (1,2,3 ..., k, i, i-1-1, i-1, i-2, i-
3, j ... n), wherein i-2 < i-3 < j;(5) when need between i-2 and i-3 be inserted into a data block when, serial number can be changed to (1,2,
3 ..., k, i, i-1-1, i-1, i-2, i-3-1, i-3, j ... n), wherein i-2 < i-3-1 < i-3, and so on.
Further, in the step S4, after the TPA receives the θ of DO transmission, HBBT is constructed, when DO is needed No. i-th
Data block miIt is revised as mi' when, modify process are as follows:
DO generates character string γ=Mo | | i | | N, wherein Mo indicates modification operation, N ∈ ZpIt is a random number;DO according to
γ calculates H (mi' | | h (γ)), generate data block m to be modifiedi' signatureThen DO is sent out
Send { Mo, i, H (mi' | | h (γ)) } TPA is given, send { γ, mi′,σi' give MS;After TPA receives the data from DO, examined according to i
Rope local HBBT finds corresponding node, and uses H (mi' | | h (γ)) replacement node H (mi);MS receives the number from DO
According to rear, σ is usedi' more new data block miSignature, and send { γ, mi′,σi' give CSP, CSP to verify more new data block:
If equation is equal, CSP enables mi'=mi' | | h (γ) uses mi' replacement mi, otherwise refusal modification operation.
Further, in the step S4, after the TPA receives the θ of DO transmission, HBBT is constructed, when DO is needed data
Block mxIt is inserted into data block miAnd mi+1Between when, modify process are as follows:
DO generates character string γ=I | | i | | y | | N, wherein I indicates modification operation, and y indicates the insertion label of data block, N
∈ZpIt is a random number;DO calculates H (m according to γx| | h (γ)), generation is inserted into data block mxSignatureThen DO sends { I, i, y, H (mx| | h (γ)) } TPA is given, send { γ, mx,σxGive
MS;After TPA receives the data from DO, a new node no is generatedx, use { y, H (mx| | h (γ)) } initialize the node;
TPA retrieves local HBBT according to i, finds corresponding node n oi, noxIt is inserted into noiLater, it is adjusted according to the requirement of Adelson-Velskii-Landis tree
HBBT;After MS receives the data from DO, σ is locally storedx, and send { γ, mx,σxCSP, CSP is given to verify more new data block:
If equation is equal, CSP enables mx=mx| h (γ), mxIt is inserted into miLater, otherwise refuse insertion operation.
Further, in the step S4, after the TPA receives the θ of DO transmission, HBBT is constructed, when DO needs to delete i-th
Number block miWhen, modify process are as follows:
DO generates character string γ=D | | i | | N, wherein D indicates modification operation, N ∈ ZpIt is a random number;DO is according to γ
It calculates H (γ), generates insertion operation signature sigmaD=(H (γ))α, then DO sends { D, i, H (γ) } to TPA, send γ, i,
σDGive MS;After TPA receives { D, i, H (γ) }, local HBBT is retrieved according to i, corresponding node is found and deletes the node, TPA
HBBT is adjusted according to the requirement of Adelson-Velskii-Landis tree;After MS receives the data from DO, the signature sigma of corresponding node is deletedi, and data D,
I, H (γ) } it is then forwarded to CSP, CSP verifies more new data block:
If equation is equal, CSP deletes data block miLater, otherwise refuse delete operation.
The beneficial effects of adopting the technical scheme are that
(1) present invention proposes that a novel public audit agreement suitable for MEC environment, the agreement are signed using BLS
Ensure safety and the privacy of outer bag data with Bilinear map technology.(2) consider that certain services need support in MEC environment
Dynamic operation, the present invention propose a new dynamic data structure Hash balanced binary tree (Hash Balanced Binary
Tree, HBBT), HBBT is similar with Adelson-Velskii-Landis tree, can reduce the height of conventional dynamic Audit data structure MHT, efficient storage and looks into
Outsourcing data block relevant information is looked for, audit efficiency is improved.(3) for the MEC environment the characteristics of, the present invention proposes a kind of to occur to exist
Novel attack in dynamic updating process.(4) safety analysis proves that agreement of the invention not only can correctly audit outsourcing
Data, and common attack and the present invention can be resisted and propose new attack.Performance evaluation and experimental result all show this hair
Bright agreement has the lower traffic and calculation amount, and efficiency is outstanding.
The functional parameter that the present invention realizes: (1) public audit: it is any be trusted have certain computing capability and memory space
Third party can be authorized by DO, its outer bag data of auditing.(2) no data block is audited: audit person does not need retrieval DO number
The audit of external bag data fast integrality and correctness can be completed according to block.(3) dynamic operation: support DO to long-range outsourcing
Data block is inserted into, is deleted, modifying dynamic operation, and guarantees that outsourcing data block correctly stores.(4) it lightweight: is examined public
During meter and dynamic operation, agreement may insure that communication overhead and computing cost are minimum.
The safety index that the present invention realizes: (1) data correctness: only correct outsourcing data block and corresponding signature
Audit can be passed through, it is ensured that the outer bag data of DO is correctly stored in EMS and CSP.(2) data-privacy is protected: in entire audit process
In, TPA can not understand the content of outsourcing data block.(3) identification: when MS is manipulated by opponent, transmission fallacious message is to CSP
When, CSP can identify this malicious act.
Detailed description of the invention
Fig. 1 is present system model structure schematic diagram;
Fig. 2 is the structural schematic diagram of Hash balanced binary tree (HBBT) of the present invention;
Fig. 3-1 is the HBBT schematic diagram with eight nodes;
Fig. 3-2 is the schematic diagram that node 4-1 is inserted into HBBT;
Fig. 3-3 is the schematic diagram that node 4-2 is inserted into HBBT;
Fig. 3-4 is the schematic diagram that node 4-1-1 is inserted into HBBT;
Fig. 3-5 is the schematic diagram that node 4-3 is inserted into HBBT;
Fig. 3-6 is the schematic diagram that node 4-3-1 is inserted into HBBT;
Fig. 3-7 is the schematic diagram that node 5 is deleted in HBBT;
Fig. 4 is audit agreement flow chart of the invention;
Fig. 5 is dynamic auditing agreement flow chart of the invention;
Fig. 6 is the test assessment figure of setup phase computing cost;
Fig. 7 is the test assessment figure that CSP calculates the comparison of polymerization evidence time;
Fig. 8 is the test assessment figure of TPA audit time comparison;
Fig. 9-1 is the test assessment figure of the dynamic operation time comparison (modification time) of different data block;
Fig. 9-2 is the test assessment figure of the dynamic operation time comparison (insertion time) of different data block;
The test assessment figure of the dynamic operation time comparison (erasing time) of Fig. 9-3 different data block.
Specific embodiment
The present invention will be further described in detail below with reference to the accompanying drawings and specific embodiments.
A kind of edge calculations data accountability system based on Hash binary tree, including DO, MS, CSP and TPA;The DO handle
The data being sent on CSP are divided into several data blocks, and generate signature for these data blocks, then these data blocks
It is sent in MS with signature;After MS receives data, verify data source, verify it is legal after, save all data blocks label and
Data block, is then sent to Cloud Server again by the common data block of DO;When audit cycle carrys out interim, TPA one group of challenge of generation
Information is simultaneously sent to MS, after MS receives challenge information, generates a part of evidence according to the data block of oneself caching and data label,
The challenge information of another part is sent to CSP again, CSP is sent to MS after generating evidence, and MS is sent to mixed evidence
TPA completes audit.
In Fig. 1, the protocol model in MEC network includes four entities: DO (Data Owner data owner), MS (MEC
Network server), CSP (Cloud Server Provider cloud service provider) and TPA (auditing by third party person Third
Party Auditor).Each entity is described in detail below:
DO: equipped with sensor and the equipment relatively high to requirement of real-time, such as the vehicle in vehicle-mounted net.DO storage is empty
Between it is limited, while to data have low latency memory requirement.
CSP: having the entity of certain memory space and computing capability, and for the data requirements for guaranteeing low delay application, CSP permits
Perhaps some frequently-used data is stored on the closer fringe node of distance DO.
TPA: the entity of audit outsourcing data permission is trusted and authorized by DO, with certain computing resource and storage energy
Power.
Edge Server (MS): an entity in MEC network is under the jurisdiction of CSP, and compared with CSP, distance DO's is closer,
The data that caching DO is commonly used while providing low delay service for DO, are also responsible for audit request of the processing from TPA.
Threat modeling: in the protocol, TPA is " honest curious ", and DO, CSP are " half is honest ";MS is " half is honest "
It is easy to be controlled by opponent;TPA is curious, it is meant that again good to its data simultaneously in the outer bag data of correctly audit DO
It is odd, it is desirable to calculate these data.DO is that half honesty illustrates that it can deny last auditing result, slanders the letter of CSP and MS
Expenditure;CSP is that half honesty illustrates it to initiate forgery attack, Replay Attack and substitution attack by the audit of TPA.
MS is half honesty and is easy to be steered, and means following several situations: 1, in order to which by the audit of TOA, it can also initiate puppet
It makes, reset, substitution attack;2, it can be controlled by opponent, send the dynamic operation of mistake to CSP to destroy the outsourcing number of user
According to;3, it can be controlled by opponent, and the evidence or malice of malicious modification CSP generates evidence and audit is caused to fail, and slander CSP's
Creditworthiness.
A kind of edge calculations Data Audit method based on Hash binary tree, comprising the following steps:
S1. initiation parameter: DO generates key pair, and private key is SK={ α, ssk }, and public key is PK={ y, g, μ, spk },
In (ssk, spk) be the randomly selected asymmetric cryptographic key pair of DO;
Wherein, α ∈ ZpIt is the value that DO is selected at random, g and μ are crowd G1On random element, y=gαIt is G1On element;G1
And G2To have the two of Prime Orders p multiplicative cyclic groups, e:G1×G1→G2For Bilinear map mapping;
S2. generate the audit signature of data block: the outer bag data F of DO is divided into n data block M={ m1,m2,...,
mn, DO is according to formulaFor miGenerate homomorphism can verify that signature, then homomorphism signature set for Φ=
{σi, 1≤i≤n, data block hash value collection is θ={ H (mi)},1≤i≤n;
H:{0,1}*→G1Binary number is mapped to crowd G for safety1On hash function;
Calculate t=name | | n | | SSigssk(name | | n) is the label of outer bag data F, and wherein name is outer bag data F
Unique identifier, DO sends { M, Φ, t } to MS, while sending after θ receives related data to TPA, CSP and TPA, and DO is local
It deletes { M, Φ, θ };
S3. outsourcing file label is verified, DO identity is confirmed: when MS receives data { M, Φ, t }, using the public key spk of DO
Verify outsourcing data label;If authentication failed, MS requires DO to retransmit data, conversely, MS stores signature set Φ, and handle
Outer bag data indicates that { F, name } is sent to CSP with it;
S4. generate the challenge information of audit: when reaching the audit time, TPA checks whether HBBT locally constructs successfully,
If it is unsuccessful generating HBBT using θ;TPA randomly chooses c challenge data block in outer bag data serial number set,
Generate set I={ s1,s2,...,sc}1≤c≤n, then TPA is that each challenge data block selects c random number v at random againi, { vi
∈Zp}i∈I, form challenge data setIt is sent to MS;
S5.MS generates audit evidence: after MS receives the challenge information from TPA, challenge data collection being first divided into two
Subset chal={ C1,C2, C1Outsourcing data-block cache represented by challenge data block serial number in challenge information in MS,
C2It is to indicate the outsourcing data block to be audited of CSP comprising remaining challenge information;After the completion of challenge data divides, MS gives CSP again
Send challenge subset C2, signature evidence Θ is then generated according to chal, according to subset C1Generate data block evidence
S6.CSP receives the challenge subset C of MS transmission2Data evidence is generated afterwardsCalculation formula is as follows:
CSP sends data evidence to MS
S7.MS receives the data evidence of CSPAfterwards, aggregated data evidenceWith
MS sends evidence { Θ, U } to TPA;
After S8.TPA receives the evidence { Θ, U } of MS transmission, it is corresponding that challenge data block serial number is first found from HBBT tree
Cryptographic Hash { H (mi) (i ∈ chal), it calculatesThe audit of Bilinear map property is recycled to choose by the audit of following equation
War data block:
If equation left and right ends are equal, TPA exports TRUE, otherwise TPA exports FALSE.
In order to support after guaranteeing dynamic operation, data block is still correctly that agreement must be introduced into dynamic data structure.Perhaps
The dynamic auditing of more audit agreements is all based on MHT, but in order to save the memory space of dynamic data structure and audit effect
Rate, the present invention propose a kind of referred to as Hash balanced binary tree for being more focused on audit efficiency on the basis of balanced binary tree
(HBBT) new data structure.
Hash balanced binary tree (HBBT): TPA generates HBBT according to the newest cryptographic Hash of DO outsourcing data block, and is stored in
It is local.As shown in Fig. 2, the node of HBBT includes two parts, it is data block sequence number i and data block cryptographic Hash H (m respectivelyi)。
TPA receives { i, the H (m of DO transmissioni) after, according to the requirement of Adelson-Velskii-Landis tree, using the size of i as the order standard of HBBT data block,
Generate HBBT.(note: the "-" in Fig. 2 is not minus sign, is a kind of label)
The Hash hashed value of the leaf node storage outsourcing data block of MHT tree, father node storage is left and right child node
Hash hashed value, when to Knots inserting, delete operation, it is only necessary to change the hash of several leaf nodes or internal node
Value, the serial number without updating each leaf node.However, HBBT tree no matter leaf node, root node or internal node
Data block sequence number and Hash hashed value are all stored, when insertion or delete operation occurs, needs to update under normal circumstances every
The serial number of a node and the degree of balance for adjusting whole tree, are equivalent to rebuild a HBBT tree in this way, ask to solve this
Topic, the present invention devise a kind of new data block sequence number.
Data block sequence number: assuming that outsourcing data sequence number be (1,2,3 ..., k, i, j ... n), wherein k, i, j are by suitable
Sequence arrangement is divided into following several situations insertion: (1) when need i and j between be inserted into a data block, serial number can be changed to (1,
2,3 ... k, i, i-1, j ... n), wherein i < i-1 < j;(2) when needing to be inserted into a data block between i-1 and j, serial number can
Become (1,2,3 ..., k, i, i-1, i-2, j ... n), wherein i-1 < i-2 < j;(3) when need between i and i-1 be inserted into one
When data block, serial number can be changed to (1,2,3 ..., k, i, i-1-1, i-1, i-2, j ... n), wherein i < i-1-1 < i-1.(4) when
Need between i-2 and j be inserted into a data block when, serial number can be changed to (1,2,3 ..., k, i, i-1-1, i-1, i-2, i-3,
J ... n), wherein i-2 < i-3 < j;(5) when need between i-2 and i-3 be inserted into a data block when, serial number can be changed to (1,2,
3 ..., k, i, i-1-1, i-1, i-2, i-3-1, i-3, j ... n), wherein i-2 < i-3-1 < i-3, and so on.Delete node
Only need to adjust the degree of balance of HBBT tree;Modification operation is general only to modify node Hash hashed value, does not modify node serial number, so
HBBT tree does not adjust.
The insertion of HBBT, delete operation are as shown in Fig. 3-1 to 3-7.Assuming that HBBT tree is formed by 8 data blocks, in order to clear
The description of Chu is used only data block sequence number and marks HBBT, as shown in figure 3-1, node Serial No. (1,2,3,4,5,6,7,8);According to
According to above-mentioned 5 kinds of situations, node is inserted into this.It is one node of insertion, serial number between No. 4 nodes and No. 5 nodes shown in Fig. 3-2
For 4-1, serial number (1,2,3,4,4-1,5,6,7,8) after insertion;It is to be inserted between 4-1 node and No. 5 nodes shown in Fig. 3-3
One node, serial number 4-2, serial number (1,2,3,4,4-1,4-2,5,6,7,8) after insertion;Be shown in Fig. 3-4 in No. 4 nodes and
It is inserted into a node between 4-1 node, serial number 4-1-1, serial number after insertion (1,2,3,4,4-1,4-1-1,4-2,5,6,7,
8);It is one node of insertion between 4-2 node and No. 5 nodes shown in Fig. 3-5, serial number 4-3, serial number after insertion (1,2,
3,4,4-1,4-1-1,4-2,4-3,5,6,7,8);It is that one is inserted between 4-2 node and 4-3 node shown in Fig. 3-6
Node, serial number 4-3-1, serial number (1,2,3,4,4-1,4-1-1,4-2,4-3-1,4-3,5,6,7,8) after insertion;Delete operation
As shown in fig. 3 to 7, No. 5 nodes are deleted, Serial No. after deletion (1,2,3,4,4-1,4-1-1,4-2,4-3-1,4-3,6,7,
8) it is similar that other node operations, are deleted.
Agreement of the invention supports dynamic of the outsourcing data block in MEC environment to update, since MC server is easy to be opposed
Hand manipulation is attacked, so dynamic updates agreement while completing each update operation, also to identify this malicious act.
In above-mentioned steps S4, it is assumed that DO completes initialization, after TPA receives the θ of DO transmission, constructs HBBT, specific dynamic updating process
It is as follows: when DO is needed the i-th number block miIt is revised as m 'iWhen, modification process is as shown in figure 5, DO generates character string γ=Mo | |
I | | N, wherein Mo indicates modification operation, N ∈ ZpIt is a random number;DO calculates H (m according to γi' | | h (γ)), it generates to be modified
Data block m 'iSignatureThen DO sends { Mo, i, H (mi' | | h (γ)) } give TPA, hair
Send { γ, mi′,σi' give MS;After TPA receives the data from DO, local HBBT is retrieved according to i, finds corresponding node, and make
With H (mi' | | h (γ)) replacement node H (mi);After MS receives the data from DO, σ is usedi' more new data block miSignature,
And send { γ, mi′,σi' give CSP, CSP to verify more new data block:
If equation is equal, CSP enables mi'=mi' | | h (γ) uses mi' replacement mi, otherwise refusal modification operation.
When DO is needed data block mxIt is inserted into data block miAnd mi+1Between when, DO generate character string γ=I | | i | | y | |
N, wherein I indicates modification operation, and y indicates the insertion label of data block, N ∈ ZpIt is a random number;DO calculates H (m according to γx||
H (γ)), generation is inserted into data block mxSignatureThen DO sends { I, i, y, H (mx||
H (γ)) } TPA is given, send { γ, mx,σxGive MS;After TPA receives the data from DO, a new node no is generatedx, use
{y,H(mx| | h (γ)) } initialize the node;TPA retrieves local HBBT according to i, finds corresponding node n oi, noxInsertion
noiLater, HBBT is adjusted according to the requirement of Adelson-Velskii-Landis tree;After MS receives the data from DO, σ is locally storedx, and send { γ, mx,
σxCSP, CSP is given to verify more new data block:
If equation is equal, CSP enables mx=mx| h (γ), mxIt is inserted into miLater, otherwise refuse insertion operation.
When DO needs to delete the i-th number block miWhen, DO generates character string γ=D | | i | | N, wherein D indicates modification behaviour
Make, N ∈ ZpIt is a random number;DO calculates H (γ) according to γ, generates insertion operation signature sigmaD=(H (γ))α, then DO is sent
{ D, i, H (γ) } gives TPA, sends { γ, i, σDGive MS;After TPA receives { D, i, H (γ) }, local HBBT is retrieved according to i, is looked for
To corresponding node and the node is deleted, TPA adjusts HBBT according to the requirement of Adelson-Velskii-Landis tree;After MS receives the data from DO, delete
The signature sigma of corresponding nodei, and data { D, i, H (γ) } are then forwarded to CSP, CSP verifies more new data block:
If equation is equal, CSP deletes data block miLater, otherwise refuse delete operation.
The performance of experimental evaluation agreement of the present invention: experiment is run under Linux virtual platform, and is introduced based on the close of pairing
Code learns the library (PBC) and constructs agreement in C language environment.Experiment uses Core (TM) i7-4710HQ CPU@2.50GHz processor
With the hardware machine simulation MEC server and CSP server in 12GB RAM.Experiment is initialized using MNT d159 parameter of curve
Bilinear map is constructed, the security parameter of agreement is set as 80bit.
Comparison scheme [1]-[3] used in test assessment are respectively as follows:
[1]Wang,Q.,Wang,C.,Ren,K.,Lou,W.,&Li,J.(2011).Enabling public
auditability and data dynamics for storage security in cloud computing.IEEE
transactions on parallel and distributed systems,22(5),847-859.
[2]Tian,H.,Chen,Y.,Chang,C.C.,Jiang,H.,Huang,Y.,Chen,Y.,&Liu,J.
(2017).Dynamic-hash-table based public auditing for secure cloud storage.IEEE
Transactions on Services Computing,10(5),701-714.
[3]Tian,H.,Nan,F.,Chang,C.C.,Huang,Y.,Lu,J.,&Du,Y.(2019).Privacy-
preserving public auditing for secure data storage in fog-to-cloud
computing.Journal of Network and Computer Applications,127,59-69.
(1) test assessment: the computing cost of initial phase
Fig. 6 is initial phase, and each agreement is that the data block of different number generates the time of signature.It can be with from Fig. 6
Find out, with the increase of data block, initialization time linear increase.10,000 data block is handled, agreement of the invention is spent
5.108 seconds, agreement [1] and agreement [3] were respectively necessary for 5.366 seconds and 9.91 seconds, and agreement [2] then spends 31.781 seconds.This hair
The time of bright agreement essentially coincides with agreement [1], and the time that agreement [2] needs is most, and the time of agreement [3] is placed in the middle.This be because
It needing to calculate n-pair than agreement of the invention for agreement [2] moreG, agreement [3] then index more than agreement of the invention
Operate EGTime.
(2) test assessment: the computing cost of evidence is generated
Fig. 7 is to generate the evidence stage, and each agreement is that the challenge data block of different number generates the time of evidence.From Fig. 7
In as can be seen that agreement of the present invention has apparent advantage with other three agreements compared with, this is because MS cache it is a part of
Data, it assists CSP to calculate this half-proof, alleviates the computing cost of CSP.And it can also be seen that with challenge data
The computing cost of the increase of block, each agreement slowly increases, and 400 to 1,000 challenge data block agreement of the invention of processing is opened
The time of pin is 8.7 milliseconds and 20.1 milliseconds respectively.
(3) test assessment: the time overhead of audit
Fig. 8 illustrates audit phase, and each agreement audit different number data block generates the time of evidence.It can from Fig. 8
With, it is evident that the calculating cost of agreement of the invention is slightly less than agreement [1] and [3] are not much different, but to be far superior to agreement
[2].The main reason for causing such result is: 1) due to business demand, agreement [3] needs also to generate signature for mist node, this
The evidence that sample TPA is generated in addition to challenge data block to be audited signature, the evidence that the mist node that also to audit signature generates, increases meter
Calculate expense;2) in audit process, the TPA in agreement [1], will also be according to the cryptographic Hash of challenge data block in addition to wanting audit evidence
It is calculated with secondary path and the root node for the MHT that audits, additional computing cost is increased to the processing of root node;3) it was auditing
Cheng Zhong, agreement [2] need to find the Hash H (m of each challenge data block in DHT tablei), time complexity is O (n), this hair
Although bright agreement is also required to this process, but the HBBT that the present invention uses stores H (mi), retrieve the time of data block cryptographic Hash
Complexity is only O (logn), and the required time is less than agreement [2].
(4) test assessment: the time overhead of dynamic operation
Fig. 9-1 to Fig. 9-3 is the time of modification, insertion and the deletion of data block respectively.Due to the data of agreement of the present invention
Structure and agreement [1] are tree structure, so experimental selection agreement [1] is compared with agreement of the invention.It can from 3 figures
To find out, the time used in agreement of the invention is better than agreement [1], this is because HBBT tree height is lower than MHT, so finding
The dynamic operation destination node time is fewer than agreement [1];When CSP receives update request, agreement of the invention needs only assure that number
It is correct according to label and operation requests, and agreement [1] then needs to confirm respectively the correctness of MHT root node and data block before updating.
So the dynamic of agreement of the invention updates efficiency and is higher than agreement [1].
Claims (7)
1. a kind of edge calculations data accountability system based on Hash binary tree, it is characterised in that: the system comprises DO, MS,
CSP and TPA;Data on CSP to be sent to are divided into several data blocks by the DO, and generate label for these data blocks
Name, is then sent to these data blocks and signature in MS;After the MS receives data, verify data source, after verifying is legal,
Data block, is then sent to Cloud Server again by the label and the common data block of DO for saving all data blocks;Work as audit cycle
Come interim, TPA generates one group of challenge information and is simultaneously sent to MS, after MS receives challenge information, according to the data block of oneself caching and
Data label generates a part of evidence, then the challenge information of another part is sent to CSP, and CSP is sent to MS after generating evidence,
Mixed evidence is sent to TPA and completes audit by MS.
2. a kind of edge calculations Data Audit method based on Hash binary tree, it is characterised in that: the method includes following steps
It is rapid:
S1. initiation parameter: DO generates key pair, and private key is SK={ α, ssk }, and public key is PK={ y, g, μ, spk }, wherein
(ssk, spk) is the randomly selected asymmetric cryptographic key pair of DO;
Wherein, α ∈ ZpIt is the value that DO is selected at random, g and μ are crowd G1On random element, y=gαIt is G1On element;G1And G2
To have the two of Prime Orders p multiplicative cyclic groups, e:G1×G1→G2For Bilinear map mapping;
S2. generate the audit signature of data block: the outer bag data F of DO is divided into n data block M={ m1,m2,...,mn, DO
According to formulaFor miGenerating homomorphism can verify that signature, then homomorphism signature set is Φ={ σi},1≤i
≤ n, data block hash value collection are θ={ H (mi)},1≤i≤n;
H:{0,1}*→G1Binary number is mapped to crowd G for safety1On hash function;
Calculate t=name | | n | | SSigssk(name | | n) is the label of outer bag data F, wherein name be outer bag data F only
One identifier, DO send { M, Φ, t } to MS, while sending after θ receives related data to TPA, CSP and TPA, and DO is locally deleted
{M,Φ,θ};
S3. outsourcing file label is verified, confirms DO identity: when MS receives data { M, Φ, t }, being verified using the public key spk of DO
Outsourcing data label;If authentication failed, MS requires DO to retransmit data, conversely, MS stores signature set Φ, and outsourcing
Data indicate that { F, name } is sent to CSP with it;
S4. generate the challenge information of audit: when reaching the audit time, TPA checks whether HBBT locally constructs successfully, if
Do not succeed, then generates HBBT using θ;TPA randomly chooses c challenge data block in outer bag data serial number set, generates
Set I={ s1,s2,...,sc}1≤c≤n, then TPA is that each challenge data block selects c random number v at random againi, { vi∈
Zp}i∈I, form challenge data setIt is sent to MS;
S5.MS generates audit evidence: after MS receives the challenge information from TPA, challenge data collection being first divided into two subsets
Chal={ C1,C2, C1Outsourcing data-block cache represented by challenge data block serial number in challenge information is in MS, C2It is
Comprising remaining challenge information, the outsourcing data block to be audited of CSP is indicated;After the completion of challenge data divides, MS is sent to CSP again
Challenge subset C2, signature evidence Θ is then generated according to chal, according to subset C1Generate data block evidence
S6.CSP receives the challenge subset C of MS transmission2Data evidence is generated afterwardsCalculation formula is as follows:
CSP sends data evidence to MS
S7.MS receives the data evidence of CSPAfterwards, aggregated data evidenceWith
MS sends evidence { Θ, U } to TPA;
After S8.TPA receives the evidence { Θ, U } of MS transmission, the corresponding Hash of challenge data block serial number is first found from HBBT tree
It is worth { H (mi) (i ∈ chal), it calculatesRecycle the audit of Bilinear map property by following equation audit challenge number
According to block:
If equation left and right ends are equal, TPA exports TRUE, otherwise TPA exports FALSE.
3. the edge calculations Data Audit method according to claim 2 based on Hash binary tree, it is characterised in that: described
In step S4, the TPA generates Hash balanced binary tree (HBBT) according to the newest cryptographic Hash of DO outsourcing data block, and is stored in
It is local;The node of the HBBT includes two parts, is data block sequence number i and data block cryptographic Hash H (m respectivelyi);The TPA
Receive { i, the H (m of DO transmissioni) after, it is raw using the size of i as the order standard of HBBT data block according to the requirement of Adelson-Velskii-Landis tree
At HBBT.
4. the edge calculations Data Audit method according to claim 3 based on Hash binary tree, it is characterised in that: described
The data block sequence number of HBBT tree be (1,2,3 ..., k, i, j ... n), wherein k, i, j are to be arranged in order, and are divided into following several
Situation insertion: (1) when need between i and j be inserted into a data block when, serial number can be changed to (1,2,3 ... k, i, i-1,
J ... n), wherein i < i-1 < j;(2) when need between i-1 and j be inserted into a data block when, serial number can be changed to (1,2,3 ...,
K, i, i-1, i-2, j ... n), wherein i-1 < i-2 < j;(3) when needing to be inserted into a data block between i and i-1, serial number can
Become (1,2,3 ..., k, i, i-1-1, i-1, i-2, j ... n), wherein i < i-1-1 < i-1;(4) when needing between i-2 and j
When being inserted into a data block, serial number can be changed to (1,2,3 ..., k, i, i-1-1, i-1, i-2, i-3, j ... n), wherein i-2 <
i-3<j;(5) when needing to be inserted into a data block between i-2 and i-3, serial number can be changed to (1,2,3 ..., k, i, i-1-1, i-
1, i-2, i-3-1, i-3, j ... n), wherein i-2 < i-3-1 < i-3, and so on.
5. the edge calculations Data Audit method according to claim 2 based on Hash binary tree, it is characterised in that: described
In step S4, after the TPA receives the θ of DO transmission, HBBT is constructed, when DO is needed the i-th number block miIt is revised as m 'iWhen, it repairs
It corrects one's mistakes journey are as follows:
DO generates character string γ=Mo | | i | | N, wherein Mo indicates modification operation, N ∈ ZpIt is a random number;DO is calculated according to γ
H(mi' | | h (γ)), generate data block m ' to be modifiediSignatureThen DO send Mo,
i,H(mi' | | h (γ)) } TPA is given, send { γ, mi′,σi' give MS;After TPA receives the data from DO, retrieved according to i local
HBBT finds corresponding node, and uses H (mi' | | h (γ)) replacement node H (mi);After MS receives the data from DO, make
Use σi' more new data block miSignature, and send { γ, mi′,σi' give CSP, CSP to verify more new data block:
If equation is equal, CSP enables mi'=mi' | | h (γ) uses mi' replacement mi, otherwise refusal modification operation.
6. the edge calculations Data Audit method according to claim 2 based on Hash binary tree, it is characterised in that: described
In step S4, after the TPA receives the θ of DO transmission, HBBT is constructed, when DO is needed data block mxIt is inserted into data block miAnd mi+1
Between when, modify process are as follows:
DO generates character string γ=I | | i | | y | | N, wherein I indicates modification operation, and y indicates the insertion label of data block, N ∈ ZpIt is
One random number;DO calculates H (m according to γx| | h (γ)), generation is inserted into data block mxSignatureThen DO sends { I, i, y, H (mx| | h (γ)) } TPA is given, send { γ, mx,σxGive
MS;After TPA receives the data from DO, a new node no is generatedx, use { y, H (mx| | h (γ)) } initialize the node;
TPA retrieves local HBBT according to i, finds corresponding node n oi, noxIt is inserted into noiLater, it is adjusted according to the requirement of Adelson-Velskii-Landis tree
HBBT;After MS receives the data from DO, σ is locally storedx, and send { γ, mx,σxCSP, CSP is given to verify more new data block:
If equation is equal, CSP enables mx=mx| h (γ), mxIt is inserted into miLater, otherwise refuse insertion operation.
7. the edge calculations Data Audit method according to claim 2 based on Hash binary tree, it is characterised in that: described
In step S4, after the TPA receives the θ of DO transmission, HBBT is constructed, when DO needs to delete the i-th number block miWhen, modify process
Are as follows:
DO generates character string γ=D | | i | | N, wherein D indicates modification operation, N ∈ ZpIt is a random number;DO calculates H according to γ
(γ) generates insertion operation signature sigmaD=(H (γ))α, then DO sends { D, i, H (γ) } to TPA, sends { γ, i, σDGive
MS;After TPA receives { D, i, H (γ) }, according to i retrieve local HBBT, find corresponding node and delete the node, TPA according to
The requirement of Adelson-Velskii-Landis tree adjusts HBBT;After MS receives the data from DO, the signature sigma of corresponding node is deletedi, and data { D, i, H
(γ) } it is then forwarded to CSP, CSP verifies more new data block:
If equation is equal, CSP deletes data block miLater, otherwise refuse delete operation.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910756888.4A CN110460447B (en) | 2019-08-16 | 2019-08-16 | Hash binary tree-based edge calculation data auditing system and auditing method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910756888.4A CN110460447B (en) | 2019-08-16 | 2019-08-16 | Hash binary tree-based edge calculation data auditing system and auditing method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110460447A true CN110460447A (en) | 2019-11-15 |
CN110460447B CN110460447B (en) | 2022-07-08 |
Family
ID=68487105
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910756888.4A Active CN110460447B (en) | 2019-08-16 | 2019-08-16 | Hash binary tree-based edge calculation data auditing system and auditing method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110460447B (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111898164A (en) * | 2020-07-02 | 2020-11-06 | 武汉纺织大学 | Data integrity auditing method supporting tag block chain storage and query |
CN113609533A (en) * | 2021-08-23 | 2021-11-05 | 东北大学秦皇岛分校 | Integrity auditing method for smart power grid data |
EP4211588A4 (en) * | 2020-09-30 | 2023-10-25 | Huawei Technologies Co., Ltd. | Method for verifying software security of electronic device(s) in vehicle and related device |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20120324230A1 (en) * | 2011-03-16 | 2012-12-20 | International Business Machines Corporation | System for enabling digital signature auditing |
CN103501352A (en) * | 2013-10-22 | 2014-01-08 | 北京航空航天大学 | Cloud storage data security auditing method allowing group-user identity revocation |
CN104023044A (en) * | 2014-01-01 | 2014-09-03 | 电子科技大学 | Cloud-storage data lightweight-level public auditing method with privacy protection |
CN105791321A (en) * | 2016-05-03 | 2016-07-20 | 西南石油大学 | Cloud storage data common auditing method possessing secret key leakage resistance characteristic |
CN106254374A (en) * | 2016-09-05 | 2016-12-21 | 电子科技大学 | A kind of cloud data public audit method possessing duplicate removal function |
CN106845280A (en) * | 2017-03-14 | 2017-06-13 | 广东工业大学 | A kind of Merkle Hash trees cloud data integrity auditing method and system |
-
2019
- 2019-08-16 CN CN201910756888.4A patent/CN110460447B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20120324230A1 (en) * | 2011-03-16 | 2012-12-20 | International Business Machines Corporation | System for enabling digital signature auditing |
CN103501352A (en) * | 2013-10-22 | 2014-01-08 | 北京航空航天大学 | Cloud storage data security auditing method allowing group-user identity revocation |
CN104023044A (en) * | 2014-01-01 | 2014-09-03 | 电子科技大学 | Cloud-storage data lightweight-level public auditing method with privacy protection |
CN105791321A (en) * | 2016-05-03 | 2016-07-20 | 西南石油大学 | Cloud storage data common auditing method possessing secret key leakage resistance characteristic |
CN106254374A (en) * | 2016-09-05 | 2016-12-21 | 电子科技大学 | A kind of cloud data public audit method possessing duplicate removal function |
CN106845280A (en) * | 2017-03-14 | 2017-06-13 | 广东工业大学 | A kind of Merkle Hash trees cloud data integrity auditing method and system |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111898164A (en) * | 2020-07-02 | 2020-11-06 | 武汉纺织大学 | Data integrity auditing method supporting tag block chain storage and query |
CN111898164B (en) * | 2020-07-02 | 2024-03-29 | 武汉纺织大学 | Data integrity auditing method supporting label block chain storage and query |
EP4211588A4 (en) * | 2020-09-30 | 2023-10-25 | Huawei Technologies Co., Ltd. | Method for verifying software security of electronic device(s) in vehicle and related device |
CN113609533A (en) * | 2021-08-23 | 2021-11-05 | 东北大学秦皇岛分校 | Integrity auditing method for smart power grid data |
CN113609533B (en) * | 2021-08-23 | 2024-02-27 | 东北大学秦皇岛分校 | Integrity auditing method for smart grid data |
Also Published As
Publication number | Publication date |
---|---|
CN110460447B (en) | 2022-07-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP4120114A1 (en) | Data processing method and apparatus, smart device and storage medium | |
CN110602138B (en) | Data processing method and device for block chain network, electronic equipment and storage medium | |
CN103501352B (en) | A kind of cloud storage data method for auditing safely allowing group user identity to cancel | |
CN111914027B (en) | Block chain transaction keyword searchable encryption method and system | |
CN106254374B (en) | A kind of cloud data public audit method having duplicate removal function | |
CN113162768B (en) | Intelligent Internet of things equipment authentication method and system based on block chain | |
CN110069908A (en) | A kind of authority control method and device of block chain | |
CN111970299A (en) | Block chain-based distributed Internet of things equipment identity authentication device and method | |
CN110460447A (en) | Edge calculations data accountability system and auditing method based on Hash binary tree | |
CN109600366A (en) | The method and device of protection user data privacy based on block chain | |
EP3869376B1 (en) | System and method for blockchain based decentralized storage with dynamic data operations | |
CN113312574A (en) | Cloud data integrity auditing method based on block chain | |
CN111211905A (en) | Identity management method for Fabric alliance chain members based on certificate-free authentication | |
CN112613601B (en) | Neural network model updating method, equipment and computer storage medium | |
CN111222879A (en) | Certificateless authentication method and certificateless authentication system suitable for alliance chain | |
CN104899525A (en) | Cloud data integrity proving scheme with improved dynamic operations | |
CN106611136A (en) | Data tampering verification method in cloud storage | |
CN108768975A (en) | Support the data integrity verification method of key updating and third party's secret protection | |
CN115208628B (en) | Data integrity verification method based on block chain | |
Lee et al. | Privacy-preserving identity management system | |
CN109302286B (en) | Fido equipment key index generation method | |
Xie et al. | A novel blockchain-based and proxy-oriented public audit scheme for low performance terminal devices | |
CN106533681B (en) | A kind of attribute method of proof and system that support section is shown | |
CN113779637B (en) | Attribute data processing method, attribute data processing device, attribute data processing equipment and attribute data processing medium | |
CN116488816A (en) | Data processing method, device and storage medium based on blockchain network |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |