CN112989378A - File trusted intermediate storage architecture based on attribute encryption - Google Patents

Abstract

The invention provides a file trusted intermediate storage architecture based on attribute encryption, which comprises the following steps: the system comprises a data owner, a data storage center, a block chain system, a key generator, a key generation center, an attribute authorization center and a data user; the data owner is used for uploading data; the data storage center is used for storing the uploaded data; the block chain system is used for identifying and disclosing the abstract of a secret key cryptograph used by the data owner to upload the encrypted data and the signature of the secret key cryptograph; the key generator is used for generating a symmetric key and an asymmetric key which are required by the encrypted data for the user; the secret key generation center encrypts the attributes and generates a secret key of the user according to the attributes provided by the user, the system master key and the public parameters of the system; the attribute authorization center endows different attributes for different data consumers or data users, and generates a corresponding private key SK according to the attributes provided by the users; the data user downloads and uses the data in the data storage center. A corresponding storage method is also provided.

Description

File trusted intermediate storage architecture based on attribute encryption

Technical Field

The invention relates to the technical field of data storage, in particular to a file trusted intermediate storage architecture and a storage method based on attribute encryption.

Background

The security access mechanism provided by the cloud storage service provider (CSP) is completely dependent on the control of the server side, and the security of the security access mechanism is completely dependent on the credibility of the CSP. The CSP can guarantee the validity of the security mechanism and can adhere to the question of the user's commitment to service. In addition, a cloud service provider with partial trust of the server (i.e., the data cannot be disclosed to the server side in a clear text, and besides, all behaviors of the server are faithful) may arbitrarily disclose the private data or important files of the user without permission of the user.

Therefore, a new trusted intermediate storage architecture and storage method for files based on attribute encryption needs to be designed in the scene of the requirements of a cloud storage system to overcome some limitations and defects in the prior art.

Disclosure of Invention

The invention aims to provide a file trusted intermediate storage architecture and a storage method based on attribute encryption, which improve the safety, controllability, high efficiency, dynamics and privacy of the existing storage method and solve the problems in the background technology.

The invention aims to provide a file trusted intermediate storage architecture based on attribute encryption, which comprises the following steps:

a data owner (data owner), a data storage Center, a block chain system (blockchain), a Key generator, a Key Generation Center (Key Generation Center), an Attribute Authorization Center (Attribute Authorization Center), and a data consumer (data user); wherein the data owner is for uploading data; the data storage center is used for storing the data uploaded by the data owner; the block chain system is used for identifying and disclosing a summary of a key ciphertext used by the data owner to upload encrypted data and a signature of the key ciphertext; the key generator is used for generating a symmetric key and an asymmetric key which are required by encrypted data for a user; the secret key generation center encrypts the attributes and generates a secret key of the user according to the attributes provided by the user, the system master key and the public parameters of the system; the attribute authorization center endows different attributes to different data consumers or data users, and generates a corresponding private key SK according to the attributes provided by the users; the data consumer downloads and uses the data in the data storage center.

The invention also aims to provide a file trusted intermediate storage method based on attribute encryption, which comprises the following steps:

step 1, a data owner uploads data to the data storage center;

step 2, the data owner uploads the encryption key PK_sys-RSA；

And 3, using the uploaded data by the data user.

Preferably, the step 1 comprises:

step 11, the Data owner requests the key generator to generate ASE symmetric encrypted key Pri-sys and RSA asymmetric encrypted key pair (Priv)_asys-RSA，Pub_asys-RSA) And the asymmetric encrypted public key Pub is used_asys-RSABroadcasting into the network;

step 12, the data owner uploads the data message;

step 13, the Data owner uses the ASE symmetric encryption key Pri-sys to symmetrically encrypt the Data Message (DM) into a ciphertext C (ciphertext);

step 14, storing the data ciphertext C into a data storage center;

step 15, extracting a data summary md (message digest) of the ciphertext C;

step 16, data summary MD of the ciphertext C, by using Priv_asys-RSASigning the ciphertext data to obtain a digital signature Sig-C;

and step 17, storing the ciphertext C in the data storage center, and storing the digital signature Sig-C of the ciphertext data C in an intermediate cache.

Preferably, in the step 17, the intermediate cache is a hash table, and the query complexity of the hash table is as low as O (1).

Preferably, the step 2 comprises:

step 21, in a setup stage, the secret key generation center generates and outputs a system public key PK and a system master secret key MK for the system;

step 22, obtaining a symmetric key Pri-sys for encrypting and uploading data and an asymmetric key pair for signature from the key generator by the data;

step 23, uploading a symmetric key Pri-sys used by the encrypted data by the data owner;

step 24, the data owner formulates an access structure AS (access structure) of the message data DM, and encrypts a symmetric key Pri-sys used by the encrypted data, the process uses attribute encryption, and an encrypt (PK, Pri-sys, AS) algorithm is used to generate a ciphertext CT corresponding to the key, wherein the access structure AS is an access structure defined by the data owner;

step 25, extracting a data abstract MD-CT of the ciphertext CT;

step 26, the data owner uses Priv in the key pair of RSA asymmetric encryption_asys-RSAThe secret key signs the data abstract MD-CT of the ciphertext CT to obtain a signature SigCT;

and 27, uploading the ciphertext CT and the signature SigCT to a block chain after being identified together.

Preferably, the encrypt (PK, Pri-sys, AS) algorithm is a CP-ABE attribute encryption algorithm for hiding the access policy, and a CP-ABE attribute encryption scheme for hiding the access policy is adopted. The model adopts a Nishide-Yoneyama-Ohta scheme, which comprises the following steps:

(1) initializing the Setup phase: setup (alpha) → (PK, MK)

G1 and GT are p-order cyclic groups with G1 and G2 as generator elements, p is prime number, e: g1 XG 1 → GT is a bilinear map under the prime order group. Selecting a random factor: w is formed as Z_p ^*Randomly selecting parameter a_i，

a_i ^*∈Z_p ^*Computationally generating a system public key

And system master key

Wherein Y ═ e (g)_i,g₁)^w,

(2) Encryption Encrypt phase: encrypt (PK, M, AS) → CT

Where PK is the master key of the system, M is the plaintext M E G to be encrypted_TAS is the access policy AS ═ W₁，W₂，...，W_n}; selecting a random parameter r epsilon Z in the encryption algorithm_p ^*Calculating

C₀＝g^rAnd C_iTo obtain a ciphertext

Wherein for

Message M E G needing encryption_T，W＝∩_i∈I iOutput of

Wherein

(s is a Z_pRandom parameter(s);

(3) key generation KeyGen stage: KeyGen (MK, U) → SK

Wherein U ═ { L ═ L₁，L₂，...，L_n-selecting a random factor during the algorithm: s_i∈Z_p ^*Calculating

D₀＝g^w-s，

The generated key SK ═ D₀，{D_i，D_i ^*}_1≤i≤n)；

(4) Decryption Decrypt stage: decrypt (CT, SK) → M

Wherein

SK＝(D₀，{D_i，D_i ^*}_1≤i≤n)

Checking in advance whether the user attribute U meets an access strategy AS related to the ciphertext, if not, exiting the decryption algorithm, and if so, carrying out the following calculation

Wherein

Preferably, the step 3 comprises:

step 31, the data consumer gives an attribute U ═ Att1, Att2, Att3, …, date-available } to the identity of the data user through an attribute authorization center, and the data authorization center generates a private key SK for the data user by using a KeyGen (MK, U) algorithm according to the attribute of the data user, wherein MK is a system master key;

step 32, the data user obtains the secret key ciphertext CT and the digital signature CT-Sig of the secret key on the block chain system, and checks whether the secret key ciphertext is changed by an attacker or not through the digital signature; then, a Decrypt (CT, SK) algorithm in the attribute encryption process is used for obtaining a symmetric encryption key Pri-sys of the encrypted data;

step 33, the data user obtains the digital signature Sig-C of the target data ciphertext from the intermediate cache;

step 34, downloading data in the data storage center by the data user;

step 35, the data user decrypts the digital signature Sig-C through the Pubasys-RSA public key to obtain a data digest MD1 of the ciphertext, extracts a data digest MD1 of the ciphertext C, compares the data digest MD1 with the data digest MD2, and if the MD1 and the MD2 are the same, proves that the ciphertext C is not tampered by a malicious person;

in step 36, if MD1 is the same as MD2, the data user decrypts the ciphertext C using Pri-sys to obtain the plaintext data DM for use.

Preferably, the step 15, the step 25 and the step 35 use an MD5 algorithm to extract a data digest of the ciphertext, and during the file transmission, the MD5 generates a 16-byte check value matched with the file, and stores the check value in the text file of MD5 or MD5 sum.

Preferably, the method further comprises the following steps:

and 4, deleting data: and the data owner initiates a message data deletion request, and deletes corresponding messages in the data storage center and the intermediate cache.

Preferably, the method further comprises the following steps:

and 5, controlling the condition of the data owner on the data: the attribute authorization center controls the attribute of the data user, and cancels or adds the attribute of the data user according to the actual situation.

The invention has the beneficial effects that:

(1) safety: the data transmission process is prevented from being intercepted and tampered. The data cleartext is only allowed to be viewed by a specific user;

(2) controllability: performing condition control on the data, and automatically destroying the data when the data is due;

(3) high efficiency: the encryption and decryption mode of the data is expanded from the traditional one-to-one mode into a one-to-many mode;

(4) the dynamic property: the decryption capability of the user only depends on whether the attribute set of the user meets the access policy of the ciphertext, and is not related to the fact that the user joins the system before or after the ciphertext is generated;

(5) privacy: the data owner does not need to learn the identity information of the decryptor when encrypting the data.

The above and other objects, advantages and features of the present invention will become more apparent to those skilled in the art from the following detailed description of specific embodiments thereof, taken in conjunction with the accompanying drawings.

Drawings

Some specific embodiments of the invention will be described in detail hereinafter, by way of illustration and not limitation, with reference to the accompanying drawings. The same reference numbers in the drawings identify the same or similar elements or components. Those skilled in the art will appreciate that the drawings are not necessarily drawn to scale. The objects and features of the present invention will become more apparent in view of the following description taken in conjunction with the accompanying drawings, in which:

FIG. 1 is a flow diagram of a method for a data owner to upload data and keys, according to an embodiment of the present invention;

FIG. 2 is a flow chart of a method for data consumer usage data according to an embodiment of the present invention.

Detailed Description

The embodiment provides a file trusted intermediate storage architecture based on attribute encryption, which includes:

a data owner (data owner), a data storage Center, a block chain system (blockchain), a Key generator, a Key Generation Center (Key Generation Center), an Attribute Authorization Center (Attribute Authorization Center), and a data consumer (data user); wherein the data owner is for uploading data; the data storage center is used for storing the data uploaded by the data owner; the block chain system is used for identifying and disclosing a summary of a key ciphertext used by the data owner to upload encrypted data and a signature of the key ciphertext; the key generator is used for generating a symmetric key and an asymmetric key which are required by encrypted data for a user; the secret key generation center encrypts the attributes and generates a secret key of the user according to the attributes provided by the user, the system master key and the public parameters of the system; the attribute authorization center endows different attributes to different data consumers or data users, and generates a corresponding private key SK according to the attributes provided by the users; the data consumer downloads and uses the data in the data storage center.

The file trusted intermediate storage method based on attribute encryption in the embodiment comprises the following steps:

step 1, a data owner uploads data to the data storage center;

step 2, the data owner uploads the encryption key PK_sys-RSA；

And 3, using the uploaded data by the data user.

Wherein, referring to fig. 1, step 1 comprises:

step 11, the Data owner requests the key generator to generate ASE symmetric encrypted key Pri-sys and RSA asymmetric encrypted key pair (Priv)_asys-RSA，Pub_asys-RSA) And the asymmetric encrypted public key Pub is used_asys-RSABroadcasting into the network;

step 12, the data owner uploads the data message;

step 13, the data owner uses the key Pri-sys of ASE symmetric encryption to symmetrically encrypt the data message DataMeage (DM) into a ciphertext C (ciphertext);

step 14, storing the data ciphertext C into a data storage center;

step 15, extracting a data summary md (message digest) of the ciphertext C;

step 16, data summary MD of the ciphertext C, by using Priv_asys-RSASigning the ciphertext data to obtain a digital signature Sig-C;

and step 17, storing the ciphertext C in the data storage center, and storing the digital signature Sig-C of the ciphertext data C in an intermediate cache.

In step 17, the intermediate cache is a hash table, and the query complexity of the hash table is very low, which can be as low as O (1).

Wherein, step 2 includes:

step 21, in a setup stage, the secret key generation center generates and outputs a system public key PK and a system master secret key MK for the system;

step 22, obtaining a symmetric key Pri-sys for encrypting and uploading data and an asymmetric key pair for signature from the key generator by the data;

step 23, uploading a symmetric key Pri-sys used by the encrypted data by the data owner;

step 24, the data owner formulates an access structure AS (access structure) of the message data DM, and encrypts a symmetric key Pri-sys used by the encrypted data, the process uses attribute encryption, and an encrypt (PK, Pri-sys, AS) algorithm is used to generate a ciphertext CT corresponding to the key, wherein the access structure AS is an access structure defined by the data owner;

step 25, extracting a data abstract MD-CT of the ciphertext CT;

step 26, the data owner uses Priv in the key pair of RSA asymmetric encryption_asys-RSAThe secret key signs the data abstract MD-CT of the ciphertext CT to obtain a signature SigCT;

and 27, uploading the ciphertext CT and the signature SigCT to a block chain after being identified together.

The encryption algorithm of the encryption is a CP-ABE attribute encryption algorithm for hiding the access policy, because the access control policy itself may contain a large amount of user sensitive data, an attacker can find out an attack target through the access control policy, and the purpose of stealing confidential data is achieved. Therefore, in order to increase the security of the model and avoid the access strategy from being acquired by an untrusted server or an attacker, the model adopts a CP-ABE attribute encryption scheme with hidden access strategy. The model adopts a Nishide-Yoneyama-Ohta scheme, which comprises the following steps:

(1) initializing the Setup phase: setup (alpha) → (PK, MK)

G1 and GT are p-order cyclic groups with G1 and G2 as generator elements, p is prime number, e: g1 XG 1 → GT is a bilinear map under the prime order group. Selecting a random factor: w is formed as Z_p ^*Randomly selecting parameter a_i，

a_i ^*∈Z_p ^*Computationally generating a system public key

And system master key

Wherein Y ═ e (g)_i,g_i)^w,

(2) Encryption Encrypt phase: encrypt (PK, M, AS) → CT

Where PK is the master key of the system, M is the plaintext M E G to be encrypted_TAS is the access policy AS ═ W₁，W₂，...，W_n}; selecting a random parameter r epsilon Z in the encryption algorithm_p ^*Calculating

C₀＝g^rAnd C_i。

Obtaining a ciphertext

Wherein for

Message M E G needing encryption_T，W＝∩_i∈I iOutput of

Wherein

(s is a Z_pRandom parameter(s);

(3) key generation KeyGen stage: KeyGen (MK, U) → SK

Wherein U ═ { L ═ L₁，L₂，...，L_n-selecting a random factor during the algorithm: s_i∈Z_p ^*Calculating

D₀＝g^w-s，

The generated key SK ═ D₀，{D_i，D_i ^*}_1≤i≤n)；

(4) Decryption Decrypt stage: decrypt (CT, SK) → M

Wherein

SK＝(D₀，{D_i，D_i ^*}_1≤i≤n)

Checking in advance whether the user attribute U meets an access strategy AS related to the ciphertext, if not, exiting the decryption algorithm, and if so, carrying out the following calculation

Wherein

Referring to fig. 2, step 3 includes:

step 31, the data consumer gives an attribute U ═ Att1, Att2, Att3, …, and date-available } to the identity of the data user through the attribute authorization center (the date-available indicates the attribute valid time of the data user, so the data user needs to visit the attribute authorization center regularly to update the attribute of the data user), the data authorization center uses a KeyGen (MK, U) algorithm to generate a private key SK for the data user according to the attribute of the data user, wherein MK is a system master key;

step 32, the data user obtains the secret key ciphertext CT and the digital signature CT-Sig of the secret key on the block chain system, and checks whether the secret key ciphertext is changed by an attacker or not through the digital signature; then, a Decrypt (CT, SK) algorithm in the attribute encryption process is used for obtaining a symmetric encryption key Pri-sys of the encrypted data;

step 33, the data user obtains the digital signature Sig-C of the target data ciphertext from the intermediate cache;

step 34, the data user downloads the data in the data storage center (the current time of the data-available > access of the data user, and the target data can be downloaded only when the attribute of the data user meets the access structure);

step 35, the data user decrypts the digital signature Sig-C through the Pubasys-RSA public key to obtain a data digest MD1 of the ciphertext, extracts a data digest MD1 of the ciphertext C, compares the data digest MD1 with the data digest MD2, and if the MD1 and the MD2 are the same, proves that the ciphertext C is not tampered by a malicious person;

in step 36, if MD1 is the same as MD2, the data user decrypts the ciphertext C using Pri-sys to obtain the plaintext data DM for use.

The step 15, the step 25 and the step 35 use the MD5 algorithm to extract the data digest of the ciphertext, the MD5 algorithm is widely applied to data integrity check, and the MD5 has the advantages of higher security and higher speed compared with the MD2 and MD4 algorithms. During file transfer, MD5 will generate a 16-byte check value that matches the file and is stored in the.md 5 or.md 5sum text file.

This embodiment still includes:

and 4, deleting data: the data owner initiates a message data deletion request, and deletes corresponding messages in the data storage center and the intermediate cache;

and 5, controlling the condition of the data owner on the data: the attribute authorization center controls the attribute of the data user, and cancels or adds the attribute of the data user according to the actual situation.

The method of the embodiment has the following advantages:

(1) safety: the data transmission process is prevented from being intercepted and tampered. The data cleartext is only allowed to be viewed by a specific user;

(2) controllability: performing condition control on the data, and automatically destroying the data when the data is due;

(3) high efficiency: the encryption and decryption mode of the data is expanded from the traditional one-to-one mode into a one-to-many mode;

(4) the dynamic property: the decryption capability of the user only depends on whether the attribute set of the user meets the access policy of the ciphertext, and is not related to the fact that the user joins the system before or after the ciphertext is generated;

(5) privacy: the data owner does not need to learn the identity information of the decryptor when encrypting the data.

While the present invention has been described with reference to the particular illustrative embodiments, it is not to be restricted by the embodiments but only by the appended claims. It will be understood by those skilled in the art that variations and modifications of the embodiments of the present invention can be made without departing from the scope and spirit of the invention.

Claims (10)

1. A trusted intermediate storage architecture for files based on attribute encryption, comprising:

the system comprises a data owner, a data storage center, a block chain system, a key generator, a key generation center, an attribute authorization center and a data user; wherein the data owner is for uploading data; the data storage center is used for storing the data uploaded by the data owner; the block chain system is used for identifying and disclosing a summary of a key ciphertext used by the data owner to upload encrypted data and a signature of the key ciphertext; the key generator is used for generating a symmetric key and an asymmetric key which are required by encrypted data for a user; the secret key generation center encrypts the attributes and generates a secret key of the user according to the attributes provided by the user, the system master key and the public parameters of the system; the attribute authorization center endows different attributes to different data consumers or data users, and generates a corresponding private key SK according to the attributes provided by the users; the data consumer downloads and uses the data in the data storage center.

2. A storage method of the file trusted intermediate storage architecture based on attribute encryption according to claim 1, characterized by comprising:

step 1, a data owner uploads data to the data storage center;

step 2, the data owner uploads the encryption key PK_sys-RSA；

And 3, using the uploaded data by the data user.

3. The storage method according to claim 2, wherein the step 1 comprises:

step 11, the Data owner requests the key generator to generate ASE symmetric encrypted key Pri-sys and RSA asymmetric encrypted key pair (Priv)_asys-RSA，Pub_asys-RSA) And the asymmetric encrypted public key Pub is used_asys-RSABroadcasting into the network;

step 12, the data owner uploads the data message;

step 13, the Data owner uses the ASE symmetric encryption key Pri-sys to symmetrically encrypt the Data Message (DM) into a ciphertext C (ciphertext);

step 14, storing the data ciphertext C into a data storage center;

step 15, extracting a data summary md (message digest) of the ciphertext C;

step 16, data summary MD of the ciphertext C, by using Priv_asys-RSASigning the ciphertext data to obtain a digital signature Sig-C;

and step 17, storing the ciphertext C in the data storage center, and storing the digital signature Sig-C of the ciphertext data C in an intermediate cache.

4. The storage method according to claim 3, wherein the intermediate cache in the step 17 is a hash table, and the query complexity of the hash table is as low as O (1).

5. The storage method according to claim 3, wherein the step 2 comprises:

step 21, in a setup stage, the secret key generation center generates and outputs a system public key PK and a system master secret key MK for the system;

step 22, obtaining a symmetric key Pri-sys for encrypting and uploading data and an asymmetric key pair for signature from the key generator by the data;

step 23, uploading a symmetric key Pri-sys used by the encrypted data by the data owner;

step 24, the data owner formulates an access structure AS (access structure) of the message data DM, and encrypts a symmetric key Pri-sys used by the encrypted data, the process uses attribute encryption, and an encrypt (PK, Pri-sys, AS) algorithm is used to generate a ciphertext CT corresponding to the key, wherein the access structure AS is an access structure defined by the data owner;

step 25, extracting a data abstract MD-CT of the ciphertext CT;

step 26, the data owner uses Priv in the key pair of RSA asymmetric encryption_asys-RSAThe secret key signs the data abstract MD-CT of the ciphertext CT to obtain a signature SigCT;

and 27, uploading the ciphertext CT and the signature SigCT to a block chain after being identified together.

6. The storage method according to claim 5, wherein the encrypt (PK, Pri-sys, AS) algorithm is a CP-ABE attribute encryption algorithm for hiding the access policy, and the CP-ABE attribute encryption scheme for hiding the access policy is adopted. The model adopts a Nishide-Yoneyama-Ohta scheme, which comprises the following steps:

(1) initializing the Setup phase: setup (alpha) → (PK, MK)

G1 and GT are p-order cyclic groups with G1 and G2 as generator elements, p is prime number, e: g1 XG 1 → GT is a bilinear map under the prime order group. Selecting a random factor: w is formed as Z_p ^*Randomly selecting parameter a_i，

a_i ^*∈Z_p ^*Computationally generating a system public key

And system master key

Wherein Y ═ e (g)₁，g₁)^w，

(2) Encryption Encrypt phase: encrypt (PK, M, AS) → CT

Where PK is the master key of the system, M is the plaintext M E G to be encrypted_TAS is the access policy AS ═ W₁，W₂，...，W_n}; selecting a random parameter r epsilon Z in the encryption algorithm_p ^*Calculating

C₀＝g^rAnd C_iTo obtain a ciphertext

Wherein for

Message M E G needing encryption_T，W＝∩_i∈I iOutput of

Wherein

(s is a Z_pRandom parameter(s);

(3) key generation KeyGen stage: KeyGen (MK, U) → SK

Wherein U ═ { L ═ L₁，L₂，...，L_n-selecting a random factor during the algorithm: s_i∈Z_p ^*Calculating

D₀＝g^w-s，

The generated key SK ═ D₀，{D_i，D_i ^*}_1≤i≤n)；

(4) Decryption Decrypt stage: decrypt (CT, SK) → M

Wherein

SK＝(D₀，{D_i，D_i ^*}_1≤i≤n)

Checking in advance whether the user attribute U meets an access strategy AS related to the ciphertext, if not, exiting the decryption algorithm, and if so, carrying out the following calculation

Wherein

7. The storage method according to claim 5, wherein the step 3 comprises:

step 31, the data consumer gives an attribute U ═ Att1, Att2, Att3,.., date-available } to the identity of the data user through an attribute authorization center, and the data authorization center generates a private key SK to the data user by using a KeyGen (MK, U) algorithm according to the attribute of the data user, wherein MK is a system master key;

step 32, the data user obtains the secret key ciphertext CT and the digital signature CT-Sig of the secret key on the block chain system, and checks whether the secret key ciphertext is changed by an attacker or not through the digital signature; then, a Decrypt (CT, SK) algorithm in the attribute encryption process is used for obtaining a symmetric encryption key Pri-sys of the encrypted data;

step 33, the data user obtains the digital signature Sig-C of the target data ciphertext from the intermediate cache;

step 34, downloading data in the data storage center by the data user;

step 35, the data user decrypts the digital signature Sig-C through the Pubasys-RSA public key to obtain a data digest MD1 of the ciphertext, extracts a data digest MD1 of the ciphertext C, compares the data digest MD1 with the data digest MD2, and if the MD1 and the MD2 are the same, proves that the ciphertext C is not tampered by a malicious person;

in step 36, if MD1 is the same as MD2, the data user decrypts the ciphertext C using Pri-sys to obtain the plaintext data DM for use.

8. The storage method according to claim 7, wherein the step 15, the step 25 and the step 35 use the MD5 algorithm to extract the data digest of the ciphertext, and during the file transmission, the MD5 generates a 16-byte check value matched with the file, and stores the check value in the text file of.md 5 or.md 5 sum.

9. The storage method according to claim 2, further comprising:

and 4, deleting data: and the data owner initiates a message data deletion request, and deletes corresponding messages in the data storage center and the intermediate cache.

10. The storage method according to claim 9, further comprising:

and 5, controlling the condition of the data owner on the data: the attribute authorization center controls the attribute of the data user, and cancels or adds the attribute of the data user according to the actual situation.

Images