CN115426117A - Multi-source aggregation query verification method - Google Patents

Multi-source aggregation query verification method Download PDF

Info

Publication number
CN115426117A
CN115426117A CN202211037547.XA CN202211037547A CN115426117A CN 115426117 A CN115426117 A CN 115426117A CN 202211037547 A CN202211037547 A CN 202211037547A CN 115426117 A CN115426117 A CN 115426117A
Authority
CN
China
Prior art keywords
query
tree
mdg
output
client
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202211037547.XA
Other languages
Chinese (zh)
Other versions
CN115426117B (en
Inventor
刘琴
许倩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hunan University
Original Assignee
Hunan University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hunan University filed Critical Hunan University
Priority to CN202211037547.XA priority Critical patent/CN115426117B/en
Publication of CN115426117A publication Critical patent/CN115426117A/en
Application granted granted Critical
Publication of CN115426117B publication Critical patent/CN115426117B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3249Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using RSA or related signature schemes, e.g. Rabin scheme

Abstract

The invention relates to a multi-source aggregation query verification method, which is designed aiming at two stages of multi-source aggregation query respectively, wherein in the first stage, an expression accumulator technology is combined with a multi-level multi-dimensional grid tree to construct an MDG (multiple-dimensional grid tree), meanwhile, a root abstract of the MDG accumulation tree is signed by using a polymerizable signature, a cloud service provider processes the first stage of aggregation query according to the MDG accumulation tree to generate a range screening result and a verification object, the range screening result and the verification object are verified by a client after aggregation processing of an edge server, in the second stage, a query result and a proof are generated by using a bilinear mapping accumulator technology, and finally, the query result and the proof are verified by the client after the aggregation processing of the edge server.

Description

Multi-source aggregation query verification method
Technical Field
The invention belongs to the field of cloud computing security, and particularly relates to a verification method for multi-source aggregation query.
Background
With the explosion of internet big data, some data owners lack resources for data management, and then choose to outsource the data to a third party service provider. The service provider has sufficient hardware, software and network resource management databases and can process client-initiated queries. But the service provider is not trusted, outsourced data may be corrupted by malware or security intrusion, or malicious insiders modify the program and/or query results. It is therefore important that the user be able to verify the correctness and integrity of the results.
An aggregated query is an important query type, and its query results can be used for data analysis. The aggregation query is mainly divided into two stages, the first stage is a screening stage, namely range screening is carried out through non-sensitive attributes of the data set, and the second stage is a query stage, namely queries such as Count, sum, min and Max are carried out on the sensitive attributes of the screened objects.
At present, most of research aiming at the verifiable query of outsourced data is single-source, namely only one data owner exists, and the multi-source verifiable query research only has verifiable range query and verifiable keyword search. However, in consideration of an application scenario in which each city uploads weather data to a corresponding third-party cloud service provider, a meteorological research institution wants to query the highest temperature of all cities in an area with a longitude of 41.2 to 52.2 and a latitude of 50.1 to 60.4, and current research results are not applicable to the application scenario, so that a verification method for multi-source aggregation query needs to be designed for the application scenario.
In view of the above, the invention provides an efficient multi-source aggregation query verification scheme, which designs verification methods respectively for two stages of aggregation query, and improves the overall performance of the invention by reducing the calculation overhead of a client while ensuring that the sensitive attribute of a data set is not leaked.
Disclosure of Invention
In order to solve the defects in the prior art, the invention provides a multi-source aggregation query verification method, and mainly aims to provide a verification method for aggregation query in an application scene of a multi-data owner multi-cloud service provider, which can ensure the correctness and integrity of a query result.
According to a first aspect of the present invention, there is provided a multi-source aggregation query validation method, characterized in that:
step 10: n data owners as respective data sets D i Building identity authentication data structuresADS i And D is i And ADS i And uploading to the corresponding cloud service providers.
Wherein i is ∈ [1, …, n]Identity authentication data Structure ADS i Comprising a multi-level and multi-dimensional lattice Tree MDG-Tree i Step 10 further comprises:
step 10A: according to D i MDG-Tree construction based on non-sensitive attribute of medium object i
Step 10B: the data owner performs an initialization algorithm (omega) E S) ← Setup (λ), inputs security parameter λ, outputs private key s and public key Ω E
Step 20: when the client side initiates a query Q, the n cloud service providers respectively process the query Q, generate a query result and verification information and send the query result and the verification information to the edge server;
wherein the query result comprises a second stage query result R i The verification information comprises first-stage query verification information VO i Second stage inquiring verification information pi i And abstract
Figure BDA0003816882970000021
Step 20 comprises:
step 20A: the service provider obtains a first stage query result O according to Q i And a first stage of inquiring verification information VO i ,O i Is at D i Performing range query and screening according to the non-sensitive attribute to obtain a set of objects meeting preset screening conditions;
and step 20B: service provider offer O i Modeling sensitive attribute values of medium objects into multiple sets A i Executing the abstract obtaining algorithm
Figure BDA0003816882970000022
Namely input A i 、Ω E Output of
Figure BDA0003816882970000023
Performing a query algorithm { pi i ,R i }←Query(A i ,Q,Ω E ) I.e. input A i 、Q、Ω E Output R i And pi i
Step 30: the edge server aggregates the n query results and the verification information to generate an aggregated query result and aggregated query verification information, and sends the aggregated query result and the aggregated query verification information to the client;
wherein the aggregated query result comprises a second stage aggregated query result R * The aggregated query verification information comprises first-stage aggregated query verification information VO * Second stage aggregating inquiry verification information pi * And aggregate digests
Figure BDA0003816882970000024
Step 30 comprises:
step 30A: the edge server sends the { VO (VO) according to the n cloud service providers 1 ,...,VO n Reconstruction of { MDG-Tree } 1 ,...,MDG-Tree n And (4) root abstracting, and verifying the root signatures of the multi-level multi-dimensional grid trees according to the { V0 } 1 ,...,VO n Generating a polymerization multi-level multi-dimensional grid tree MDG * VO corresponding to Tree *
Step 30B: edge server execution aggregation algorithm
Figure BDA0003816882970000025
Figure BDA0003816882970000026
Namely inputting { pi i, i belongs to n } and Ri, i belongs to n sent by n cloud service providers]And { dAi, i ∈ [ n ]]R, output R * 、π * And
Figure BDA0003816882970000027
step 40: the client side verifies the correctness and the integrity of the aggregation query result according to the aggregation query verification information, and the method comprises the following steps:
step 40A: the client end is according to VO * Validating first stage query results O i Whether within query range and divide by O in database i The other objects are not in the query range according to VO * Reduction of MDG * -root digest of Tree and judging if the reconstructed root digest is correct,
step 40B: client-side execution of authentication algorithms
Figure BDA0003816882970000031
Namely input
Figure BDA0003816882970000032
Q,R * 、π * And Ω E And outputting the correct accept or the incorrect reject of the verification result.
Further, the aggregated query verification method provided by the present invention is characterized in that step 10A includes:
step 10A1: data owner according to D i MDG-Tree construction based on non-sensitive attribute of medium object i All the nodes of (1);
wherein D is i Having a D-dimensional non-sensitive property, will D i Viewed as a d-dimensional cube, as an MDG-Tree i Then dividing the root node into 2 d The same size of the sub-cube is used as the next layer of sub-nodes, and each sub-node is subdivided into 2 d Taking the subcubes with the same size as the next layer of the subnodes, and continuously iterating until the size of the subcubes in a certain layer reaches the preset fine granularity;
step 10A2: the data owner is MDG-Tree from bottom to top i Calculating the abstract by the node; wherein, the MDG-Tree i Each of the nodes of (a) corresponds to a summary,
MDG-Tree i the digests of the leaf nodes are:
Figure BDA0003816882970000033
wherein, C j Set of sub-entries, LOC, for the jth leaf node k For the union of the non-sensitive attributes corresponding to the kth sub-entry, X j Is a set of sensitive attributes corresponding to sub-entries of the jth leaf node, G is a generator of a cyclic multiplicative group G of prime order p, ACC is a bilinear map accumulator,computing on a set X j Cumulative value of (d):
Figure BDA0003816882970000034
is from
Figure BDA0003816882970000035
And a random value selected, to be added to the shared secret SK, which is known only to the data owner and the client,
Figure BDA0003816882970000036
a cyclic multiplicative group of order p-1;
MDG-Tree i the digest of the non-leaf nodes is:
Figure BDA0003816882970000037
wherein, C h A set of child nodes that are the h-th non-leaf node;
step 10A3: data owner using RSA signature pairs MDG-Tree i Signing the root node abstract;
wherein n data owners are according to RSA public key omega R = (f, u) and RSA private key sk = (f, v), and based on preset key svkey, a multi-source verification key { ss) is generated 1 ,…,ss n -means for, among other things,
Figure BDA0003816882970000038
f is two random large prime numbers p 1 And p 2 U and v satisfy u · v =1mod ((p) 1 -1)(p 2 -1)), the ith data owner uses the RSA homomorphic signature as MDG-Tree i Root abstract dig of 0 (i) Generating signatures
Figure BDA0003816882970000039
Figure BDA00038168829700000310
Add (svkey, SK) to shared secret SK, add Ω R Adding public parameters params, public parametersThe number params is known to all parties in the application scenario.
Further, the multi-source aggregation query validation method provided by the present invention is characterized in that step 20A includes:
service provider from MDG-Tree according to Q i The root node starts to process range query, and O and VO are obtained through depth-first traversal;
wherein O comprises child entries of leaf nodes contained by Q;
VO includes: cube borders gb and summary dig corresponding to non-leaf nodes not contained by Q, gb and ACC (X) corresponding to leaf nodes not contained by Q and LOC of all sub-entries thereof, gb and ACC (X) corresponding to leaf nodes contained by Q and LOC of all sub-entries thereof;
service provider according to { O } 1 ,...O n Generate a set of sensitive attributes A 1 ,...A n };
{ss 1 ,…,ss n And { VO } 1 ,...VO n Is sent by the service provider to the edge server.
Further, the multi-source aggregation query validation method provided by the present invention is characterized in that step 30A includes:
edge server pass judgment equation
Figure BDA0003816882970000041
Whether to verify MDG-Tree standing i Whether the root digest matches the signature of the corresponding data owner or not is verified that the aggregated signature can be obtained by the back edge server
Figure BDA0003816882970000042
SIG * And VO * Together sent by the edge server to the client.
Further, the multi-source aggregation query validation method provided by the present invention is characterized in that step 40A includes:
the client end is according to VO * Gb and LOC information in to verify the first stage query result O i Whether or not to inquireIn-range and in-database O i The rest of the objects outside are not in the query range;
the client end is according to VO * Restoring MDGs by recursively reconstructing digests of leaf and non-leaf nodes up to a root level * Root abstract of Tree, and according to
Figure BDA0003816882970000043
Whether it holds, checks whether the reconstructed root digest is correct.
Further, the multi-source aggregation query validation method provided by the present invention is characterized in that step 10B includes:
E s) ← Setup (λ), calculation
Figure BDA0003816882970000044
Wherein pub = (p, G) T E, G) are generated by a bilinear pairing parameter generator based on lambda, G and G T Is a cyclic multiplicative group of two prime orders p, G is the generator of G, e: g → G T Is a bilinear pairing, [ q ]]For all sensitive properties, Ω E Adding a public parameter params as a verification related parameter;
step 20B includes:
Figure BDA0003816882970000045
in (1),
Figure BDA0003816882970000046
composed of two elements
Figure BDA0003816882970000047
Is composed of (a) wherein
Figure BDA0003816882970000048
Figure BDA0003816882970000049
Wherein:
Figure BDA00038168829700000410
U max for all dataThe maximum value of the set sensitivity attribute.
Further, the multi-source aggregation query validation method provided by the present invention is characterized in that, when the query Q initiated by the client is the COUNT query COUNT:
step 20B includes: { Pi i ,R i }←Query(A i ,Q,Ω E ) Calculating a i (x)=(A i (x)-A i (1) X-1), output
Figure BDA0003816882970000051
R i =A i (1) Wherein A is i (1) Is A i The number of elements in (1);
step 30B includes:
Figure BDA0003816882970000052
output R * =R 1 +R 2 +…+R n ,π * =π 1 ×π 2 ×…×π n
Figure BDA0003816882970000053
Get only
Figure BDA0003816882970000054
Step 40B includes:
Figure BDA0003816882970000055
when judging that
Figure BDA0003816882970000056
Figure BDA0003816882970000057
When the result is true, the accept is output, otherwise, the reject is output.
Further, the multi-source aggregation query validation method provided by the present invention is characterized in that, when the query Q initiated by the client is a SUM query SUM:
step 20B includes: { Pi i ,R i }←Query(A i ,Q,Ω E ) Calculation of b i (c)=(A i (x)-A i (1)-A′ i (1)(c-1))/(x-1) 2
Figure BDA0003816882970000058
π b =A i (1) Output pi i =(π aibi ),R i =A′ i (1) Wherein, A' i (1) Is A i The sum of the values of the elements in (a);
step 30B includes:
Figure BDA0003816882970000059
computing
Figure BDA00038168829700000510
Output R * =R 1 +R 2 +…+R n
Figure BDA00038168829700000511
Figure BDA00038168829700000512
Get only
Figure BDA00038168829700000513
Step 40B includes:
Figure BDA00038168829700000514
when judging that
Figure BDA00038168829700000515
Figure BDA00038168829700000516
When the result is true, the accept is output, otherwise, the reject is output.
Further, the multi-source aggregation query verification method provided by the invention is characterized in that when the query Q initiated by the client is the minimum query MIN:
step 20B includes: { Pi i ,R i }←Query(A i ,Q,Ω E ) Output ofR i =min i
Figure BDA00038168829700000517
Wherein, min i Is A i Minimum value of (A) i (s) the lowest order of s;
step 30B includes:
Figure BDA00038168829700000518
output R * =MIN(R 1 ,R 2 ,…R n ),
Figure BDA00038168829700000519
Figure BDA00038168829700000520
Get only
Figure BDA00038168829700000521
Figure BDA00038168829700000522
Step 40B includes:
Figure BDA00038168829700000523
when judging that
Figure BDA00038168829700000524
Figure BDA00038168829700000525
When the result is true, the accept is output, otherwise, the reject is output.
Further, the multi-source aggregation query validation method provided by the invention is characterized in that when query Q initiated by the client is MAX query with the maximum value:
step 20B includes: { Pi i ,R i }←Query(A i ,Q,Ω E ) Output R i =max i
Figure BDA0003816882970000061
Wherein,max i Is A i Maximum value of, i.e. B i (s) the lowest order of s;
step 30B includes:
Figure BDA0003816882970000062
output R * =MAX(R 1 ,R 2 ,…R n ),
Figure BDA0003816882970000063
Figure BDA0003816882970000064
Get only
Figure BDA0003816882970000065
Step 40B includes:
Figure BDA0003816882970000066
when judging that
Figure BDA0003816882970000067
Figure BDA0003816882970000068
When the result is true, the accept is output, otherwise, the reject is output.
Compared with the prior art, the invention has high efficiency and safety, and the invention mainly has the following functions:
(1) Designing a polymerizable cumulative tree structure for verifying a first polymerization query stage under a multi-source scene;
(2) A set of verification technology is designed for the inquiry of Count, sum, max and Min at the second stage of aggregation inquiry under the multi-source scene by utilizing the bilinear mapping accumulator technology;
(3) A verifiable multi-source aggregation query scheme is provided, and the correctness and the integrity of a query result can be ensured.
The invention has the following beneficial effects:
(1) The invention is suitable for application scenes of multi-data owner multi-cloud service providers, designs verification methods for two stages of aggregate query respectively, and is the first invention capable of performing multi-source aggregate query verification.
(2) The method has high efficiency, and improves the overall performance of the scheme by reducing the calculation burden of the client as much as possible.
(3) The method has safety, and once the method is attacked by an adversary model, errors can be found through the verification of the client.
(4) The method and the device have privacy, and the client cannot know the sensitive attribute of the data set through inquiry, so that the privacy of the sensitive attribute is protected.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the invention, as claimed.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the invention and together with the description, serve to explain the principles of the invention.
FIG. 1 is a system model diagram shown in accordance with an exemplary embodiment.
FIG. 2 is a diagram illustrating a process of building an MDG cumulative tree, according to an example embodiment.
FIG. 3 is a diagram illustrating a process for MDG cumulative tree merging, according to an example embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention. In addition, the technical features involved in the embodiments of the present invention described below may be combined with each other as long as they do not conflict with each other.
The invention designs verification methods aiming at two stages of aggregation query respectively. For the first stage, a Multi-Dimensional Grid Tree (MDG-Tree) and an accumulative value technology are combined to construct an MDG accumulative Tree as an identity Authentication Data Structure (ADS), a cloud service provider processes the first stage of aggregation query according to the ADS, and generates a range screening result and a Verification Object (VO) for client Verification. For the second stage, the query result and the proof are generated by mainly utilizing a bilinear mapping accumulator technology and are finally verified by the client.
The system flow of the invention is shown in fig. 1, and specifically comprises the following steps:
step 10: n data owners as respective data sets D i Constructing an identity authentication data structure ADS i And D is i And ADS i And uploading to the corresponding cloud service providers.
Step 20: when the client side initiates the query Q, the n cloud service providers respectively process the query Q, generate a query result and verification information and send the query result and the verification information to the edge server.
Wherein the query result comprises a second stage query result R i The verification information comprises first-stage query verification information VO i Second stage inquiring verification information pi i And abstract
Figure BDA0003816882970000072
Step 30: and the edge server aggregates the n query results and the verification information to generate an aggregated query result and aggregated query verification information, and sends the aggregated query result and the aggregated query verification information to the client.
Wherein the aggregated query result comprises a second stage aggregated query result R * The aggregated query verification information comprises first-stage aggregated query verification information VO * And the second stage aggregates the inquiry verification information pi * And aggregate digests
Figure BDA0003816882970000071
Step 40: and the client verifies the correctness and the integrity of the aggregated query result according to the aggregated query verification information.
The verification process of the first stage of aggregate query is as follows:
step 10A: according to D i MDG-Tree construction based on non-sensitive attribute of medium object i
Step 20A: the service provider obtains a first stage query result O according to Q i And a first stage of inquiring verification information VO i ,O i Is at D i According to the non-sensitive attribute, range query and screening are carried out to obtain a set of objects which accord with preset screening conditions.
Step 30A: the edge server sends the { VO (VO) according to the n cloud service providers 1 ,...,VO n Reconstruction of { MDG-Tree } 1 ,...,MDG-Tree n And verifying the root signatures of the multi-level multi-dimensional grid trees according to the (VO) 1 ,...,VO n Generating a polymerization multi-level multi-dimensional grid tree MDG * VO corresponding to Tree *
Step 40A: the client end is according to VO * Validating first stage query results O i Whether within query range and divide by O in database i The other objects are not in the query range according to VO * Reduction of MDG * -root digest of Tree and judging if reconstructed root digest is correct.
And in the second stage of aggregation query, the sensitive attribute values of the objects screened in the first stage are modeled into multiple sets, and the multiple sets are subjected to aggregation query. The scheme is composed of 5 PPT algorithms (initialization algorithm, abstract acquisition algorithm, query algorithm, aggregation algorithm and verification algorithm), and the second aggregation query stage specifically comprises the following steps:
step 10B: the data owner performs an initialization algorithm (omega) E S) ← Setup (λ), inputs security parameter λ, outputs private key s and public key Ω E
Step 20B: service provider will O i Modeling sensitive attribute values of medium objects into multiple sets A i Executing the abstract obtaining algorithm
Figure BDA0003816882970000081
Namely input A i 、Ω E Output of
Figure BDA0003816882970000082
Performing a query algorithm { pi i ,R i }←Query(A i ,Q,Ω E ) I.e. input A i 、Q、Ω E Output R i And pi i
Step 30B: edge server execution aggregation algorithm
Figure BDA0003816882970000083
Figure BDA0003816882970000084
Namely inputting { pi i, i belongs to n } and Ri, i belongs to n sent by n cloud service providers]And { dAi, i ∈ [ n ]]R, output R * 、π * And
Figure BDA0003816882970000085
step 40B: client-side execution of authentication algorithms
Figure BDA0003816882970000086
Namely input
Figure BDA0003816882970000087
Q,R * 、π * And Ω E And outputting the correct accept or the incorrect reject of the verification result.
In the invention, after the client initiates the query, the edge server carries out partial processing in advance, so that the client only needs to verify for 1 time, the calculation burden of the client is greatly reduced, and the overall performance of the scheme is improved.
The verification steps of the two phases of the multi-source aggregate query are described in detail below.
In the first stage of aggregate query, range query and screening are performed on non-sensitive attributes of objects in a data set to obtain a part of objects meeting screening conditions, and detailed steps of the first stage of aggregate query verification are as follows:
step 10A includes:
step 10A1: data owner according to D i MDG-Tree construction based on non-sensitive attribute of medium object i OfThere are nodes;
wherein D is i Having a D-dimensional non-sensitive property, will D i Regarded as a d-dimensional cube as an MDG-Tree i Then dividing the root node into 2 d The same size of the sub-cube is used as the next layer of sub-nodes, and each sub-node is subdivided into 2 d And taking the subcubes with the same size as the next layer of the subnodes, and continuously iterating until the size of the subcubes in a certain layer reaches the preset fine granularity. Fig. 2 shows a process of constructing an MDG cumulative tree based on a 2-dimensional sensitivity attribute when the preset fine granularity is 1.
Step 10A2: the data owner is MDG-Tree from bottom to top i Calculating the abstract by the node; wherein, the MDG-Tree i Corresponds to a summary.
MDG-Tree i The digests of the leaf nodes are:
Figure BDA0003816882970000091
wherein, C j Set of sub-entries, LOC, for the jth leaf node k For the union of the non-sensitive attributes corresponding to the kth sub-entry, X j A set of sensitive attributes corresponding to the child entries of the jth leaf node, G being a generator of a cyclic multiplicative group G of prime order p, ACC being a bilinear map accumulator, computing a value for the set X j Cumulative value of (d):
Figure BDA0003816882970000092
is from
Figure BDA0003816882970000093
A random value selected in the set is added into the shared secret key SK, the shared secret key SK is only known by the data owner and the client,
Figure BDA0003816882970000094
is a cyclic multiplicative group of order p-1.
MDG-Tree i The digest of the non-leaf nodes is:
Figure BDA0003816882970000095
wherein, C h A set of child nodes that are the h-th non-leaf node.
Step 10A3: data owner using RSA signature pairs MDG-Tree i The root node digest of (a) is signed.
Wherein n data owners are based on RSA public key omega R And generating a multisource verification key { ss) based on the preset key svkey according to the preset key svkey and the RSA private key sk = (f, v) 1 ,…,ss n And (c) the step of (c) in which,
Figure BDA0003816882970000096
f is two random large prime numbers p 1 And p 2 U and v satisfy u · v =1mod ((p) 1 -1)(p 2 -1)), the ith data owner uses the RSA homomorphic signature MDG-Tree i Root abstract dig of 0 (i) Generating signatures
Figure BDA0003816882970000097
Figure BDA0003816882970000098
Add (svkey, SK) to shared secret SK, add Ω R A common parameter params is added, which is known to all parties in the application scenario.
Step 20A includes:
service provider from MDG-Tree according to Q i The root node starts to process range query, and O and VO are obtained through depth-first traversal;
wherein O comprises a child entry of a leaf node contained by Q;
the VO includes: cube borders gb and summary dig corresponding to non-leaf nodes not contained by Q, gb and ACC (X) corresponding to leaf nodes not contained by Q and LOC of all sub-entries thereof, gb and ACC (X) corresponding to leaf nodes contained by Q and LOC of all sub-entries thereof;
service provider according to { O } 1 ,...O n Generate a set of sensitive attributes A 1 ,...A n };
{ss 1 ,…,ss n And { VO } 1 ,...VO n Is sent by the service provider to the edge server.
Specifically, in some embodiments, the process by which the cloud service provider processes the range query is as shown by the Algorithm Algorithm 1:
Figure BDA0003816882970000101
step 30A includes:
edge server pass judgment equation
Figure BDA0003816882970000102
Verifying MDG-Tree if true i Whether the root digest matches the signature of the corresponding data owner or not is verified that the aggregated signature can be obtained by the back edge server
Figure BDA0003816882970000103
The edge server is according to { VO 1 ,...,VO n Generation of MDG * VO corresponding to Tree * . Fig. 3 is an example of a merged MDG-Tree.
MDG * The summary of the nodes of the Tree consists of n MDG-Trees i The abstract of the corresponding node is obtained by multiplication calculation;
SIG * and VO * Together sent by the edge server to the client.
Step 40A includes:
the client end is according to VO * Gb and LOC information in to verify the first stage query result O i Whether within query range and divide by O in database i The rest of the objects outside are not within the query scope.
The client end is according to VO * Restoring MDGs by recursively reconstructing digests of leaf and non-leaf nodes up to a root level * Root abstract of Tree, and according to
Figure BDA0003816882970000104
Whether it holds, checks whether the reconstructed root digest is correct.
In the second stage of aggregate query, the sensitive attribute values of the objects meeting the screening conditions in the first stage are modeled into multiple sets, and aggregate query is performed on the multiple sets i . For example, cloud service provider E 1 The objects screened in the first stage of the query are { o } 1 ,o 2 H, o therein 1 The corresponding attribute value is (1,2,3), o 2 The corresponding attribute value is (2,2,4), and if the first two attributes are non-sensitive attributes and the last attribute is a sensitive attribute, then E 1 Modeled set A 1 Is {3,4}.
The second phase mainly comprises 5 algorithms: initialization algorithm (omega) E S) ← Setup (lambda), abstract acquisition algorithm
Figure BDA0003816882970000111
Query algorithm { pi i ,R i }←Query(A i ,Q,Ω E ) Aggregation algorithm
Figure BDA0003816882970000112
Figure BDA0003816882970000113
Verification algorithm
Figure BDA0003816882970000114
Figure BDA0003816882970000115
In particular these algorithms are detailed as follows:
step 10B includes: (omega) E S) ← Setup (λ), calculation
Figure BDA0003816882970000116
Wherein pub = (p, G) T E, G) are generated by a bilinear pairing parameter generator based on lambda, G and G T Is a cyclic multiplicative group of two prime orders p, G is the generator of G, e: G → G T Is a bilinear pairing, [ q ]]For all sensitive properties, Ω E The common parameter params is added as a verification-related parameter.
Step 20B includes:
Figure BDA0003816882970000117
in (1),
Figure BDA0003816882970000118
composed of two elements
Figure BDA0003816882970000119
Is composed of (a) wherein
Figure BDA00038168829700001110
Figure BDA00038168829700001111
Wherein:
Figure BDA00038168829700001112
U max is the maximum value of the sensitivity attribute for all data sets.
The remaining three algorithms are introduced below from Count, sum, min, max queries, respectively:
when the query Q initiated by the client is the COUNT query COUNT:
step 20B includes: { Pi i ,R i }←Query(A i ,Q,Ω E ) Calculating a i (x)=(A i (x)-A i (1) X-1), output
Figure BDA00038168829700001113
R i =A i (1) Wherein A is i (1) Is A i Number of elements in (1).
Step 30B includes:
Figure BDA00038168829700001114
output R * =R 1 +R 2 +…+R n ,π * =π 1 ×π 2 ×…×π n
Figure BDA00038168829700001115
Get only
Figure BDA00038168829700001116
Step 40B includes:
Figure BDA00038168829700001117
when judging that
Figure BDA00038168829700001118
Figure BDA00038168829700001119
When the result is true, the accept is output, otherwise, the reject is output.
When the query Q initiated by the client is a SUM query SUM:
step 20B includes: { Pi i ,R i }←Query(A i ,Q,Ω E ) Calculation of b i (x)=(A i (x)-A i (1)-A′ i (1)(x-1))/(x-1) 2
Figure BDA00038168829700001120
π b =A i (1) Output pi i =(π aibi ),R i =A′ i (1) Wherein, A' i (1) Is A i The sum of the values of the elements in (a).
Step 30B includes:
Figure BDA00038168829700001121
computing
Figure BDA00038168829700001122
Output R * =R 1 +R 2 +…+R n
Figure BDA00038168829700001123
Figure BDA00038168829700001124
Get only
Figure BDA00038168829700001125
Step 40B includes:
Figure BDA00038168829700001126
when judging that
Figure BDA00038168829700001127
Figure BDA0003816882970000121
When the result is true, outputting accept, otherwise outputting reject.
Further, the multi-source aggregation query verification method provided by the invention is characterized in that when the query Q initiated by the client is the minimum query MIN:
step 20B includes: { Pi i ,R i }←Query(A i ,Q,Ω E ) Output R i =min i
Figure BDA0003816882970000122
Wherein, min i Is A i Minimum value of (A) i The lowest order of s in(s).
Step 30B includes:
Figure BDA0003816882970000123
output R * =MIN(OR 1 ,R 2 ,…R n ),
Figure BDA0003816882970000124
Figure BDA0003816882970000125
Get only
Figure BDA0003816882970000126
Figure BDA0003816882970000127
Step 40B includes:
Figure BDA0003816882970000128
when judging that
Figure BDA0003816882970000129
Figure BDA00038168829700001210
When the result is true, the accept is output, otherwise, the reject is output.
Further, the multi-source aggregation query validation method provided by the invention is characterized in that when query Q initiated by the client is MAX query with the maximum value:
step 20B includes: { Pi i ,R i }←Query(A i ,Q,Ω E ) Output R i =max i
Figure BDA00038168829700001211
Therein, max i Is A i Maximum value of, i.e. B i The lowest order of s in(s).
Step 30B includes:
Figure BDA00038168829700001212
output R * =MAX(R 1 ,R 2 ,…R n ),
Figure BDA00038168829700001213
Figure BDA00038168829700001214
Get only
Figure BDA00038168829700001215
Step 40B includes:
Figure BDA00038168829700001216
when judging that
Figure BDA00038168829700001217
Figure BDA00038168829700001218
When the result is true, the accept is output, otherwise, the reject is output.
In Max and Min query, in order to ensure the security of the query, we provide the following calculation of pi * The steps of (1):
MIN inquiry:
(1) The n cloud service providers are respectively the minimum value (R) of the cloud service providers 1 ,R 2 ,…R n ) Sending to the edge server, the edge server calculates (R) 1 ,R 2 ,…R n ) Minimum value v of *
(2) The edge server sends R * Sending the data to n cloud service providers, and calculating the ith cloud service provider with the overall minimum value
Figure BDA00038168829700001219
And sending the data to an edge server for computing for other cloud service providers
Figure BDA00038168829700001220
And sent to the edge server, where j e n]/i;
(3) The edge server calculates according to the newly received information
Figure BDA00038168829700001221
Max query:
(1) The n cloud service providers have a maximum value (R) of the respective cloud service providers 1 ,R 2 ,…R n ) Sending to the edge server, the edge server calculates (R) 1 ,R 2 ,…R n ) Maximum value of R *
(2) The edge server will v * Sending the data to n cloud service providers, and calculating the ith cloud service provider with the integral maximum value
Figure BDA0003816882970000131
And sending the data to an edge server for computing for other cloud service providers
Figure BDA0003816882970000132
And sent to the edge server, where j e n]/i;
(3) The edge server calculates according to the newly received information
Figure BDA0003816882970000133
Other embodiments of the invention will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This application is intended to cover any variations, uses, or adaptations of the invention following, in general, the principles of the invention and including such departures from the present disclosure as come within known or customary practice within the art to which the invention pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the invention being indicated by the following claims.
It will be understood that the invention is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the invention is limited only by the appended claims.

Claims (10)

1. A multi-source aggregation query verification method is characterized by comprising the following steps:
step 10: n data owners as respective data sets D i Constructing an identity authentication data structure ADS i And D is i And ADS i Uploading to respective corresponding cloud service providers;
wherein i is ∈ [1, …, n]The identity authentication data structure ADS i Including a multi-level multi-dimensional lattice tree MDG-Treei, the step 10 further includes:
step 10A: according to D i MDG-Tree construction based on non-sensitive attribute of medium object i
Step (ii) of10B: the data owner executes an initialization algorithm (Ω) E S) ← Setup (λ), inputs security parameter λ, outputs private key s and public key Ω E
Step 20: when a client side initiates a query Q, the n cloud service providers respectively process the query Q, generate a query result and verification information and send the query result and the verification information to an edge server;
wherein the query results comprise second stage query results R i The verification information comprises first-stage query verification information VO i Second stage inquiring verification information pi i And abstract
Figure FDA0003816882960000013
The step 20 comprises:
step 20A: the service provider obtains a first-stage query result O according to Q i And the first stage query verification information VO i ,O i Is at D i According to the non-sensitive attribute, carrying out range query screening to obtain a set of objects meeting preset screening conditions;
and step 20B: the service provider will O i Modeling sensitive attribute values of medium objects into multiple sets A i Executing the abstract obtaining algorithm
Figure FDA0003816882960000014
Namely input A i 、Ω E Output of
Figure FDA0003816882960000015
Performing a query algorithm { pi i ,R i }←Query(A i ,Q,Ω E ) I.e. input A i 、Q、Ω E Output R i And pi i
Step 30: the edge server aggregates the n query results and the verification information to generate an aggregated query result and aggregated query verification information, and sends the aggregated query result and aggregated query verification information to the client;
wherein the aggregated query result comprises a second stage aggregated query result R * The above-mentionedThe aggregated query verification information comprises first-stage aggregated query verification information VO * Second stage aggregating inquiry verification information pi * And aggregate digests
Figure FDA0003816882960000016
The step 30 comprises:
step 30A: the edge server sends { VO (voice over Internet protocol) according to n cloud service providers 1 ,...,VO n Reconstruction of { MDG-Tree } 1 ,...,MDG-Tree n And verifying the root signatures of the multi-level multi-dimensional grid trees according to the (VO) 1 ,...,VO n Generating a polymerization multi-level multi-dimensional grid tree MDG * VO corresponding to Tree *
Step 30B: the edge server executes an aggregation algorithm
Figure FDA0003816882960000011
Figure FDA0003816882960000012
Namely inputting n pi sent by the cloud service provider i ,i∈[n]}、{R i ,i∈[n]And
Figure FDA0003816882960000021
output R * 、π * And
Figure FDA0003816882960000022
step 40: the client side verifies the correctness and the integrity of the aggregation query result according to the aggregation query verification information, and the method comprises the following steps:
step 40A: the client end is according to VO * Validating the first stage query result O i Whether within query range and divide by O in database i The rest objects outside are not in the query range according to VO * Reduction of MDG * -root digest of Tree and judging if the reconstructed root digest is correct,
step (ii) of40B: the client executes a verification algorithm
Figure FDA0003816882960000023
Namely input
Figure FDA0003816882960000024
Q,R * 、π * And Ω E And outputting the correct accept or the incorrect reject of the verification result.
2. The aggregated query validation method of claim 1, wherein the step 10A comprises:
step 10A1: the data owner is according to D i MDG-Tree construction based on non-sensitive attribute of medium object i All the nodes of (1);
wherein D is i Having a D-dimensional non-sensitive property, will D i Viewed as a d-dimensional cube, as an MDG-Tree i Then dividing the root node into 2 d The same size of the sub-cube is used as the next layer of sub-nodes, and each sub-node is subdivided into 2 d Taking the subcubes with the same size as the next layer of the subnodes, and continuously iterating until the size of the subcubes in a certain layer reaches the preset fine granularity;
step 10A2: the data owner is MDG-Tree from bottom to top i Calculating the abstract by the node; wherein, the MDG-Tree i Each of the nodes of (a) corresponds to a summary,
MDG-Tree i the digests of the leaf nodes are:
Figure FDA0003816882960000025
wherein, C j Set of sub-entries, LOC, for the jth leaf node k For the union of the non-sensitive attributes corresponding to the kth sub-entry, X j A set of sensitive attributes corresponding to the sub-entry of the jth leaf node, G being a generator of a cyclic multiplicative group G of prime order p, ACC being a bilinear map accumulator, compute information aboutSet X j Cumulative value of (d):
Figure FDA0003816882960000026
Figure FDA0003816882960000027
is from
Figure FDA0003816882960000028
A random value selected in (b) is added to the shared secret SK, which is only known to the data owner and the client,
Figure FDA0003816882960000029
a cyclic multiplicative group of order p-1;
MDG-Tree i the digest of the non-leaf nodes is:
Figure FDA00038168829600000210
wherein, C h A set of child nodes that are the h-th non-leaf node;
step 10A3: the data owner utilizes RSA signature pairs MDG-Tree i Signing the root node abstract;
wherein n of the data owners are based on RSA public key omega R And generating a multisource verification key { ss) based on the preset key svkey according to the preset key svkey and the RSA private key sk = (f, v) 1 ,…,ss n And (c) the step of (c) in which,
Figure FDA0003816882960000031
f is two random large prime numbers p 1 And p 2 U and v satisfy u · v =1mod ((p) 1 -1)(p 2 -1)), the ith said data owner using RSA homomorphic signature MDG-Tree i Root abstract dig of 0 (i) Generating signatures
Figure FDA0003816882960000032
Will(s)vkey, SK) into the shared secret SK, and Ω R A common parameter params is added, which is known to all parties in the application scenario.
3. The multi-source aggregation query validation method of claim 2, wherein the step 20A comprises:
the service provider derives an MDG-Tree from Q i The root node starts to process range query, and O and VO are obtained through depth-first traversal;
wherein O comprises child entries of leaf nodes contained by Q;
VO includes: cube borders gb and summary dig corresponding to non-leaf nodes not contained by Q, gb and ACC (X) corresponding to leaf nodes not contained by Q and LOC of all sub-entries thereof, gb and ACC (X) corresponding to leaf nodes contained by Q and LOC of all sub-entries thereof;
the service provider is according to { O } 1 ,...O n Generate a set of sensitive attributes A 1 ,...A n };
{ss 1 ,…,ss n And { VO } 1 ,...VO n Is sent by the service provider to the edge server.
4. The multi-source aggregation query validation method of claim 3, wherein the step 30A comprises:
the edge server passes the judgment equation
Figure FDA0003816882960000033
Verifying MDG-Tree if true i Whether the root digest is matched with the signature of the corresponding data owner or not is verified, and the aggregated signature can be obtained by the edge server after the root digest is verified to pass
Figure FDA0003816882960000034
SIG * And VO * Sent to the client by the edge server together.
5. The multi-source aggregation query validation method of claim 4, wherein the step 40A comprises:
the client end is according to VO * To verify the first stage query result O i Whether within query range and divide by O in database i The rest of the objects outside are not in the query range;
the client end is according to VO * Restoring MDGs by recursively reconstructing digests of leaf and non-leaf nodes up to a root level * Root abstract of Tree, and according to
Figure FDA0003816882960000035
Whether it holds, checks whether the reconstructed root digest is correct.
6. The multi-source aggregation query validation method of claims 2-5, wherein the step 10B comprises:
E s) ← Setup (λ), calculation
Figure FDA0003816882960000036
Wherein pub = (p, G) T E, G) are generated by a bilinear pairing parameter generator based on lambda, G and G T Is a cyclic multiplicative group of two prime orders p, G is the generator of G, e: G × G → G T Is a bilinear pairing, [ q ]]For all sensitive properties, Ω E Adding a public parameter params as a verification related parameter;
the step 20B includes:
Figure FDA0003816882960000041
in (1),
Figure FDA0003816882960000042
composed of two elements
Figure FDA0003816882960000043
Is composed of (a) wherein
Figure FDA0003816882960000044
Wherein:
Figure FDA0003816882960000045
U max is the maximum value of the sensitivity attribute for all data sets.
7. The multi-source aggregation query validation method of claim 6, wherein when the client-initiated query Q is a COUNT query COUNT:
step 20B includes: { Pi i ,R i }←Query(A i ,Q,Ω E ) Calculating a i (x)=(A i (x)-A i (1) X-1), output
Figure FDA0003816882960000046
R i =A i (1) Wherein A is i (1) Is A i The number of elements in (1);
step 30B includes:
Figure FDA0003816882960000047
output R * =R 1 +R 2 +…+R n ,π * =π 1 ×π 2 ×…×π n
Figure FDA0003816882960000048
Get only
Figure FDA0003816882960000049
Step 40B includes:
Figure FDA00038168829600000410
when judging that
Figure FDA00038168829600000411
Figure FDA00038168829600000412
When the result is true, the accept is output, otherwise, the reject is output.
8. The multi-source aggregated query validation method according to claim 6, wherein when the client-initiated query Q is a SUM query SUM:
step 20B includes: { Pi i ,R i }←Query(A i ,Q,Ω E ) Calculation of b i (x)=(A i (x)-A i (1)-A′ i (1)(x-1))/(x-1) 2
Figure FDA00038168829600000413
π b =A i (1) Output pi i =(π aibi ),R i =A′ i (1) Wherein, A' i (1) Is A i The sum of the values of the elements in (a);
step 30B includes:
Figure FDA00038168829600000414
computing
Figure FDA00038168829600000415
Output R * =R 1 +R 2 +…+R n
Figure FDA00038168829600000416
Figure FDA00038168829600000417
Get only
Figure FDA00038168829600000418
Step 40B includes:
Figure FDA00038168829600000419
when judging that
Figure FDA00038168829600000420
Figure FDA00038168829600000421
When the result is true, the accept is output, otherwise, the reject is output.
9. The multi-source aggregated query validation method of claim 6, wherein when the client-initiated query Q is a minimum query MIN:
step 20B includes: { Pi i ,R i }←Query(A i ,Q,Ω E ) Output R i =min i
Figure FDA00038168829600000422
Wherein, min i Is A i Minimum value of (A) i (s) the lowest order of s;
step 30B includes:
Figure FDA00038168829600000427
output R * =MIN(R 1 ,R 2 ,…R n ),
Figure FDA00038168829600000423
Figure FDA00038168829600000424
Get only
Figure FDA00038168829600000425
Figure FDA00038168829600000426
Step 40B includes:
Figure FDA0003816882960000051
when judging that
Figure FDA0003816882960000052
Figure FDA0003816882960000053
When the result is true, the accept is output, otherwise, the reject is output.
10. The multi-source aggregation query validation method of claim 6, wherein when the query Q initiated by the client is a maximum query MAX:
step 20B includes: { Pi i ,R i }←Query(A i ,Q,Ω E ) Output R i =max i
Figure FDA0003816882960000054
Therein, max i Is A i Maximum value of (i.e. B) i (s) the lowest order of s;
step 30B includes:
Figure FDA0003816882960000055
output R * =MAX(R 1 ,R 2 ,…R n ),
Figure FDA0003816882960000056
Figure FDA0003816882960000057
Get only
Figure FDA0003816882960000058
Step 40B includes:
Figure FDA0003816882960000059
when judging that
Figure FDA00038168829600000510
Figure FDA00038168829600000511
When the result is true, the accept is output, otherwise, the reject is output.
CN202211037547.XA 2022-08-26 2022-08-26 Multisource aggregation query verification method Active CN115426117B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211037547.XA CN115426117B (en) 2022-08-26 2022-08-26 Multisource aggregation query verification method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211037547.XA CN115426117B (en) 2022-08-26 2022-08-26 Multisource aggregation query verification method

Publications (2)

Publication Number Publication Date
CN115426117A true CN115426117A (en) 2022-12-02
CN115426117B CN115426117B (en) 2024-04-26

Family

ID=84199509

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211037547.XA Active CN115426117B (en) 2022-08-26 2022-08-26 Multisource aggregation query verification method

Country Status (1)

Country Link
CN (1) CN115426117B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9049185B1 (en) * 2013-03-14 2015-06-02 Emc Corporation Authenticated hierarchical set operations and applications
CN109800235A (en) * 2019-01-28 2019-05-24 东北大学 A kind of Outsourced database full operation inquiry validation system and method based on certification tree
CN112804050A (en) * 2021-04-14 2021-05-14 湖南大学 Multi-source data query system and method
WO2022082893A1 (en) * 2020-10-22 2022-04-28 香港中文大学(深圳) Privacy blockchain-based internet of vehicles protection method, and mobile terminal
CN114417419A (en) * 2022-01-24 2022-04-29 哈尔滨工业大学(深圳) Outsourcing cloud storage medical data aggregation method with security authorization and privacy protection

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9049185B1 (en) * 2013-03-14 2015-06-02 Emc Corporation Authenticated hierarchical set operations and applications
CN109800235A (en) * 2019-01-28 2019-05-24 东北大学 A kind of Outsourced database full operation inquiry validation system and method based on certification tree
WO2022082893A1 (en) * 2020-10-22 2022-04-28 香港中文大学(深圳) Privacy blockchain-based internet of vehicles protection method, and mobile terminal
CN112804050A (en) * 2021-04-14 2021-05-14 湖南大学 Multi-source data query system and method
CN114417419A (en) * 2022-01-24 2022-04-29 哈尔滨工业大学(深圳) Outsourcing cloud storage medical data aggregation method with security authorization and privacy protection

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
CHAO SHA等: "A Type of Virtual Force-Based Energy-Hole Mitigation Strategy for Sensor Networks", 《IEEE》, 31 December 2020 (2020-12-31) *
侯林;冯达;玄鹏开;周福才;: "基于认证树的外包数据库连接查询验证方案", 信息网络安全, no. 02, 10 February 2020 (2020-02-10) *

Also Published As

Publication number Publication date
CN115426117B (en) 2024-04-26

Similar Documents

Publication Publication Date Title
Hu et al. Spatial query integrity with voronoi neighbors
Yue et al. Blockchain based data integrity verification in P2P cloud storage
US8572385B2 (en) System and method for optimal verification of operations on dynamic sets
Yiu et al. Efficient verification of shortest path search via authenticated hints
US9465874B1 (en) Authenticated hierarchical set operations and applications
Zheng et al. Efficient query integrity for outsourced dynamic databases
Esiner et al. Flexdpdp: Flexlist-based optimized dynamic provable data possession
CN106897368B (en) Merkle Hash summation tree and verifiable database updating operation method thereof
Shao et al. Dynamic data integrity auditing method supporting privacy protection in vehicular cloud environment
Tamassia et al. Certification and Authentication of Data Structures.
CN106991148B (en) Database verification system and method supporting full-update operation
CN109088719B (en) Outsourced database multi-key word can verify that cipher text searching method, data processing system
CN107451281B (en) Outsourcing database SQL query integrity verification system and method based on ADS
Goodrich et al. Efficient verification of web-content searching through authenticated web crawlers
Ozcelik et al. An overview of cryptographic accumulators
CN112613601A (en) Neural network model updating method, device and computer storage medium
Zhang et al. Integrity authentication for SQL query evaluation on outsourced databases: A survey
Zhang et al. New efficient constructions of verifiable data streaming with accountability
Xu et al. Efficient public blockchain client for lightweight users
Papamanthou et al. Optimal authenticated data structures with multilinear forms
Zhou et al. Evss: An efficient verifiable search scheme over encrypted cloud data
CN115426117B (en) Multisource aggregation query verification method
Chen et al. Ensuring dynamic data integrity with public auditability for cloud storage
Ghosh et al. Fully-dynamic verifiable zero-knowledge order queries for network data
Yao et al. Verifiable query processing over outsourced social graph

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant