KR101593674B1 - Verifiable data management method and system - Google Patents
Verifiable data management method and system Download PDFInfo
- Publication number
- KR101593674B1 KR101593674B1 KR1020140114171A KR20140114171A KR101593674B1 KR 101593674 B1 KR101593674 B1 KR 101593674B1 KR 1020140114171 A KR1020140114171 A KR 1020140114171A KR 20140114171 A KR20140114171 A KR 20140114171A KR 101593674 B1 KR101593674 B1 KR 101593674B1
- Authority
- KR
- South Korea
- Prior art keywords
- value
- data
- random number
- node
- client
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
Abstract
A verifiable data management method according to an embodiment of the present invention includes: setting a security parameter and a maximum number of storable data by a client; The client generating a signature key, a verification key and a pseudo-random number function based on the set security parameters; The client transmitting the acknowledgment key and the pseudo-random number function to a server; The server and the client constructing a hash binary tree having the set maximum number using the pseudo-random number function and the hash function; The client receiving a value of a root node of the hash binary tree from the server and comparing the value of the root node with the value of the root node calculated by the client; And storing the value of the root node by the client if the comparison result is matched.
Description
Embodiments of the present invention relate to verifiable data technologies, and more particularly, to data management methods and systems that provide efficient verifiable data technologies.
Verifiable Streaming Data technology refers to a technique for maintaining order, integrity, and efficient storage / retrieval / update of streaming data of a client.
The environment for storing sensitive data on untrusted external storage is already commonplace. Many users upload their sensitive data (photos, videos, documents, etc.) to various web hard services and use external storage services for hospitals and corporations.
Among such sensitive data, streaming data is data that is generated, stored and updated in real time, and is a data type that is rapidly increasing in conjunction with development of ubiquitous environment and car health care system, which are becoming a recent issue.
A number of technologies have been developed that can securely store and manage sensitive data on the client to external storage that is not already trusted (Verifiable Database, Proofs of Retrievability). However, the technology development for such streaming data is relatively small.
Dominique Schroeder and Heike Schroeder presented the concept of verifiable data streaming and designed the technology for the first time in 2012 at the CCS '12 (Proceedings of the ACM conference on computer and communications security). However, their description is O (log N) that the client has to store, and it requires O (log N) of computation and transmission amount when retrieving and updating. Where N is the maximum number of data that can be stored.
Therefore, in an embodiment of the present invention, a method of designing a streaming data technology that can overcome the limitations of the technology presented and can be verified more efficiently is suggested. Finally, information to be stored by the client is lowered to O (1) We also propose a technique that can reduce O (log T) overhead in search and update. Here, T means the number of actually stored data having a value less than or equal to the total data N that can be stored.
Related prior art is disclosed in Patent Registration No. 10-1369250 entitled " Server, Client and Method for Verifying Data Integrity in P2P-Based Network, Registration Date: Feb. 25, 2014).
One embodiment of the present invention provides a verifiable data management method and system that can reduce the complexity of computation that occurs upon storage, retrieval, and updating of data by designing efficiently verifiable data (streaming data) technology.
The problems to be solved by the present invention are not limited to the above-mentioned problem (s), and another problem (s) not mentioned can be clearly understood by those skilled in the art from the following description.
A verifiable data management method according to an embodiment of the present invention includes: setting a security parameter and a maximum number of storable data by a client; The client generating a signature key, a verification key and a pseudo-random number function based on the set security parameters; The client transmitting the acknowledgment key and the pseudo-random number function to a server; The server and the client constructing a hash binary tree having the set maximum number using the pseudo-random number function and the hash function; The client receiving a value of a root node of the hash binary tree from the server and comparing the value of the root node with the value of the root node calculated by the client; And storing the value of the root node by the client if the comparison result is matched.
The step of constructing the hash binary tree includes the steps of: calculating values of respective nodes excluding the lowest node using two random number values and two hash functions having parameters of two child nodes as parameters; And constructing the hash binary tree by concatenating the nodes from the root node to the lowest node using the relationship between the parent node and the child node including the lowest node.
The verifiable data management method according to an embodiment of the present invention includes the steps of: when the client desires to store its i-th data in a server, the client calculates a random number using the pseudo-random number function; Generating a signature for the random number and the operation result data of the i-th data using the signature key, and transmitting the signature to the server; Verifying that the signature is valid for the calculation result data by using the confirmation key; And storing the operation result data and the signature together with the node value stored in the i-th node of the hash binary tree if the signature is valid as a result of the verification.
The verifiable data management method according to an embodiment of the present invention includes: when the client desires to retrieve the i-th data, the server receives the i-th index from the client; Searching the computation result data and signature stored in the i-th node in the hash binary tree using the index; And searching the random number value and hash value stored in the upper nodes of the i-th node, respectively, and transmitting the random number and the hash value to the client as a verification value together with the operation result data and the signature.
The verifiable data management method according to an embodiment of the present invention includes: firstly verifying whether the client is a valid signature for a verification value transmitted from the server; If the first verification result is a valid signature, verifying the validity of the random number value of the calculation result data included in the verification value by the client; And if the value of the random number is valid as a result of the second verification, the client recognizes the validity of the i-th data.
Wherein the second verifying step comprises: comparing the value stored in each node of the hash binary tree with the value of each node received from the server, and verifying whether the client is the same; Comparing the value stored in the root node of the hash binary tree with the value of the root node owned by the client and confirming whether the value is the same; And verifying the validity of the random number value based on the first and second comparison results by the client.
The verifiable data management method according to an embodiment of the present invention is characterized in that when the client desires to update the i-th data, if the verification result of the i-th data is valid, the client uses the pseudo- Calculating a value; Generating a signature for the computation result data of the new random number and the new i-th data; Changing the random number stored in the i-th node to the new random number; The client newly calculating a value of each node included in the verification value from the changed new random number value and calculating a value of the root node held by the client; Sending, by the client, the computation result data of the new random number and the new i-th data, the signature, and the value of the computed root node to the server; The server newly calculating a value of each node included in the verification value from the changed new random number value and calculating a value of the root node held by the server; And comparing the value of the root node held by the server with the value of the root node transmitted from the client, and completing the update of the i-th data if the two values are the same.
When updating the i-th data, the server may update the hash value of the upper nodes from the node where the random number value is changed to the root node according to the changed new random number value.
A verifiable data management system according to an embodiment of the present invention is arranged in a client, and is configured to set a security parameter and a maximum number of storable data, generate a signature key, a verification key, and a pseudo-random number function based on the set security parameter A first data setting unit for transmitting the confirmation key and the pseudo-random number function to a server; A hash binary tree constructing unit arranged in the server and the client, the hash binary tree constructing the hash binary tree having the set maximum number by using the pseudo-random number function and the hash function; And a second node located in the client and receiving a value of a root node of the hash binary tree from the server and comparing the value of the root node with a value of a root node calculated by the second node, And a data setting unit.
The hash binary tree structure unit calculates the value of each node except for the lowest node by using two random hash functions and two hash functions using the values of two child nodes as parameters, The hash binary tree can be constructed by connecting nodes from the root node to the lowermost node using the relationship between the parent node and the child node so as to have a correlation.
The verifiable data management system according to an embodiment of the present invention is characterized in that when the client desires to store its i-th data in a server, the verifiable data management system is arranged in the client, calculates a random number value using the pseudo-random number function, A first data upload unit for generating a random number and a signature of the operation result data of the i-th data using the signature key and transmitting the signature to the server; And a verification module for verifying whether the signature is valid for the computation result data using the verification key, and if the signature is valid, converting the computation result data and the signature into i And a second data upload unit for storing the node value together with the node value stored in the second node.
The verifiable data management system according to an embodiment of the present invention is characterized in that when the client desires to retrieve the i-th data, the verifiable data management system is arranged in the server, receives the i-th index from the client, Searches for the computation result data and signature stored in the i-th node in the hash binary tree, searches the hash value and the random number value stored in the upper nodes of the i-th node, And transmitting the verification value to the client together with the verification value.
The verifiable data management system according to an embodiment of the present invention is configured to perform a first verification of whether or not a valid signature is transmitted to a verification value transmitted from the server, And a data verifying unit for verifying the validity of the random number value of the calculation result data included in the verification value secondly and recognizing the validity of the i-th data when the value of the random number is valid as a result of the second verification .
Wherein the data verifying unit first compares a value stored in each node of the hash binary tree with a value of each node received from the server to check whether they are the same and whether the value stored in the root node of the hash binary tree The second node compares the value of the root node owned by the second node with the value of the root node to verify whether the value of the root node is the same and verifies the validity of the random number based on the first and second comparison results.
The verifiable data management system according to an embodiment of the present invention is arranged in the client when the client desires to update the i-th data, and when the verification result of the i-th data is validated, Generates a new random number and a signature for the new random number and the computation result data of the new i-th data, changes the random number stored in the i-th node to the new random number, Calculates a value of a root node owned by the new random number and newly computes the value of each node included in the new random number, and outputs the computed result data of the new i-th data, the signature, A first data update unit transmitting the value of the node to the server; And calculating a value of a root node owned by the server by newly calculating a value of each node included in the verification value from the changed new random number value and comparing the value of the root node held by the server with the value of the root node held by the server And a second data updater for comparing the value of the received root node and completing the updating of the i-th data if the two values are the same.
The details of other embodiments are included in the detailed description and the accompanying drawings.
According to an embodiment of the present invention, by decreasing the amount of information that the client should store to 0 (1), the amount of information that the client must separately store is not related to the total number of data stored in the external server, Space efficiency can be improved.
According to an embodiment of the present invention, the computation and transmission overhead occurring when the client retrieves and updates data can also be reduced to 0 (log T), which does not increase with the amount of total data that can be stored It is very advantageous over existing technologies because it increases with the amount of data currently stored.
According to an embodiment of the present invention, it is very suitable for streaming data generated in real time by designing data to be efficiently stored in a server.
1 is a flowchart illustrating a method of setting data in a verifiable data management method according to an embodiment of the present invention.
FIG. 2 is a flowchart illustrating a method for constructing a hash binary tree according to an embodiment of the present invention. Referring to FIG.
3 is a diagram illustrating a hash binary tree constructed in accordance with an embodiment of the present invention.
4 is a flowchart illustrating a data upload method in a verifiable data management method according to an exemplary embodiment of the present invention.
FIG. 5 is a flowchart illustrating a data retrieval method in a verifiable data management method according to an embodiment of the present invention.
FIG. 6 is a flowchart illustrating a method of verifying data in a verifiable data management method according to an exemplary embodiment of the present invention. Referring to FIG.
FIG. 7 is a flowchart illustrating a method for verifying validity of a random number value according to an embodiment of the present invention. Referring to FIG.
FIG. 8 is a flowchart illustrating a data update method in a verifiable data management method according to an embodiment of the present invention. Referring to FIG.
9 to 14 are block diagrams illustrating a verifiable data management system according to an embodiment of the present invention.
BRIEF DESCRIPTION OF THE DRAWINGS The advantages and / or features of the present invention, and how to accomplish them, will become apparent with reference to the embodiments described in detail below with reference to the accompanying drawings. It should be understood, however, that the invention is not limited to the disclosed embodiments, but is capable of many different forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, To fully disclose the scope of the invention to those skilled in the art, and the invention is only defined by the scope of the claims. Like reference numerals refer to like elements throughout the specification.
Verifiable Streaming Data technology refers to a technology that can satisfy the following security requirements when storing untrusted external storage space, ie, sensitive streaming data of a client to an external storage service.
1. Storing / retrieving / modifying streaming data should be efficient.
2. Ensure the integrity of streaming data. That is, the client must be able to be sure that the data he or she searched is actually the data he or she has stored, and be able to verify that it is the latest update data.
3. Be able to maintain and verify the order of the streaming data.
The present invention relates to the most efficient and verifiable streaming data technology while meeting these security requirements.
Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings.
FIG. 1 is a flowchart for explaining a verifiable data management method according to an embodiment of the present invention, in particular, a method for setting data.
Referring to FIG. 1, in
Next, in
Next, in
Next, in
Hereinafter, the
Referring to FIGS. 2 and 3, in
Then, in
Referring again to FIG. 1, in
If the comparison result is matched ("Yes" direction of 160), the client stores the value of the root node in
A method of setting up the data will be described in more detail as follows.
The client sets the security parameter k and the maximum number of data that can be stored 2 D -1. The client generates a signature key SK and a confirmation key PK to be used in the digital signature algorithm according to the set security parameter k, and generates a pseudo-random number function f: Z → {0, 1} k . The client transmits the generated authentication key PK and the pseudo-random number function f to the server.
As shown in FIG. 3, the server and the client construct a hash binary tree using a hash function H, that is, a hash function H having a dynamic response. 3, each random number is calculated as r i = f (i)
, I = 2 d-1 , ..., 2 d -1, that is, only the value of the lowest node is defined as shown in FIG. 3 .Finally, the server sends the value of the root node
To the client, and the client compares the value with the value of the root node calculated by the client, and authenticates and stores the same. That is, the server stores the hash binary tree and the confirmation key PK of FIG. 3, .4 is a flowchart illustrating a data upload method in a verifiable data management method according to an exemplary embodiment of the present invention. That is, FIG. 4 illustrates a case where the client desires to store its i-th data in the server.
Referring to FIG. 4, in
Next, in
Next, in
Next, in
A method for uploading the data will be described in more detail as follows.
The client
Th data m i is stored in the server, the random number value r i = f (i) is first calculated, and the data And transmits the signature σ i to the server using its own signature key SK.The server verifies that the signature is valid for the message using the verification key PK,
Is already stored in the ith node of its hash binary tree ≪ / RTI >As described above, in the embodiment of the present invention, in storing data, only the generation of the signature of the client is used, and no additional operation is required. This means that very efficient data storage is possible, and it is particularly suitable for streaming data generated in real time.
FIG. 5 is a flowchart illustrating a data retrieval method in a verifiable data management method according to an embodiment of the present invention. That is, FIG. 5 illustrates a case where the client desires to retrieve its i-th data.
Referring to FIG. 5, in
Next, in
Next, in
Next, in
A method of searching for the data will be described in more detail as follows.
When the client desires to retrieve the i-th data, if the index i is transmitted to the server, the server stores the index i in the i-th node in the hash binary tree
The random number and the hash value stored in the own parent node going to the root node with the client and to transmit the verification value π i.In other words,
When that the largest positive integer c, π i is d = 0,1, ... satisfying, for c ≪ / RTI > Therefore, the values sent by the server to the client do not increase according to the total number of storable data but increase with the number of currently stored data.More specifically, since the hash binary tree of FIG. 3 has a structure that returns one value for each layer, it transmits data of O (log T) to the client. Here, T represents the number of data currently stored.
FIG. 6 is a flowchart illustrating a method of verifying data in a verifiable data management method according to an exemplary embodiment of the present invention. Referring to FIG.
Referring to FIG. 6, in
If the first verification result is a valid signature (the "Yes" direction of 620), the client secondly verifies the validity of the random number value of the calculation result data included in the verification value in
Hereinafter, the second verification process will be described in detail with reference to FIG. 7 is a flowchart illustrating a method for verifying validity of a random number value according to an embodiment of the present invention.
Referring to FIG. 7, in
If the two values of the first comparison result are the same (YES direction of 720), the client stores the value stored in the root node of the hash binary tree and the value of the root node owned by the client in
If the second comparison results in the same value (the "YES" direction of 740), the client verifies the validity of the random number value based on the first and second comparison results at
Referring again to FIG. 6, if the value of the random number is verified as a result of the second verification (Yes in 640), the client recognizes the validity of the i-th data in
A method of verifying the data will be described in more detail as follows.
The client first receives the < RTI ID = 0.0 >
Verify that this is a legitimate signature. Once you have passed the verification process, The validity of the value of r i included in equation (1) is verified as follows.In other words, the client can obtain
The value of Value is equal to the value of the reference value. Finally, when the client is d = c The value of And confirms the validity of r i .The client acknowledges the validity of the corresponding data only when the corresponding signature value is valid and the random number value contained therein is valid.
FIG. 8 is a flowchart illustrating a data update method in a verifiable data management method according to an embodiment of the present invention. Referring to FIG. That is, FIG. 8 shows a case where the client desires to update its i-th data.
Referring to FIG. 8, if the verification result of the i-th data is valid (see FIG. 6), the client calculates a new random number value using the pseudo-random number function in
Next, in
Next, in
Next, in
Next, in
Next, in
Next, in
If the two values are the same (Yes in 880), the server completes updating the i-th data in
A method of updating the data will be described in more detail as follows.
When the client wishes to update the i-th data, it first uses the Search algorithm (see Fig. 5)
Th data and the? I value therefrom are received from the server and verified by the Verify algorithm (see FIGS. 6 and 7).If the verification passes, the client sends its new i-th data
To the server, a new random number value And the data Signature for .Thereafter, r i at the i-th node of the hash binary tree
, And changes the value of each node included in? I to the changed And calculates the value of the new root node.That is, for d = 1, ..., c
The value of the newly calculated , And finally if d = c, the client owns Lt; RTI ID = 0.0 > .To reflect this to the server, the client does not need to transmit all intermediate values,
, And the value of the root node, and the server compares the value of the root node received from the client with the value of the root node received from the updated node in the same manner as the client, and finishes updating in the same case.In this process, the higher nodes from the node where the random number change occurs to the root node update the hash values changed by the changed new random number value. That is, for d = 1, ..., c as above,
The value of the newly calculated .9 to 14 are block diagrams illustrating a verifiable data management system according to an embodiment of the present invention.
9, a verifiable
The
The first
The hash binary
To this end, the hash binary
The second
Next, the data upload
The first data upload
The second data upload
Next, the
The receiving
The
The
Next, the
The
The
To this end, the
The
The
Next, the
The first
The first
The
The second
The
Embodiments of the present invention include computer readable media including program instructions for performing various computer implemented operations. The computer-readable medium may include program instructions, local data files, local data structures, etc., alone or in combination. The media may be those specially designed and constructed for the present invention or may be those known to those skilled in the computer software. Examples of computer-readable media include magnetic media such as hard disks, floppy disks and magnetic tape, optical recording media such as CD-ROMs and DVDs, magneto-optical media such as floppy disks, and ROMs, And hardware devices specifically configured to store and execute the same program instructions. Examples of program instructions include machine language code such as those produced by a compiler, as well as high-level language code that can be executed by a computer using an interpreter or the like.
While the present invention has been described in connection with what is presently considered to be practical exemplary embodiments, it is to be understood that the invention is not limited to the disclosed embodiments. Therefore, the scope of the present invention should not be limited to the described embodiments, but should be determined by the scope of the appended claims and equivalents thereof.
While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments, but, on the contrary, Modification is possible. Accordingly, the spirit of the present invention should be understood only in accordance with the following claims, and all equivalents or equivalent variations thereof are included in the scope of the present invention.
910: Data setting section
920: Data upload unit
930: Data retrieval unit
940:
950:
1010: first data setting unit
1020: a hash binary tree constituent unit
1030: second data setting unit
1110: First data upload unit
1120: second data upload unit
1210:
1220:
1230:
1310: First verification unit
1320: Second verification unit
1330: verification completion unit
1410:
1420: second data update unit
Claims (15)
The client generating a signature key, a verification key and a pseudo-random number function based on the set security parameters;
The client transmitting the acknowledgment key and the pseudo-random number function to a server;
The server and the client constructing a hash binary tree having the set maximum number using the pseudo-random number function and the hash function;
The client receiving a value of a root node of the hash binary tree from the server and comparing the value of the root node with the value of the root node calculated by the client; And
If the comparison result is matched, the client stores the value of the root node
The method comprising the steps of:
The step of constructing the hash binary tree
Calculating a value of each node excluding the lowest node by using two random number values and two hash functions having parameters of two child nodes as parameters, respectively; And
Constructing the hash binary tree by concatenating the nodes from the root node to the lowest node using the relationship between the parent node and the child node including the lowest node,
The method comprising the steps of:
If the client wishes to store its i-th data in the server,
The client calculating a random number using the pseudo-random number function;
Generating a signature for the random number and the operation result data of the i-th data using the signature key, and transmitting the signature to the server;
Verifying that the signature is valid for the calculation result data by using the confirmation key; And
If the signature is valid, the server stores the computation result data and the signature together with the node value stored in the ith node of the hash binary tree
≪ / RTI >
When the client desires to retrieve the i-th data,
Receiving, by the server, the i-th index from the client;
Searching the computation result data and signature stored in the i-th node in the hash binary tree using the index; And
The server searches for a random number value and a hash value respectively stored in the upper nodes of the i-th node and transmits the random number value and the hash value to the client together with the operation result data and the signature as a verification value
≪ / RTI >
If the client desires to verify the validity of the i-th data,
Verifying whether the client is a valid signature for a verification value transmitted from the server;
If the first verification result is a valid signature, verifying the validity of the random number value of the calculation result data included in the verification value by the client; And
If the value of the random number is valid as a result of the second verification, the client recognizes the validity of the i-th data
≪ / RTI >
The second verifying step
Comparing the value stored in each node of the hash binary tree with the value of each node received from the server and confirming whether the same value is the same;
Comparing the value stored in the root node of the hash binary tree with the value of the root node owned by the client and confirming whether the value is the same; And
Wherein the client verifies the validity of the random number value based on the first and second comparison results
The method comprising the steps of:
If the client wishes to update the i-th data,
Calculating a new random number value using the pseudo-random number function if the verification result of the i-th data is valid;
Generating a signature for the computation result data of the new random number and the new i-th data;
Changing the random number stored in the i-th node to the new random number;
The client newly calculating a value of each node included in the verification value from the changed new random number value and calculating a value of the root node held by the client;
Sending, by the client, the computation result data of the new random number and the new i-th data, the signature, and the value of the computed root node to the server;
The server newly calculating a value of each node included in the verification value from the changed new random number value and calculating a value of the root node held by the server; And
The server compares the value of the root node held by the server with the value of the root node transmitted from the client, and if the two values are the same, completing the updating of the i-th data
≪ / RTI >
Upon updating the i-th data,
And the server updates the hash value of the upper nodes from the node where the random number value is changed to the root node according to the changed new random number value.
A hash binary tree constructing unit arranged in the server and the client, the hash binary tree constructing the hash binary tree having the set maximum number by using the pseudo-random number function and the hash function; And
A second node for receiving the value of the root node of the hash binary tree from the server and for comparing the value of the root node with the value of the root node calculated by the second node, Setting section
Wherein the verifiable data management system comprises:
The hash binary tree structure unit
Calculating a value of each node excluding the lowest node by using two hash functions each having a random number value and a value of two child nodes as parameters, and calculating each node including the lowest node as a parent node and child Wherein the hash binary tree is constructed by connecting the root node to the lowest node using a relation of the nodes so as to have a correlation.
If the client wishes to store its i-th data in the server,
A first random number generator that is disposed in the client and calculates a random number using the pseudo-random number function, and generates a signature for the random number and the operation result data of the i-th data using the signature key, A data uploading unit; And
Wherein the verification result data and the signature are stored in the server when the verification result indicates that the signature is valid for the computation result data using the verification key, And a second data upload unit
Further comprising: < RTI ID = 0.0 > a < / RTI >
When the client desires to retrieve the i-th data,
The server receives the index corresponding to the ith node from the client and searches the operation result data and signature stored in the ith node in the hash binary tree using the index, And a data retrieval unit for retrieving the hash value and the random number value stored in the upper nodes of the retrieval result data,
Further comprising: < RTI ID = 0.0 > a < / RTI >
If the client desires to verify the validity of the i-th data,
A verification unit configured to verify whether or not a verification value transmitted from the server is a valid signature by performing a first verification of the validity of the random number value of the calculation result data included in the verification value, Verifies the validity of the i-th data if the value of the random number is valid as a result of the second verification,
Further comprising: < RTI ID = 0.0 > a < / RTI >
The data verifying unit
A first comparison is made between a value stored in each node of the hash binary tree and a value of each node received from the server to check whether they are the same and whether the value stored in the root node of the hash binary tree, And verifies the validity of the random number based on the first comparison result and the second comparison result.
If the client wishes to update the i-th data,
And if the validity of the i-th data is confirmed, calculates a new random number using the pseudo-random number function, and generates a signature for the new random number and the operation result data of the new i-th data And changing the value of the random number stored in the i-th node to the new random number, calculating the value of each node included in the verification value from the changed new random number value, and calculating the value of the root node A first data updating unit for transmitting the new random number and the computation result data of the new i-th data, the signature, and the calculated value of the root node to the server; And
Calculating a new value of each node included in the verification value from the changed new random number value to calculate a value of the root node owned by the new node and comparing the value of the root node held by the server with the value of the root node A second data update unit for comparing the value of the received root node and completing the updating of the i-th data if the two values are the same,
Further comprising: < RTI ID = 0.0 > a < / RTI >
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020140114171A KR101593674B1 (en) | 2014-08-29 | 2014-08-29 | Verifiable data management method and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020140114171A KR101593674B1 (en) | 2014-08-29 | 2014-08-29 | Verifiable data management method and system |
Publications (1)
Publication Number | Publication Date |
---|---|
KR101593674B1 true KR101593674B1 (en) | 2016-02-15 |
Family
ID=55357458
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020140114171A KR101593674B1 (en) | 2014-08-29 | 2014-08-29 | Verifiable data management method and system |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR101593674B1 (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2018030707A1 (en) * | 2016-08-10 | 2018-02-15 | 삼성에스디에스 주식회사 | Authentication system and method, and user equipment, authentication server, and service server for performing same method |
KR20180049455A (en) * | 2016-11-02 | 2018-05-11 | 현대오토에버 주식회사 | Method for certifying authenticity of module for vehicle and apparatus thereof |
KR20210073354A (en) * | 2019-12-10 | 2021-06-18 | 한국전자통신연구원 | Method and system for replacing vehicle parts using in-vehicle network based on vehicle ethernet |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101287597B1 (en) | 2012-01-26 | 2013-07-19 | 한남대학교 산학협력단 | Service provider authentication method using hash tree |
-
2014
- 2014-08-29 KR KR1020140114171A patent/KR101593674B1/en active IP Right Grant
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101287597B1 (en) | 2012-01-26 | 2013-07-19 | 한남대학교 산학협력단 | Service provider authentication method using hash tree |
Non-Patent Citations (1)
Title |
---|
Dominique Schroder 외 1인, ACM Conference on Computer and Communications Security (CCS) 2012, "Verifiable Data Streaming", (2012.10.16. 공개) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2018030707A1 (en) * | 2016-08-10 | 2018-02-15 | 삼성에스디에스 주식회사 | Authentication system and method, and user equipment, authentication server, and service server for performing same method |
KR20180049455A (en) * | 2016-11-02 | 2018-05-11 | 현대오토에버 주식회사 | Method for certifying authenticity of module for vehicle and apparatus thereof |
KR101868227B1 (en) * | 2016-11-02 | 2018-06-18 | 현대오토에버 주식회사 | Method for certifying authenticity of module for vehicle and apparatus thereof |
KR20210073354A (en) * | 2019-12-10 | 2021-06-18 | 한국전자통신연구원 | Method and system for replacing vehicle parts using in-vehicle network based on vehicle ethernet |
KR102436138B1 (en) | 2019-12-10 | 2022-08-26 | 한국전자통신연구원 | Method and system for replacing vehicle parts using in-vehicle network based on vehicle ethernet |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP7235764B2 (en) | Industrial data validation using a secure distributed ledger | |
EP3693886B1 (en) | Optimizations for verification of interactions system and method | |
KR102238681B1 (en) | Method of generating and verifying signature information and system thereof | |
CN109347868B (en) | Information verification method, device and storage medium | |
JP5062775B2 (en) | SEARCH METHOD, SEARCH DEVICE, INDEX GENERATION METHOD, INDEX GENERATION DEVICE | |
US8874921B2 (en) | System and method for generating keyless digital multi-signatures | |
US11468044B2 (en) | Optimizations for verification of interactions system and method using probability density functions | |
CN101251881A (en) | Device, system and method for recognizing content | |
CN105247529A (en) | Synchronizing credential hashes between directory services | |
CN108092766B (en) | Ciphertext search authority verification method and system | |
CN111898164A (en) | Data integrity auditing method supporting tag block chain storage and query | |
CN109660330B (en) | Method and system for identity authentication on block chain | |
KR101424569B1 (en) | Time based authentication system and method thereof | |
US11777732B2 (en) | Token node locking | |
KR101593674B1 (en) | Verifiable data management method and system | |
JP2004179724A (en) | Server apparatus, certificate verifying method, program, and computer-readable recording medium recorded with the program | |
CN110830985B (en) | 5G lightweight terminal access authentication method based on trust mechanism | |
CN117097476B (en) | Data processing method, equipment and medium based on industrial Internet | |
CN110086795A (en) | Authenticate the stream security exchange system based on certification tree under tree constructing method and cloud platform | |
KR101593675B1 (en) | User data integrity verification method and apparatus | |
CN113378218A (en) | Intellectual property data storage and authentication method based on block chain | |
CN103309973A (en) | Method and system for inquiring verifiable outsourced data | |
CN116579026A (en) | Cloud data integrity auditing method, device, equipment and storage medium | |
Junxiang et al. | Dynamic provable data possession with batch-update verifiability | |
JP4543789B2 (en) | Certificate verification information management method based on transactions |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
E701 | Decision to grant or registration of patent right | ||
GRNT | Written decision to grant | ||
FPAY | Annual fee payment |
Payment date: 20190201 Year of fee payment: 4 |