KR101593674B1 - Verifiable data management method and system - Google Patents

Verifiable data management method and system Download PDF

Info

Publication number
KR101593674B1
KR101593674B1 KR1020140114171A KR20140114171A KR101593674B1 KR 101593674 B1 KR101593674 B1 KR 101593674B1 KR 1020140114171 A KR1020140114171 A KR 1020140114171A KR 20140114171 A KR20140114171 A KR 20140114171A KR 101593674 B1 KR101593674 B1 KR 101593674B1
Authority
KR
South Korea
Prior art keywords
value
data
random number
node
client
Prior art date
Application number
KR1020140114171A
Other languages
Korean (ko)
Inventor
정익래
김기성
Original Assignee
고려대학교 산학협력단
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 고려대학교 산학협력단 filed Critical 고려대학교 산학협력단
Priority to KR1020140114171A priority Critical patent/KR101593674B1/en
Application granted granted Critical
Publication of KR101593674B1 publication Critical patent/KR101593674B1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy

Abstract

A verifiable data management method according to an embodiment of the present invention includes: setting a security parameter and a maximum number of storable data by a client; The client generating a signature key, a verification key and a pseudo-random number function based on the set security parameters; The client transmitting the acknowledgment key and the pseudo-random number function to a server; The server and the client constructing a hash binary tree having the set maximum number using the pseudo-random number function and the hash function; The client receiving a value of a root node of the hash binary tree from the server and comparing the value of the root node with the value of the root node calculated by the client; And storing the value of the root node by the client if the comparison result is matched.

Description

[0001] DESCRIPTION [0002] VERIFIABLE DATA MANAGEMENT METHOD AND SYSTEM [

Embodiments of the present invention relate to verifiable data technologies, and more particularly, to data management methods and systems that provide efficient verifiable data technologies.

Verifiable Streaming Data technology refers to a technique for maintaining order, integrity, and efficient storage / retrieval / update of streaming data of a client.

The environment for storing sensitive data on untrusted external storage is already commonplace. Many users upload their sensitive data (photos, videos, documents, etc.) to various web hard services and use external storage services for hospitals and corporations.

Among such sensitive data, streaming data is data that is generated, stored and updated in real time, and is a data type that is rapidly increasing in conjunction with development of ubiquitous environment and car health care system, which are becoming a recent issue.

A number of technologies have been developed that can securely store and manage sensitive data on the client to external storage that is not already trusted (Verifiable Database, Proofs of Retrievability). However, the technology development for such streaming data is relatively small.

Dominique Schroeder and Heike Schroeder presented the concept of verifiable data streaming and designed the technology for the first time in 2012 at the CCS '12 (Proceedings of the ACM conference on computer and communications security). However, their description is O (log N) that the client has to store, and it requires O (log N) of computation and transmission amount when retrieving and updating. Where N is the maximum number of data that can be stored.

Therefore, in an embodiment of the present invention, a method of designing a streaming data technology that can overcome the limitations of the technology presented and can be verified more efficiently is suggested. Finally, information to be stored by the client is lowered to O (1) We also propose a technique that can reduce O (log T) overhead in search and update. Here, T means the number of actually stored data having a value less than or equal to the total data N that can be stored.

Related prior art is disclosed in Patent Registration No. 10-1369250 entitled " Server, Client and Method for Verifying Data Integrity in P2P-Based Network, Registration Date: Feb. 25, 2014).

One embodiment of the present invention provides a verifiable data management method and system that can reduce the complexity of computation that occurs upon storage, retrieval, and updating of data by designing efficiently verifiable data (streaming data) technology.

The problems to be solved by the present invention are not limited to the above-mentioned problem (s), and another problem (s) not mentioned can be clearly understood by those skilled in the art from the following description.

A verifiable data management method according to an embodiment of the present invention includes: setting a security parameter and a maximum number of storable data by a client; The client generating a signature key, a verification key and a pseudo-random number function based on the set security parameters; The client transmitting the acknowledgment key and the pseudo-random number function to a server; The server and the client constructing a hash binary tree having the set maximum number using the pseudo-random number function and the hash function; The client receiving a value of a root node of the hash binary tree from the server and comparing the value of the root node with the value of the root node calculated by the client; And storing the value of the root node by the client if the comparison result is matched.

The step of constructing the hash binary tree includes the steps of: calculating values of respective nodes excluding the lowest node using two random number values and two hash functions having parameters of two child nodes as parameters; And constructing the hash binary tree by concatenating the nodes from the root node to the lowest node using the relationship between the parent node and the child node including the lowest node.

The verifiable data management method according to an embodiment of the present invention includes the steps of: when the client desires to store its i-th data in a server, the client calculates a random number using the pseudo-random number function; Generating a signature for the random number and the operation result data of the i-th data using the signature key, and transmitting the signature to the server; Verifying that the signature is valid for the calculation result data by using the confirmation key; And storing the operation result data and the signature together with the node value stored in the i-th node of the hash binary tree if the signature is valid as a result of the verification.

The verifiable data management method according to an embodiment of the present invention includes: when the client desires to retrieve the i-th data, the server receives the i-th index from the client; Searching the computation result data and signature stored in the i-th node in the hash binary tree using the index; And searching the random number value and hash value stored in the upper nodes of the i-th node, respectively, and transmitting the random number and the hash value to the client as a verification value together with the operation result data and the signature.

The verifiable data management method according to an embodiment of the present invention includes: firstly verifying whether the client is a valid signature for a verification value transmitted from the server; If the first verification result is a valid signature, verifying the validity of the random number value of the calculation result data included in the verification value by the client; And if the value of the random number is valid as a result of the second verification, the client recognizes the validity of the i-th data.

Wherein the second verifying step comprises: comparing the value stored in each node of the hash binary tree with the value of each node received from the server, and verifying whether the client is the same; Comparing the value stored in the root node of the hash binary tree with the value of the root node owned by the client and confirming whether the value is the same; And verifying the validity of the random number value based on the first and second comparison results by the client.

The verifiable data management method according to an embodiment of the present invention is characterized in that when the client desires to update the i-th data, if the verification result of the i-th data is valid, the client uses the pseudo- Calculating a value; Generating a signature for the computation result data of the new random number and the new i-th data; Changing the random number stored in the i-th node to the new random number; The client newly calculating a value of each node included in the verification value from the changed new random number value and calculating a value of the root node held by the client; Sending, by the client, the computation result data of the new random number and the new i-th data, the signature, and the value of the computed root node to the server; The server newly calculating a value of each node included in the verification value from the changed new random number value and calculating a value of the root node held by the server; And comparing the value of the root node held by the server with the value of the root node transmitted from the client, and completing the update of the i-th data if the two values are the same.

When updating the i-th data, the server may update the hash value of the upper nodes from the node where the random number value is changed to the root node according to the changed new random number value.

A verifiable data management system according to an embodiment of the present invention is arranged in a client, and is configured to set a security parameter and a maximum number of storable data, generate a signature key, a verification key, and a pseudo-random number function based on the set security parameter A first data setting unit for transmitting the confirmation key and the pseudo-random number function to a server; A hash binary tree constructing unit arranged in the server and the client, the hash binary tree constructing the hash binary tree having the set maximum number by using the pseudo-random number function and the hash function; And a second node located in the client and receiving a value of a root node of the hash binary tree from the server and comparing the value of the root node with a value of a root node calculated by the second node, And a data setting unit.

The hash binary tree structure unit calculates the value of each node except for the lowest node by using two random hash functions and two hash functions using the values of two child nodes as parameters, The hash binary tree can be constructed by connecting nodes from the root node to the lowermost node using the relationship between the parent node and the child node so as to have a correlation.

The verifiable data management system according to an embodiment of the present invention is characterized in that when the client desires to store its i-th data in a server, the verifiable data management system is arranged in the client, calculates a random number value using the pseudo-random number function, A first data upload unit for generating a random number and a signature of the operation result data of the i-th data using the signature key and transmitting the signature to the server; And a verification module for verifying whether the signature is valid for the computation result data using the verification key, and if the signature is valid, converting the computation result data and the signature into i And a second data upload unit for storing the node value together with the node value stored in the second node.

The verifiable data management system according to an embodiment of the present invention is characterized in that when the client desires to retrieve the i-th data, the verifiable data management system is arranged in the server, receives the i-th index from the client, Searches for the computation result data and signature stored in the i-th node in the hash binary tree, searches the hash value and the random number value stored in the upper nodes of the i-th node, And transmitting the verification value to the client together with the verification value.

The verifiable data management system according to an embodiment of the present invention is configured to perform a first verification of whether or not a valid signature is transmitted to a verification value transmitted from the server, And a data verifying unit for verifying the validity of the random number value of the calculation result data included in the verification value secondly and recognizing the validity of the i-th data when the value of the random number is valid as a result of the second verification .

Wherein the data verifying unit first compares a value stored in each node of the hash binary tree with a value of each node received from the server to check whether they are the same and whether the value stored in the root node of the hash binary tree The second node compares the value of the root node owned by the second node with the value of the root node to verify whether the value of the root node is the same and verifies the validity of the random number based on the first and second comparison results.

The verifiable data management system according to an embodiment of the present invention is arranged in the client when the client desires to update the i-th data, and when the verification result of the i-th data is validated, Generates a new random number and a signature for the new random number and the computation result data of the new i-th data, changes the random number stored in the i-th node to the new random number, Calculates a value of a root node owned by the new random number and newly computes the value of each node included in the new random number, and outputs the computed result data of the new i-th data, the signature, A first data update unit transmitting the value of the node to the server; And calculating a value of a root node owned by the server by newly calculating a value of each node included in the verification value from the changed new random number value and comparing the value of the root node held by the server with the value of the root node held by the server And a second data updater for comparing the value of the received root node and completing the updating of the i-th data if the two values are the same.

The details of other embodiments are included in the detailed description and the accompanying drawings.

According to an embodiment of the present invention, by decreasing the amount of information that the client should store to 0 (1), the amount of information that the client must separately store is not related to the total number of data stored in the external server, Space efficiency can be improved.

According to an embodiment of the present invention, the computation and transmission overhead occurring when the client retrieves and updates data can also be reduced to 0 (log T), which does not increase with the amount of total data that can be stored It is very advantageous over existing technologies because it increases with the amount of data currently stored.

According to an embodiment of the present invention, it is very suitable for streaming data generated in real time by designing data to be efficiently stored in a server.

1 is a flowchart illustrating a method of setting data in a verifiable data management method according to an embodiment of the present invention.
FIG. 2 is a flowchart illustrating a method for constructing a hash binary tree according to an embodiment of the present invention. Referring to FIG.
3 is a diagram illustrating a hash binary tree constructed in accordance with an embodiment of the present invention.
4 is a flowchart illustrating a data upload method in a verifiable data management method according to an exemplary embodiment of the present invention.
FIG. 5 is a flowchart illustrating a data retrieval method in a verifiable data management method according to an embodiment of the present invention.
FIG. 6 is a flowchart illustrating a method of verifying data in a verifiable data management method according to an exemplary embodiment of the present invention. Referring to FIG.
FIG. 7 is a flowchart illustrating a method for verifying validity of a random number value according to an embodiment of the present invention. Referring to FIG.
FIG. 8 is a flowchart illustrating a data update method in a verifiable data management method according to an embodiment of the present invention. Referring to FIG.
9 to 14 are block diagrams illustrating a verifiable data management system according to an embodiment of the present invention.

BRIEF DESCRIPTION OF THE DRAWINGS The advantages and / or features of the present invention, and how to accomplish them, will become apparent with reference to the embodiments described in detail below with reference to the accompanying drawings. It should be understood, however, that the invention is not limited to the disclosed embodiments, but is capable of many different forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, To fully disclose the scope of the invention to those skilled in the art, and the invention is only defined by the scope of the claims. Like reference numerals refer to like elements throughout the specification.

Verifiable Streaming Data technology refers to a technology that can satisfy the following security requirements when storing untrusted external storage space, ie, sensitive streaming data of a client to an external storage service.

1. Storing / retrieving / modifying streaming data should be efficient.

2. Ensure the integrity of streaming data. That is, the client must be able to be sure that the data he or she searched is actually the data he or she has stored, and be able to verify that it is the latest update data.

3. Be able to maintain and verify the order of the streaming data.

The present invention relates to the most efficient and verifiable streaming data technology while meeting these security requirements.

Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings.

FIG. 1 is a flowchart for explaining a verifiable data management method according to an embodiment of the present invention, in particular, a method for setting data.

Referring to FIG. 1, in step 110, a client sets a security parameter and a maximum number of storable data.

Next, in step 120, the client generates a signature key (secret key), a confirmation key (public key), and a pseudo-random number function based on the set security parameters.

Next, in step 130, the client transmits the confirmation key and the pseudo-random number function to the server.

Next, in step 140, the server and the client construct a hash binary tree having the set maximum number by using the pseudo-random number function and the hash function.

Hereinafter, the step 140 of constructing the hash binary tree will be described in detail with reference to FIG. 2 and FIG. 2 is a flowchart illustrating a method of constructing a hash binary tree according to an embodiment of the present invention. FIG. 3 is a diagram illustrating a hash binary tree constructed according to an embodiment of the present invention. to be.

Referring to FIGS. 2 and 3, in step 210, the server and the client use two hash functions each having a random number value and a value of two child nodes as parameters, Can be calculated.

Then, in step 220, the server and the client concatenate each of the nodes including the lowest node so as to have a correlation from the root node to the lowest node using the relationship between the parent node and the child node, .

Referring again to FIG. 1, in step 150, the client receives the value of the root node of the hash binary tree from the server and compares it with the value of the root node calculated by itself.

If the comparison result is matched ("Yes" direction of 160), the client stores the value of the root node in step 170.

A method of setting up the data will be described in more detail as follows.

The client sets the security parameter k and the maximum number of data that can be stored 2 D -1. The client generates a signature key SK and a confirmation key PK to be used in the digital signature algorithm according to the set security parameter k, and generates a pseudo-random number function f: Z → {0, 1} k . The client transmits the generated authentication key PK and the pseudo-random number function f to the server.

As shown in FIG. 3, the server and the client construct a hash binary tree using a hash function H, that is, a hash function H having a dynamic response. 3, each random number is calculated as r i = f (i)

Figure 112014082815531-pat00001
, I = 2 d-1 , ..., 2 d -1, that is, only the value of the lowest node is defined as shown in FIG. 3
Figure 112014082815531-pat00002
.

Finally, the server sends the value of the root node

Figure 112014082815531-pat00003
To the client, and the client compares the value with the value of the root node calculated by the client, and authenticates and stores the same. That is, the server stores the hash binary tree and the confirmation key PK of FIG. 3,
Figure 112014082815531-pat00004
.

4 is a flowchart illustrating a data upload method in a verifiable data management method according to an exemplary embodiment of the present invention. That is, FIG. 4 illustrates a case where the client desires to store its i-th data in the server.

Referring to FIG. 4, in step 410, the client calculates a random number using the pseudo-random number function.

Next, in step 420, the client generates a signature for the random number and the calculation result data of the i-th data using the signature key, and transmits the signature to the server.

Next, in step 430, the server verifies whether the signature is valid for the operation result data using the confirmation key.

Next, in step 440, if the signature is found to be valid (step 440), the server sends the operation result data and the signature to the i-th node of the hash binary tree in step 460 And stores it with the stored node value.

A method for uploading the data will be described in more detail as follows.

The client

Figure 112014082815531-pat00005
Th data m i is stored in the server, the random number value r i = f (i) is first calculated, and the data
Figure 112014082815531-pat00006
And transmits the signature σ i to the server using its own signature key SK.

The server verifies that the signature is valid for the message using the verification key PK,

Figure 112014082815531-pat00007
Is already stored in the ith node of its hash binary tree
Figure 112014082815531-pat00008
≪ / RTI >

As described above, in the embodiment of the present invention, in storing data, only the generation of the signature of the client is used, and no additional operation is required. This means that very efficient data storage is possible, and it is particularly suitable for streaming data generated in real time.

FIG. 5 is a flowchart illustrating a data retrieval method in a verifiable data management method according to an embodiment of the present invention. That is, FIG. 5 illustrates a case where the client desires to retrieve its i-th data.

Referring to FIG. 5, in step 510, the server receives the i-th index from the client.

Next, in step 520, the server searches for the computation result data and signature stored in the i-th node in the hash binary tree using the index.

Next, in step 530, the server searches the hash value and the random number value stored in the upper nodes of the i-th node.

Next, in step 540, the server transmits the found random number value and the hash value together with the operation result data and the signature to the client as the verification value.

A method of searching for the data will be described in more detail as follows.

When the client desires to retrieve the i-th data, if the index i is transmitted to the server, the server stores the index i in the i-th node in the hash binary tree

Figure 112014082815531-pat00009
The random number and the hash value stored in the own parent node going to the root node with the client and to transmit the verification value π i.

In other words,

Figure 112014082815531-pat00010
When that the largest positive integer c, π i is d = 0,1, ... satisfying, for c
Figure 112014082815531-pat00011
≪ / RTI > Therefore, the values sent by the server to the client do not increase according to the total number of storable data but increase with the number of currently stored data.

More specifically, since the hash binary tree of FIG. 3 has a structure that returns one value for each layer, it transmits data of O (log T) to the client. Here, T represents the number of data currently stored.

FIG. 6 is a flowchart illustrating a method of verifying data in a verifiable data management method according to an exemplary embodiment of the present invention. Referring to FIG.

Referring to FIG. 6, in step 610, the client firstly verifies whether it is a valid signature for the verification value transmitted from the server.

If the first verification result is a valid signature (the "Yes" direction of 620), the client secondly verifies the validity of the random number value of the calculation result data included in the verification value in step 630.

Hereinafter, the second verification process will be described in detail with reference to FIG. 7 is a flowchart illustrating a method for verifying validity of a random number value according to an embodiment of the present invention.

Referring to FIG. 7, in step 710, the client first compares the value stored in each node of the hash binary tree with the value of each node received from the server.

If the two values of the first comparison result are the same (YES direction of 720), the client stores the value stored in the root node of the hash binary tree and the value of the root node owned by the client in step 720 Compare the second.

If the second comparison results in the same value (the "YES" direction of 740), the client verifies the validity of the random number value based on the first and second comparison results at step 750. That is, if the first and second comparison results are all the same, the client can judge the random number to be valid.

Referring again to FIG. 6, if the value of the random number is verified as a result of the second verification (Yes in 640), the client recognizes the validity of the i-th data in step 650.

A method of verifying the data will be described in more detail as follows.

The client first receives the < RTI ID = 0.0 >

Figure 112014082815531-pat00012
Verify that this is a legitimate signature. Once you have passed the verification process,
Figure 112014082815531-pat00013
The validity of the value of r i included in equation (1) is verified as follows.

In other words, the client can obtain

Figure 112014082815531-pat00014
The value of
Figure 112014082815531-pat00015
Value is equal to the value of the reference value. Finally, when the client is d = c
Figure 112014082815531-pat00016
The value of
Figure 112014082815531-pat00017
And confirms the validity of r i .

The client acknowledges the validity of the corresponding data only when the corresponding signature value is valid and the random number value contained therein is valid.

FIG. 8 is a flowchart illustrating a data update method in a verifiable data management method according to an embodiment of the present invention. Referring to FIG. That is, FIG. 8 shows a case where the client desires to update its i-th data.

Referring to FIG. 8, if the verification result of the i-th data is valid (see FIG. 6), the client calculates a new random number value using the pseudo-random number function in step 810.

Next, in step 820, the client generates a signature for the operation result data of the new random number and the new i-th data.

Next, in step 830, the client changes the random number stored in the i-th node to the new random number.

Next, in step 840, the client newly calculates the value of each node included in the verification value from the changed new random number value, and calculates the value of the root node held by the client.

Next, in step 850, the client sends the computation result data of the new random number and the new i-th data, the signature, and the value of the calculated root node to the server.

Next, in step 860, the server newly calculates the value of each node included in the verification value from the changed new random number value, and calculates the value of the root node held by the server.

Next, in step 870, the server compares the value of the root node held by the server with the value of the root node transmitted from the client.

If the two values are the same (Yes in 880), the server completes updating the i-th data in step 890.

A method of updating the data will be described in more detail as follows.

When the client wishes to update the i-th data, it first uses the Search algorithm (see Fig. 5)

Figure 112014082815531-pat00018
Th data and the? I value therefrom are received from the server and verified by the Verify algorithm (see FIGS. 6 and 7).

If the verification passes, the client sends its new i-th data

Figure 112014082815531-pat00019
To the server, a new random number value
Figure 112014082815531-pat00020
And the data
Figure 112014082815531-pat00021
Signature for
Figure 112014082815531-pat00022
.

Thereafter, r i at the i-th node of the hash binary tree

Figure 112014082815531-pat00023
, And changes the value of each node included in? I to the changed
Figure 112014082815531-pat00024
And calculates the value of the new root node.

That is, for d = 1, ..., c

Figure 112014082815531-pat00025
The value of the newly calculated
Figure 112014082815531-pat00026
, And finally if d = c, the client owns
Figure 112014082815531-pat00027
Lt; RTI ID = 0.0 >
Figure 112014082815531-pat00028
.

To reflect this to the server, the client does not need to transmit all intermediate values,

Figure 112014082815531-pat00029
,
Figure 112014082815531-pat00030
And the value of the root node, and the server compares the value of the root node received from the client with the value of the root node received from the updated node in the same manner as the client, and finishes updating in the same case.

In this process, the higher nodes from the node where the random number change occurs to the root node update the hash values changed by the changed new random number value. That is, for d = 1, ..., c as above,

Figure 112014082815531-pat00031
The value of the newly calculated
Figure 112014082815531-pat00032
.

9 to 14 are block diagrams illustrating a verifiable data management system according to an embodiment of the present invention.

9, a verifiable data management system 900 according to an exemplary embodiment of the present invention includes a data setting unit 910, a data upload unit 920, a data search unit 930, a data verification unit 940, And a data update unit 950. [0064]

The data setting unit 910 may include a first data setting unit 1010, a hash binary tree forming unit 1020, and a second data setting unit 1030 as shown in FIG.

The first data setting unit 1010 is disposed in the client. The first data setting unit 1010 sets a security parameter and a maximum number of storable data, and generates a signature key, an authentication key, and a pseudo-random number function based on the set security parameter. The first data setting unit 1010 transfers the acknowledgment key and the pseudo-random number function from the generated data to the server.

The hash binary tree configuration unit 1020 is disposed in the server and the client. The hash binary tree structure unit 1020 constructs a hash binary tree having the maximum number of bits using the pseudo-random number function and the hash function.

To this end, the hash binary tree configuration unit 1020 calculates the values of each node except for the lowest node by using two random number values and two hash functions having the values of two child nodes as parameters, The hash binary tree can be constructed by connecting each node including the lowest node with the correlation from the root node to the lowest node using the relationship between the parent node and the child node.

The second data setting unit 1030 is disposed in the client. The second data setting unit 1030 receives the value of the root node of the hash binary tree from the server and compares the value of the root node with the value of the root node calculated by the second data setting unit 1030, do.

Next, the data upload unit 920 may be performed when the client desires to store its i-th data in the server. The data upload unit 920 may include a first data upload unit 1110 and a second data upload unit 1120.

The first data upload unit 1110 may be disposed in the client. The first data upload unit 1110 calculates a random number using the pseudo-random number function, generates a signature for the random number and the operation result data of the i-th data using the signature key, Lt; / RTI >

The second data upload unit 120 may be disposed in the server. The second data upload unit 120 verifies whether the signature is valid for the operation result data using the confirmation key, and if the signature is valid, the operation result data and the signature are transmitted to the hash binary It can be stored with the node value stored in the i-th node of the tree.

Next, the data retrieval unit 930 may be performed when the client desires to retrieve the i-th data. The data retrieving unit 930 may include a receiving unit 1210, a searching unit 1220, and a transmitting unit 1230.

The receiving unit 1210 may be disposed in the server. The receiver 1210 may receive the i-th index from the client.

The search unit 1220 may be disposed in the server. The search unit 1220 can search the operation result data and signature stored in the i-th node in the hash binary tree using the index received from the receiver 1210. In addition, the search unit 1220 can search random number values and hash values stored in the upper nodes of the i-th node.

The transmitting unit 1230 may transmit the searched random number value and the hash value together with the operation result data and the signature to the client as the verification value.

Next, the data verification unit 940 may be performed when the client desires to verify the validity of the i-th data. The data verification unit 940 may include a first verification unit 1310, a second verification unit 1320, and a verification completion unit 1330.

The first verification unit 1310 may be disposed in the client. The first verifying unit 1310 may first verify whether the verification value transmitted from the server is a legitimate signature.

The second verification unit 1320 may be disposed in the client. If the first verification result is a valid signature, the second verification unit 1320 can verify the validity of the random number value of the calculation result data included in the verification value.

To this end, the second verifying unit 1320 may compare the value stored in each node of the hash binary tree with the value of each node received from the server to check whether they are the same. Also, the second verifying unit 1320 may compare the value stored in the root node of the hash binary tree with the value of the root node owned by the second verifying unit 1320 to determine whether they are the same.

The second verifying unit 1320 can verify the validity of the random number based on the first and second comparison results. That is, if it is determined that both the first and second comparison results are identical, the second verification unit 1320 may verify that the random number is valid, and if the first and second comparison results are not identical The verification of the random number value may not be valid.

The verification completion unit 1330 may be disposed in the client. If the value of the random number is valid as a result of the second verification, the verification completion unit 1330 can recognize the validity of the i-th data. That is, the verification completion unit 1330 can finally verify that the i-th data is valid.

Next, the data update unit 950 may be performed when the client desires to update the i-th data. The data updating unit 950 may include a first data updating unit 1410 and a second data updating unit 1420.

The first data update unit 1410 may be disposed in the client. If the verification result of the i-th data is valid, the first data updater 1410 calculates a new random number using the pseudo-random number function, and outputs the new random number and the new i- You can create a signature for it.

The first data update unit 1410 changes the random number stored in the i-th node to the new random number, newly computes the value of each node included in the verification value from the changed new random number, It is possible to calculate the value of the held root node.

The first data updater 1410 may transmit the calculation result data of the new random number and the new i-th data, the signature, and the value of the calculated root node to the server.

The second data update unit 1420 may be disposed in the server. The second data updater 1420 can calculate the value of the root node of the new value by newly calculating the value of each node included in the verification value from the changed new random number value.

The second data updater 1420 compares the value of the root node held by the second data updater 1420 with the value of the root node transmitted from the client, and if the two values are the same, the update of the i-th data is completed can do.

Embodiments of the present invention include computer readable media including program instructions for performing various computer implemented operations. The computer-readable medium may include program instructions, local data files, local data structures, etc., alone or in combination. The media may be those specially designed and constructed for the present invention or may be those known to those skilled in the computer software. Examples of computer-readable media include magnetic media such as hard disks, floppy disks and magnetic tape, optical recording media such as CD-ROMs and DVDs, magneto-optical media such as floppy disks, and ROMs, And hardware devices specifically configured to store and execute the same program instructions. Examples of program instructions include machine language code such as those produced by a compiler, as well as high-level language code that can be executed by a computer using an interpreter or the like.

While the present invention has been described in connection with what is presently considered to be practical exemplary embodiments, it is to be understood that the invention is not limited to the disclosed embodiments. Therefore, the scope of the present invention should not be limited to the described embodiments, but should be determined by the scope of the appended claims and equivalents thereof.

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments, but, on the contrary, Modification is possible. Accordingly, the spirit of the present invention should be understood only in accordance with the following claims, and all equivalents or equivalent variations thereof are included in the scope of the present invention.

910: Data setting section
920: Data upload unit
930: Data retrieval unit
940:
950:
1010: first data setting unit
1020: a hash binary tree constituent unit
1030: second data setting unit
1110: First data upload unit
1120: second data upload unit
1210:
1220:
1230:
1310: First verification unit
1320: Second verification unit
1330: verification completion unit
1410:
1420: second data update unit

Claims (15)

Setting a security parameter and a maximum number of storable data of the client;
The client generating a signature key, a verification key and a pseudo-random number function based on the set security parameters;
The client transmitting the acknowledgment key and the pseudo-random number function to a server;
The server and the client constructing a hash binary tree having the set maximum number using the pseudo-random number function and the hash function;
The client receiving a value of a root node of the hash binary tree from the server and comparing the value of the root node with the value of the root node calculated by the client; And
If the comparison result is matched, the client stores the value of the root node
The method comprising the steps of:
The method according to claim 1,
The step of constructing the hash binary tree
Calculating a value of each node excluding the lowest node by using two random number values and two hash functions having parameters of two child nodes as parameters, respectively; And
Constructing the hash binary tree by concatenating the nodes from the root node to the lowest node using the relationship between the parent node and the child node including the lowest node,
The method comprising the steps of:
The method according to claim 1,
If the client wishes to store its i-th data in the server,
The client calculating a random number using the pseudo-random number function;
Generating a signature for the random number and the operation result data of the i-th data using the signature key, and transmitting the signature to the server;
Verifying that the signature is valid for the calculation result data by using the confirmation key; And
If the signature is valid, the server stores the computation result data and the signature together with the node value stored in the ith node of the hash binary tree
≪ / RTI >
The method according to claim 1,
When the client desires to retrieve the i-th data,
Receiving, by the server, the i-th index from the client;
Searching the computation result data and signature stored in the i-th node in the hash binary tree using the index; And
The server searches for a random number value and a hash value respectively stored in the upper nodes of the i-th node and transmits the random number value and the hash value to the client together with the operation result data and the signature as a verification value
≪ / RTI >
The method according to claim 1,
If the client desires to verify the validity of the i-th data,
Verifying whether the client is a valid signature for a verification value transmitted from the server;
If the first verification result is a valid signature, verifying the validity of the random number value of the calculation result data included in the verification value by the client; And
If the value of the random number is valid as a result of the second verification, the client recognizes the validity of the i-th data
≪ / RTI >
6. The method of claim 5,
The second verifying step
Comparing the value stored in each node of the hash binary tree with the value of each node received from the server and confirming whether the same value is the same;
Comparing the value stored in the root node of the hash binary tree with the value of the root node owned by the client and confirming whether the value is the same; And
Wherein the client verifies the validity of the random number value based on the first and second comparison results
The method comprising the steps of:
6. The method of claim 5,
If the client wishes to update the i-th data,
Calculating a new random number value using the pseudo-random number function if the verification result of the i-th data is valid;
Generating a signature for the computation result data of the new random number and the new i-th data;
Changing the random number stored in the i-th node to the new random number;
The client newly calculating a value of each node included in the verification value from the changed new random number value and calculating a value of the root node held by the client;
Sending, by the client, the computation result data of the new random number and the new i-th data, the signature, and the value of the computed root node to the server;
The server newly calculating a value of each node included in the verification value from the changed new random number value and calculating a value of the root node held by the server; And
The server compares the value of the root node held by the server with the value of the root node transmitted from the client, and if the two values are the same, completing the updating of the i-th data
≪ / RTI >
8. The method of claim 7,
Upon updating the i-th data,
And the server updates the hash value of the upper nodes from the node where the random number value is changed to the root node according to the changed new random number value.
A security parameter and a maximum number of storable data, generating a signature key, a confirmation key and a pseudo-random number function based on the set security parameters, and transmitting the confirmation key and the pseudo-random number function to a server A first data setting unit for setting the first data;
A hash binary tree constructing unit arranged in the server and the client, the hash binary tree constructing the hash binary tree having the set maximum number by using the pseudo-random number function and the hash function; And
A second node for receiving the value of the root node of the hash binary tree from the server and for comparing the value of the root node with the value of the root node calculated by the second node, Setting section
Wherein the verifiable data management system comprises:
10. The method of claim 9,
The hash binary tree structure unit
Calculating a value of each node excluding the lowest node by using two hash functions each having a random number value and a value of two child nodes as parameters, and calculating each node including the lowest node as a parent node and child Wherein the hash binary tree is constructed by connecting the root node to the lowest node using a relation of the nodes so as to have a correlation.
10. The method of claim 9,
If the client wishes to store its i-th data in the server,
A first random number generator that is disposed in the client and calculates a random number using the pseudo-random number function, and generates a signature for the random number and the operation result data of the i-th data using the signature key, A data uploading unit; And
Wherein the verification result data and the signature are stored in the server when the verification result indicates that the signature is valid for the computation result data using the verification key, And a second data upload unit
Further comprising: < RTI ID = 0.0 > a < / RTI >
10. The method of claim 9,
When the client desires to retrieve the i-th data,
The server receives the index corresponding to the ith node from the client and searches the operation result data and signature stored in the ith node in the hash binary tree using the index, And a data retrieval unit for retrieving the hash value and the random number value stored in the upper nodes of the retrieval result data,
Further comprising: < RTI ID = 0.0 > a < / RTI >
10. The method of claim 9,
If the client desires to verify the validity of the i-th data,
A verification unit configured to verify whether or not a verification value transmitted from the server is a valid signature by performing a first verification of the validity of the random number value of the calculation result data included in the verification value, Verifies the validity of the i-th data if the value of the random number is valid as a result of the second verification,
Further comprising: < RTI ID = 0.0 > a < / RTI >
14. The method of claim 13,
The data verifying unit
A first comparison is made between a value stored in each node of the hash binary tree and a value of each node received from the server to check whether they are the same and whether the value stored in the root node of the hash binary tree, And verifies the validity of the random number based on the first comparison result and the second comparison result.
14. The method of claim 13,
If the client wishes to update the i-th data,
And if the validity of the i-th data is confirmed, calculates a new random number using the pseudo-random number function, and generates a signature for the new random number and the operation result data of the new i-th data And changing the value of the random number stored in the i-th node to the new random number, calculating the value of each node included in the verification value from the changed new random number value, and calculating the value of the root node A first data updating unit for transmitting the new random number and the computation result data of the new i-th data, the signature, and the calculated value of the root node to the server; And
Calculating a new value of each node included in the verification value from the changed new random number value to calculate a value of the root node owned by the new node and comparing the value of the root node held by the server with the value of the root node A second data update unit for comparing the value of the received root node and completing the updating of the i-th data if the two values are the same,
Further comprising: < RTI ID = 0.0 > a < / RTI >
KR1020140114171A 2014-08-29 2014-08-29 Verifiable data management method and system KR101593674B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020140114171A KR101593674B1 (en) 2014-08-29 2014-08-29 Verifiable data management method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020140114171A KR101593674B1 (en) 2014-08-29 2014-08-29 Verifiable data management method and system

Publications (1)

Publication Number Publication Date
KR101593674B1 true KR101593674B1 (en) 2016-02-15

Family

ID=55357458

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020140114171A KR101593674B1 (en) 2014-08-29 2014-08-29 Verifiable data management method and system

Country Status (1)

Country Link
KR (1) KR101593674B1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018030707A1 (en) * 2016-08-10 2018-02-15 삼성에스디에스 주식회사 Authentication system and method, and user equipment, authentication server, and service server for performing same method
KR20180049455A (en) * 2016-11-02 2018-05-11 현대오토에버 주식회사 Method for certifying authenticity of module for vehicle and apparatus thereof
KR20210073354A (en) * 2019-12-10 2021-06-18 한국전자통신연구원 Method and system for replacing vehicle parts using in-vehicle network based on vehicle ethernet

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101287597B1 (en) 2012-01-26 2013-07-19 한남대학교 산학협력단 Service provider authentication method using hash tree

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101287597B1 (en) 2012-01-26 2013-07-19 한남대학교 산학협력단 Service provider authentication method using hash tree

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
Dominique Schroder 외 1인, ACM Conference on Computer and Communications Security (CCS) 2012, "Verifiable Data Streaming", (2012.10.16. 공개)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018030707A1 (en) * 2016-08-10 2018-02-15 삼성에스디에스 주식회사 Authentication system and method, and user equipment, authentication server, and service server for performing same method
KR20180049455A (en) * 2016-11-02 2018-05-11 현대오토에버 주식회사 Method for certifying authenticity of module for vehicle and apparatus thereof
KR101868227B1 (en) * 2016-11-02 2018-06-18 현대오토에버 주식회사 Method for certifying authenticity of module for vehicle and apparatus thereof
KR20210073354A (en) * 2019-12-10 2021-06-18 한국전자통신연구원 Method and system for replacing vehicle parts using in-vehicle network based on vehicle ethernet
KR102436138B1 (en) 2019-12-10 2022-08-26 한국전자통신연구원 Method and system for replacing vehicle parts using in-vehicle network based on vehicle ethernet

Similar Documents

Publication Publication Date Title
JP7235764B2 (en) Industrial data validation using a secure distributed ledger
EP3693886B1 (en) Optimizations for verification of interactions system and method
KR102238681B1 (en) Method of generating and verifying signature information and system thereof
CN109347868B (en) Information verification method, device and storage medium
JP5062775B2 (en) SEARCH METHOD, SEARCH DEVICE, INDEX GENERATION METHOD, INDEX GENERATION DEVICE
US8874921B2 (en) System and method for generating keyless digital multi-signatures
US11468044B2 (en) Optimizations for verification of interactions system and method using probability density functions
CN101251881A (en) Device, system and method for recognizing content
CN105247529A (en) Synchronizing credential hashes between directory services
CN108092766B (en) Ciphertext search authority verification method and system
CN111898164A (en) Data integrity auditing method supporting tag block chain storage and query
CN109660330B (en) Method and system for identity authentication on block chain
KR101424569B1 (en) Time based authentication system and method thereof
US11777732B2 (en) Token node locking
KR101593674B1 (en) Verifiable data management method and system
JP2004179724A (en) Server apparatus, certificate verifying method, program, and computer-readable recording medium recorded with the program
CN110830985B (en) 5G lightweight terminal access authentication method based on trust mechanism
CN117097476B (en) Data processing method, equipment and medium based on industrial Internet
CN110086795A (en) Authenticate the stream security exchange system based on certification tree under tree constructing method and cloud platform
KR101593675B1 (en) User data integrity verification method and apparatus
CN113378218A (en) Intellectual property data storage and authentication method based on block chain
CN103309973A (en) Method and system for inquiring verifiable outsourced data
CN116579026A (en) Cloud data integrity auditing method, device, equipment and storage medium
Junxiang et al. Dynamic provable data possession with batch-update verifiability
JP4543789B2 (en) Certificate verification information management method based on transactions

Legal Events

Date Code Title Description
E701 Decision to grant or registration of patent right
GRNT Written decision to grant
FPAY Annual fee payment

Payment date: 20190201

Year of fee payment: 4