CN103605784A - Data integrity verifying method under multi-cloud environment - Google Patents

Abstract

Disclosed is a data integrity verifying method under a multi-cloud environment. The data integrity verifying method comprises the following steps of preprocessing, challenging-responding, user verifying and dynamic upgrading. The first stage (preprocessing) is executed by a client side and comprises the steps of initializing, file partitioning, data label generating and file, label and public parameter storing. The second stage (challenging-responding) is an interaction process between a user and a cloud service provider, the user initiates a challenge to the cloud service provider before data upgrading or after data upgrading, a server makes a corresponding response and the user conducts integrity verifying according to the response made by the server. The third stage (user verifying) is executed by the user, when the user receives data P={P1, P2} returned by an organizer, the user obtains stored public parameters from a reliable third party, the integrity of the data stored in the cloud service provider is verified and if verification successes, accept is output and otherwise reject is output. In the fourth stage (dynamic upgrading), when the user needs to conduct dynamic operation on the data, the user works out new labels and sends the new labels to the organizer and then, the organizer conducts distributed storage.

Description

Data integrity verification method under a kind of multiple cloud environment

Technical field

The present invention relates to data integrity verification method under a kind of multiple cloud environment,, under a kind of multiple cloud storage environment, can support the data integrity verification method that open checking and Data Dynamic are upgraded, belong to cloud computing security fields.

Background technology

Cloud storage is a kind of online memory module, be that user's (client) and server (high in the clouds) are by certain agreement, the outsourcing data of oneself are stored in to high in the clouds, and this emerging storage mode, has dirigibility, low cost, the extensibility of cloud computing.User can access high in the clouds whenever and wherever possible, obtains the data of oneself; According to the mode of " pay as you go " (pay-as-you-go), the storage space using according to reality is paid, and has reduced the maintenance of data and the cost of memory device, and can expand according to the needs of storage.

Meanwhile, also there are many safety problems in cloud storage, and wherein, the integrality of high in the clouds data is one of hot issues of paying close attention to of user.User is stored in high in the clouds by data, has lost physically the control to data.Due to the attack of network, server machine failure and other reasons, the data that are stored in high in the clouds may be tampered, and delete etc.And cloud service provider is for other reasonses such as better prestige, may conceal the fact that data are made mistakes.

Existing research mainly concentrates on the data integrity checking under " single cloud storage service provider " environment, comprises the integrity verification scheme to the integrity verification of read-only data and supported data dynamic operation.And in the environment of multiple cloud storage, user is in order further to guarantee the availability of data, data are stored in respectively in a plurality of cloud storage service provider.Because scheme is before only for single cloud storage service provider, user can only carry out to a service provider integrity verification of data at every turn, so under multiple cloud environment, need to throw down the gauntlet respectively to each service provider, so not only execution efficiency is very low, and communication cost is very high.In the article < < Cooperative Provable Data Possession for Integrity Verification in Multicloud Storage > > that the people such as Yan Zhu deliver, CPDP scheme (list of references: Y.Zhu has been proposed, H.Hu, G.J.Ahn, M.Yu, " Cooperative Provable Data Possession for Integrity Verification in MultiCloud Storage ", IEEE Transactions on Parallel and Distributed Systems, 23 (12), 2012, 2231-2244), realized the data integrity checking under multiple cloud environment, but there is leak (list of references: Huaqun Wang in this scheme in design, Yuqing Zhang, " On the Knowledge Soundness of a Cooperative Provable Data Possession Scheme in Multicloud Storage ", IEEE Transactions on Parallel and Distributed Systems, 2013).Because the parameter π ' in the rreturn value of server and other cache oblivious, so server can utilize this parameter fabrication of evidence; In addition, in this scheme, carry out third party while openly verifying, third party need to know the position of each data block storage of user, and these data for user are a kind of potential threats.

The major technique theory that this method relates to is bilinear map.

The present invention has used the character of bilinear map, and the data block after processing is carried out to BLS signature (Boneh, the short signature scheme that Lynn and Shacham propose are called for short BLS signature scheme), finally signature is verified.Being described below of bilinear map:

If G, G _trespectively that rank are that p(p is prime number) multiplicative group, the generator that g is G, definition bilinear map is e:G * G → G _t, and meet characteristic:

(1) bilinearity.If u, v ∈ Z _p, meet e (g ^u, g ^v)=e (g, g) ^uv.

(2) non-degeneracy.e(g,g)≠1。

(3) calculability.For u ∈ Z _p, exist an efficient algorithm to calculate e (g, g ^u).

Summary of the invention

(1) goal of the invention

For problems of the prior art, the object of this invention is to provide data integrity verification method under a kind of multiple cloud environment, i.e. a kind of data integrity verification method that is applied to support under multiple cloud environment open checking and Data Dynamic renewal.User can carry out integrity verification to the data that are stored in a plurality of cloud service provider.The present invention has utilized based on the right BLS signature technology of bilinearity and homomorphism polymerization technique, can realize efficiently, safely integrity verification, and supports that third party carries out open checking.

(2) technical scheme

Communication process comprises three network entities, user, trusted third party, a plurality of service provider.Wherein, in a plurality of service providers, specify an organizer (Organizer) directly and other cloud service provider communicates.Below with reference to accompanying drawing, the technical scheme of described integrity verification scheme is set forth.

Data integrity verification method under a kind of multiple cloud environment of the present invention, it comprise pre-service, Tiao Zhan ?response, user rs authentication, dynamically update four-stage, its concrete practice and step are as follows:

stage one (pre-service): by client executing, comprise initialization, file block, the generation of data label, four steps of storage of file, label, open parameter, are the operations that user carried out before storage data;

Step 1.1(initialization): initial phase is a probabilistic key schedule of operation, can be expressed as: KeyGen (1 ^λ) → { sk, pk}, it is input as security parameter λ, is output as PKI pk and private key sk, and user retains sk, open pk;

Step 1.2(file block): the data file F that user will store a plurality of cloud servers into is divided into n piece, each piece is s part; Algorithm can be expressed as F → { m _ij} _{n * s}, wherein m is data block;

The generation of step 1.3(data label): user is the random individual disclosed parameters u of s of selecting in group G ₁..., u _s, calculate each data block m _i(i=1...n) corresponding label σ _ik, obtain the set σ of all labels; Available algorithm is expressed as: TagGen (sk, pk, F) → { σ };

The storage of step 1.4(file, label, open parameter): user sends to the organizer in the service provider of high in the clouds by data file F and corresponding label, organizer is according to the storage condition of data block, by each data block and corresponding tag storage in each cloud service provider;

stages two (Tiao Zhan ?response): Tiao Zhan ?response phase be a mutual process of user and cloud service provider, no matter be before Data Update, or after upgrading, user can initiate challenge (being integrality verification request) to cloud service provider, server is according to challenge, make corresponding response, integrity verification is carried out in the response that user gives according to server.This stage comprises that user initiates to challenge, organizer forwards challenge, cloud service business generates evidence, organizer's polymerization evidence four-stage;

Step 2.1(user initiates challenge): be the process that user generates challenge, can be expressed as: Challenge (chal) is when user wants to verify the integrality of the data that are stored in a plurality of service providers in high in the clouds, and user generates challenge chal=Q and sends to organizer;

Step 2.2(organizer forwards challenge): organizer is transmitted to service provider CSP according to the data block of challenge by the challenge chal=Q receiving _k, can be expressed as Forward (chal);

Each cloud service provider of step 2.3(generates evidence):,

The CSP of cloud service provider _k(k ∈ [1, l]) receives after the chal that organizer forwards, calculation of integrity evidence P _kand returning to organizer, algorithmic notation is GenProof (pk, Q, m _i, σ _ix) → { P _k}

Step 2.4(organizer polymerization evidence): the data that each cloud service provider of organizer's polymerization returns also return to user by polymerization result;

stage three (user rs authentication): by user, carried out, user receives the data P={P that organizer returns ₁, P ₂shi，Cong trusted third party place can obtain the open parameter of storage, whether the data of checking cloud service provider storage are complete, if be proved to be successful, exported accept(and accept), otherwise output reject(refusal);

stage four (dynamically updating): when user need to carry out dynamic operation to data, user calculates the label making new advances and sends to organizer, and organizer carries out distributed storage again.

(3) advantage and effect

Data integrity verification method under a kind of multiple cloud environment of the present invention, be that the integrity verification scheme with Data Dynamic operation is openly verified in support under a kind of multiple cloud environment, this scheme relates to the storage of data on a plurality of Cloud Servers, the disclosed completeness check of data, be stored in dynamically updating of high in the clouds data, its effect and advantage are: 1) utilized based on the right BLS signature technology of bilinearity and homomorphism polymerization technique, can realize efficiently, safely the integrity verification of high in the clouds data.2) support open checking.3) interaction data amount is little, and communication overhead is O (1), and user's local memory space is only also O (1).4) user can initiate integrity verification challenge to a plurality of Cloud Servers simultaneously, and challenge number of times is unrestricted.5) dynamically updating of supported data, comprises the modification of data, deletes etc.

Accompanying drawing explanation

Fig. 1 is FB(flow block) of the present invention;

Fig. 2 is network entity figure of the present invention;

Wherein, CSP1 and CSP2 represent two different cloud service providers, and one of Organizer Ye Shi cloud service provider is used for coordinates user and each cloud service provider.

Fig. 3 is the exemplary plot of data storage method of the present invention;

Wherein, CSP1, CSP2, CSP3 and CSP4 represent four different cloud service providers, m1, and m2 ..., m9 represents the data block that user will store.Line represents that this data block is stored in corresponding cloud service provider.Note, a blocks of data may be stored in a plurality of cloud service provider.

Fig. 4 is the calculating schematic diagram of data of the present invention and label;

Wherein, m _i(i=1...n) represent the data block that file is divided into; Each piece is divided into s part, and every part is expressed as m _ij(i=1...n; J=1..s); u _i(i=1...s) represent user's the open parameter of choosing at random; num _i(i=1...n) represent the umber of data block storage; σ _ij(i=1...n; J=1..num _i) expression data block m _icorresponding num _iindividual label.

Embodiment

The present invention includes three network entities, user, trusted third party, a plurality of cloud service providers (cloud service providers, CSPs).Wherein, in a plurality of service providers, specify an organizer (Organizer), as shown in Figure 2.In the present invention, user, by after file block, stores in a plurality of CSP, and corresponding one of them data block may be stored in a plurality of cloud service provider, has provided the example of a data storage method in Fig. 3.Below with reference to accompanying drawing, described data integrity verification method is described in detail, Fig. 1 is FB(flow block) of the present invention; Fig. 2 is network entity figure of the present invention; Fig. 3 is the exemplary plot of data storage method of the present invention; Fig. 4 is the calculating schematic diagram of data of the present invention and label.

Main symbol and concept:

(1) π=(p, G, G _t, e, g) and be systematic parameter, wherein, p is large prime number, is the rank of cyclic group G; E:G * G → G _tfor nonsingular bilinear map.G=<g>, the generator that g is G.

(2) l is the number of cloud service provider, is expressed as: { CSP ₁, CSP ₂..., CSP _l}

(3) F is the file that user need to store, F _nbe file F filename, be divided into n piece, each piece has been divided into s part, $F={\left\{m_{\mathrm{ij}}\right\}}_{n\&times;s}\&Element;Z_p^{n\&times;s}.$

(4) Q is the challenge that user generates, and user chooses c blocks of data and weighting coefficient a corresponding to every blocks of data at every turn at random _j(j=1..c) as challenge.That is: Q={ (i _j, a _j), j=1...c, i _j∈ [1, n], a _j∈ Ζ _p,

(5) H:{0,1} ^*→ G is a hash function, and the input of random length is mapped on crowd G.

Data integrity verification method under a kind of multiple cloud environment of the present invention, be the integrity verification scheme that support is openly verified and Data Dynamic operates under a kind of multiple cloud environment, this scheme relates to technical scheme can be divided into pre-service, challenge-response, user rs authentication, Data Update four-stage.See Fig. 1, data integrity verification method under the multiple cloud environment of the present invention, the method concrete steps are as follows:

Stage one: pretreatment stage

In this stage, the calculating of the piecemeal of data and the label of each data block as shown in Figure 4.

Step 1.1: (KeyGen (1 in initialization ^λ) → { sk, pk})

User selects security parameter λ, generation system parameter π and H.At Ζ _pin the random α that selects as user's private key, in group G, calculate v ← g ^αpKI as use.pk={v,g}，sk={α}

Step 1.2: file block (F → { m _ij} _{n * s})

The data file F that user will store a plurality of cloud servers into is divided into n piece, and each piece is s part, and file F can be expressed as:

$F=\left[\begin{array}{c}{m}_1\\ {\mathrm{<figure-callout\; id="2"\; label="m"\; filenames="HDA0000425816080000021.png"\; state="\{\{state\}\}">m</figure-callout>}}_2\\ .\\ .\\ .\\ m_n\end{array}\right]=\left[\begin{array}{cccc}{m}_{11}& m_{12}& ...& m_{1s}\\ m_{21}& m_{22}& ...& m_{2s}\\ .& .& & .\\ .& .& & .\\ .& .& ...& .\\ m_{n1}& m_{n1}& & m_{\mathrm{ns}}\end{array}\right],m_{\mathrm{ij}}\&Element;Z_p$

If each data block m _i(i=1...n) the corresponding total umber being stored in each service provider is respectively num _i(i=1...n), update times corresponding to each data is V _i(i=1...n). V wherein _i(i=1...n) initial value is 0, might as well use χ _i=i||num _i|| V _i(i=1 ... n) represent, || be connector.

Step 1.3: generating labels (TagGen (sk, pk, F) → { σ })

User is the random individual disclosed parameters u of s of selecting in group G ₁..., u _s, calculate each data block m _i(i=1...n) corresponding label ${\mathrm{\&sigma;}}_{\mathrm{ik}}\&LeftArrow;{(H\left(F_n\right|\left|i\right|\left|k\right|\left|V_i\right)\&CenterDot;\underset{j=1}{\overset{s}{\mathrm{\&Pi;}}}{u}_j^{m_{\mathrm{ij}}})}^{\mathrm{\&alpha;}},\mathrm{for}(k=1,...,\mathrm{nu}{m}_i).$ Obtain the set σ of all labels.

Step 1.4: the storage of file, label, open parameter:

User sends to the organizer in the service provider of high in the clouds by file F and corresponding label, organizer is according to the storage condition of data block, by each data block and corresponding tag storage in each cloud service provider, for the data block of many parts of storages, every a corresponding label.Data block m for example _i(i=1 ..., n) stored altogether num _ipart, a total num _iindividual label, i.e. each storage data m _iservice provider, also need to store num _isome label σ in individual label _ik(k ∈ [1, num _i]).User sends to believable third party's storage by open parameter ψ=(u, the χ) producing in computation process, wherein, and u={u ₁..., u _s, χ={ χ ₁..., χ _n.User oneself stores private key sk.

Stage two: challenge-response

In this stage, user and organizer, each service provider's interactive operation flow process is divided into 4 steps.

Step 2.1: user initiates to challenge Challenge (chal)

When user wants to verify the integrality of the data that are stored in a plurality of service providers in high in the clouds, user initiates challenge to organizer: user generates a challenge chal=Q={ (i _j, a _j), j=1...c, i _j∈ [1, n], a _j∈ Ζ _p(value of at every turn challenging Q is different), send to organizer.

Step 2.2: organizer forwards user's challenge Forward (chal)

Organizer is according to the data block m of challenge _i(i ∈ [1, n]), is transmitted to service provider CSP by the challenge chal=Q receiving _k(k ∈ [1, l]), wherein, CSP _kthere is data m _i.Might as well establish total t the data that CSP has stored user's random challenge.

Step 2.3: each service provider CSP _kgenerate evidence GenProof (pk, Q, m _i, σ _ix) → { P _kservice provider CSP _k(k ∈ [1, l]) receives after the chal that organizer forwards, calculates: ${\mathrm{<figure-callout\; id="1"\; label="p"\; filenames="HDA0000425816080000021.png"\; state="\{\{state\}\}">p</figure-callout>}}_{1\mathrm{kj}}=\underset{m_i\&Element;\mathrm{CS}{P}_k}{\mathrm{\&Sigma;}}{a}_i{m}_{\mathrm{ij}}\mathrm{mod}p(j=1...s),p_{2k}\&LeftArrow;\underset{m_i\&Element;\mathrm{CS}{P}_k}{\mathrm{\&Pi;}}{\mathrm{\&sigma;}}_{\mathrm{ix}}^{a_i}\&Element;G$ By the result P calculating _k={ p _1k, p _2k, p _1k={ p _1k1, p _1k2..., p _1ksreturn to organizer.

Step 2.4: each service provider's of organizer's polymerization the data Aggregation returning (pk, Q, P ₁, P ₂.., P _t) → { P}

Organizer receives all t CSP _kafter the data of returning, calculate: $P_{1j}=\underset{i=1}{\overset{\mathrm{<figure-callout\; id="1"\; label="t\; p"\; filenames="HDA0000425816080000021.png"\; state="\{\{state\}\}">t</figure-callout>}}{\mathrm{\&Sigma;}}}{p}_{}{}_{1\mathrm{ij}}\mathrm{mod}p(j=\mathrm{1,2},...,s),{\mathrm{<figure-callout\; id="2"\; label="P"\; filenames="HDA0000425816080000021.png"\; state="\{\{state\}\}">P</figure-callout>}}_2\&LeftArrow;\underset{i=1}{\overset{t}{\mathrm{\&Pi;}}}{p}_{2i}\&Element;G,$ By the result P={P calculating ₁, P ₂return to user, wherein, P ₁={ P ₁₁, P ₁₂..., P _1s.

Stage three: user's checking

User receives the data P={P that organizer returns ₁, P ₂shi，Cong trusted third party place can obtain open parameter ψ=(u, the χ) of storage, checking equation:

$e({\mathrm{<figure-callout\; id="2"\; label="P"\; filenames="HDA0000425816080000021.png"\; state="\{\{state\}\}">P</figure-callout>}}_2,g)=e(\underset{(i,a_i)\&Element;Q}{\mathrm{\&Pi;}}\underset{k=1}{\overset{\mathrm{nu}{m}_i}{\mathrm{\&Pi;}}}H{\left(F_n\right|\left|i\right|\left|k\right|\left|V_i\right)}^{a_i}\underset{j=1}{\overset{s}{\mathrm{\&Pi;}}}{u}_j^{p_{1j}},v)$

If equation is set up, the data that service provider stores is described are complete, output accept.Otherwise, output reject.

Stage four: Data Update

User needs more new data m _iduring → m', only need to change χ _i=i & num _i|| V _iin V _i=V _i+ 1, then calculate the label making new advances: $\mathrm{new}\_{\mathrm{\&sigma;}}_{\mathrm{ik}}\&LeftArrow;{(H\left(F_n\right|\left|i\right|\left|k\right|\left|V_i\right)\&CenterDot;\underset{j=1}{\overset{s}{\mathrm{\&Pi;}}}{u}_j^{{m\&prime;}_j})}^{\mathrm{\&alpha;}},\mathrm{for}(k=1,...,\mathrm{nu}{m}_i),$ By the χ after upgrading _iwith corresponding label σ _ik(k=1 ..., numi) send to organizer, organizer carries out distributed storage again.

In sum, the present invention designed a data integrity verification model that is applicable to multiple cloud storage, based on this model, adopts and based on bilinearity right BLS signature technology, realized user and verify being stored in the integrality of the data of a plurality of cloud storage service provider.In method enforcement, first user carries out piecemeal by file, according to each blocks of data storage and the total quantity of each server, calculate afterwards the label of corresponding number, and file and label are sent to the organizer of cloud server, organizer stores corresponding file and corresponding label respectively again, in addition the parameter that user uses tag computation process sends to believable third party, by believable third party's keeping.When user need to verify the integrality of the data that are stored in a plurality of service providers, user initiates challenge to organizer, organizer challenges according to this, be transmitted to respectively corresponding service provider, service provider, after receiving challenge, calculates corresponding response according to the data of challenge and storage, and response is sent to organizer, organizer assembles after all responses of receiving, sends to user.Finally, the parameter that user provides according to organizer's response message and trusted third party, verifies the integrality of data.Employing in the present invention the technology of homomorphism polymerization, can under multiple cloud environment, to a plurality of service providers, throw down the gauntlet simultaneously, and can realize the dynamic operation of open checking and data.Communication overhead of the present invention is little, and efficiency and the accuracy of checking are high, and checking number of times is unrestricted.

Claims (1)

1. a data integrity verification method under multiple cloud environment, is characterized in that: it comprises pre-service, challenge-response, user rs authentication, dynamically updates four-stage, and its concrete practice and step are as follows:

stage one pre-service: by client executing, comprise initialization, file block, the generation of data label, four steps of storage of file, label, open parameter, are the operations that user carried out before storage data;

Step 1.1 initialization: initial phase is a probabilistic key schedule of operation, is expressed as: KeyGen (1 ^λ) → { sk, pk}, it is input as security parameter λ, is output as PKI pk and private key sk, and user retains sk, open pk;

Step 1.2 file block: the data file F that user will store a plurality of cloud servers into is divided into n piece, each piece is s part; Algorithmic notation is F → { m _ij} _{n * s}, wherein m is data block;

The generation of step 1.3 data label: user is the random individual disclosed parameters u of s of selecting in group G ₁..., u _s, calculate each data block m _i(i=1...n) corresponding label σ _ik, obtain the set σ of all labels; With algorithmic notation, be: TagGen (sk, pk, F) → { σ };

The storage of step 1.4 file, label, open parameter: user sends to the organizer in the service provider of high in the clouds by data file F and corresponding label, organizer is according to the storage condition of data block, by each data block and corresponding tag storage in each cloud service provider;

stages two challenge-response: the challenge-response stage is a mutual process of user and cloud service provider, no matter be before Data Update, or after upgrading, it is integrality verification request that user initiates challenge to cloud service provider, server is according to challenge, make corresponding response, integrity verification is carried out in the response that user gives according to server; This stage comprises that user initiates to challenge, organizer forwards challenge, cloud service business generates evidence, organizer's polymerization evidence four-stage;

Step 2.1 user initiates challenge: be the process that user generates challenge, be expressed as: Challenge (chal) is when user wants to verify the integrality of the data that are stored in a plurality of service providers in high in the clouds, and user generates challenge chal=Q and sends to organizer;

Step 2.2 organizer forwards challenge: organizer is transmitted to service provider CSP according to the data block of challenge by the challenge chal=Q receiving _k, be expressed as Forward (chal);

Each cloud service provider of step 2.3 generates evidence: the CSP of cloud service provider _k(k ∈ [1, l]) receives after the chal that organizer forwards, calculation of integrity evidence P _kand returning to organizer, algorithmic notation is GenProof (pk, Q, m _i, σ _ix) → { P _k;

Step 2.4 organizer polymerization evidence: the data that each cloud service provider of organizer's polymerization returns also return to user by polymerization result;

stages three user rs authentication: by user, carried out, user receives the data P={P that organizer returns ₁, P ₂shi，Cong trusted third party place obtains the open parameter of storage, whether the data of checking cloud service provider storage are complete, if be proved to be successful, exported accept and accept, otherwise output reject refuses;

stage four dynamically updates: when user need to carry out dynamic operation to data, user calculates the label making new advances and sends to organizer, and organizer carries out distributed storage again.

Images