CN104980437A - Identity-based authorized third party data integrity proving method - Google Patents

Identity-based authorized third party data integrity proving method Download PDF

Info

Publication number
CN104980437A
CN104980437A CN201510322919.7A CN201510322919A CN104980437A CN 104980437 A CN104980437 A CN 104980437A CN 201510322919 A CN201510322919 A CN 201510322919A CN 104980437 A CN104980437 A CN 104980437A
Authority
CN
China
Prior art keywords
authorization
party
user
data
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510322919.7A
Other languages
Chinese (zh)
Other versions
CN104980437B (en
Inventor
赵洋
熊虎
陈阳
任华强
包文意
岳峰
王士雨
吴世坤
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sichuan Jietong Transportation Technology Co ltd
Original Assignee
University of Electronic Science and Technology of China
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by University of Electronic Science and Technology of China filed Critical University of Electronic Science and Technology of China
Priority to CN201510322919.7A priority Critical patent/CN104980437B/en
Publication of CN104980437A publication Critical patent/CN104980437A/en
Application granted granted Critical
Publication of CN104980437B publication Critical patent/CN104980437B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses an identity-based authorized third party data integrity proving method. The method is designed based on double-line pair and identity encryption technologies. By embedding user authorization evidence into generation of a data block tag to be stored, the purpose that only the third party with user authorization can complete remote data integrity checking is achieved. The invention puts forward an identity-based authorized third party proving method beyond the existing remote data private verification and public verification, and meets the need for privacy protection while realizing user-entrusted verification. In addition, the method ensures the fairness between a data owning party and a data storing party. The data storing party inspects a data block-tag pair uploaded by the data owning party in order to prevent malicious users from uploading wrong data and unreasonable claim over the storing party caused thereby.

Description

一种基于身份的授权第三方数据完整性证明方法An Identity-Based Authorized Third-Party Data Integrity Proof Method

技术领域 technical field

本发明涉及信息安全技术。 The present invention relates to information security technology.

背景技术 Background technique

云计算是信息技术发展的重要方向,是大数据时代的基础性技术。它以所具有的强大的计算与存储能力和可为用户提供按需服务等众多优点成为当前信息产业发展的热点方向,并逐步应用于实际。 Cloud computing is an important direction for the development of information technology and a basic technology in the era of big data. It has become a hot spot in the development of the current information industry due to its powerful computing and storage capabilities and its ability to provide users with on-demand services, and it has been gradually applied in practice.

云存储作为云计算的重要组成部分,已经开始被广泛接受与使用。用户可根据自己的需要将数据存储在远程云服务器上,以减少硬件购买与维护的负担,同时还可以获得随时访问的便利。然而,正是由于用户并不实际存储数据,这种不可控性给用户带来了数据安全的风险。 As an important part of cloud computing, cloud storage has begun to be widely accepted and used. Users can store data on remote cloud servers according to their own needs, so as to reduce the burden of hardware purchase and maintenance, and at the same time gain the convenience of accessing at any time. However, precisely because users do not actually store data, this uncontrollability brings data security risks to users.

云服务提供商由于其自身的利益或其他原因可能并不能正确的、完整的存储用户数据,这时如何进行远程数据完整性检验就变的非常重要。 The cloud service provider may not store user data correctly and completely due to its own interests or other reasons, and how to perform remote data integrity verification becomes very important at this time.

根据验证者的不同,当前的云数据完整性检验方案可分为私有验证与公共验证两种。私有验证只能由数据拥有者自身完成检验过程而公共验证支持任意第三方进行检验。但当用户自身无法完成检验过程,同时又不希望任意第三方检验自己的数据时,以上两种类型的方案将无法满足用户需求。 According to different verifiers, the current cloud data integrity verification scheme can be divided into private verification and public verification. Private verification can only be verified by the data owner itself, while public verification supports any third party to verify. However, when the user cannot complete the verification process by himself and does not want any third party to verify his own data, the above two types of solutions will not be able to meet the user's needs.

另外,现有的验证方案大多基于传统的公钥证书架构,用户或第三方在进行数据完整性检验时,需要先查询公钥证书这给检验带来了额外的通信开销与实现复杂度。同时,证书库的管理与维护也耗费巨大。 In addition, most of the existing verification schemes are based on the traditional public key certificate architecture. When users or third parties perform data integrity verification, they need to query the public key certificate first, which brings additional communication overhead and implementation complexity to the verification. At the same time, the management and maintenance of the certificate library is also costly.

发明内容 Contents of the invention

本发明所要解决的技术问题是,提供一种基于身份的,可由用户指定的第三方完成的,安全有效的远程数据完整性检验方法。 The technical problem to be solved by the present invention is to provide an identity-based, safe and effective remote data integrity inspection method that can be completed by a third party designated by the user.

本发明为解决上述问题所采用的技术方案是,提供一种基于身份的授权第三方数据完整性验证方法,其特征在于,包括以下步骤。 The technical solution adopted by the present invention to solve the above problems is to provide an identity-based authorized third-party data integrity verification method, which is characterized in that it includes the following steps.

一、秘钥与授权生成。 1. Key and authorization generation.

由私钥生成中心(PKG)选取系统私钥并计算系统公钥,然后根据系统各参与方的ID为其生成与其ID相对应的公私钥对,并发送给各方。另外,由用户生成授权证据,并对授权进行签名。 The private key generation center (PKG) selects the system private key and calculates the system public key, and then generates a public-private key pair corresponding to its ID according to the ID of each participant in the system, and sends it to all parties. In addition, the authorization proof is generated by the user and the authorization is signed.

二、数据块-标签对生成。  2. Generation of data block-label pairs. the

用户将文件F分成n个数据块,并用自己的私钥对每个数据块生成标签,同时将授权证据嵌入到每个标签中。然后用户将数据块-标签对发送给云存储服务器保存,并将授权证据发送给第三方进行授权。 The user divides the file F into n data blocks, and uses his own private key to generate a label for each data block, and embeds authorization evidence into each label. Then the user sends the data block-label pair to the cloud storage server for storage, and sends the authorization evidence to the third party for authorization.

三、授权第三方发起挑战。 3. Authorize third parties to initiate challenges.

第三方在收到用户的授权后,可根据协议向云服务器发起数据完整性验证挑战,挑战信息包含将挑战的块数、置换函数关键值与每个块的随机数生成关键值。然后授权第三方将挑战信息随同自己的授权发给云服务器。 After receiving the user's authorization, the third party can initiate a data integrity verification challenge to the cloud server according to the agreement. The challenge information includes the number of blocks to be challenged, the key value of the permutation function and the key value of random number generation for each block. Then authorize the third party to send the challenge information along with its own authorization to the cloud server.

四、挑战响应。 4. Challenge response.

云服务器在收到第三方的挑战后,首先通过发来的挑战值与置换函数和伪随机函数计算要挑战的块及每个块的随机值。然后,云服务器聚合含有被挑战块与块标签信息的证明返回给挑战者。 After receiving the challenge from the third party, the cloud server first calculates the block to be challenged and the random value of each block through the sent challenge value, permutation function and pseudo-random function. Then, the cloud server aggregates the proof containing the challenged block and block label information and returns it to the challenger.

五、证明验证。 5. Proof verification.

挑战者在收到云服务器的证明信息后,利用自己的授权、系统中的参数与已知公钥验证数据的完整性。验证通过计算一个由双线性对构造的等式是否成立完成,由于等式的验证需要用到授权信息,所以只有拥有授权的第三方才能完整验证。最后,授权第三方将验证结果告知用户。 After receiving the proof information from the cloud server, the challenger uses his authorization, parameters in the system and known public key to verify the integrity of the data. The verification is completed by calculating whether an equation constructed by a bilinear pair is established. Since the verification of the equation requires authorization information, only an authorized third party can complete the verification. Finally, the authorized third party informs the user of the verification result.

本发明的目的是这样实现的。 The purpose of the present invention is achieved like this.

本发明中用户为将要授权的第三方生成证据,并将授权证据嵌入到为每个数据块生成的标签中。当进行远程数据完整性验证时,只有拥有授权证据的第三方才能完成验证过程,从而实现了授权第三方数据完整性验证。另外,本发明采用基于身份的秘钥系统,减轻了传统的公钥基础设施架构(PKI)给用户带来的证书查询、管理与维护等负担,减少了用户的计算与通信开销。 In the present invention, the user generates evidence for the third party to be authorized, and embeds the authorization evidence into the tag generated for each data block. When performing remote data integrity verification, only a third party with authorization evidence can complete the verification process, thereby realizing authorized third-party data integrity verification. In addition, the present invention adopts an identity-based secret key system, which reduces the burden of certificate query, management and maintenance brought to users by the traditional public key infrastructure (PKI), and reduces the computing and communication expenses of users.

本发明的有益效果是,既满足了轻量级用户通过第三方来实现远程数据完整性检验的需求,又禁止任意第三方来进行检验从而保护了用户隐私,弥补了现有方案的不足。同时,本发明降低了验证过程中的计算与通信开销。 The beneficial effect of the present invention is that it not only satisfies the requirement of lightweight users to realize remote data integrity inspection through a third party, but also prohibits any third party from performing inspection, thus protecting user privacy and making up for the shortcomings of existing solutions. At the same time, the invention reduces the calculation and communication overhead in the verification process.

具体实施方式 Detailed ways

下面将对本发明作具体的描述。 The present invention will be specifically described below.

1.1预备知识-双线性映射。  1.1 Preliminary knowledge - bilinear mapping. the

设G1是一个生成元为g的p(p为大素数)阶乘法循环群,G2是同阶的乘法循环群。 双线性对是满足以下性质的映射[26]e:G1×G1→G2Let G 1 be a factorial cyclic group of p (p is a large prime number) whose generator is g, and G 2 be a multiplicative cyclic group of the same order. A bilinear pair is a mapping [26] e that satisfies the following properties: G 1 ×G 1 →G 2 .

(1)双线性性:对任意的有e(g1 2,g2 b)=e(g1,g2)ab(1) Bilinearity: for any There is e(g 1 2 , g 2 b )=e(g 1 , g 2 ) ab .

(2)非退化性:e(g,g)≠1。 (2) Non-degenerate: e(g, g)≠1.

(3)可计算性:总是存在有效的算法计算映射e。 (3) Computability: There is always an efficient algorithm to compute the mapping e.

1.2使用到的符号含义。 1.2 Meaning of symbols used.

H,H1,h为加密散列函数,为伪随机函数,S为随机置换函数。 H, H 1 , h is an encrypted hash function, is a pseudorandom function, and S is a random permutation function.

1.3基于身份的授权第三方数据完整性证明协议,包含5个阶段。 1.3 Identity-based authorized third-party data integrity certification protocol, including 5 stages.

一、秘钥与授权生成。 1. Key and authorization generation.

私钥生成中心(PKG)选取一个随机数作为系统主私钥,同时计算系统公钥M=gm,公开M作为系统参数,并将m保密。 The private key generation center (PKG) selects a random number As the system master private key, calculate the system public key M=g m at the same time, disclose M as a system parameter, and keep m secret.

随后PKG根据用户(User)、授权第三方(ATP)、云服务提供商(CSP)三方身份id∈{0,1}*,计算三方密钥,得User的公钥:U=H(Userid),私钥:u=mU;ATP的公钥:A=H(ATPid),私钥:a=mA;CSP的公钥:C=H(CSPid),私钥:c=mC。 Then PKG calculates the three-party key according to the three-party identity id∈{0, 1} * of the user (User), authorized third party (ATP), and cloud service provider (CSP), and obtains the public key of User: U=H(User id ), private key: u=mU; ATP public key: A=H(ATP id ), private key: a=mA; CSP public key: C=H(CSP id ), private key: c=mC.

三方在收到PKG从安全信道发来的密钥后,分别使用等式:gu=MU,ga=MA,gc=Mc确认密钥的正确性,如果等式成立则接收密钥,否则请求重发。 After receiving the key sent by PKG from the secure channel, the three parties respectively use the equations: g u = M U , g a = M A , g c = M c to confirm the correctness of the key, and if the equation is established, they will receive key, otherwise request resend.

User在收到正确的密钥后,生成授权v,并对授权签名Sv=Sigu(v)。 After receiving the correct key, User generates authorization v, and signs S v = Sig u (v) on the authorization.

二、数据块标签生成。 2. Data block label generation.

用户将文件F分成n个文件块然后依下列方式对每个块生成签名:计算①k=H(e(MA,MC)u,v);②计算θi=fk(i);③计算标签其中r∈G1由用户选取并公开。 The user divides the file F into n file blocks Then generate a signature for each block in the following way: Calculation ①k=H(e(M A , M C ) u , v); ②Calculation θ i =f k (i); ③Calculation of label where r ∈ G 1 is chosen and made public by the user.

用户将块-标签对与v发送给CSP存储,将(v,Sv)发送给ATP对其授权。 之后,用户可删除本地数据与块-标签对。 The user assigns the block-label pair and v are sent to CSP for storage, and (v, S v ) is sent to ATP for authorization. Afterwards, the user can delete local data and block-label pairs.

CSP收到用户发来的数据后,检验块-标签对的正确性,过程如下:①计算k′=H(e(MU,MA)c,v);②计算θi′=fk′(i);③如果等式成立,接受块-标签对,否则要求重发。 After the CSP receives the data sent by the user, it checks the correctness of the block-label pair. The process is as follows: ①Calculate k′=H(e(M U , M A ) c , v); ②Calculate θ i ′=f k ′(i); ③If the equation If established, the block-label pair is accepted, otherwise retransmission is required.

ATP在收到用户发来的授权后,运行AuthVerify算法对授权进行确认,如果正确则接受授权,否则请求重新授权。 After receiving the authorization from the user, ATP runs the AuthVerify algorithm to confirm the authorization. If it is correct, it accepts the authorization, otherwise it requests re-authorization.

三、授权第三方发起挑战。 3. Authorize third parties to initiate challenges.

ATP在收到用户授权后,根据用户要求向CSP发起挑战,ATP首先选取x(1≤x≤n)个待挑战块,并选择一个随机数作为伪随机置换函数S的关键值以保证挑战的随机性。 After receiving user authorization, ATP initiates a challenge to CSP according to user requirements. ATP first selects x (1≤x≤n) blocks to be challenged, and selects a random number As the key value of the pseudo-random permutation function S to ensure the randomness of the challenge.

然后,ATP将挑战信息与它的授权(v,Sv)一起发送给CSP。 ATP will then challenge the information Sent to the CSP with its authorization (v, S v ).

四、挑战响应。 4. Challenge response.

CSP收到ATP发来的挑战后,首先判断ATP授权的合法性,如果合法,则接受ATP的挑战,并生成证明。 After the CSP receives the challenge from the ATP, it first judges the validity of the ATP authorization, if it is legal, it accepts the challenge from the ATP and generates a certificate.

CSP首先计算ATP请求挑战的块:iw=Sλ(w),并为每个块计算一个随机参数: 其中1≤w≤x。 CSP first calculates the block of ATP request challenge: i w = S λ (w), and calculates a random parameter for each block: where 1≤w≤x.

然后CSP计算聚合证明并将(T,X)发送给ATP。 The CSP then calculates the aggregated proof and And send (T,X) to ATP.

五、证明验证。 5. Proof verification.

ATP在收到CSP的证明后,运行算法检验证明的正确性,首先计算:k″=H(e(MU,MC)a,v)。 After receiving the proof from CSP, ATP runs the algorithm to check the correctness of the proof, and first calculates: k″=H(e(M U , M C ) a , v).

然后ATP验证等式是否成立来判断数据完整性。如果等式成立证明数据完整,否则说明数据有误。 Then ATP verifies the equation Whether it is established or not is used to judge data integrity. If the equation is established, it proves that the data is complete, otherwise it means that the data is wrong.

验证公式推导如下。 The verification formula is derived as follows.

由H(e(MA,MC)u,v)=H(e(MU,MA)c,v)=H(e(MU,Mc)a,v)=H(e(g,g)auc,v)可知k=k′=k″。 From H( e (MA,MC)u,v)=H(e(MU,MA)c,v)=H(e(MU,Mc)a,v)=H(e(g,g) auc , v) It can be known that k=k'=k".

.

Claims (5)

1.一种基于身份的授权第三方数据完整性证明方法,其特征在于,包含以下步骤:1. An identity-based authorized third-party data integrity certification method, characterized in that it comprises the following steps: 一、秘钥与授权生成;1. Key and authorization generation; 由私钥生成中心(PKG)选取系统私钥并计算系统公钥,然后根据系统各参与方的ID为其生成与其ID相对应的公私钥对,并发送给各方;另外,由用户生成授权证据,并对授权进行签名;The private key generation center (PKG) selects the system private key and calculates the system public key, and then generates a public-private key pair corresponding to its ID according to the ID of each participant in the system, and sends it to all parties; in addition, the user generates an authorization Evidence, and sign the authorization; 二、数据块标签生成;2. Data block tag generation; 用户将文件F分成n个数据块,并用自己的私钥对每个数据块生成标签,同时将授权证据嵌入到每个标签中;然后用户将数据块-标签对发送给云存储服务器保存,并将授权证据发送给第三方进行授权;The user divides the file F into n data blocks, and uses his own private key to generate a label for each data block, and embeds the authorization evidence into each label; then the user sends the data block-label pair to the cloud storage server for storage, and Send proof of authorization to a third party for authorization; 三、授权第三方发起挑战;3. Authorize third parties to initiate challenges; 第三方在收到用户的授权后,可根据协议向云服务器发起数据完整性验证挑战,挑战信息包含将挑战的块数、置换函数关键值与每个块的随机数生成关键值;然后授权第三方将挑战信息随同自己的授权发给云服务器;After receiving the authorization from the user, the third party can initiate a data integrity verification challenge to the cloud server according to the agreement. The three parties send the challenge information to the cloud server along with their own authorization; 四、挑战响应;4. Challenge response; 云服务器在收到第三方的挑战后,首先通过发来的挑战值与置换函数和伪随机函数计算要挑战的块及每个块的随机值;然后,云服务器聚合含有被挑战块与块标签信息的证明返回给挑战者;After the cloud server receives the challenge from the third party, it first calculates the block to be challenged and the random value of each block through the sent challenge value, replacement function and pseudo-random function; then, the cloud server aggregates the challenged block and block label Proof of information returned to the challenger; 五、证明验证;5. Proof verification; 挑战者在收到云服务器的证明信息后,利用自己的授权、系统中的参数与已知公钥验证数据的完整性;验证通过计算一个由双线性对构造的等式是否成立完成,由于等式的验证需要用到授权信息,所以只有拥有授权的第三方才能完整验证;最后,授权第三方将验证结果告知用户。After receiving the proof information from the cloud server, the challenger uses his authorization, system parameters and known public key to verify the integrity of the data; the verification is completed by calculating whether an equation constructed by bilinear pairing is established, because The verification of the equation requires authorization information, so only an authorized third party can complete the verification; finally, the authorized third party informs the user of the verification result. 2.如权利要求1所述一种基于身份的授权第三方数据完整性证明方法,其特征在于,秘钥生成的具体方法是:2. A kind of identity-based authorizing third-party data integrity proof method as claimed in claim 1, is characterized in that, the specific method of secret key generation is: 首先由私钥生成中心(PKG)选取一个随机数作为系统主私钥,同时计算系统公钥M=gm;然后PKG根据身份id∈{0,1}*,计算用户(User)、授权第三方(ATP)与云服务提供商(CSP)的密钥,得User的公钥:U=H(Userid),私钥:u=mU;ATP的公钥:A=H(ATPid),私钥:a=mA;CSP的公钥:C=(CSPid),私钥:c=mC;三方在收到PKG从安全信道发来的密钥后,分别使用等式:gu=MU,ga=MA,gc=MC确认密钥的正确性,如果等式成立则接收密钥,否则请求重发。First, a random number is selected by the private key generation center (PKG) As the system master private key, calculate the system public key M=g m at the same time; then PKG calculates the user (User), authorized third party (ATP) and cloud service provider (CSP) according to the identity id ∈ {0, 1} * Key, get User’s public key: U=H(User id ), private key: u=mU; ATP’s public key: A=H(ATP id ), private key: a=mA; CSP’s public key: C =(CSP id ), private key: c=mC; after receiving the key sent by PKG from the secure channel, the three parties respectively use the equations: g u = M U , g a = M A , g c = M C Confirm the correctness of the key, receive the key if the equation is established, otherwise request resend. 3.如权利要求1所述一种基于身份的授权第三方数据完整性证明方法,其特征在于,授权必须嵌入到块标签中,授权与标签生成的具体方法是:3. An identity-based authorized third-party data integrity certification method as claimed in claim 1, wherein the authorization must be embedded in the block label, and the specific method of authorization and label generation is: User在收到正确的密钥后,生成授权v,并对授权签名Sv=Sigu(v);然后用户将文件F分成n块并依下列方式对每个块生成签名:①计算k=H(e(MA,MC)u,v);②计算θi=fk(i);③计算标签其中r∈G1由用户选取并公开;最后用户将块-标签对与v发送给CSP存储,将(v,Sv)发送给ATP对其授权。After receiving the correct key, the user generates an authorization v, and signs the authorization Sv=Sig u (v); then the user divides the file F into n blocks And generate a signature for each block in the following way: ①Calculate k=H(e(M A , M C ) u , v); ②Calculate θ i =f k (i); ③Calculate label where r ∈ G 1 is selected and made public by the user; finally the user will block-label pair and v are sent to CSP for storage, and (v, S v ) is sent to ATP for authorization. 4.如权利要求1所述一种基于身份的授权第三方数据完整性证明方法,其特征在于,挑战与响应生成的具体方法是:4. An identity-based authorized third-party data integrity certification method as claimed in claim 1, wherein the specific method of challenge and response generation is: ATP在收到用户授权后,根据用户需求向CSP发起挑战;ATP首先选取x(1≤x≤n)个待挑战块,并选择一个随机数作为伪随机置换函数S的关键值;然后,ATP将挑战信息与授权(v,Sv)发送给CSP;CSP在收到挑战后,首先判断ATP授权的合法性,如果合法,则生成证明,具体过程如下:CSP计算ATP请求挑战的块:iw=Sλ(w),并计算每个块的随机参数:其中1≤w≤x;然后CSP计算并将(T,X)作为证据返回给ATP。After receiving user authorization, ATP initiates a challenge to CSP according to user needs; ATP first selects x (1≤x≤n) blocks to be challenged, and selects a random number as the key value of the pseudo-random permutation function S; then, ATP will challenge the information and authorization (v, S v ) are sent to CSP; after receiving the challenge, CSP first judges the legality of ATP authorization, and if it is legal, then generates a certificate. The specific process is as follows: CSP calculates the block of ATP request challenge: i w = S λ (w), and calculate the random parameters for each block: where 1≤w≤x; then the CSP calculation and And return (T,X) to ATP as evidence. 5.如权利要求1或3所述一种基于身份的授权第三方数据完整性证明方法,其特征在于,证明的验证必须使用到授权证据,具体方法是:5. An identity-based authorized third-party data integrity certification method according to claim 1 or 3, characterized in that authorization evidence must be used for certification verification, and the specific method is: ATP在收到CSP的回应后,首先计算:kn=H(e(MU,MC)a,v),然后验证等式:是否成立,如果成立证明数据完整,否则说明用户数据存储有误。After receiving the response from CSP, ATP first calculates: k n =H(e(M U , M C ) a , v), and then verifies the equation: Whether it is established, if it is established, it proves that the data is complete, otherwise it means that the user data is stored incorrectly.
CN201510322919.7A 2015-06-12 2015-06-12 An Identity-based Authorized Third-Party Data Integrity Proof Method Active CN104980437B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510322919.7A CN104980437B (en) 2015-06-12 2015-06-12 An Identity-based Authorized Third-Party Data Integrity Proof Method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510322919.7A CN104980437B (en) 2015-06-12 2015-06-12 An Identity-based Authorized Third-Party Data Integrity Proof Method

Publications (2)

Publication Number Publication Date
CN104980437A true CN104980437A (en) 2015-10-14
CN104980437B CN104980437B (en) 2019-02-12

Family

ID=54276541

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510322919.7A Active CN104980437B (en) 2015-06-12 2015-06-12 An Identity-based Authorized Third-Party Data Integrity Proof Method

Country Status (1)

Country Link
CN (1) CN104980437B (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105491069A (en) * 2016-01-14 2016-04-13 西安电子科技大学 Integrity verification method based on active attack resistance in cloud storage
CN107453865A (en) * 2017-07-18 2017-12-08 众安信息技术服务有限公司 A kind of multiparty data sharing method and system for protecting data transmission source privacy
CN107483585A (en) * 2017-08-18 2017-12-15 西安电子科技大学 Efficient data integrity audit system and method supporting secure deduplication in cloud environment
CN107948143A (en) * 2017-11-15 2018-04-20 安徽大学 Identity-based privacy protection integrity detection method and system in cloud storage
CN108234504A (en) * 2018-01-12 2018-06-29 安徽大学 Identity-based proxy data integrity detection method in cloud storage
CN109218254A (en) * 2017-06-29 2019-01-15 广东高电科技有限公司 A method of detection electric network data cloud storage integrality
CN117094012A (en) * 2023-08-21 2023-11-21 中胜信用管理有限公司 Intelligent verification method and system for electronic authorization order

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103425941A (en) * 2013-07-31 2013-12-04 广东数字证书认证中心有限公司 Cloud storage data integrity verification method, equipment and server
CN104135470A (en) * 2014-07-11 2014-11-05 宇龙计算机通信科技(深圳)有限公司 A method and system for verifying storage integrity of target data
CN104394155A (en) * 2014-11-27 2015-03-04 暨南大学 Multi-user cloud encryption keyboard searching method capable of verifying integrity and completeness

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103425941A (en) * 2013-07-31 2013-12-04 广东数字证书认证中心有限公司 Cloud storage data integrity verification method, equipment and server
CN104135470A (en) * 2014-07-11 2014-11-05 宇龙计算机通信科技(深圳)有限公司 A method and system for verifying storage integrity of target data
CN104394155A (en) * 2014-11-27 2015-03-04 暨南大学 Multi-user cloud encryption keyboard searching method capable of verifying integrity and completeness

Non-Patent Citations (5)

* Cited by examiner, † Cited by third party
Title
于洋洋等: ""一种云存储数据完整性验证方法"", 《华东理工大学学报(自然科学版)》 *
王博洋: ""关于云端群组数据完整性验证的研究"", 《中国博士学位论文全文数据库信息科技辑》 *
秦志光等: ""云存储服务中数据完整性审计方案综述"", 《信息网络安全》 *
谭霜等: ""云存储中的数据完整性证明研究及进展"", 《计算机学报》 *
钟婷等: ""云存储中基于SBT的数据完整性验证机制"", 《电子科技大学学报》 *

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105491069B (en) * 2016-01-14 2018-08-21 西安电子科技大学 Based on the integrity verification method for resisting active attack in cloud storage
CN105491069A (en) * 2016-01-14 2016-04-13 西安电子科技大学 Integrity verification method based on active attack resistance in cloud storage
CN109218254A (en) * 2017-06-29 2019-01-15 广东高电科技有限公司 A method of detection electric network data cloud storage integrality
CN107453865B (en) * 2017-07-18 2020-09-11 众安信息技术服务有限公司 A multi-party data sharing method and system for protecting the privacy of data transmission source
WO2019015547A1 (en) * 2017-07-18 2019-01-24 众安信息技术服务有限公司 Data sharing method and data sharing system
CN107453865A (en) * 2017-07-18 2017-12-08 众安信息技术服务有限公司 A kind of multiparty data sharing method and system for protecting data transmission source privacy
CN107483585A (en) * 2017-08-18 2017-12-15 西安电子科技大学 Efficient data integrity audit system and method supporting secure deduplication in cloud environment
CN107483585B (en) * 2017-08-18 2020-03-10 西安电子科技大学 Efficient data integrity auditing system and method supporting safe deduplication in cloud environment
CN107948143A (en) * 2017-11-15 2018-04-20 安徽大学 Identity-based privacy protection integrity detection method and system in cloud storage
CN107948143B (en) * 2017-11-15 2021-03-30 安徽大学 Identity-based privacy protection integrity detection method and system in cloud storage
CN108234504A (en) * 2018-01-12 2018-06-29 安徽大学 Identity-based proxy data integrity detection method in cloud storage
CN117094012A (en) * 2023-08-21 2023-11-21 中胜信用管理有限公司 Intelligent verification method and system for electronic authorization order
CN117094012B (en) * 2023-08-21 2024-04-30 中胜信用管理有限公司 Intelligent verification method and system for electronic authorization order

Also Published As

Publication number Publication date
CN104980437B (en) 2019-02-12

Similar Documents

Publication Publication Date Title
CN104811450B (en) The date storage method and integrity verification method of a kind of identity-based in cloud computing
CN106789090B (en) Blockchain-based public key infrastructure system and semi-random joint certificate signature method
CN106330910B (en) Two-factor authentication method for strong privacy protection based on node identity and reputation in the Internet of Vehicles
CN104980437A (en) Identity-based authorized third party data integrity proving method
CN103780618B (en) A Cross-Heterogeneous Domain Identity Authentication and Session Key Agreement Method Based on Access Authorization Ticket
CN108768608B (en) Privacy protection identity authentication method supporting thin client under block chain PKI
CN109495490B (en) Block chain-based unified identity authentication method
WO2018049656A1 (en) Blockchain-based identity authentication method, device, node and system
CN113360943B (en) Block chain privacy data protection method and device
CN106789042A (en) User in IBC domains accesses the authentication key agreement method of the resource in PKI domains
CN101902476A (en) Mobile P2P User Identity Authentication Method
CN103414559B (en) A kind of identity identifying method of based on class IBE system under cloud computing environment
CN105516119A (en) Cross-domain identity authentication method based on proxy re-signature
CN104717217B (en) The provable security data property held verification method based on section entitlement in a kind of cloud storage
CN106790064A (en) The method that both sides are communicated in credible root server cloud computing server model
JP6043804B2 (en) Combined digital certificate
CN104954390A (en) Cloud storage integrity detection method for recovering lost secret keys and system applying cloud storage integrity detection method
CN117220877A (en) Certificate-free aggregation signature method for protecting private key applicable to Internet of vehicles
CN115150828A (en) A UAV identity authentication and key agreement method based on location password
CN110166445A (en) A kind of the secret protection anonymous authentication and cryptographic key negotiation method of identity-based
CN106850584B (en) Anonymous authentication method facing client/server network
CN108390866A (en) Trusted remote method of proof based on the two-way anonymous authentication of dual-proxy
CN114362958B (en) Intelligent home data security storage auditing method and system based on blockchain
TWI593267B (en) Certificateless public key management method with timestamp verification
CN111245611B (en) Anti-quantum computation identity authentication method and system based on secret sharing and wearable equipment

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20200616

Address after: No. 10, 12, 14, 5 / F, building 1, No. 11, Changyi Road, Wuhou District, Chengdu, Sichuan 610000

Patentee after: Sichuan Jietong Transportation Technology Co.,Ltd.

Address before: 611731 Chengdu province high tech Zone (West) West source Avenue, No. 2006

Patentee before: UNIVERSITY OF ELECTRONIC SCIENCE AND TECHNOLOGY

TR01 Transfer of patent right