CN104994110A - Method for assigning verifier for auditing cloud storage data - Google Patents

Method for assigning verifier for auditing cloud storage data Download PDF

Info

Publication number
CN104994110A
CN104994110A CN201510419271.5A CN201510419271A CN104994110A CN 104994110 A CN104994110 A CN 104994110A CN 201510419271 A CN201510419271 A CN 201510419271A CN 104994110 A CN104994110 A CN 104994110A
Authority
CN
China
Prior art keywords
cloud
verifier
designated
signature
private key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510419271.5A
Other languages
Chinese (zh)
Other versions
CN104994110B (en
Inventor
许春香
张晓均
张源
金春花
徐辰福
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
University of Electronic Science and Technology of China
Original Assignee
University of Electronic Science and Technology of China
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by University of Electronic Science and Technology of China filed Critical University of Electronic Science and Technology of China
Priority to CN201510419271.5A priority Critical patent/CN104994110B/en
Publication of CN104994110A publication Critical patent/CN104994110A/en
Application granted granted Critical
Publication of CN104994110B publication Critical patent/CN104994110B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0884Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention belongs to the technical field of communication, and specifically relates to a method for assigning an verifier for auditing cloud storage data. The method provided by the invention mainly comprises the steps that: firstly, a system performs block processing on a data file to generate a public and private key pair for each of a cloud user and a cloud server, the cloud user generates a signature of each data block and a data file tag, and a signature set of the data blocks, the data file and the tag of the data file are sent to the cloud server; the cloud user calls a lattice-based agent algorithm to calculate a public and private key pair for an assigned verifier according to the identity of the assigned verifier, and sends the public and private key pair to the assigned verifier safely; and finally, the assigned verifier generates an audit challenge information for the cloud server, the cloud server acquires an audit response prove according to the audit challenge information and sends the audit response prove to the assigned verifier, and the assigned verifier verifies the audit response prove according to a lattice signature verification method.

Description

A kind of method that identifier of being used to specify audits to cloud storage data
Technical field
The invention belongs to communication technical field, relate to a kind of method that identifier of being used to specify audits to cloud storage data specifically.
Background technology
Along with the development of network technology and continuing to increase of storage demand amount, cloud is stored as memory module of new generation and is progressively occurring and rising.Although cloud stores bring many facilities to user, it is also proposed the challenge of some security privacy aspects simultaneously.Although the memory device that cloud service provider can provide fail safe higher, the data of magnanimity are stored on Cloud Server and make data more easily suffer the active attack of assailant.Concerning cloud service provider, due to some interests reasons, they may can not react the storage condition to user data truly.Such as: cloud service provider possibility is because interests reason deletes the data that some users seldom access, or cloud service provider has concealed the loss of the user data caused by him to safeguard his reputation.Therefore can find out, although cloud stores can bring a lot of advantage and facility, it can not ensure the authenticity and integrity of user storage data.
Store the safety problem of data to solve cloud above-mentioned, we need to audit to the data be stored on cloud, this scheme can audited to the data that cloud stores we be called that cloud stores Data Audit agreement.After data are stored into Cloud Server by user, user just loses the control to data.It is that the trusted third party that user or user entrust carries out regular audit to the data that cloud stores that auditable cloud stores data.By audit, user can real-time confirmation he be stored in the authenticity and integrity of the data on Cloud Server.Even if there is such cloud to store Data Audit service, to user, the executor of audit task is selected also to be the problem needing to consider.Such as, in public audit program, as long as hold effective certificate parameter, anyone can the data integrity of authentication of users.So, user private data or secret information may obtain than unauthorized parties.So, the identifier that user needs appointment one special to the task of auditing, to guarantee the privacy of data.
Current cloud stores Data Audit method all based on classical cryptosystem, and this kind of problem to be all quantum computer can easily crack, be unsafe under quantum environment.Consider that large data will in quantum epoch long-term existence, the Designated-Verifier Data Audit scheme that design can resist quantum attack just has great importance.。
Summary of the invention
To be solved by this invention, be exactly for the problems referred to above, propose a kind of identifier that is used to specify based on lattice difficult problem and store the data method of auditing to cloud, the method effectively can resist the attack of quantum computer.
For achieving the above object, the present invention adopts following technical scheme:
Be used to specify the method that identifier audits to cloud storage data, it is characterized in that, comprise the following steps:
A. system initialization, specifically comprises:
A1. piecemeal process is carried out to data file, the security parameter of lattice cryptographic algorithm and the hash function of safety are set;
A2. produced the public private key pair of cloud user and Cloud Server respectively by lattice base threshold generation algorithm, cloud user secret selects signature key;
A3. cloud user produces the signature set of data block by the linear homomorphism signature algorithm on lattice, and obtains data file label by signature algorithm, and the signature set of data block, data file and data file label are sent to Cloud Server;
B. to audit devolution, specifically comprise:
B1. cloud user designated-verifier, and call according to the identity of designated-verifier the public private key pair that lattice base agent algorithms calculates designated-verifier, the public private key pair of the designated-verifier of acquisition is sent to the identifier specified;
B2. cloud user is by user identity, and the identity of designated-verifier and the PKI of designated-verifier are registered on Cloud Server;
C. to audit challenge response, specifically comprise:
C1. designated-verifier produces audit challenge information and is sent to Cloud Server;
C2. Cloud Server is according to audit challenge information, adopts preimage sampling algorithm and noise learning method on lattice to calculate audit response proof and sends to designated-verifier;
C3. whether designated-verifier checking audit response proves correct.
Further, the concrete grammar of described step a1 is:
A11. data file F is divided into l data block F={m 1, m 2..., m l, wherein 1≤i≤l;
A12., safe Gaussian parameter σ is set, the line number n of δ and matrix, common parameter set is set wherein q=poly (n) is the prime number of the polynomial complexity about matrix line number n, and m>=2nlogq is matrix column number, for the upper bound of matrix norm in scheme, for the distribution of digital signature in scheme, χ is Gaussian noise distribution; Wherein e is digital signature, be the m dimensional vector on mould q, O is the complexity about matrix line number n.
A13., first secure hash function is set second secure hash function 3rd secure hash function 4th secure hash function 5th secure hash function wherein, the 3rd hash function H 3value export at D m × min distribution, the n × m dimension matrix on mould q, the n-dimensional vector on mould q, Z m × mthat m × m ties up low norm matrix, Z qbe mould q residual class ring, subscript m is matrix columns, and subscript n is matrix line number, and subscript q is prime number, D m × mit is low norm m × m only matrix distribution.
Further, the concrete grammar of described step a2 is:
A21. cloud user adopts lattice base threshold generation algorithm to produce public private key pair, is specially:
By lattice base threshold generation algorithm TrapGen (1 n, 1 m, q) produce homogeneous matrix to pass base T amake the public private key pair obtaining cloud user is (A, T a), cloud user selects signature public private key pair for (spk, ssk);
A22. Cloud Server adopts lattice base threshold generation algorithm to produce public private key pair, is specially:
By lattice base threshold generation algorithm TrapGen (1 n, 1 m, q) produce uniform matrix to pass base T cloudmake the public private key pair obtaining Cloud Server is (B, T cloud).
Further, the concrete grammar of described step a3 is:
Tentation data file F={m 1, m 2..., m lidentify label id ∈ { 0,1} *, for each data block adopt public private key pair (A, the T of cloud user a) and the PKI B of Cloud Server, be that each data block produces signature, concrete grammar is:
A31. formula is passed through (wherein 1≤j≤n) obtains n vectorial β 1, β 2... β n.
A32. for each data block m i, 1≤i≤l, passes through formula obtain μ i, adopt μ iand β jdirect product h in obtaining i,j=< μ i, β j>, 1≤j≤n, 1≤i≤l, is arranged
A33. for each i ∈ 1 ..., l}, cloud user is by preimage sampling algorithm SamplePre (A, T on lattice a, h i, σ) and produce signature θ i;
A44. defining signature set is Ψ={ θ i} 1≤i≤l, cloud user is by formula τ=id ‖ SSig simultaneously ssk(id) the label τ of data file F is obtained, wherein SSig ssk(id) be the signature of identify label id, finally, cloud user sends { F, τ, Ψ } to cloud user.
Further, the concrete grammar of described step b1 is:
Cloud user ID sends audit solicited message to designated-verifier TPA, utilizes the identity ID of designated-verifier tPA, cloud user ID passes through formula obtain pass through formula obtain the PKI of designated-verifier and by lattice base agent algorithms NewBasisDel (A, t a, δ) and produce corresponding private key wherein it is the short base of lattice the public private key pair obtaining designated-verifier TPA is
Further, the concrete grammar of described step c1 is:
C11. cloud user sends audit solicited message to designated-verifier TPA, and designated-verifier TPA fetches the label τ of corresponding data file F according to audit solicited message, and designated-verifier TPA utilizes open signature verification PKI spk certifying signature SSig ssk(id) whether effective, if so, then enter step c12, if not, then exit;
C12. designated-verifier TPA from set 1,2 ..., in l}, Stochastic choice contains the subset of c element
C13. designated-verifier TPA produces Bit String at random equably forming audit challenge information chal is
Further, the concrete grammar of described step c2 is:
C21. cloud server is to audit challenge information after, the public private key pair of the designated-verifier TPA that search is corresponding iD tPA), obtain aggregate signature simultaneously in order to blind combined information ν, cloud user selects random vector then by preimage sampling algorithm SamplePre (B, T on lattice cloud, w, σ) and produce random vector signature γ;
C22. calculate about combined information blind value ν '=γ+H 4(w) ν;
C23. the vector that Stochastic choice is new and calculate
C24. according to Gaussian noise distribution χ, noise vector is selected and calculate e=θ+H 5(ν ' ‖ ξ '), obtain and prove response message P={ ν ', w, e, ξ to designated-verifier TPA.
Further, the concrete grammar of described step c3 is:
C31. formula is passed through (wherein 1≤j≤n) obtains n vectorial β 1, β 2... β n;
C32. formula is passed through obtain λ;
C33. β is adopted jdirect product in obtaining with λ wherein 1≤j≤n, is arranged
C34. decisive equation and inequality whether set up, if so, then judge that audit response is justified, if not, then judge that audit response proves mistake; Wherein, θ=e-H 5(ν ' ‖ ξ ') is above-mentioned aggregate signature, and ξ ' ties up random vector for the n on mould q, is used for participating in the ciphering process about θ.
Beneficial effect of the present invention is, can guarantee that, except designated-verifier TPA, either party can not verify the data integrity be stored on Cloud Server.
Embodiment
Technical scheme of the present invention is described below in detail:
The present invention mainly comprises the following steps:
A. system initialization, specifically comprises:
A1. piecemeal process is carried out to data file, the security parameter of lattice cryptographic algorithm and the hash function of safety are set;
A2. produced the public private key pair of cloud user and Cloud Server respectively by lattice base threshold generation algorithm, cloud user secret selects signature key;
A3. cloud user produces the signature set of data block by the linear homomorphism signature algorithm on lattice, and obtains data file label by signature algorithm, and the signature set of data block, data file and data file label are sent to Cloud Server;
B. to audit devolution, specifically comprise:
B1. cloud user designated-verifier, and call according to the identity of designated-verifier the public private key pair that lattice base agent algorithms calculates designated-verifier, the public private key pair of the designated-verifier of acquisition is sent to the identifier specified;
B2. cloud user is by user identity, and the identity of designated-verifier and the PKI of designated-verifier are registered on Cloud Server;
C. to audit challenge response, specifically comprise:
C1. designated-verifier produces audit challenge information and is sent to Cloud Server;
C2. Cloud Server is according to audit challenge information, adopts preimage sampling algorithm and noise learning method on lattice to calculate audit response proof and sends to designated-verifier;
C3. whether designated-verifier checking audit response proves correct.
Further, the concrete grammar of described step a1 is:
A11. data file F is divided into l data block F={m 1, m 2..., m l, wherein 1≤i≤l;
A12. arrange safe Gaussian parameter σ, δ and line number are n matrix, arrange common parameter set wherein q=poly (n) is the prime number of the polynomial complexity about matrix line number n, and m>=2nlogq is matrix column number, for the upper bound of matrix norm in scheme, for the distribution of digital signature in scheme, χ is Gaussian noise distribution; Wherein e is digital signature, be the m dimensional vector on mould q, O is the complexity about matrix line number n.
A13., first secure hash function is set second secure hash function 3rd secure hash function 4th secure hash function 5th secure hash function wherein, the 3rd hash function H 3value export at D m × min distribution, the n × m dimension matrix on mould q, the n-dimensional vector on mould q, Z m × mthat m × m ties up low norm matrix, Z qbe mould q residual class ring, subscript m is matrix columns, and subscript n is matrix line number, and subscript q is prime number, D m × mit is low norm m × m only matrix distribution.
Further, the concrete grammar of described step a2 is:
A21. cloud user adopts lattice base threshold generation algorithm to produce public private key pair, is specially:
By lattice base threshold generation algorithm TrapGen (1 n, 1 m, q) produce homogeneous matrix to pass base T amake the public private key pair obtaining cloud user is (A, T a), cloud user selects signature public private key pair for (spk, ssk);
A22. Cloud Server adopts lattice base threshold generation algorithm to produce public private key pair, is specially:
By lattice base threshold generation algorithm TrapGen (1 n, 1 m, q) produce uniform matrix to pass base T cloudmake the public private key pair obtaining Cloud Server is (B, T cloud).
Further, the concrete grammar of described step a3 is:
Tentation data file F={m 1, m 2..., m lidentify label id ∈ { 0,1} *, for each data block adopt public private key pair (A, the T of cloud user a) and the PKI B of Cloud Server, be that each data block produces signature, concrete grammar is:
A31. formula is passed through (wherein 1≤j≤n) obtains n vectorial β 1, β 2... β n.
A32. for each data block m i, 1≤i≤l, passes through formula obtain μ i, adopt μ iand β jdirect product h in obtaining i,j=< μ i, β j>, 1≤j≤n, 1≤i≤l, is arranged
A33. for each i ∈ 1 ..., l}, cloud user is by preimage sampling algorithm SamplePre (A, T on lattice a, h i, σ) and produce signature θ i;
A44. defining signature set is Ψ={ θ i} 1≤i≤l, cloud user is by formula τ=id ‖ SSig simultaneously ssk(id) the label τ of data file F is obtained, wherein SSig ssk(id) be the signature of identify label id, finally, cloud user sends { F, τ, Ψ } to cloud user.
Further, the concrete grammar of described step b1 is:
Cloud user ID sends audit solicited message to designated-verifier TPA, utilizes the identity ID of designated-verifier tPA, cloud user ID passes through formula obtain pass through formula obtain the PKI of designated-verifier and by lattice base agent algorithms NewBasisDel (A, t a, δ) and produce corresponding private key wherein it is the short base of lattice the public private key pair obtaining designated-verifier TPA is
Further, the concrete grammar of described step c1 is:
C11. cloud user sends audit solicited message to designated-verifier TPA, and designated-verifier TPA fetches the label τ of corresponding data file F according to audit solicited message, and designated-verifier TPA utilizes open signature verification PKI spk certifying signature SSig ssk(id) whether effective, if so, then enter step c12, if not, then exit;
C12. designated-verifier TPA from set 1,2 ..., in l}, Stochastic choice contains the subset of c element
C13. designated-verifier TPA produces Bit String at random equably forming audit challenge information chal is
Further, the concrete grammar of described step c2 is:
C21. cloud server is to audit challenge information after, the public private key pair of the designated-verifier TPA that search is corresponding ( iD tPA), obtain aggregate signature simultaneously in order to blind combined information ν, cloud user selects random vector then by preimage sampling algorithm SamplePre (B, T on lattice cloud, w, σ) and produce random vector signature γ;
C22. calculate about combined information blind value ν '=γ+H 4(w) ν;
C23. the vector that Stochastic choice is new and calculate
C24. according to Gaussian noise distribution χ, noise vector is selected and calculate e=θ+H 5(ν ' ‖ ξ '), obtain and prove response message P={ ν ', w, e, ξ to designated-verifier TPA.
Further, the concrete grammar of described step c3 is:
C31. formula is passed through (wherein 1≤j≤n) obtains n vectorial β 1, β 2... β n;
C32. formula is passed through obtain λ;
C33. β is adopted jdirect product in obtaining with λ wherein 1≤j≤n, is arranged
C34. decisive equation and inequality whether set up, if so, then judge that audit response is justified, if not, then judge that audit response proves mistake; Wherein, θ=e-H 5(ν ' ‖ ξ ') is above-mentioned aggregate signature, and ξ ' ties up random vector for the n on mould q, is used for participating in the ciphering process about θ.
This auditing method can guarantee the TPA except specifying, and either party can not verify the data integrity be stored on Cloud Server.And based on secondly small integer solution (ISIS) difficulty problem non-on lattice, demonstrate malice Cloud Server can not produce forgery signature, make to produce the audit certification response message of forging and can not cheat the TPA that specifies by auditing verification process.The method utilizes preimage sampling function technology on lattice to realize covering up at random the structure of code, thus guarantees curious TPA, and the initial data block message that it wants to recover cloud user from data file is that calculating is infeasible.In addition, the module exponent computing that method of the present invention does not need cost larger and Bilinear map computing, this is for the TPA specified, and it only need calculate limited linear equation just good authentication can be stored in data integrity on Cloud Server.Therefore the solution of the present invention is more conducive to the TPA that specifies in amount of calculation, in rear quantum communications environment, have very large using value.

Claims (8)

1. be used to specify the method that identifier audits to cloud storage data, it is characterized in that, comprise the following steps:
A. system initialization, specifically comprises:
A1. piecemeal process is carried out to data file, the security parameter of lattice cryptographic algorithm and the hash function of safety are set;
A2. produced the public private key pair of cloud user and Cloud Server respectively by lattice base threshold generation algorithm, cloud user secret selects signature key;
A3. cloud user produces the signature set of data block by the linear homomorphism signature algorithm on lattice, and obtains data file label by signature algorithm, and the signature set of data block, data file and data file label are sent to Cloud Server;
B. to audit devolution, specifically comprise:
B1. cloud user designated-verifier, and call according to the identity of designated-verifier the public private key pair that lattice base agent algorithms calculates designated-verifier, the public private key pair of the designated-verifier of acquisition is sent to the identifier specified;
B2. cloud user is by user identity, and the identity of designated-verifier and the PKI of designated-verifier are registered on Cloud Server;
C. to audit challenge response, specifically comprise:
C1. designated-verifier produces audit challenge information and is sent to Cloud Server;
C2. Cloud Server is according to audit challenge information, adopts preimage sampling algorithm and noise learning method on lattice to calculate audit response proof and sends to designated-verifier;
C3. whether designated-verifier checking audit response proves correct.
2. a kind of identifier of being used to specify according to claim 1 stores the data method of auditing to cloud, and it is characterized in that, the concrete grammar of described step a1 is:
A11. data file F is divided into l data block, i.e. F={m 1, m 2..., m l, wherein 1≤i≤l;
A12. arrange safe Gaussian parameter σ, δ and line number are the matrix of n, arrange common parameter set wherein q=poly (n) is the prime number of the polynomial complexity about matrix line number n, and m is matrix column number and m>=2nlogq, for the upper bound of matrix norm, for the distribution of digital signature, χ is Gaussian noise distribution, and e is digital signature, be the m dimensional vector on mould q, O is the complexity about matrix line number n;
A13., first secure hash function is set second secure hash function 3rd secure hash function H 3: { 0,1} *→ Z m × m, the 4th secure hash function 5th secure hash function wherein, the 3rd hash function H 3value export at D m × min distribution, the n × m dimension matrix on mould q, the n-dimensional vector on mould q, Z m × mthat m × m ties up low norm matrix, Z qbe mould q residual class ring, subscript m is matrix columns, and subscript n is matrix line number, and subscript q is prime number, D m × mit is low norm m × m only matrix distribution.
3. a kind of identifier of being used to specify according to claim 2 stores the data method of auditing to cloud, and it is characterized in that, the concrete grammar of described step a2 is:
A21. cloud user adopts lattice base threshold generation algorithm to produce public private key pair, is specially:
By lattice base threshold generation algorithm TrapGen (1 n, 1 m, q) produce homogeneous matrix to pass base T amake the public private key pair obtaining cloud user is (A, T a), wherein A is the PKI of cloud user, T afor the private key of cloud user; Cloud user selects signature key to being (spk, ssk), and wherein spk is open signature verification PKI, and ssk is secret signature private key;
A22. Cloud Server adopts lattice base threshold generation algorithm to produce public private key pair, is specially:
By lattice base threshold generation algorithm TrapGen (1 n, 1 m, q) produce uniform matrix to pass base T cloudmake the public private key pair obtaining Cloud Server is (B, T cloud), wherein B is the PKI of Cloud Server, T cloudfor the private key of Cloud Server.
4. a kind of identifier of being used to specify according to claim 3 stores the data method of auditing to cloud, and it is characterized in that, the concrete grammar of described step a3 is:
Tentation data file F={m 1, m 2..., m lidentify label id ∈ { 0,1} *, for each data block adopt public private key pair (A, the T of cloud user a) and the PKI B of Cloud Server, be that each data block produces signature, concrete grammar is:
A31. formula is passed through (wherein 1≤j≤n) obtains n vectorial β 1, β 2... β n;
A32. for each data block m i, 1≤i≤l, passes through formula obtain μ i, adopt μ iand β jdirect product h in obtaining i,j=< μ i, β j>, 1≤j≤n, 1≤i≤l, arranges h i=(h i1..., h in) xia;
A33. for each i ∈ 1 ..., l}, cloud user is by preimage sampling algorithm SamplePre (A, T on lattice a, h i, σ) and produce signature θ i;
A44. defining signature set is Ψ={ θ i} 1≤i≤l, cloud user is by formula τ=id ‖ SSig simultaneously ssk(id) the label τ of data file F is obtained, wherein SSig ssk(id) be the signature of identify label id, finally, cloud user sends { F, τ, Ψ } to Cloud Server.
5. a kind of identifier of being used to specify according to claim 4 stores the data method of auditing to cloud, and it is characterized in that, the concrete grammar of described step b1 is:
Cloud user ID sends audit solicited message to designated-verifier TPA, utilizes the identity ID of designated-verifier tPA, cloud user ID passes through formula obtain pass through formula obtain the PKI of designated-verifier and by lattice base agent algorithms produce corresponding private key wherein it is the short base of lattice the public private key pair obtaining designated-verifier TPA is
6. a kind of identifier of being used to specify according to claim 5 stores the data method of auditing to cloud, and it is characterized in that, the concrete grammar of described step c1 is:
C11. cloud user sends audit solicited message to designated-verifier TPA, and designated-verifier TPA fetches the label τ of corresponding data file F according to audit solicited message, and designated-verifier TPA utilizes open signature verification PKI spk certifying signature SSig ssk(id) whether effective, if so, then enter step c12, if not, then exit;
C12. designated-verifier TPA from set 1,2 ..., in l}, Stochastic choice contains the subset of c element
C13. designated-verifier TPA produces Bit String at random equably forming audit challenge information chal is
7. a kind of identifier of being used to specify according to claim 6 stores the data method of auditing to cloud, and it is characterized in that, the concrete grammar of described step c2 is:
C21. cloud server is to audit challenge information after, the public private key pair of the designated-verifier TPA that search is corresponding obtain aggregate signature simultaneously combined information in order to blind combined information ν, cloud user selects random vector then by preimage sampling algorithm SamplePre (B, T on lattice cloud, w, σ) and produce random vector signature γ;
C22. calculate about combined information blind value ν '=γ+H 4(w) ν;
C23. the vector that Stochastic choice is new and calculate
C24. according to Gaussian noise distribution χ, noise vector is selected and calculate e=θ+H 5(ν ' ‖ ξ '), obtain and prove response message P={ ν ', w, e, ξ to designated-verifier TPA.
8. a kind of identifier of being used to specify according to claim 7 stores the data method of auditing to cloud, and it is characterized in that, the concrete grammar of described step c3 is:
C31. formula is passed through (wherein 1≤j≤n) obtains n vectorial β 1, β 2... β n;
C32. formula is passed through obtain λ;
C33. β is adopted jdirect product in obtaining with λ wherein 1≤j≤n, is arranged
C34. decisive equation and inequality whether set up, if so, then judge that audit response is justified, if not, then judge that audit response proves mistake; Wherein, θ=e-H 5(ν ' ‖ ξ ') is aggregate signature, and ξ ' is the n dimension random vector on mould q.
CN201510419271.5A 2015-07-16 2015-07-16 A kind of method audited for designated-verifier to cloud storage data Expired - Fee Related CN104994110B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510419271.5A CN104994110B (en) 2015-07-16 2015-07-16 A kind of method audited for designated-verifier to cloud storage data

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510419271.5A CN104994110B (en) 2015-07-16 2015-07-16 A kind of method audited for designated-verifier to cloud storage data

Publications (2)

Publication Number Publication Date
CN104994110A true CN104994110A (en) 2015-10-21
CN104994110B CN104994110B (en) 2018-04-13

Family

ID=54305862

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510419271.5A Expired - Fee Related CN104994110B (en) 2015-07-16 2015-07-16 A kind of method audited for designated-verifier to cloud storage data

Country Status (1)

Country Link
CN (1) CN104994110B (en)

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105787390A (en) * 2016-03-02 2016-07-20 深圳大学 Data integrity verification method and system
CN105791321A (en) * 2016-05-03 2016-07-20 西南石油大学 Cloud storage data common auditing method possessing secret key leakage resistance characteristic
CN105978695A (en) * 2016-05-03 2016-09-28 西南石油大学 Batch self-auditing method for cloud storage data
CN106789044A (en) * 2017-02-20 2017-05-31 西南石油大学 Cloud storage ciphertext data public key can search for encryption method on lattice under master pattern
CN107124272A (en) * 2017-05-02 2017-09-01 西南石油大学 The lattice cloud storage data safety auditing method for supporting agent data to upload
CN107332665A (en) * 2017-07-06 2017-11-07 河南理工大学 A kind of Partial Blind Signature method of identity-based on lattice
CN108259180A (en) * 2017-09-20 2018-07-06 北京工业大学 A kind of method of quantum Universal designated verifier signature
CN108965258A (en) * 2018-06-21 2018-12-07 河南科技大学 A kind of cloud environment data integrity verification method based on full homomorphic cryptography
CN109525403A (en) * 2018-12-29 2019-03-26 陕西师范大学 A kind of anti-leakage that supporting user's full dynamic parallel operation discloses cloud auditing method
CN110049054A (en) * 2019-04-24 2019-07-23 电子科技大学 The plaintext shared data auditing method and system for supporting privacy information hiding
CN110266490A (en) * 2019-07-25 2019-09-20 西南石油大学 The keyword ciphertext generation method and device of cloud storage data
CN112217629A (en) * 2020-10-13 2021-01-12 安徽大学 Cloud storage public auditing method
CN112564911A (en) * 2020-11-23 2021-03-26 重庆大学 Identity-based cloud server computing correctness verification method
CN112632604A (en) * 2020-12-21 2021-04-09 贵州航天计量测试技术研究所 Cloud data auditing method, system and device based on multiple authorized auditors
CN113746836A (en) * 2021-09-03 2021-12-03 南京南瑞信息通信科技有限公司 Data holding verification method and system
CN114598717A (en) * 2022-04-08 2022-06-07 徐洪记 Distributed cloud storage data access method and data service system

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
TAN SHUANG等: ""An Efficient Method for Checking the Integrity of Data in the Cloud"", 《IEEE》 *
XIAOJUN ZHANG等: ""Efficient Identity-based Public Auditing Scheme for Cloud Storage from Lattice Assumption"", 《IEEE》 *

Cited By (28)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105787390A (en) * 2016-03-02 2016-07-20 深圳大学 Data integrity verification method and system
CN105787390B (en) * 2016-03-02 2018-11-27 深圳大学 A kind of verification method and its system of data integrity
CN105791321A (en) * 2016-05-03 2016-07-20 西南石油大学 Cloud storage data common auditing method possessing secret key leakage resistance characteristic
CN105978695A (en) * 2016-05-03 2016-09-28 西南石油大学 Batch self-auditing method for cloud storage data
CN106789044B (en) * 2017-02-20 2019-12-27 西南石油大学 Searchable encryption method for cipher text data public key stored in cloud on grid under standard model
CN106789044A (en) * 2017-02-20 2017-05-31 西南石油大学 Cloud storage ciphertext data public key can search for encryption method on lattice under master pattern
CN107124272A (en) * 2017-05-02 2017-09-01 西南石油大学 The lattice cloud storage data safety auditing method for supporting agent data to upload
WO2018201730A1 (en) * 2017-05-02 2018-11-08 西南石油大学 Lattice-based cloud storage data security audit method supporting uploading of data via proxy
CN107332665A (en) * 2017-07-06 2017-11-07 河南理工大学 A kind of Partial Blind Signature method of identity-based on lattice
CN108259180B (en) * 2017-09-20 2021-01-01 北京工业大学 Method for quantum specifying verifier signature
CN108259180A (en) * 2017-09-20 2018-07-06 北京工业大学 A kind of method of quantum Universal designated verifier signature
CN108965258B (en) * 2018-06-21 2021-07-16 河南科技大学 Cloud environment data integrity verification method based on fully homomorphic encryption
CN108965258A (en) * 2018-06-21 2018-12-07 河南科技大学 A kind of cloud environment data integrity verification method based on full homomorphic cryptography
CN109525403A (en) * 2018-12-29 2019-03-26 陕西师范大学 A kind of anti-leakage that supporting user's full dynamic parallel operation discloses cloud auditing method
CN109525403B (en) * 2018-12-29 2021-11-02 广州市溢信科技股份有限公司 Anti-leakage public cloud auditing method supporting full-dynamic parallel operation of user
CN110049054B (en) * 2019-04-24 2021-07-06 电子科技大学 Plaintext shared data auditing method and system supporting privacy information hiding
CN110049054A (en) * 2019-04-24 2019-07-23 电子科技大学 The plaintext shared data auditing method and system for supporting privacy information hiding
CN110266490A (en) * 2019-07-25 2019-09-20 西南石油大学 The keyword ciphertext generation method and device of cloud storage data
CN110266490B (en) * 2019-07-25 2023-04-21 西南石油大学 Keyword ciphertext generation method and device of cloud storage data
CN112217629A (en) * 2020-10-13 2021-01-12 安徽大学 Cloud storage public auditing method
CN112217629B (en) * 2020-10-13 2022-07-22 安徽大学 Cloud storage public auditing method
CN112564911A (en) * 2020-11-23 2021-03-26 重庆大学 Identity-based cloud server computing correctness verification method
CN112632604A (en) * 2020-12-21 2021-04-09 贵州航天计量测试技术研究所 Cloud data auditing method, system and device based on multiple authorized auditors
CN112632604B (en) * 2020-12-21 2024-01-23 贵州航天计量测试技术研究所 Cloud data auditing method, system and device based on multi-authority auditors
CN113746836A (en) * 2021-09-03 2021-12-03 南京南瑞信息通信科技有限公司 Data holding verification method and system
CN113746836B (en) * 2021-09-03 2022-08-23 南京南瑞信息通信科技有限公司 Data holding verification method and system
CN114598717A (en) * 2022-04-08 2022-06-07 徐洪记 Distributed cloud storage data access method and data service system
CN114598717B (en) * 2022-04-08 2024-06-28 佛山中盈盛达小额贷款有限公司 Distributed cloud storage data access method and data service system

Also Published As

Publication number Publication date
CN104994110B (en) 2018-04-13

Similar Documents

Publication Publication Date Title
CN104994110A (en) Method for assigning verifier for auditing cloud storage data
CN111639361B (en) Block chain key management method, multi-person common signature method and electronic device
Zhang et al. SCLPV: Secure certificateless public verification for cloud-based cyber-physical-social systems against malicious auditors
CN105791321A (en) Cloud storage data common auditing method possessing secret key leakage resistance characteristic
CN106357401B (en) A kind of storage of private key and application method
CN106936566B (en) Outsourcing document signing method based on block chain technology
CN108270571A (en) Internet of Things identity authorization system and its method based on block chain
CN113301022B (en) Internet of things equipment identity security authentication method based on block chain and fog calculation
CN107124272A (en) The lattice cloud storage data safety auditing method for supporting agent data to upload
CN106130716A (en) Cipher key exchange system based on authentication information and method
CN106789044A (en) Cloud storage ciphertext data public key can search for encryption method on lattice under master pattern
CN106487786B (en) Cloud data integrity verification method and system based on biological characteristics
CN108712259B (en) Identity-based cloud storage efficient auditing method capable of uploading data by proxy
CN109379176B (en) Password leakage resistant authentication and key agreement method
Sadasivam et al. A novel authentication service for hadoop in cloud environment
CN110138548A (en) Based on unsymmetrical key pond to and DH agreement quantum communications service station cryptographic key negotiation method and system
CN110661816B (en) Cross-domain authentication method based on block chain and electronic equipment
CN110602083B (en) Secure transmission and storage method of digital identity authentication data
CN110034936B (en) Pierceable digital signature method
Huszti et al. A simple authentication scheme for clouds
Goel et al. LEOBAT: Lightweight encryption and OTP based authentication technique for securing IoT networks
CN106230840A (en) A kind of command identifying method of high security
Ren et al. Blockchain‐Based Proof of Retrievability Scheme
Zhu et al. Outsourcing set intersection computation based on bloom filter for privacy preservation in multimedia processing
Wang et al. Dynamic threshold changeable multi‐policy secret sharing scheme

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20180413

Termination date: 20210716