CN106254374B - A kind of cloud data public audit method having duplicate removal function - Google Patents
A kind of cloud data public audit method having duplicate removal function Download PDFInfo
- Publication number
- CN106254374B CN106254374B CN201610801119.8A CN201610801119A CN106254374B CN 106254374 B CN106254374 B CN 106254374B CN 201610801119 A CN201610801119 A CN 201610801119A CN 106254374 B CN106254374 B CN 106254374B
- Authority
- CN
- China
- Prior art keywords
- cloud
- server
- file
- audit
- data block
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000012550 audit Methods 0.000 title claims abstract description 74
- 238000000034 method Methods 0.000 title claims abstract description 35
- 238000003860 storage Methods 0.000 claims abstract description 33
- 230000004044 response Effects 0.000 claims abstract description 30
- 238000012795 verification Methods 0.000 claims abstract description 20
- 238000010200 validation analysis Methods 0.000 claims abstract description 18
- 230000008569 process Effects 0.000 claims description 16
- 125000004122 cyclic group Chemical group 0.000 claims description 13
- 230000005540 biological transmission Effects 0.000 claims description 5
- 238000012360 testing method Methods 0.000 claims description 4
- 239000000203 mixture Substances 0.000 claims description 3
- 230000011218 segmentation Effects 0.000 claims description 3
- 239000000284 extract Substances 0.000 claims description 2
- 230000000977 initiatory effect Effects 0.000 claims description 2
- 230000006870 function Effects 0.000 abstract description 23
- 238000005516 engineering process Methods 0.000 abstract description 7
- 238000004891 communication Methods 0.000 description 4
- 238000004364 calculation method Methods 0.000 description 3
- 230000007246 mechanism Effects 0.000 description 3
- 238000013500 data storage Methods 0.000 description 2
- 238000001514 detection method Methods 0.000 description 2
- 230000002452 interceptive effect Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 230000018199 S phase Effects 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000013523 data management Methods 0.000 description 1
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000018109 developmental process Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000014759 maintenance of location Effects 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 230000001737 promoting effect Effects 0.000 description 1
- 238000005070 sampling Methods 0.000 description 1
- 239000003643 water by type Substances 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/11—File system administration, e.g. details of archiving or snapshots
- G06F16/122—File system administration, e.g. details of archiving or snapshots using management policies
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/17—Details of further file system functions
- G06F16/174—Redundancy elimination performed by the file system
- G06F16/1748—De-duplication implemented within the file system, e.g. based on file segments
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3218—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
- H04L9/3221—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs interactive zero-knowledge proofs
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Databases & Information Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Data Mining & Analysis (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of cloud data public audit methods for having duplicate removal function, belong to technical field of network security.The present invention includes: CA server setting system parameter, after user leases Cloud Server memory space, to CA server application public private key pair;The cryptographic Hash for being first intended to deposit file when cloud user's storage file is sent to Cloud Server, Cloud Server detects the cryptographic Hash, if this file is present in server, Cloud Server will send challenge information to cloud user and carry out the verifying of possessing property, and verify whether user really possesses the data file according to response.Otherwise, file is uploaded to Cloud Server by cloud user together with label;In addition, audit server can be according to the integrality of data in user's requests verification Cloud Server.The present invention realizes data integrity validation using a wheel unsymmetrical key negotiation algorithm, and realizes Zero Knowledge secret protection, we are also added into practical data deduplication technology, substantially increase the utilization rate of Cloud Server.
Description
Technical field
The invention belongs to technical field of network security, and in particular to a kind of cloud data public audit side for having duplicate removal function
Method.
Background technique
Cloud computing is the another novel calculating mode after grid computing, P2P computing, effectiveness calculating, distributed computing,
It can provide low cost, a large amount of storages used as needed and computing resource, be the primary important innovation of information technology.
Cloud storage be exactly cloud computing it is conceptive extension and expansion come out a new concept, be provided by cloud computing most
Basic service.It, will be each in network by application software by cluster application, grid and distributed file system function
The different types of memory device set of kind cooperates altogether, has the function of externally to provide data storage and business access.It is powerful
Calculating and storage capacity but also user be ready to widely apply and data be deployed in cloud computing platform, cloud storage is exactly one
It is a using data storage and management as the cloud computing system of core.Cloud storage system payment scalable with its, cheap, on-demand,
Position is unrelated, using it is transparent the features such as, user can be allowed to exchange the storage capacity of magnanimity for more cheap price, had become
Faster profit growth point in cloud computing.
However, the computing resource of high concentration allows cloud storage application to face more serious security challenge.The peace of cloud data
Become entirely with privacy and restricts the principal element that people use cloud service.And in recent years, major operator is in succession each
From exposed secure storage problem, the worry of people is exacerbated.Due to driving for interests, cloud service provider may be user's
Data are moved on the slow memory of transmission speed inferior or delete not accessed and access less data.Due to clothes
It is engaged in device managerial competency, failure or is attacked, and cloud service provider deliberately conceals to safeguard oneself reputation and covers number
According to the event of loss, the safety and reliability of cloud storage service device is not trusted by user.Must introducing auditing by third party, person comes
Manage the right of cloud service provider processing cloud data.
After data are passed to cloud by user, data may be deleted and do not saving any copy locally, from
And not can guarantee the data fetched from cloud is completely, since mass data will cause huge communication cost, traditional number
It is unworkable according to integrity verification technology.Therefore, the basic skills of cloud data integrity detection is: user fetches low volume data
User's phase letter data is allowed to be stored on Cloud Server so that biggish probability is intact by knowledge proof and probability analysis.Mesh
Before, possessing property of data proves that PDP (Provable Data Possession) and data can restore to prove POR (Proof of
Retrievability) mechanism is two main cloud data integrity audit agreements.
Ateniese etc. has been put forward for the first time data on information security top-level meeting CCS 2007 and has possessed the concept for proving PDP
And security model, furthermore they also proposed the PDP scheme of two efficient provable securities.PDP protocol can allow user to exist
In the case where not fetching file, also it is able to verify that the integrality for the file being stored on insincere server, saves communication band
It is wide.The concept that the bright PoR that collects evidence can be returned is proposed by Juels and Kaliski, ensures server based on random sampling and error-correcting code technique
Correct data are stored, cloud user can equally fetch when needing data.Shacham and Waters utilizes correcting and eleting codes
The PoR scheme of two high-efficiency compacts is designed, and has carried out stringent Safety Argumentation using the security model of Juels etc..The
One scheme is constructed based on BLS short signature, and the response of server and client's challenging value is all very short, and satisfaction disclosure can be tested
Card, can provide its Security Proof under random oracle;Second scheme is designed based on pseudo-random function PRF
, the length that server generates response message is shorter, but only supports secret Authentication.The two schemes are also all utilized homomorphism and can test
Response proof is aggregated into an authentication value by card label technique, and communication cost is minimized.
Serious financial burden may be brought to cloud service provider by providing unlimited memory space.But data deduplication
Technology clearly can reduce the cost stored.Data deduplication technology by cloud storage provider include Dropbox and
Bitcasa etc. is widely used.It is reported according to the one of SNIA, can be reduced inside business application using data deduplication technology is needed
Therefore the occupancy of the data volume to be stored, disk and bandwidth reduces 90%.The duplicate removal of data, which refers to, avoids identical file more
Secondary storage, when storage be the media file such as music and film of mainstream when, the saving in space is just more obvious.It is duplicate
It is that can consume memory space, but there is no need to occupy any space for subsequent upload that content uploads for the first time at them.In addition to
The saving of memory space, the data stored, in duplicate content later there is no need to upload again, to save band
It is wide.
Data deduplication can be divided into two kinds: the duplicate removal of cloud server terminal and the duplicate removal of user terminal.The duplicate removal of server-side is very simple,
After server receives data, checks whether and deposited portion.The file received is abandoned if existing, is otherwise deposited
Store up this new file.We can see that the duplicate removal of server-side can not save bandwidth, because server is after receiving file
Just carry out deduplication operation.The duplicate removal of another aspect client uses a more controversial method, and client first counts before upload
The cryptographic Hash for calculating file, after device to be serviced receives the cryptographic Hash, checks whether this cryptographic Hash has existed.As existed, then
User does not have to upper transmitting file, and user and existing file are connected, and otherwise notifies the upper transmitting file of user.The duplicate removal of client
Also the transmission of data, the waiting time of user and the consumption of the server energy can be reduced.
Under cloud storage environment, although many audit programs have been proposed to guarantee the integrality of user's data beyond the clouds
And validity, but they are all for traditional cloud storage Environment Design, without the application in view of mobile cloud storage.In order to
Alleviate pressure of the user in storage and calculating, the data integrity validation mechanism under cloud environment preferably supports open verifying,
Allow arbitrary auditing by third party person to help user to complete data integrity validation.Another problem is exactly for shared data
Carrying out privacy of identities protection when integrity verification is conflicted with auditing by third party person, even if auditing party's compliance audit agreement
And a correct auditing result is returned to user.Therefore current cloud data integrity validation scheme does not all reach perfect
Zero Knowledge secret protection.As data explode in cloud storage, in order to provide virtual unlimited storage capacity, save band
Width, the duplicate removal of file seem particularly important, however the security breaches that the duplicate removal of data has its intrinsic, and opponent can be by providing text
The cryptographic Hash of part finally downloads the file for being not belonging to oneself, brings great security risk to cloud storage.
Summary of the invention
Goal of the invention of the invention is: when realizing duplicate removal storage for Cloud Server, it is understood that there may be user itself does not gather around
There is file, Cloud Server is but cheated by file cryptographic Hash, to obtain authorization come the case where downloading the file oneself not possessed,
And user data privacy concern in the open verifying system of cloud data integrity, it proposes and a kind of has duplicate removal function
Cloud data public audit method is verified by file possessing property of the Cloud Server to cloud user, guarantees that cloud user possesses this really
Data file, meanwhile, the response computation amount of user is small, and bandwidth consumption is low;For server, realizes safe duplicate removal and deposit
Storage, improves the space utilization rate of server.This method can also obtain perfect Zero Knowledge secret protection, to prevent cloud number
According to the data leak during public audit.Therefore the invention achievement is important for promoting the sustainable development of cloud computing to have
Theory significance and practical value.
The cloud data public audit method for having duplicate removal function of the invention, specifically includes the following steps:
Step 1: cloud user generates key application request Concurrency and send to CA server, and CA server is cloud user selection one
A random number X generates key pair: public key PK=(R, A), private key SK=(r, X), public key parameter R=g-r, A=e (X, g), private key
ParameterWherein the generation member that g is p rank multiplicative cyclic group G, e are G × G → GTBilinear map, GTIt is followed for p factorial method
Ring group;And private key SK is sent to cloud user by safe lane;
Step 2: the file identifier of cloud user setting file to be uploaded, and fixed length segmentation is carried out to file to be uploaded, it obtains
To n data block, input of the cloud user by the data content (file itself i.e. to be uploaded) of file to be uploaded as hash function H
Parameter generates file cryptographic Hash and is sent to Cloud Server, and wherein hash function H is the bit sequence collection mapping from 0 and 1 composition
To the impact resistant hash function of p rank multiplicative cyclic group G;
Cloud Server determines that current file cryptographic Hash whether there is, if so, initiating the verifying of possessing property to cloud user;If
It is no, then allow cloud user to upload current file;
The possessing property verifying are as follows:
Cloud Server generates possessing property checking request and is sent to cloud user, and the possessing property checking request includes challenging value
chaldup, wherein challenging value chaldupGenerating process are as follows: from current file randomly choose partial data block constitute challenge collection
Q, to each data block m of challenge collection QjData block random number v is setj, subscript j is data block identifier and j ∈ Q, according to vj?
To chaldup={ (j, vj)j∈Q, wherein Multiplication loop for mould p changes group;
Cloud user extracts the challenging value chal in possessing property checking requestdup, according to μ=∑j∈QvjmjResponse μ is obtained,
Wherein mjIt indicates the data block of current file, and resp will be respondeddup={ μ } returns to Cloud Server;
Cloud Server is based on challenging value chaldup, response respdupValidation verification is carried out, if passing through, the verifying of possessing property
Pass through;Otherwise possessing property authentication failed;
The process of cloud user upload current file are as follows: generate one based on private key SK and hash function H for each data block
File identifier, n data block and label value are sent to Cloud Server and carry out cloud storage by label value;
Step 3: cloud user initiates audit request to audit server, and the audit request includes what CA server generated
The public key of cipher key pair, file identifier to be audited, Cloud Server identifier;
Audit server carries out validation verification to received audit request, if in vain, refusing to request;Otherwise cloud is extracted
Server identifier, file identifier to be verified generate challenging value chalintAnd it is sent to corresponding Cloud Server, wherein challenging value
chalintGenerating process are as follows: select constitute challenge collection Q ' to K data block identifier of audit document at random, corresponding challenge collects
Data block random number v ' is arranged in the data block identifier of Q 'k, subscript k be data block identifier and k ∈ Q,TherefromWith
Machine selection parameter t generates parameter X1=gt,X2=At, the generation member that wherein g is p rank multiplicative cyclic group G, A is public key parameter A=
E (X, g) obtains X1About g and X2Knowledge proof pf about A discrete logarithm having the same;By v 'k、X1、X2, pf generate examine
Meter challenge chalint={ (k, v 'k)k∈Q′,X1,X2,pf};
Receive challenging value chalintCloud Server verifying knowledge proof pf it is whether effective, fail if it is not, then auditing;Otherwise
It calculatesμ=∑k∈Q′v′kmk,Then response resp is sentint={ σ, B }
To audit server, wherein mkIndicate k-th of data block, TkIndicate k-th of data block mkLabel value;
Challenging value chal of the audit server based on transmissionintWith response respintValidation verification is carried out, if verifying is logical
It crosses, then sends successful Audit Report of auditing to cloud user;Otherwise the Audit Report of audit failure is sent.
Further, each data block is generated according to private key SK=(r, X), hash function H and generates label value Ti:For wherein miData block, fid indicate file identifier, i ∈ [1, n].
Further, in step 2, Cloud Server is based on challenging value chaldup, response respdupCarry out validation verification
Process are as follows:
Cloud Server is therefromParameter t is randomly choosed, parameter X is generated1=gt,X2=At, X3=Rt, calculated further according to formulaTjIndicate j-th of data
Block mjLabel value;Cloud Server verifies equation B/e (σ, X1Whether)=C is true, if so, then validation verification passes through;Otherwise
Do not pass through.
In step 3, challenging value chal of the audit server based on transmissionintWith response respintCarry out validation verification:
Audit server calculates X based on the parameter t currently selected3=Rt,And it tests
Demonstrate,prove equation B/e (σ, X1Whether)=C is true;If so, then validation verification passes through;Otherwise, do not pass through.
In conclusion by adopting the above-described technical solution, the beneficial effects of the present invention are:
(1) realize duplicate removal storage: the present invention not only realizes the cloud user person that can entrust auditing by third party to being stored in
Data in Cloud Server are audited, in addition, server when carrying out duplicate removal storage, can carry out possessing property of data to user
Verifying, improves the safety of system, and save user bandwidth.
(2) Zero Knowledge secret protection: the present invention realizes Zero Knowledge secret protection using a wheel unsymmetrical key negotiation, and
Compared to directly zero-knowledge proof technology being utilized to realize the scheme of Zero Knowledge secret protection, interaction times are few, and calculation amount is low, and communication is opened
It sells low, and protects privacy of user.
(3) response computing cost is low, and the bandwidth consumption of transmission is low: in view of user's computing capability is limited, user response
Value calculates simply, and calculated result bandwidth consumption is lower.
Detailed description of the invention
Fig. 1 is data deduplication storage and the data public audit process schematic of the specific embodiment of the invention.
Fig. 2 is the data deduplication storing process schematic diagram of specific implementation method of the present invention.
Fig. 3 is the data public audit process schematic of the specific embodiment of the invention.
Specific embodiment
To make the object, technical solutions and advantages of the present invention clearer, below with reference to embodiment and attached drawing, to this hair
It is bright to be described in further detail.
The present invention is to propose a kind of cloud data public audit side for having duplicate removal function based on public key cryptography theory
Method is applied to the higher cloud storage environment of security requirement.When cloud user's storage file, transmitting file cryptographic Hash, cloud service are first gone up
Device judges in the whether existing server of this file, if having deposited, user is not necessarily to upload entire file, saves user bandwidth,
Cloud Server will carry out the verifying of possessing property of file to user, guarantee that cloud user possesses this file really.When cloud user wants to test
When demonstrate,proving cloud data integrity, audit request is sent to audit server, audit server is verified using challenge response method
The integrality of data in Cloud Server, in order to realize that the privacy of efficient remote data integrity authentication mechanism and Zero Knowledge is protected
Shield, the present invention generate challenge information, challenge responses and auth response value using asymmetric round key negotiation scheme.
Mathematical theory applied by the present invention is simply introduced first:
(1) finite field
The domain that limited element is constituted is known as finite field, meets to properties such as addition and multiplicative closeds, the rank of finite field is
The wherein number of element, rank are that the finite field of prime number p is generally denoted as GF (p).The non-zero entry of finite field constitutes a cyclic group,
Include two groups in finite field, one is group that GF (p) constitutes addition, one be -0 pair of multiplication of GF (p) composition group.?
In multiplicative cyclic group, all powers for generating member can construct element all in group.
(2) Hash function
Hash function is a kind of function that arbitrarily long input message can be transformed into the output message of regular length, this
A output result is known as the hash value of the message.Short " fingerprint " of the Hash function commonly used to construction data, once data change,
Fingerprint is with regard to not correct.In order to realize the certification to data, it must have following property: 1. the input of function can be arbitrarily
Length;2. the output of function is regular length;3. calculating its cryptographic Hash for appointing to an x and being easier to;4. to any given
Cryptographic Hash y, find out meet h (x)=y x be computationally it is infeasible, this property is also referred to as anti-weak collision.It breathes out
Uncommon function is mainly used for digital signature, generates " digital finger-print ", secure storage password etc..
(3) zero-knowledge proof
Zero-knowledge proof is the main tool for constructing security protocol, and in brief, zero-knowledge proof is in addition to demonstrating conclusion
Correctness outside, do not reveal other any information, therefore, it can be used as a part of security protocol, put each side can
Heart executes the agreement.Zero-knowledge proof can be divided into two types: interactive and non-interactive type.Zero-knowledge proof is practical
On be it is a kind of be related to two sides or multi-party agreement, i.e. two sides or the taken series of steps that accomplishes a task in many ways.It proves
Person proves and believes it oneself to know or possess a certain message to verifier, but proof procedure is not divulged to verifier and appointed
What is about the information for being proved to message.
(4) Bilinear map
Enable G1It is addition cyclic group, G2It is multiplicative cyclic group, their rank is all q, and p is group G1Generation member.Map e:G1
×G1→G2If meeting following three conditions, referred to as Bilinear map.1. having bilinearity, for anye
(aP, bP)=e (P, P)abIt sets up;2. there is P, Q ∈ G in non-degeneracy1, e (P, Q) ≠ 1;3. having computability: e can be with
Effectively calculated.
Referring to Fig.1, of the invention to be implemented as follows:
Step S100. system is established, and system parameter is generated:
Step S101: selection one security parameter l, CA server select two using prime number p as the multiplicative cyclic group G of rank with
GT, select generation member of the g as group G, e:G × G → GTIt is a bilinear map.It is a multiplicative cyclic group.H is
The Hash function of impact resistant: H { 0,1 }*→G。
Step S102:CA discloses system parameter (g, H, p, G, GT,e)。
Data are uploaded to Cloud Server by the storage of step S200. data, cloud user:
Step S201: the specific generation step of the public private key pair of cloud user are as follows: CA is that cloud user selects a random number X,
R, X ∈ G { 1 },Calculate R=g-r, A=e (X, g), cloud client public key is PK=(R, A), and private key is SK=(r, X).
And private key is sent to cloud user by safe lane.
Step S202: cloud user is that the file F that will be uploaded selects an identifier fid;Then file F is divided into n block,
Obtain data block { mi}1≤i≤n, to realize duplicate removal function, cloud user uploads H (F) to Cloud Server first, and server is by comparing
File cryptographic Hash determines whether file has been deposited, wherein F={ mi|1≤i≤n}.This process is implemented as follows:
Step S202-a: cloud user is that the file that will be uploaded selects an identifier fid.
Step S202-b: cloud user carries out fixed length segmentation to file F, obtains n data block, i.e. { mi}1≤i≤n。
Step S202-c: the cryptographic Hash H (F) of cloud user's calculation document, and it is uploaded to server.
Step S202-d: whether Cloud Server has been stored in after receiving H (F) by comparing H (F) detection this document
In server.
Step S203: if file is present in cloud service, due to safety concerns, Cloud Server will carry out file to user
Possessing property verifying.Cloud Server generates possessing property checking request, sends a challenging value to cloud user, cloud user receives challenge
After value, a response is calculated to Cloud Server according to blocks of files and challenging value.The challenging value that Cloud Server is sent according to oneself,
The validity of the response verification response of cloud user, and the verifying report of possessing property of file is sent according to verification result.Reference Fig. 2,
This process is implemented as follows:
Step S203-a: Cloud Server random selectionThen some data blocks are selected, constructed one is challenged
Set Q, to each data block m being selectedj, select a random numberServer sends challenging value chaldup=
{(i,vj)j∈QGive cloud user.
Step S203-b: cloud user calculates μ=∑j∈Qvjmj, then send response respdup={ μ } gives Cloud Server.
Step S203-c: Cloud Server utilizes t, the associated information calculation X of deposit file user1=gt, X2=At, X3=
Rt,TjIndicate j-th of number
According to block mjLabel value.
Step S203-d: Cloud Server verifies equation B/e (σ, X1Whether)=C is true.If so, it then sends data and possesses
Property be proved to be successful, otherwise, send possessing property of data authentication failed.
Step S204: if file does not exist in Cloud Server, cloud user is allowed to upload current file, i.e. cloud user root
Private key according to oneself is each data block mi, one label value T of i ∈ [1, n] calculatingi, i ∈ [1, n],Then (fid, F, Tag are sentint), Tagint={ Ti}i∈[1,n]To Cloud Server, delete simultaneously
Local data (optional processing mode, the purpose of deletion are to reduce the occupancy to local storage space).Cloud Server is connecing
Receive (fid, F, Tagint) after, it stores it in storage medium.
300. audit server of step S audits to the data being stored in Cloud Server.
Cloud user generates an audit request, and is sent to audit server, requests to carry out the data in Cloud Server
Audit.Audit server generates a challenging value to Cloud Server and is sent to Cloud Server according to the information in audit request.
After Cloud Server receives challenging value, the validity of challenging value is verified, if effectively, calculating one according to label, blocks of files, challenging value
A response is sent to audit server.After audit server receives the response that Cloud Server is sent, chosen according to what oneself sent
War value, the public key of cloud user, the correctness of the response auth response value of Cloud Server.Audit server is given according to auditing result
User sends Audit Report and sends and audit successfully if being proved to be successful, and otherwise, sends audit failure.The specific implementation of this process
It is as follows:
Step S301: cloud user sends audit request req=PK | | fid | | Server | | Time is to audit server, committee
It is ask to audit the data in Cloud Server.PK is the public key of cloud user, and fid is the file identifier of request audit,
Server is the mark of Cloud Server, and Time is a timestamp.
Step S302: audit server random selectionThen the partial data block identifier structure of fid is randomly choosed
At a challenge set Q ', corresponding each data block identifier selects a random numberK ∈ Q ' calculates X1=gt,X2=
At, in addition, the knowledge probative agreement POK that audit person is equal using two discrete logarithms, generates a knowledge proof pf, guarantee X1
About g and X2There are identical discrete logarithm, i.e. pf=POK { (g, A, X about A1,X2):loggX1=logAX2, last audit
Challenge is chalint={ (i, v 'k)k∈Q,X1,X2, pf }, send it to Cloud Server.Referring to Fig. 3, the specific implementation of this process
It is as follows:
Step S302-a: audit server random selectionThen the partial data block identifier of fid is randomly choosed
(such as K) constitute a challenge set Q ', and corresponding each data block identifier selects a random numberK ∈ Q ' is calculated
X1=gt,X2=At。
Step S302-b: proof a pf, pf=POK { (g, A, X are generated1,X2):loggX1=logAX2}。
Step S302-c: audit server calculates challenging value chalint={ (k, v 'k)k∈Q′,X1,X2, pf }, and be sent to
Cloud Server.
Step S303: the challenge chal of audit server transmission is receivedintAfterwards, Cloud Server first verifies that whether pf is effective,
If invalid, audit and fail, otherwise Cloud Server calculatesμ=∑k∈Q′vkmk,
Cloud Server sends response respint={ σ, B } gives audit server.
Step S304: audit server receives response respintAfterwards, X is calculated3=Rt,
And verify equation B/e (σ, X1Whether)=C is true.
Step S305: if equation is set up, success of auditing;Otherwise, audit failure.Audit server is sent out according to verification result
Send Audit Report to give cloud user, if auditing successfully, send PK | | fid | | Server | | Time | | 1, if audit failure, sends out
Send PK | | fid | | Server | | Time | | 0.
The above description is merely a specific embodiment, any feature disclosed in this specification, except non-specifically
Narration, can be replaced by other alternative features that are equivalent or have similar purpose;Disclosed all features or all sides
Method or in the process the step of, other than mutually exclusive feature and/or step, can be combined in any way.
Claims (2)
1. a kind of cloud data public audit method for having duplicate removal function, characterized in that it comprises the following steps:
Step 1: cloud user generates key application request Concurrency and send to CA server, CA server be cloud user select one with
Machine number X generates key pair: public key PK=(R, A), private key SK=(r, X), public key parameter R=g-r, A=e (X, g), private key parameterWherein the generation member that g is p rank multiplicative cyclic group G, e are G × G → GTBilinear map, GTFor p rank multiplication loop
Group;And private key SK is sent to cloud user by safe lane;
Step 2: the file identifier of cloud user setting file to be uploaded, and fixed length segmentation is carried out to file to be uploaded, obtain n
A data block, cloud user generate file cryptographic Hash simultaneously using the data content of file to be uploaded as the input parameter of hash function H
It is sent to Cloud Server, wherein hash function H is to be mapped to the anti-of p rank multiplicative cyclic group G from the bit sequence collection of 0 and 1 composition
Collide hash function;
Cloud Server determines that the cryptographic Hash of current file whether there is, if so, initiating the verifying of possessing property to cloud user;If it is not,
Cloud user is then allowed to upload current file;
The possessing property verifying are as follows:
Cloud Server generates possessing property checking request and is sent to cloud user, and the possessing property checking request includes challenging value
chaldup, wherein challenging value chaldupGenerating process are as follows: from current file randomly choose partial data block constitute challenge collection Q
To each data block m of challenge collection QjData block random number v is setj, subscript j is data block identifier and j ∈ Q, according to vjIt obtains
chaldup={ (j, vj)j∈Q, wherein For the multiplicative cyclic group of mould p;
Cloud user extracts the challenging value chal in possessing property checking requestdup, according to μ=∑j∈QvjmjResponse μ is obtained, wherein mj
It indicates the data block of current file, and resp will be respondeddup={ μ } returns to Cloud Server;
Cloud Server is based on challenging value chaldup, response respdupValidation verification is carried out, if passing through, the verifying of possessing property is logical
It crosses;Otherwise possessing property authentication failed;
Cloud Server is based on challenging value chaldup, response respdupCarry out the process of validation verification are as follows:
Cloud Server is therefromParameter t is randomly choosed, parameter X is generated1=gt,X2=At, X3=Rt, further according to formula calculating parameterTjIndicate j-th of data
Block mjLabel value;Cloud Server verifies equation B/e (σ, X1Whether)=C is true, if so, then validation verification passes through;Otherwise
Do not pass through;
The process of cloud user upload current file an are as follows: label is generated for each data block based on private key SK and hash function H
File identifier, n data block and label value are sent to Cloud Server and carry out cloud storage by value;
Wherein, the label value of data block are as follows:miIndicate data block, fid indicates file identifier, i ∈
[1,n];
Step 3: cloud user initiates audit request to audit server, and the audit request includes the key that CA server generates
The public key of centering, file identifier to be audited, Cloud Server identifier;
Audit server carries out validation verification to received audit request, if in vain, refusing to request;Otherwise cloud service is extracted
Device identifier, file identifier to be verified generate challenging value chalintAnd it is sent to corresponding Cloud Server, wherein challenging value
chalintGenerating process are as follows: select constitute challenge collection Q ' to K data block identifier of audit document at random, corresponding challenge collects
Data block random number v ' is arranged in the data block identifier of Q 'k, subscript k be data block identifier and k ∈ Q,TherefromWith
Machine selection parameter t generates parameter X1=gt,X2=At, the generation member that wherein g is p rank multiplicative cyclic group G, A is public key parameter A=
E (X, g) obtains X1About g and X2Knowledge proof pf about A discrete logarithm having the same;By v 'k、X1、X2, pf generate examine
Meter challenge chalint={ (k, v 'k)k∈Q′,X1,X2,pf};
Receive challenging value chalintCloud Server verifying knowledge proof pf it is whether effective, fail if it is not, then auditing;Otherwise it calculates
ParameterThen response resp is sentint=σ,
B } give audit server, wherein mkIndicate k-th of data block, TkIndicate k-th of data block mkLabel value;
Challenging value chal of the audit server based on transmissionintWith response respintValidation verification is carried out, if being verified,
Successful Audit Report of auditing is sent to cloud user;Otherwise the Audit Report of audit failure is sent.
2. the method as described in claim 1, which is characterized in that in step 3, challenging value of the audit server based on transmission
chalintWith response respintCarry out validation verification:
Audit server is based on the parameter t currently selected, calculating parameter X3=Rt,And it tests
Demonstrate,prove equation B/e (σ, X1Whether)=C is true;If so, then validation verification passes through;Otherwise, do not pass through.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610801119.8A CN106254374B (en) | 2016-09-05 | 2016-09-05 | A kind of cloud data public audit method having duplicate removal function |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610801119.8A CN106254374B (en) | 2016-09-05 | 2016-09-05 | A kind of cloud data public audit method having duplicate removal function |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106254374A CN106254374A (en) | 2016-12-21 |
| CN106254374B true CN106254374B (en) | 2019-10-01 |
Family
ID=57598549
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610801119.8A Expired - Fee Related CN106254374B (en) | 2016-09-05 | 2016-09-05 | A kind of cloud data public audit method having duplicate removal function |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106254374B (en) |
Families Citing this family (24)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106911708B (en) * | 2017-03-23 | 2019-12-03 | 中北大学 | A kind of cloud data public audit method for supporting batch processing to verify and to have wrong data positioning function |
| CN107483585B (en) * | 2017-08-18 | 2020-03-10 | 西安电子科技大学 | Efficient data integrity auditing system and method supporting safe deduplication in cloud environment |
| CN107800688B (en) * | 2017-09-28 | 2020-04-10 | 南京理工大学 | Cloud data deduplication and integrity auditing method based on convergence encryption |
| CN107635018B (en) * | 2017-10-30 | 2021-05-18 | 福州大学 | Cross-domain medical cloud storage system supporting emergency access control and safe deduplication |
| CN108256048A (en) * | 2018-01-12 | 2018-07-06 | 哈尔滨工业大学深圳研究生院 | The auditing by third party method that user file data is supported to restore |
| CN108377264A (en) * | 2018-02-05 | 2018-08-07 | 江苏大学 | Vehicular ad hoc network quorum-sensing system data report De-weight method |
| CN108566278B (en) * | 2018-03-21 | 2020-04-14 | 北京金堤科技有限公司 | Data cooperation method and device |
| CN110392083B (en) * | 2018-04-20 | 2022-06-24 | 华为技术有限公司 | File second transmission control method and device and terminal equipment |
| CN108600263B (en) * | 2018-05-09 | 2020-09-25 | 电子科技大学 | Safe and effective client duplicate removal method based on possession certification |
| CN109829326B (en) * | 2018-11-20 | 2023-04-07 | 西安电子科技大学 | Cross-domain authentication and fair audit de-duplication cloud storage system based on block chain |
| CN109981641B (en) * | 2019-03-26 | 2020-10-02 | 北京邮电大学 | Block chain technology-based safe publishing and subscribing system and publishing and subscribing method |
| CN110278076B (en) * | 2019-05-29 | 2022-06-03 | 电子科技大学 | Block chain-based transparent data integrity auditing and transparent encrypted data duplicate removal method |
| CN110278087B (en) * | 2019-07-05 | 2022-04-22 | 深圳市九链科技有限公司 | File encryption and de-duplication method based on secondary hash and zero knowledge verification method |
| CN110460447B (en) * | 2019-08-16 | 2022-07-08 | 东北大学秦皇岛分校 | Hash binary tree-based edge calculation data auditing system and auditing method |
| CN110505052B (en) * | 2019-08-28 | 2022-11-25 | 安徽大学 | Cloud data public verification method for protecting data privacy |
| CN110968452A (en) * | 2019-11-20 | 2020-04-07 | 华北电力大学(保定) | Data integrity verification method capable of safely removing duplicate in cloud storage of smart power grid |
| CN111355705B (en) * | 2020-02-08 | 2021-10-15 | 西安电子科技大学 | Data auditing and safety duplicate removal cloud storage system and method based on block chain |
| CN111460524B (en) * | 2020-03-27 | 2023-07-18 | 鹏城实验室 | Method, apparatus and computer readable storage medium for detecting data integrity |
| CN111859030B (en) * | 2020-07-09 | 2023-04-28 | 西南交通大学 | Public auditing method supporting composite data |
| CN111931201B (en) * | 2020-07-15 | 2023-06-16 | 重庆第二师范学院 | Secure cloud storage system based on symmetric key |
| CN112784314B (en) * | 2021-01-27 | 2022-07-29 | 青岛大学 | Data integrity detection method and device, electronic equipment and storage medium |
| CN114021158B (en) * | 2021-09-29 | 2024-06-21 | 北京师范大学 | Zero knowledge data storage verification method, device and storage medium based on BLS signature |
| CN115063120B (en) * | 2022-08-05 | 2022-11-04 | 国网浙江省电力有限公司金华供电公司 | Project audit system based on cloud service |
| CN116938452B (en) * | 2023-09-15 | 2023-12-08 | 天津太极风控网络科技有限公司 | Cloud audit method for encrypted backup account set |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104811300A (en) * | 2015-04-22 | 2015-07-29 | 电子科技大学 | Secret key updating method for cloud storage and implementation method of cloud data auditing system |
| CN104917609A (en) * | 2015-05-19 | 2015-09-16 | 华中科技大学 | Efficient and safe data deduplication method and efficient and safe data deduplication system based on user perception |
| CN105243334A (en) * | 2015-09-17 | 2016-01-13 | 浪潮(北京)电子信息产业有限公司 | Data storage protection method and system |
| WO2016105585A1 (en) * | 2014-12-23 | 2016-06-30 | Hewlett Packard Enterprise Development Lp | Data deduplication |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8892866B2 (en) * | 2011-09-26 | 2014-11-18 | Tor Anumana, Inc. | Secure cloud storage and synchronization systems and methods |
-
2016
- 2016-09-05 CN CN201610801119.8A patent/CN106254374B/en not_active Expired - Fee Related
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2016105585A1 (en) * | 2014-12-23 | 2016-06-30 | Hewlett Packard Enterprise Development Lp | Data deduplication |
| CN104811300A (en) * | 2015-04-22 | 2015-07-29 | 电子科技大学 | Secret key updating method for cloud storage and implementation method of cloud data auditing system |
| CN104917609A (en) * | 2015-05-19 | 2015-09-16 | 华中科技大学 | Efficient and safe data deduplication method and efficient and safe data deduplication system based on user perception |
| CN105243334A (en) * | 2015-09-17 | 2016-01-13 | 浪潮(北京)电子信息产业有限公司 | Data storage protection method and system |
Non-Patent Citations (2)
| Title |
|---|
| Secure Auditing and Deduplicating Datain Cloud;Jingwei Li等;《IEEE TRANSACTIONS ON COMPUTERS》;20160801;第65卷(第8期);正文第4.2.1节 * |
| Secureand Constant Cost Public Cloud Storage Auditing with Deduplication;Jiawei Yuan,Shucheng Yu;《2013 IEEE Conference on Communications and Network Security (CNS)》;20140619;正文第II-III节 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106254374A (en) | 2016-12-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106254374B (en) | A kind of cloud data public audit method having duplicate removal function | |
| CN104811450B (en) | The date storage method and integrity verification method of a kind of identity-based in cloud computing | |
| Li et al. | Fuzzy identity-based data integrity auditing for reliable cloud storage systems | |
| Yu et al. | Cloud data integrity checking with an identity-based auditing mechanism from RSA | |
| Yu et al. | Enhanced privacy of a remote data integrity-checking protocol for secure cloud storage | |
| Armknecht et al. | Outsourced proofs of retrievability | |
| Ren et al. | Mutual verifiable provable data auditing in public cloud storage | |
| CN104811300B (en) | The key updating method of cloud storage and the implementation method of cloud data accountability system | |
| Wei et al. | Security and privacy for storage and computation in cloud computing | |
| CN107147720B (en) | Traceable effective public auditing method and traceable effective public auditing system in cloud storage data sharing | |
| CN109376528B (en) | Trusted identity management system and method based on block chain | |
| CN109889497A (en) | A kind of data integrity verification method for going to trust | |
| CN109829326A (en) | Cross-domain certification and fair audit duplicate removal cloud storage system based on block chain | |
| CN109286490A (en) | Support close state data deduplication and integrity verification method and system | |
| CN105227317B (en) | A kind of cloud data integrity detection method and system for supporting authenticator privacy | |
| Xie et al. | Blockchain‐Based Cloud Data Integrity Verification Scheme with High Efficiency | |
| Nirmala et al. | Data confidentiality and integrity verification using user authenticator scheme in cloud | |
| CN108400981A (en) | The public cloud auditing system and method for lightweight and secret protection in smart city | |
| Ni et al. | Identity-based provable data possession from RSA assumption for secure cloud storage | |
| Luo et al. | An effective integrity verification scheme of cloud data based on BLS signature | |
| CN113014394B (en) | Electronic data certification method and system based on alliance chain | |
| CN106790311A (en) | Cloud Server stores integrality detection method and system | |
| CN110351297A (en) | A kind of verification method and device applied to block chain | |
| CN112565264A (en) | Block chain-based cloud storage data integrity detection method and system | |
| Tu et al. | Privacy‐Preserving Outsourced Auditing Scheme for Dynamic Data Storage in Cloud |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20191001 |