CN106611127A - Encryption method for information access in cloud computing - Google Patents
Encryption method for information access in cloud computing Download PDFInfo
- Publication number
- CN106611127A CN106611127A CN201610282054.0A CN201610282054A CN106611127A CN 106611127 A CN106611127 A CN 106611127A CN 201610282054 A CN201610282054 A CN 201610282054A CN 106611127 A CN106611127 A CN 106611127A
- Authority
- CN
- China
- Prior art keywords
- matrix
- data
- cloud computing
- encryption method
- information access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
- H04L67/568—Storing data temporarily at an intermediate stage, e.g. caching
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a method for solving an unknown positive integer on the basis of a congruence theory of the positive integer, and builds an encryption and decryption method for information storage and extraction in a distributed cache. The method comprises the steps of firstly converting data D into a matrix with N rows and n columns according to a byte order, defining a pairwise coprime integer set and constructing a unary linear congruence equation set by original data and the defined integer set according to the congruence theory; solving a solution, transforming the solution into a matrix and converting the matrix into data columns according to the scheme of constructing the matrix according to the original data, namely obtaining a ciphertext; and constructing a matrix by using the ciphertext during decoding, reversely solving congruence equations to obtain the matrix of the original data and reconstructing original data columns.
Description
Art
The present invention relates to the storage of information and extractive technique field in cloud computing.
Background technology
Computer technology and mobile network support that technology develops, and extensive application is forwarded to the ring of cloud computing from traditional framework
Border, with user's access information anywhere or anytime, the safety problem in cloud computing is of great interest.
Now, the development of distributed caching technology is most in cloud computing, and the cloud computing transmission platform set up based on this is also most,
Be also simultaneously present more stable, the very high technology of performance, distributed caching by data distribution to multiple buffer service nodes,
Data are managed in internal memory, unified access interface is externally provided, realize that High Availabitity is supported based on redundancy backup mechanism.When applying journey
When sequence needs data cached, client obtains the corresponding memory node of key by corresponding distributed algorithm, then client
Caching server is sent the data to by ICP/IP protocol, caching server calls local service by data buffer storage in internal memory
In.When similar application program reads caching, first key place node is obtained by distributed algorithm, then obtained by network
Corresponding data are taken, due to function of the local service without encryption itself, the storage of data is often plaintext version, is attacked
The person of hitting, user or system manager are readily available cache contents, so as to the security for causing distributed cache system is hidden
Suffer from.
To solve above-mentioned safety problem, traditional encryption method can complete ciphering process, but computing is complicated, causes
Distributed cache system performance is reduced, and its development is restricted, it is therefore desirable to re-establish a kind of computing simple and fast on this basis
Lightweight encryption algorithm.
The content of the invention
For above-mentioned deficiency, this method proposes the method that the congruence theory based on positive integer solves a certain unknown positive integer,
Establish it is a kind of for information Store in distributed caching with extract encryption and decryption approaches.
The technical solution adopted in the present invention is:First data D are changed into into the square of a N rows n row according to byte order
Battle array, then define an integer set coprime two-by-two, then according to congruence theory by initial data and definition integer set
Unitary general linear congruent equation class is built into, after trying to achieve solution, matrix is transformed to, the scheme of matrix is built by square according to initial data
Battle array is converted into data row, that is, obtained ciphertext;During decoding, ciphertext is built into into matrix, then instead solves congruence and obtain original
The matrix of data, is being reconstructed into initial data row.
The invention has the beneficial effects as follows:Can solve the problem that distributed caching technology is in safety problem below current cloud computing environment
On defect, ensured confidentiality data cached in cloud environment, and calculate simple, execution performance is high, is different from present
Main flow algorithm, further increases the stability and security of cloud computing system.
Description of the drawings
Specific embodiment
This invention is described below in detail.
First, principle of the invention
N coprime two-by-two positive integer m={ m1,m2,…,mn, to arbitrary integer an, the unitary linear congruence side of construction
Journey group S must have solution
Its solution is
Wherein:K ∈ Z,M`iIt is MiMould miOpinion derivative.
Can be obtained by Euclidean algorithm:
2nd, ciphering process
Under cloud environment, burst of data D is stored in distributed cache system, and be transformed into ciphertext X, perform following step
Suddenly:
Step 1:Data D are divided into into N groups according to byte order, are G1, G2..., Gn, every group of packet contain B byte,
Every group of data are further divided into n unit, and each unit is expressed as u1, u2..., un, each unit includes b byte, now data D
It is divided into the matrix of a N rows n row:
Step 2:Definition set m ∈ { mn, any two integer is coprime in set, and mj> uij
Step 3:Every a line r in matrixiConstruct following congruence:
Solve:
Matrix after then can converting is:
Step 4:By x1To xNCouple together, it is possible to ciphertext X after being encrypted:
Key is (N, m1,m2,…,mn), meanwhile, the API for calling distributed cache system is cached to encryption data,
So just complete data cached storage.
There is individual constraints in ciphering process, because computer processor most multipotency processes 64,:
Because:
So, constraints position nb≤64.
3rd, decrypting process
Decrypting process is the inverse operation of encryption, first, ciphertext X is divided into into N groups, is designated as x1,x2,…,xNEncrypted
Matrix afterwards:
P '=[x1,x2,…,xN]T
Congruence equations are constructed to the x of every a line:
Solving equations, obtain u, and it is to have recovered data matrix P to obtain u;
The raw data matrix for obtaining is attached according to sequencing and obtains initial data D:
。
Claims (4)
1. a kind of encryption method of Information Access in cloud computing, the invention is related to the storage of information and extractive technique in cloud computing and leads
Domain, is characterized in that:64 are processed according to processor most multipotency, the constraints of ciphering process, and key step bag is set
Containing two processes of encryption and decryption.
2. a kind of encryption method of Information Access in cloud computing according to claim 1, is characterized in that:Constraints is set as。
3. a kind of encryption method of Information Access in cloud computing according to claim 1, is characterized in that:The algorithm of ciphering process
Step is:
Step one:Data D are divided into into N groups according to byte order, are, every group of packet contain
There is B byte, every group of data are being divided into n unit, and each unit is expressed as, often
Individual unit includes b byte, and now data D are divided into the matrix of a N rows n row:
Step 2:Definition set, any two integer is coprime in set, and
Step 3:Every a line in matrixConstruct following congruence:
Solve:
Matrix after then can converting is:
Step 4:WillArriveCouple together, it is possible to ciphertext X after being encrypted:
Key is, meanwhile, the API for calling distributed cache system is cached to encryption data, such as
This just completes data cached storage.
4. according to claim 1 in cloud computing in a kind of encryption method of Information Access, the algorithm steps of decryption are:
Step one:Ciphertext X is divided into into N groups, is designated as
Matrix after being encrypted
Step 2:Solving equations, obtain u, and it is to have recovered data matrix P to obtain u
Step 3:The raw data matrix for obtaining is attached according to sequencing and obtains initial data D:
。
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610282054.0A CN106611127A (en) | 2016-04-29 | 2016-04-29 | Encryption method for information access in cloud computing |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610282054.0A CN106611127A (en) | 2016-04-29 | 2016-04-29 | Encryption method for information access in cloud computing |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106611127A true CN106611127A (en) | 2017-05-03 |
Family
ID=58614802
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610282054.0A Pending CN106611127A (en) | 2016-04-29 | 2016-04-29 | Encryption method for information access in cloud computing |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106611127A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108877003A (en) * | 2018-06-25 | 2018-11-23 | 深圳市嘉泊智慧城市运营管理有限公司 | The garage access control system of intelligence |
CN111181938A (en) * | 2019-12-20 | 2020-05-19 | 北京交通大学 | Edge calculation distributed data encryption transmission method based on fragment transmission |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103973439A (en) * | 2014-05-08 | 2014-08-06 | 华中科技大学 | Multivariable public key encryption method |
CN104754055A (en) * | 2015-04-03 | 2015-07-01 | 易云捷讯科技(北京)有限公司 | Safety cloud storage method for use in multi-cloud environment |
CN104883580A (en) * | 2015-06-03 | 2015-09-02 | 合肥工业大学 | System and method for video security convolution calculation based on homomorphic encryption |
-
2016
- 2016-04-29 CN CN201610282054.0A patent/CN106611127A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103973439A (en) * | 2014-05-08 | 2014-08-06 | 华中科技大学 | Multivariable public key encryption method |
CN104754055A (en) * | 2015-04-03 | 2015-07-01 | 易云捷讯科技(北京)有限公司 | Safety cloud storage method for use in multi-cloud environment |
CN104883580A (en) * | 2015-06-03 | 2015-09-02 | 合肥工业大学 | System and method for video security convolution calculation based on homomorphic encryption |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108877003A (en) * | 2018-06-25 | 2018-11-23 | 深圳市嘉泊智慧城市运营管理有限公司 | The garage access control system of intelligence |
CN111181938A (en) * | 2019-12-20 | 2020-05-19 | 北京交通大学 | Edge calculation distributed data encryption transmission method based on fragment transmission |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Ferreira et al. | Practical privacy-preserving content-based retrieval in cloud image repositories | |
Ferreira et al. | Privacy-preserving content-based image retrieval in the cloud | |
US9355271B2 (en) | System and method for dynamic, non-interactive, and parallelizable searchable symmetric encryption | |
US10608815B2 (en) | Content encryption and decryption using a custom key | |
CN108717514A (en) | A kind of data-privacy guard method in machine learning and system | |
Aziz et al. | A cycling chaos-based cryptic-free algorithm for image steganography | |
CN106612320A (en) | Encrypted data dereplication method for cloud storage | |
CN108111295B (en) | Homomorphic encryption method based on analog-to-analog operation | |
CN108667595A (en) | A kind of compression encryption method of large data files | |
CN112035827B (en) | Cipher data processing method, device, equipment and readable storage medium | |
CN110166221B (en) | Ciphertext data compression storage structure RCPE and data dynamic read-write method | |
Wu et al. | Improving recovered image quality in secret image sharing by simple modular arithmetic | |
CN105847853A (en) | Video content distribution method and device | |
US10929402B1 (en) | Secure join protocol in encrypted databases | |
CN104753870B (en) | a kind of data transmission method and system | |
CN106936820A (en) | The elongated amending method of data and its application in big data encryption | |
Chattopadhyay et al. | Secure data outsourcing on cloud using secret sharing scheme. | |
Aruna et al. | Medical healthcare system with hybrid block based predictive models for quality preserving in medical images using machine learning techniques | |
CN106611127A (en) | Encryption method for information access in cloud computing | |
Nalajala et al. | Light weight secure data sharing scheme for mobile cloud computing | |
Li et al. | Reversible data hiding in block compressed sensing images | |
JP7000601B2 (en) | Search for private information by sublinear public key operation | |
JP6879311B2 (en) | Message transmission system, communication terminal, server device, message transmission method, and program | |
Tsai et al. | A study on secret image sharing | |
CN111191253B (en) | Data encryption combination method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20170503 |