CN106790311A - Cloud Server stores integrality detection method and system - Google Patents
Cloud Server stores integrality detection method and system Download PDFInfo
- Publication number
- CN106790311A CN106790311A CN201710206472.6A CN201710206472A CN106790311A CN 106790311 A CN106790311 A CN 106790311A CN 201710206472 A CN201710206472 A CN 201710206472A CN 106790311 A CN106790311 A CN 106790311A
- Authority
- CN
- China
- Prior art keywords
- user
- cloud server
- file
- data
- upload
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/126—Applying verification of the received information the source of the received data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
Abstract
A kind of efficient Cloud Server for supporting that data delete weight and user identity anonymity is proposed the invention provides a kind of present invention store integrality detection method and detecting system.From unlike traditional Cloud Server, the support data that the present invention is provided delete the identity that heavy Cloud Server is known that the different user for possessing same file, and such Cloud Server can just be inferred to the attribute of this encryption file according to the identity of these users.Any information of the authenticator not comprising user identity required for the audit of user's generation.And when user downloads file, it is only necessary to it is sent to one legal proof of Cloud Server, it is not necessary to any identity information.In whole scheme, Cloud Server does not know any information on these user identity.And in the method, realize the quantitative storage of Cloud Server.
Description
Technical field
The invention belongs to Cloud Server technical field of memory, and in particular to one kind supports that data delete weight and user identity is anonymous
Property Cloud Server storage integrality detection method.
Background technology
In recent years, Cloud Server computing technique gradually penetrates into the every aspect of people's life, is that the life of people brings
Great convenience.Cloud Server storage service in Cloud Server service can provide cheap data storage and take to people
Business, and be widely used.Increasing user is ready their data to be stored on long-range Cloud Server, with
This is locally stored and safeguards the resource that these data needs expend to discharge.For Cloud Server, to deposit from difference
The increasing data of user.Nearest investigation according to EMC shows that the data for having 75% are to repeat.Cloud Server is deposited
Service provider is in order to save bandwidth cost and storage overhead for storage, when multiple users upload identical data to Cloud Server,
He attempts deleting in copy, i.e., file Cloud Servers different to each only store portion.So can greatly improve cloud clothes
The utilization rate of business device memory space so that Cloud Server can be more user services.
For a user, although Cloud Server storage has very attracting advantage, but there is also some safety
Problem.For example, Cloud Server can suffer from the malicious attack of hacker, or hardware fault, so that causing user data to lose
Lose.Or some Cloud Servers are for economic interests, the data that user infrequently accesses are abandoned.Also the Cloud Server having in order to
Good reputation is maintained, the fact that conceal loss of data to user.When their data are stored in long-range cloud service by user
On device, it is meant that lose the control to the direct physics of these data.Maliciously distorted when their data and
When partial data is lost, user be able to not may know in time.So user has reason to suspect storage in remote cloud server
Data integrality.
Cloud Server storage integrity detection is an effective solution.Cloud Server storage integrity detection is divided into
Privately owned audit and public audit.In privately owned audit program, user audits task.But because user's computing resource is limited
And storage is big in Cloud Server data volume, audit task is cumbersome, and privately owned audit can bring very big calculating and communication to user
Burden.In public audit, by one believable auditing by third party person (TPA) of audit task outsourcing, TPA only needs to examine user
Meter result returns to user, so can greatly mitigate user's audit burden, more meets practical application.
For Cloud Server, compared with traditional Cloud Server, support that the Cloud Server that data delete weight is known that
Possess the identity of the different user of same file.So Cloud Server just can guess this according to the identity of these users
The attribute of individual file, causes data-privacy to be compromised.And in traditional scheme, the different user for possessing same file is only
Vertical carries out audit task.The repeatedly used authenticator of audit is so not only calculated for same text document, also to be carried out
Multiple audit task.And many parts of authenticators from different user are also stored for Cloud Server, this takes for cloud
A storage burden for business device.So whether for being required for an efficient side for Cloud Server or user
Method come solve the problems, such as support data delete weight and user identity anonymity Cloud Server store integrity detection.
The content of the invention
To solve problems of the prior art, the present invention provides an efficient support data and deletes weight and user identity
The Cloud Server storage integrality detection method of anonymity.When the authenticator required for the audit of user's generation does not include any use
The information of family identity.And the integrality detection method that this patent is proposed, can not only protect the anonymity of user identity, also may be used
To realize the quantitative storage of Cloud Server.I.e. for a file, it is only necessary to calculate a authenticator, Cloud Server is also only needed to
The copy of a these authenticators of storage.
To overcome above-mentioned technical problem, the present invention to provide a kind of data and delete weight and the storage of user identity anonymity Cloud Server
Integrity detection device, it includes:
Initial upload user client, follow-up upload request subscription client, Cloud Server, auditing by third party center;
The initial upload user client refers to that the file for needing long-range storage was not deposited previously on Cloud Server
Storage, and the authenticator of calculation document is needed when uploading and Cloud Server is together sent to this document;
The Cloud Server has abundant calculating and storage resource, and provides a user with data storage service;
The auditing by third party center can represent user and complete audit task to mitigate the calculating of user and communicate negative
Load.
In addition to initial uploader, also including follow-up upload request user, its desired upload Cloud Server has been stored with
File, it is not necessary to upload calculate authenticator.
The present invention is also provided and is carried out that data delete weight and the storage of user identity anonymity Cloud Server is complete using said apparatus
Property detection method, it includes:
The first step, when user needs a file to store in long-range Cloud Server, first the hash values of this document
It is sent to Cloud Server;
Second step, after Cloud Server receives this hash value, sees whether the hash values of the file having had are same,
If it has, illustrating that this file is had stored on Cloud Server, the user is follow-up upload request person, is just not required to go up again
Pass this file;
3rd step, if it did not, illustrating this user for initial uploader, the user needs the ciphertext file together with it
One piece of corresponding authenticator is sent to Cloud Server;If it has, cloud randomly chooses several fast sequence numbers of random file is sent to user,
These blocks of files are returned to cloud by user, and Cloud Server verifies the correctness of these blocks of files.Correctly, this user is illustrated
It is follow-up upload user, then need not goes up transmitting file;It is incorrect, the ciphertext file is equally needed together with it with initial uploader
One piece of corresponding authenticator is sent to Cloud Server;
4th step, user sends the request of audit commission to auditing by third party center, then auditing by third party center (TPA)
Challenge information is sent to Cloud Server first, after Cloud Server is received, the corresponding proof of generation is calculated and is sent to as response
TPA, TPA verify this reasonability for proving, after the completion of audit, the result of audit is returned to user by TPA.
The data delete the method that weight and user identity anonymity Cloud Server store integrity detection, further specific bag
Include:
1st step, system initialization, pseudorandom hash function required for generating various systematic parameters and selection scheme with
And pseudo-random permutation function;
Be encrypted for the metadata convergent encryption algorithm of user by the 2nd step, file encryption;
3rd step, data delete weight, judge whether Cloud Server has been stored with this document, if stored, user is just not
With uploading again;
4th step, data file is uploaded, and the data after encryption are uploaded to Cloud Server by user;
5th step, audit, auditing by third party center is audited to file, and auditing result is returned into user.
Wherein, the 1st step is further included:
A is walked, pseudorandom hash function and pseudo-random permutation function required for selection scheme;
B is walked, and generates various systematic parameters.
Wherein, the 2nd step is further included:
A is walked, and user is to n data block { m1..., mnIn each data block as hash function input H3;
B is walked, hash function H3The encryption key of each blocks of files is exported,
C is walked, generation ciphertext C={ C1, C2..., Cn}。
Wherein, the 3rd step is further included:
A is walked, the hash values of user's calculation document first, and this hash value is sent into Cloud Server;
B is walked, and whether after Cloud Server receives this hash value, seeing the hash values of the file of storage has identical with this value
, if it did not, the authenticator required for notifying the user to upload this document and its corresponding audit;
C is walked, if the hash values of stored file have equal with this hash value, Cloud Server is from [1, n]
D element composition set D of random selection is sent to user, and the blocks of files of corresponding sequence number is sent to cloud service by user as response
Device;
D is walked, and after Cloud Server receives the response of user, is calculated:
And verify ((whether η ' ψ ', v) set up e, and whole text is possessed really if setting up and being considered as user for T ', g)=e
Part.User can not upload this file and can be with legal access this document.
Wherein, the 4th step is further included:
A is walked, and user uses key ktagFor each blocks of files generates authenticator.User selects s random number first:
{u1, u2..., us, it is that each blocks of files is calculated:
B is walked, and user is by ciphertext and its corresponding TiUpload to Cloud Server.
Wherein, the 5th step is further included:
A is walked, and produces inquiry, and audit center TPA randomly chooses one a c set of element, and generation two with
Machine number,By challenge information chal=(c, k1, k2) it is sent to Cloud Server;
B is walked, and after producing proof, Cloud Server to receive inquiry, 1≤t≤c is calculated firstWith
Then calculateWithMost backward TPA is returned and be may certify that Cloud Server possesses entirely
The proof (T, η) of file, wherein η={ η1, η2..., ηs};
C is walked, it was demonstrated that checking, after TPA receives proof, 1≤t≤c is calculated firstWithThen
Whether checking equation is set up:
Audited if setting up and passed through, do not passed through otherwise.
The present invention is also provided and is carried out that data delete weight and the storage of user identity anonymity Cloud Server is complete using said apparatus
Property detection system, it includes:
System initialization module, pseudorandom hash function required for generating various systematic parameters and selection scheme and
Pseudo-random permutation function;
File encryption module, the metadata convergent encryption algorithm of user is encrypted;
Data delete molality block, judge whether Cloud Server has been stored with this document, if stored, user just without
Upload again;
Data after encryption are uploaded to Cloud Server by data file uploading module, user;
Audit Module, auditing by third party center is audited to file, and auditing result is returned into user.
Beneficial technique effect
The present invention compared with prior art, has the advantages that:
(1) present invention can ensure that the anonymity of user identity.In existing data delete weight integrity detection scheme, use
Family generation authenticator is the private key for needing to use user, and this private key includes the identity information of user.And supporting data
Delete in the Cloud Server of weight, Cloud Server is known that the identity of the different user for possessing identical file.According to these users'
Identity, Cloud Server can guess the general contents of this document, and the data-privacy of user is seriously damaged.In the present invention,
Cloud Server not can know that the identity information of the different user for possessing identical file.Because user is recognizing for each blocks of files generation
Card device is only related to file content, unrelated with each subscriber identity information for possessing this file.When user is needed from Cloud Server
When downloading this document, it is only necessary to submit a legal download proof to Cloud Server, it is not required that the identity letter of user
Breath.
(2) method that the present invention is provided realizes the quantitative storage of Cloud Server.Weight integrality is deleted in most data
In detection scheme, Cloud Server needs to store the N parts of authenticator of blocks of files to every text document, and wherein N is to possess this file
User quantity.So the storage burden of the Cloud Server of these schemes is linear with N.In the present invention, it is right
In every text document, Cloud Server only needs to store a authenticator for completing audit task.So in that patent, cloud clothes
The storage burden of business device is quantitative unrelated with the number of users for possessing identical file.
(3) present invention realizes and only needs to calculate a authenticator for every text document.Deleted in existing data and weighed
In whole property detection scheme, the different user needs for possessing identical file independently calculate respective authenticator.In the present invention, only need
Initial uploader is wanted to calculate authenticator to each blocks of files, follow-up upload request person need not calculate authenticator.So this
Method significantly reduces calculating and the communications burden of follow-up upload request person.
Brief description of the drawings
Fig. 1 is the Cloud Server storage integrity detection system illustraton of model for supporting data to delete weight and user identity anonymity.
Fig. 2 is the corresponding relation figure of Cloud Server storage file and user.
Fig. 3 deletes weight stage schematic diagram for data.
Fig. 4 is audit phase schematic diagram.
Specific embodiment
The identity anonymous of weight and user are deleted for the data for solving the problems, such as Cloud Server, the present invention proposes a kind of height
The support data of effect delete the Cloud Server storage integrality detection method of weight and user identity anonymity.With traditional Cloud Server
Unlike, the support data that the present invention is provided delete the body that heavy Cloud Server is known that the different user for possessing same file
Part, such Cloud Server can just be inferred to the attribute of this encryption file according to the identity of these users.If for example, gathered around
The user for having this document is student, then this file content should educate the content of aspect.Certainly, with user identity
Refinement, the file content guessed also can be more, the severe leakage data-privacy of user.In the method, user generates
Any information of the authenticator not comprising user identity required for audit.And when user downloads file, it is only necessary to it is sent to
One legal proof of Cloud Server, it is not necessary to any identity information.In whole scheme, Cloud Server is not known on these
Any information of user identity.And in the method, realize the quantitative storage of Cloud Server.For each file, only
First uploader is needed to calculate its authenticator, Cloud Server also only needs to store a authenticator, and same a with possessing
The number of users of file is unrelated.
In order to further improve storage efficiency and audit performance, this patent is deposited to user data using a kind of common segment structure
Storage:Data file F is divided into n data block { m1, m2..., mn, and each blocks of files is divided into s part, i.e. mi=
{mi1, mi2..., mis, 1≤i≤n.
Theory involved by this patent is as follows:
Bilinear Pairing:
If G1It is that rank is the module of q, G2It is that two ranks are the multiplicative group of q, if mapping e:G1×G2→G2Meet following property
Matter:
1) bilinearity:ForA, b ∈ G1Meet e (aP, bQ)=e (P, Q)ab。
2) non-degeneracy:There is P, Q ∈ G so that
3) computability:There is efficient algorithm, forE (P, Q) can be calculated.
Then mapping e is called Bilinear Pairing.
BLS short signatures:
1) group G is the multiplication loop group that rank is prime number q, and its generation unit is g, and signer is randomly selectedThen calculate
X=gx∈ G, the public and private key of signer is respectively X and x.
2) assume that message is M, signer calculates σ=(H (M))x, wherein
3) when verifying, then known message M and its signature sigma first calculate e (g, σ) and whether e (X, H (M)) be equal, if
It is equal, represent that σ is the signature of message M.
The present invention provides a kind of data and deletes weight and user identity anonymity Cloud Server storage integrity detection device, its bag
Include:
Initial upload user client, follow-up upload request subscription client, Cloud Server and auditing by third party center;
The initial upload user client refers to that the file for needing long-range storage was not deposited previously on Cloud Server
Storage, and the authenticator of calculation document is needed when uploading and Cloud Server is together sent to this document;
The Cloud Server has abundant calculating and storage resource, and provides a user with data storage service;
The auditing by third party center can represent user and complete audit task to mitigate the calculating of user and communicate negative
Load.
In addition to initial uploader, also including follow-up upload request user, its desired upload Cloud Server has been stored with
File, it is not necessary to upload calculate authenticator.
The present invention is also provided and is carried out that data delete weight and the storage of user identity anonymity Cloud Server is complete using said apparatus
Property detection method, it includes:
The first step, when user needs a file to store in long-range Cloud Server, first the hash values of this document
It is sent to Cloud Server;
Second step, after Cloud Server receives this hash value, sees whether the hash values of the file having had are same,
If it has, illustrating that this file is had stored on Cloud Server, the user is follow-up upload request person, is just not required to go up again
Pass this file;
3rd step, if it did not, illustrating this user for initial uploader, the user needs the ciphertext file together with it
One piece of corresponding authenticator is sent to Cloud Server;If it has, cloud randomly chooses several fast sequence numbers of random file is sent to user,
These blocks of files are returned to cloud by user, and Cloud Server verifies the correctness of these blocks of files.Correctly, this user is illustrated
It is follow-up upload user, then need not goes up transmitting file;It is incorrect, the ciphertext file is equally needed together with it with initial uploader
One piece of corresponding authenticator is sent to Cloud Server;
4th step, user sends the request of audit commission to auditing by third party center, then auditing by third party center (TPA)
Challenge information is sent to Cloud Server first, after Cloud Server is received, the corresponding proof of generation is calculated and is sent to as response
TPA, TPA verify this reasonability for proving, after the completion of audit, the result of audit is returned to user by TPA.
The data delete the method that weight and user identity anonymity Cloud Server store integrity detection, further specific bag
Include:
1st step, system initialization, pseudorandom hash function required for generating various systematic parameters and selection scheme with
And pseudo-random permutation function;
Be encrypted for the metadata convergent encryption algorithm of user by the 2nd step, file encryption;
3rd step, data delete weight, judge whether Cloud Server has been stored with this document, if stored, user is just not
With uploading again;
4th step, data file is uploaded, and the data after encryption are uploaded to Cloud Server by user;
5th step, audit, auditing by third party center is audited to file, and auditing result is returned into user.
1st step is further included:
A is walked, pseudorandom hash function and pseudo-random permutation function required for selection scheme;
B is walked, and generates various systematic parameters.
It is the multiplication loop group group G of prime number p that a steps are further specially systematic parameter generation center selection rank1With
G2, e is computable bilinear map e:G1×G1→G2, g is G1Generation unit,Five pseudorandom hash letters of selection
Number, wherein H1It is to be mapped to from stringHash functions:H2It is to be mapped to the hash function of any from string:H2:
{ 0,1 }*→G1;Wherein H3It is the string that the string of a random length is mapped to certain length:H3:{ 0,1 }*→ { 0,1 }l, wherein l
It is the bit length and other two hash functions of the key of used AES:And h:{ 0,1 }*→
{ 0,1 }*, and a pseudo-random permutation function is selected, by the another several numbers therein of a few number Random Maps in [1, n]:
The b steps are further specially user and perform H1, H3Function and using the content of file F as input, generates each rank
Key required for section, wherein function H1It is output as ktag, required key, user's calculating during as calculating authenticatorAs authentication secret, function H3Output kenc, for encrypting file F, user calculatesAs from cloud service
Device downloads a proof for legitimacy of file.
2nd step is further included:
A is walked, and user is to n data block { m1..., mnIn each data block as hash function input H3;
B is walked, hash function H3The encryption key of each blocks of files is exported,
C is walked, generation ciphertext C={ C1, C2..., Cn}。
3rd step is further included:
A is walked, the hash values of user's calculation document first, and this hash value is sent into Cloud Server;
B is walked, and whether after Cloud Server receives this hash value, seeing the hash values of the file of storage has identical with this value
, if it did not, the authenticator required for notifying the user to upload this document and its corresponding audit;
C is walked, if the hash values of stored file have equal with this hash value, Cloud Server is from [1, n]
D element composition set D of random selection is sent to user, and the blocks of files of corresponding sequence number is sent to cloud service by user as response
Device;
D is walked, and after Cloud Server receives the response of user, is calculated:
And verify ((whether η ' ψ ', v) set up e, and whole text is possessed really if setting up and being considered as user for T ', g)=e
Part.User can not upload this file and can be with legal access this document.
4th step is further included:
A is walked, and user uses key ktagFor each blocks of files generates authenticator.User selects s random number first:
{u1, u2..., us, it is that each blocks of files is calculated:
B is walked, and user is by ciphertext and its corresponding TiUpload to Cloud Server.
5th step is further included:
A is walked, and produces inquiry, and audit center TPA randomly chooses one a c set of element, and generation two with
Machine number,By challenge information chal=(c, k1, k2) it is sent to Cloud Server;
B is walked, and after producing proof, Cloud Server to receive inquiry, 1≤t≤c is calculated firstWith
Then calculateWithMost backward TPA is returned and be may certify that Cloud Server possesses entirely
The proof (T, η) of file, wherein η={ η1, η2..., ηs};
C is walked, it was demonstrated that checking, after TPA receives proof, 1≤t≤c is calculated firstWithThen
Whether checking equation is set up:
Audited if setting up and passed through, do not passed through otherwise.
The present invention is also provided and is carried out that data delete weight and the storage of user identity anonymity Cloud Server is complete using said apparatus
Property detection system, it includes:
System initialization module, pseudorandom hash function required for generating various systematic parameters and selection scheme and
Pseudo-random permutation function;
File encryption module, the metadata convergent encryption algorithm of user is encrypted;
Data delete molality block, judge whether Cloud Server has been stored with this document, if stored, user just without
Upload again;
Data after encryption are uploaded to Cloud Server by data file uploading module, user;
Audit Module, auditing by third party center is audited to file, and auditing result is returned into user.
In system initialization module:
Pseudorandom hash function and pseudo-random permutation function required for selection scheme, systematic parameter generation center selection rank
It is the multiplication loop group group G of prime number p1And G2, e is computable bilinear map e:G1×G1→G2, g is G1Generation unit,Five pseudorandom hash functions of selection, wherein H1It is to be mapped to from stringHash functions:H2It is
The hash function of any is mapped to from string:H2:{ 0,1 }*→G1;Wherein H3It is that the string of a random length is mapped to a fixed length
The string of degree:H3:{ 0,1 }*→ { 0,1 }l, wherein l is the bit length and other two hash of the key of used AES
Function:And h:{ 0,1 }*→ { 0,1 }*, and a pseudo-random permutation function is selected, will be several in [1, n]
Number Random Maps another several numbers therein:
Various systematic parameters are generated, user performs H1, H3Function and using the content of file F as input, generates each stage institute
The key of needs, wherein function H1It is output as ktag, required key, user's calculating during as calculating authenticator
As authentication secret, function H3Output kenc, for encrypting file F, user calculatesDownloaded as from Cloud Server
One proof of legitimacy of file.
In the file encryption module:
User is to n data block { m1..., mnIn each data block as hash function input H3;
Hash function H3The encryption key of each blocks of files is exported,
Generation ciphertext C={ C1, C2..., Cn}。
The data are deleted in molality block:
The hash values of user's calculation document first, and this hash value is sent to Cloud Server;
After Cloud Server receives this hash value, see the file of storage hash values whether have with this value identical, if
No, the authenticator required for notifying the user to upload this document and its corresponding audit;
If the hash values of stored file have equal with this hash value, Cloud Server is selected at random from [1, n]
Select d element composition set D and be sent to user, the blocks of files of corresponding sequence number is sent to Cloud Server by user as response;
D is walked, and after Cloud Server receives the response of user, is calculated:
And verify ((whether η ' ψ ', v) set up e, and whole text is possessed really if setting up and being considered as user for T ', g)=e
Part, user can not upload this file and can be with legal access this document.
In the data file uploading module:
User uses key ktagFor each blocks of files generates authenticator.User selects s random number first:{u1,
u2..., us, it is that each blocks of files is calculated:
User is by ciphertext and its corresponding TiUpload to Cloud Server.
In the Audit Module:
Inquiry is produced, audit center TPA randomly chooses one the c set of element, and produces two random numbers,By challenge information chal=(c, k1, k2) it is sent to Cloud Server;
After producing proof, Cloud Server to receive inquiry, 1≤t≤c is calculated firstWithThen count
CalculateWithMost backward TPA is returned and be may certify that Cloud Server possesses whole file
Prove (T, η), wherein η={ η1, η2..., ηs};
Checking, after TPA receives proof, calculates 1≤t≤c firstWithThen verify
Whether equation is set up:
Audited if setting up and passed through, do not passed through otherwise.
Describe embodiments of the present invention in detail using embodiment and accompanying drawing below, how skill is applied to the present invention whereby
Art means solve technical problem, and reach the implementation process of technique effect and can fully understand and implement according to this.
Fig. 1 is the Cloud Server storage integrity detection system illustraton of model for supporting data to delete weight.The system is illustrated in figure
In have four participation entities, i.e., initial uploader, follow-up upload request user, Cloud Server, trusted third party audit center
(TPA).Initial uploader and follow-up upload request user are the users of Cloud Server, have and substantial amounts of want outsourcing
Data, the limited equipment of computing capability.Wherein initial uploader needs the file for uploading not have in Cloud Server, so just
Beginning uploader needs for the ciphertext of this document to send jointly to Cloud Server together with its corresponding authenticator.Follow-up upload request
User wants that the file for uploading has existed on Cloud Server, so they need not upload this document and authenticator.Cloud takes
Business device is the platform for providing the user Cloud Server service, and user can be helped to store substantial amounts of outer bag data.In auditing by third party
The heart (TPA) alleviates the computation burden of user in audit process, and Data Audit is entrusted to TPA by user, and TPA will after the completion of audit
Result returns to user.
When user needs a file to store in long-range Cloud Server, the hash values of this document are sent to cloud first
Server.After Cloud Server receives this hash value, see whether the hash values of the file having had are same.If it has,
Illustrate that this file is had stored on Cloud Server, the user is follow-up upload request person, be just not required to upload this text again
Part.If it did not, illustrating this user for initial uploader, the user needs the ciphertext file together with its corresponding authenticator
One piece is sent to Cloud Server.In audit process, user sends the request of audit commission to auditing by third party center, and then the
Tripartite's audit center (TPA) sends challenge information to Cloud Server first.After Cloud Server is received, the corresponding card of generation is calculated
It is bright to be sent to TPA as response.TPA verifies this reasonability for proving.After the completion of audit, TPA returns to the result of audit
User.
Fig. 2 is the corresponding relation figure of Cloud Server storage file and user.Illustrate supporting data to delete the cloud of weight in figure
On server, a file of Cloud Server storage generally corresponds to multiple users.Signal in figure a, it can be seen that text
Part correspondence multiple user.Assuming that three files that are stored with Cloud Server, file 1, file 2 and file 3.Deleted data are supported
On the Cloud Server of weight, it is known that Cloud Server knows the identity of the different user for possessing identical file.So occur as soon as this
A kind of situation of sample, it is assumed that the user identity of file 1 is student in figure, then Cloud Server is it is known that its respective file 1
General Matters be related to education.With the refinement of user identity, the content of the file that Cloud Server is guessed also by
Gradually it is close to true content.For example, the user of this file 1 is not only the university student of student or department of computer science, then cloud takes
Business device can just guess that the content of file 1 should be relevant with university computer teaching.Further, if file 1 has one
The identity of people is university data structure teacher, then it is Teaching of Data Structure that Cloud Server just can accurately guess file 1
Data.So obvious severe leakage user data privacy.So, it is very important to protect the privacy of identities of user.
Fig. 3 deletes weight stage schematic diagram for data.Illustrated in figure from user C to Cloud Server send file hash values,
Then Cloud Server judges whether there has been this document according to this value.If had, just verify whether user is certain
Possess this file, this document need not then be uploaded by the user for verifying.Otherwise, user needs to upload this document and its is right
The authenticator answered.
Illustrate such as in figure, before transmitting file on user, hash values h (C) of file cipher text are sent to cloud first.Cloud is received
See in the file having had whether there is the hash value equal with this value to this hash value.If it has, explanation user wants to upload
File existed in cloud.In order to determine that this user possesses whole file and wants to upload this document really, cloud is in [1, n]
Randomly select d element and issue user.After user receives the challenge information that cloud is sent, by the blocks of files { m of corresponding sequence numberi}i∈DMake
Cloud is sent to respond.After receiving the response that cloud is sent, cloud is calculated first:
And verify ((whether η ' ψ ' v) set up equation e for T ', g)=e.If set up, cloud just believes that the user is certain
Possess whole file.The user is not required to upload this file again.
Fig. 4 is audit phase schematic diagram.TPA is illustrated in figure and sends challenge information to Cloud Server, then Cloud Server
One is sent to TPA may certify that its proof for possessing whole file really.Last TPA verifies this reasonability for proving.
If the Cloud Server honest whole file that is stored with really rationally, is considered as, without cheating.Otherwise it is assumed that Cloud Server does not have
Be stored with whole file.
After auditing by third party center (TPA) receives the audit request that user sends, one is randomly choosed first c unit
The set of element, and two random numbers are produced,By challenge information chal=(c, k1, k2) be sent to
Cloud Server.After high in the clouds receives inquiry, 1≤t≤c is calculated firstWithThen calculate
WithMost backward TPA is returned and be may certify that cloud possesses the proof (T, η) of whole file, and wherein η=
{η1, η2..., ηs}.After TPA receives proof, 1≤t≤c is calculated firstWithThen verify following
Whether equation is set up:
Audited if setting up and passed through, do not passed through otherwise.
Implementation process of the invention is as follows:
System initialization:Systematic parameter generation center selection rank is the multiplication loop group group G of prime number p1And G2, e is to calculate
Bilinear map e:G1×G1→G2, g is G1Generation unit,Five pseudorandom hash functions of selection, wherein H1It is
It is mapped to from stringHash functions:H2It is to be mapped to the hash function of any from string:H2:{ 0,1 }*→G1;
Wherein H3It is the string that the string of a random length is mapped to certain length:H3:{ 0,1 }*→ { 0,1 }l, wherein l is to use to add
The bit length of the key of close algorithm.And other two hash functions:And h:{ 0,1 }*→ { 0,1 }*.And
And one pseudo-random permutation function of selection, by the another several numbers therein of a few number Random Maps in [1, n]:User performs H1, H3Function and using the content of file F as input, generates each stage institute
The key of needs.Wherein function H1It is output as ktag, required key during as calculating authenticator.User calculates
As authentication secret.Function H3Output kenc, for encrypting file F.User calculatesFile is downloaded as from high in the clouds
A proof for legitimacy.
The file encryption stage:User is to n data block { m1..., mnIn each data block as hash function input
H3.Hash function H3The encryption key of each blocks of files is exported,Generated using these encryption keys
Ciphertext C={ C1, C2..., Cn}。
Data delete the weight stage:Before upper transmitting file, hash values h (C) of user's calculation document ciphertext first, and by this
Hash values h (C) are sent to Cloud Server.Whether after high in the clouds receives h (C), seeing the hash values of the file of storage has identical with h (C)
's.If it did not, the authenticator required for notifying the user to upload this document and its corresponding audit.If stored text
The hash values of part have equal with this hash value h (C), and Cloud Server d element of random selection from [1, n] is sent to user,
Be sent to cloud cloud receive the response of user after as responding the blocks of files of corresponding sequence number by user, calculates:
And verify ((whether η ' ψ ', v) set up e, and whole text is possessed really if setting up and being considered as user for T ', g)=e
Part.User can not upload this file and can be with legal access this document.
Data upload the stage:User uses key ktagFor each blocks of files generates authenticator.User select first s with
Machine number:{u1, u2..., us, it is that each blocks of files calculates authenticator:
Data are calculated when block authenticator is to audit for verification of data integrity, block label is based in this patent
BLS short signatures are calculated;User is file cipher text C={ C1, C2..., CnAnd block label TiHigh in the clouds storage, Ran Houke are dealt into together
Audit task is entrusted into audit center by escape way.Just can be according to user after the user's commission of audit central authentication is legal
It is required that to data casual audit.
The inquiry stage:Audit center TPA randomly chooses one the c set of element, and produces two random numbers,By challenge information chal=(c, k1, k2) it is sent to Cloud Server.
Prove the generation stage:After high in the clouds receives inquiry, 1≤t≤c is calculated firstWithThen count
CalculateWithMost backward TPA is returned and be may certify that cloud possesses the proof of whole file
(T, η), wherein η={ η1, η2..., ηs}。
Checking:After TPA receives proof, 1≤t≤c is calculated firstWithThen verify
Whether equation is set up:
Audited if setting up and passed through, do not passed through otherwise.Show that data are complete if by checking, otherwise corrupted data or
Lose.Auditing result is sent to user by audit center, and user can accordingly assess the quality of cloud service.
All above-mentioned this intellectual properties of primarily implementation, the not this new product of implementation of setting limitation other forms
And/or new method.Those skilled in the art will be using this important information, the above modification, to realize similar execution feelings
Condition.But, all modifications or transformation are based on the right that new product of the present invention belongs to reservation.
The above, is only presently preferred embodiments of the present invention, is not the limitation for making other forms to the present invention, is appointed
What those skilled in the art changed possibly also with the technology contents of the disclosure above or be modified as equivalent variations etc.
Effect embodiment.But it is every without departing from technical solution of the present invention content, according to technical spirit of the invention to above example institute
Any simple modification, equivalent variations and the remodeling made, still fall within the protection domain of technical solution of the present invention.
Claims (9)
1. a kind of data delete weight and user identity anonymity Cloud Server stores integrity detection device, it is characterised in that:Including:
Initial upload user client, follow-up upload request subscription client, Cloud Server, auditing by third party center;
The initial upload user client refers to that the file for needing length of run to store is not previously stored on Cloud Server, and
And the authenticator of calculation document is needed when uploading and Cloud Server is together sent to this document;
The Cloud Server has abundant calculating and storage resource, and provides a user with data storage service;
The auditing by third party center can represent user and complete audit task to mitigate calculating and the communications burden of user.
In addition to initial uploader, also including follow-up upload request user, the text that its desired upload Cloud Server has been stored with
Part, it is not necessary to upload and calculate authenticator.
2. data are carried out using claim 1 described device and delete weight and user identity anonymity Cloud Server storage integrity detection
Method, it is characterised in that including:
The first step, when user needs a file to store in long-range Cloud Server, first sends the hash values of this document
To Cloud Server;
Second step, after Cloud Server receives this hash value, sees whether the hash values of the file having had are same, if
Have, illustrate that this file is had stored on Cloud Server, the user is follow-up upload request person, is just not required to upload this again
File;
3rd step, if it did not, illustrating this user for initial uploader, the user needs the ciphertext file together with its correspondence
One piece of authenticator be sent to Cloud Server;If it has, cloud randomly chooses several fast sequence numbers of random file is sent to user, user
These blocks of files are returned into cloud, Cloud Server verifies the correctness of these blocks of files.Correctly, after illustrating that this user is
Continuous upload user, then need not go up transmitting file;It is incorrect, the ciphertext file is equally needed together with its correspondence with initial uploader
One piece of authenticator be sent to Cloud Server;
4th step, user sends the request of audit commission to auditing by third party center, and then auditing by third party center (TPA) first
Challenge information is sent to Cloud Server, after Cloud Server is received, the corresponding proof of generation is calculated and is sent to TPA as response,
TPA verifies this reasonability for proving, after the completion of audit, the result of audit is returned to user by TPA.
3. data described in claim 2 delete the method that weight and user identity anonymity Cloud Server store integrity detection, and it is special
Levy and be, further include:
1st step, system initialization, pseudorandom hash function and puppet required for generating various systematic parameters and selection scheme
Random permutation function;
Be encrypted for the metadata convergent encryption algorithm of user by the 2nd step, file encryption;
3rd step, data delete weight, judge whether Cloud Server has been stored with this document, if stored, user is just without again
Upload;
4th step, data file is uploaded, and the data after encryption are uploaded to Cloud Server by user;
5th step, audit, auditing by third party center is audited to file, and auditing result is returned into user.
4. data as claimed in claim 3 delete the method that weight and user identity anonymity Cloud Server store integrity detection, its
It is characterised by:
1st step further includes,
A is walked, pseudorandom hash function and pseudo-random permutation function required for selection scheme;
B is walked, and generates various systematic parameters.
5. the data as described in claim 3 or 4 delete the method that weight and user identity anonymity Cloud Server store integrity detection,
It is characterized in that:
2nd step is further included:
A is walked, and user is to n data block { m1..., mnIn each data block as hash function input H3;
B is walked, hash function H3The encryption key of each blocks of files is exported,
C is walked, generation ciphertext C={ C1, C2..., Cn}。
6. the data as described in claim 3 to 5 delete the method that weight and user identity anonymity Cloud Server store integrity detection,
It is characterized in that:
3rd step is further included:
A is walked, the hash values of user's calculation document first, and this hash value is sent into Cloud Server;
B walk, after Cloud Server receives this hash value, see the file of storage hash values whether have with this value identical, such as
Fruit does not have, the authenticator required for notifying the user to upload this document and its corresponding audit;
C is walked, if the hash values of stored file have equal with this hash value, Cloud Server is random from [1, n]
D element composition set D of selection is sent to user, and the blocks of files of corresponding sequence number is sent to Cloud Server by user as response;
D is walked, and after Cloud Server receives the response of user, is calculated:
And verify ((whether η ' ψ ', v) set up e, and whole file is possessed really if setting up and being considered as user for T ', g)=e.With
Family can not upload this file and can be with legal access this document.
7. the data as described in claim 3 to 6 delete the method that weight and user identity anonymity Cloud Server store integrity detection,
It is characterized in that:
4th step is further included:
A is walked, and user uses key ktagFor each blocks of files generates authenticator.User selects s random number first:{u1,
u2..., us, it is that each blocks of files is calculated:
B is walked, and user is by ciphertext and its corresponding TiUpload to Cloud Server.
8. the data as described in claim 3 to 7 delete the method that weight and user identity anonymity Cloud Server store integrity detection,
It is characterized in that:
5th step is further included:
A is walked, and produces inquiry, and audit center TPA randomly chooses one the c set of element, and produces two random numbers,By challenge information chal=(c, k1, k2) it is sent to Cloud Server;
B is walked, and after producing proof, Cloud Server to receive inquiry, 1≤t≤c is calculated firstWithThen
CalculateWithMost backward TPA is returned and be may certify that Cloud Server possesses whole file
Proof (T, η), wherein η={ η1, η2..., ηs};
C is walked, it was demonstrated that checking, after TPA receives proof, 1≤t≤c is calculated firstWithThen verify
Whether equation is set up:
Audited if setting up and passed through, do not passed through otherwise.
9. a kind of data delete the system that weight and user identity anonymity Cloud Server store integrity detection, it is characterised in that bag
Include:
System initialization module, pseudorandom hash function and puppet required for generating various systematic parameters and selection scheme with
Machine permutation function;
File encryption module, the metadata convergent encryption algorithm of user is encrypted;
Data delete molality block, judge whether Cloud Server has been stored with this document, if stored, user just without going up again
Pass;
Data after encryption are uploaded to Cloud Server by data file uploading module, user;
Audit Module, auditing by third party center is audited to file, and auditing result is returned into user.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710206472.6A CN106790311A (en) | 2017-03-31 | 2017-03-31 | Cloud Server stores integrality detection method and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710206472.6A CN106790311A (en) | 2017-03-31 | 2017-03-31 | Cloud Server stores integrality detection method and system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106790311A true CN106790311A (en) | 2017-05-31 |
Family
ID=58965862
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710206472.6A Pending CN106790311A (en) | 2017-03-31 | 2017-03-31 | Cloud Server stores integrality detection method and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106790311A (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108809996A (en) * | 2018-06-15 | 2018-11-13 | 青岛大学 | Different popularities delete the integrality auditing method for storing data again |
CN109409116A (en) * | 2018-11-12 | 2019-03-01 | 青岛大学 | Solve the safely outsourced method of undirected weighted graph minimal cut |
CN110392083A (en) * | 2018-04-20 | 2019-10-29 | 华为技术有限公司 | Control method, device and the terminal device that the file second passes |
CN110798478A (en) * | 2019-11-06 | 2020-02-14 | 中国联合网络通信集团有限公司 | Data processing method and device |
CN111090840A (en) * | 2019-11-15 | 2020-05-01 | 杭州云象网络技术有限公司 | Method for user service authentication by using block chain pre-registration information |
CN112784314A (en) * | 2021-01-27 | 2021-05-11 | 青岛大学 | Data integrity detection method and device, electronic equipment and storage medium |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103731261A (en) * | 2014-01-09 | 2014-04-16 | 西安电子科技大学 | Secret key distribution method under encrypted repeating data deleted scene |
CN103731423A (en) * | 2013-12-25 | 2014-04-16 | 北京安码科技有限公司 | Safe method for repeated data deleting |
CN105227317A (en) * | 2015-09-02 | 2016-01-06 | 青岛大学 | A kind of cloud data integrity detection method and system supporting authenticator privacy |
CN105681273A (en) * | 2015-12-17 | 2016-06-15 | 西安电子科技大学 | Client data deduplication method |
CN105721158A (en) * | 2016-01-20 | 2016-06-29 | 青岛一帆风顺软件有限公司 | Cloud safety privacy and integrity protection method and cloud safety privacy and integrity protection system |
-
2017
- 2017-03-31 CN CN201710206472.6A patent/CN106790311A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103731423A (en) * | 2013-12-25 | 2014-04-16 | 北京安码科技有限公司 | Safe method for repeated data deleting |
CN103731261A (en) * | 2014-01-09 | 2014-04-16 | 西安电子科技大学 | Secret key distribution method under encrypted repeating data deleted scene |
CN105227317A (en) * | 2015-09-02 | 2016-01-06 | 青岛大学 | A kind of cloud data integrity detection method and system supporting authenticator privacy |
CN105681273A (en) * | 2015-12-17 | 2016-06-15 | 西安电子科技大学 | Client data deduplication method |
CN105721158A (en) * | 2016-01-20 | 2016-06-29 | 青岛一帆风顺软件有限公司 | Cloud safety privacy and integrity protection method and cloud safety privacy and integrity protection system |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110392083A (en) * | 2018-04-20 | 2019-10-29 | 华为技术有限公司 | Control method, device and the terminal device that the file second passes |
CN110392083B (en) * | 2018-04-20 | 2022-06-24 | 华为技术有限公司 | File second transmission control method and device and terminal equipment |
CN108809996A (en) * | 2018-06-15 | 2018-11-13 | 青岛大学 | Different popularities delete the integrality auditing method for storing data again |
CN108809996B (en) * | 2018-06-15 | 2021-02-12 | 青岛大学 | Integrity auditing method for duplicate deletion stored data with different popularity |
CN109409116A (en) * | 2018-11-12 | 2019-03-01 | 青岛大学 | Solve the safely outsourced method of undirected weighted graph minimal cut |
CN110798478A (en) * | 2019-11-06 | 2020-02-14 | 中国联合网络通信集团有限公司 | Data processing method and device |
CN110798478B (en) * | 2019-11-06 | 2022-04-15 | 中国联合网络通信集团有限公司 | Data processing method and device |
CN111090840A (en) * | 2019-11-15 | 2020-05-01 | 杭州云象网络技术有限公司 | Method for user service authentication by using block chain pre-registration information |
CN112784314A (en) * | 2021-01-27 | 2021-05-11 | 青岛大学 | Data integrity detection method and device, electronic equipment and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106254374B (en) | A kind of cloud data public audit method having duplicate removal function | |
Yu et al. | Strong key-exposure resilient auditing for secure cloud storage | |
Yu et al. | Enhanced privacy of a remote data integrity-checking protocol for secure cloud storage | |
CN102611749B (en) | Cloud-storage data safety auditing method | |
CN107147720B (en) | Traceable effective public audit method and system in a kind of cloud storage data sharing | |
CN106790311A (en) | Cloud Server stores integrality detection method and system | |
Li et al. | A method for achieving provable data integrity in cloud computing | |
CN104978239B (en) | A kind of method, apparatus and system realizing more Backup Data dynamics and updating | |
JP2020521369A (en) | Application generated encryption key for data deduplication | |
Hou et al. | Cloud storage auditing with deduplication supporting different security levels according to data popularity | |
Sun et al. | Outsourced decentralized multi-authority attribute based signature and its application in IoT | |
Zhu et al. | A round-optimal lattice-based blind signature scheme for cloud services | |
CN107483585A (en) | The efficient data integrality auditing system and method for safe duplicate removal are supported in cloud environment | |
CN105721158A (en) | Cloud safety privacy and integrity protection method and cloud safety privacy and integrity protection system | |
CN110912897B (en) | Book resource access control method based on ciphertext attribute authentication and threshold function | |
CN107172071A (en) | A kind of cloud Data Audit method and system based on attribute | |
Tan et al. | An efficient method for checking the integrity of data in the cloud | |
Xiang et al. | Achieving verifiable, dynamic and efficient auditing for outsourced database in cloud | |
CN108123934A (en) | A kind of data integrity verifying method towards mobile terminal | |
CN103916393B (en) | Cloud data-privacy protection public's auditing method based on symmetric key | |
He et al. | Provable data integrity of cloud storage service with enhanced security in the internet of things | |
Liu et al. | Offline/online attribute‐based encryption with verifiable outsourced decryption | |
Wu et al. | Privacy-preserving certificateless cloud auditing with multiple users | |
Zhang et al. | Efficient public verification proof of retrievability scheme in cloud | |
Rabaninejad et al. | Comments on a lightweight cloud auditing scheme: Security analysis and improvement |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information |
Address after: 266071 Shandong city of Qingdao province Ningxia City Road No. 308 Applicant after: Qingdao University Address before: 266071 Ningxia Road, Shandong, China, No. 308, No. Applicant before: Qingdao University |
|
CB02 | Change of applicant information | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170531 |
|
RJ01 | Rejection of invention patent application after publication |