CN106911708B

CN106911708B - A kind of cloud data public audit method for supporting batch processing to verify and to have wrong data positioning function

Info

Publication number: CN106911708B
Application number: CN201710178312.5A
Authority: CN
Inventors: 庞晓琼; 王田琪; 陈文俊
Original assignee: North University of China
Current assignee: North University of China
Priority date: 2017-03-23
Filing date: 2017-03-23
Publication date: 2019-12-03
Anticipated expiration: 2037-03-23
Also published as: CN106911708A

Abstract

The invention discloses a kind of cloud data public audit methods for supporting batch processing to verify and to have wrong data positioning function.The method include the steps that its blocks of files and data label are stored in Cloud Server by each cloud user, the positioning label of blocks of files is sent to TPA；TPA receives the data being stored on multiple Cloud Servers after the audit request of user to these users and throws down the gauntlet, after receiving the proof of return, the proof that challenge and server of the TPA based on transmission return carries out validation verification, if Data Audit result is to pass through by verifying；Otherwise TPA verification positioning label, the then auditing result that positioning label Verification passes through are to pass through, otherwise the index of cloud user index and place server belonging to output error data.Last TPA to auditing result be by cloud user send and audit successfully, be the index of unacceptable cloud user transmission wrong data subordinate server to auditing result.The present invention is convenient for the position for allowing user faster to find out damaged data.

Description

It is a kind of to support that batch processing verifies and the cloud data that have wrong data positioning function disclose Auditing method

Technical field

It is verified the invention belongs to technical field of network security more particularly to a kind of support batch processing and has wrong data and determined The cloud data public audit method of bit function.

Background technique

Possessing property of data proves that (Provable Data Possession, PDP) scheme can allow user in no local It in the case where backup, does not need to fetch data, the number that can be stored in very high probability remote verification on insincere server According to whether completely, communication bandwidth is saved.Currently, most of PDP schemes are stored on a single server for single user Data carry out completeness check.But reality situation in, cloud storage provide service be towards many users, meanwhile, cloud Service provider be not it is single, each cloud service provider possessed also be not only individual server.In order to more suitable Reality is answered, in recent years, the PDP scheme under multi-user's list server, single user multiserver, multi-user's multiserver scene is successively It is suggested.The data integrity batch processing checkschema of multi-user's multiserver is supported to substantially reduce computing cost, but After corrupt data, the source of wrong data often accurately can not be quickly determined.So it is an object of the invention to: in multi-user Under environment of multi-server, while realizing the verification of batch processing remote data integrity, moreover it is possible to realize the positioning to wrong data, i.e., It finds which user is wrong data belong to, and stores on which server, be convenient for that user is allowed faster to find that oneself is stored in this way Corrupted data on which server.

Related work

2013, Wang et al. was mentioned under multi-user's list server environment using BLS signature construction homomorphism verifying label A kind of batch processing checkschema for protecting user data privacy is gone out, and has judged that the data of which user go out using binary chop It is wrong.2016, Mao et al. was proposed at supporting under a kind of cloudy server environment of single user batch also with BLS short signature The data integrity verifying scheme of reason, but scheme does not account for the problem of wrong data positions.

2014, Liu et al. people proposed the batch processing verification side under a kind of multi-user's multiserver scene using Bilinear map Case, and displacement attack is resisted using orderly Merkle Hash Tree.Ren et al. uses the Co-GDH on elliptic curve Signature construction homomorphism verifies label, proposes that one kind can disclose the batch processing checkschema for verifying and protecting privacy, and utilize data It updates information table and realizes that data dynamic updates.2016, Zhou et al. proposed one kind using Bilinear map and CDH problem and is based on The batch processing PDP scheme of ID.Above scheme fast and effeciently can disposably verify multiple users and be stored on multiple servers Data it is whether complete, but they do not consider the orientation problem of wrong data.

In the batch processing scheme under multi-user's multiserver scene, also someone is it is proposed that the idea that wrong data positions. 2013, He et al. proposed a kind of recognizable damage data, support batch processing data using recoverable coding method Integrity check scheme can all detected the user of all corrupt datas, but without clothes locating for positioning error data Business device.2015, Shin et al. also proposed a kind of batching data integrity check scheme for realizing damage data identification, but It is that after the corrupt data for having multiple servers to return, the program can only determine the last one erroneous servers, and can not be true Determine the owner of wrong data.

The batch processing cloud data that the invention proposes a kind of to support wrong data to position under multi-user's environment of multi-server The audit work of data integrity verifying is entrusted to auditing by third party person (Third Party by public audit method, cloud user Auditor, TPA).After TPA receives the audit request of multiple cloud users, batch processing verifies these clouds user and is stored in multiple services The integrality of data on device.It, can be real in primary challenge after detecting corrupt data while realizing batch processing verification Existing wrong data positioning function, that is, the owner for finding error data and the server locating for it.

Summary of the invention

The technology of the present invention in view of the deficiencies of the prior art, the present invention provides a kind of support batch processing verification and has mistake The cloud data public audit method of data positioning function.

Disclosed by the invention is one kind under multi-user's environment of multi-server, can support wrong data positioning and batch processing school The cloud data public audit method tested, the present invention include: CA (Certificate Authority, authentication center) server into The setting of row initiation parameter, all cloud users can be to the one's own public private key pair of CA application；Each cloud user is by theirs Blocks of files and data label are stored in Cloud Server, and the positioning label of blocks of files is sent to TPA；TPA receives multiple clouds After the audit request of user, data that these users are stored on multiple Cloud Servers can throw down the gauntlet simultaneously, receive by After challenging the proof that Cloud Server returns, the proof that challenge and server of the TPA based on transmission return carries out validity batch and tests Card, if illustrating that the Data Audit result of cloud user involved in challenge is to pass through by verifying.Otherwise, TPA verification positioning mark Label pass through positioning label Verification, illustrate that corresponding data are complete, i.e., auditing result is to pass through；Positioning label is tested It demonstrate,proves unacceptable, illustrates that data are destroyed, the rope of cloud user index and place server belonging to TPA output error data Draw.Last TPA to auditing result be by cloud user send successful Audit Report of auditing.It is unacceptable to auditing result The index of cloud user transmission wrong data subordinate server.

Compared with prior art, beneficial effects of the present invention:

Realize wrong data positioning: the present invention not only realizes under multi-user's environment of multi-server, multiple cloud users The person that can entrust auditing by third party carries out batch processing audit to the data being stored in multiple Cloud Servers.In addition it is examined in batch processing It counts in unacceptable situation, only does and once relatively operate the data that can judge that specific user is stored on particular server and be It is no to be destroyed.In addition, the present invention can also find out all error datas, while positioning user belonging to error data and place clothes Business device reduces user and finds the time of wrong data, and more easily determine convenient for allowing user faster to find out the position of damaged data The degree of reliability of Cloud Server.

The present invention realizes under multi-user's environment of multi-server, supports the data integrity validation of batch processing, while going back structure A kind of positioning label has been made to realize the positioning function of wrong data, can make after batch processing verification corrupted data user and Its corrupt data of Shi Faxian, and it can be seen that damaged data position, improve user detect document lending position efficiency.

Detailed description of the invention

Fig. 1 is specific implementation method flow chart of the present invention.

Fig. 2 is the data label generating process schematic diagram of the specific embodiment of the invention.

Fig. 3 is the positioning label generating process schematic diagram of the specific embodiment of the invention.

Fig. 4 is the public audit and wrong data position fixing process schematic diagram of the specific embodiment of the invention.

Fig. 5 is cloud user DO₁With a_1tFor parameter, for Cloud Server CS₁4 data block M of upper storage₁₁₁, M₁₁₂, M₁₁₃, M₁₁₄MHT (Merkle Hash Tree, Merkle Hash tree) TR of building_11t。

Specific embodiment

Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation description, those skilled in the art's every other embodiment obtained without making creative work all belong to In the scope of protection of the invention.

Method flow of the invention is as shown in Figure 1, the steps include:

1, CA server carries out initiation parameter setting；

● using k as security parameter, select two ranks for the multiplicative cyclic group G of q₁And G₂, q be a Big prime and meet q > 2^k, take G₁Generation member be g, in group G₁And G₂One bilinear map e:G of upper selection₁×G₁→G₂。

● four cryptography Hash function H of selection₁,H₂,H₃,H₄With a pseudo-random function f, wherein H₁: { 0,1 }^*→G₁, H₂: { 0,1 }^*→Z_q, H₃: { 0,1 }^*→G₁, H₄: { 0,1 }^*→Z_q(H₁And H₃, H₂And H₄It is different Hash function respectively),Wherein Z_q=0,1,2 ..., and q-1 }, each user index can be expressed as w_iThan Special string, each server index can be expressed as w_jThe string of bit, each blocks of files index can be expressed as w_kThe string of bit.

● random selectionAs subregion coefficient, and enable λ=k as each user to identical number According to the quantity of building MHT (Merkle Hash Tree, Merkle Hash tree).

● random selectionAs main private key msk, and enabling Your Majesty's key is mpk=g^x。

● by common parameter params=(G₁,G₂,q,g,e,H₁,H₂,H₃,H₄,f,{v_l, λ) and Your Majesty's key mpk=g^xIt is public It opens, main private key msk=x secret is saved.

2, cloud user DO_iTo the public private key pair of CA application oneself

●DO_iIt generates key application request Concurrency to send to CA server, CA server is DO_iGenerate key pair (pk_i, sk_i), wherein public key pk_i=H₁(ID_i), private key sk_i=H₁(ID_i)^x=pk_i ^x, i is cloud user DO_iIndex, ID_iFor DO_iBody Part identifier.

3, CA server is by private key sk_iDO is sent to by safe lane_i。

4、DO_iBlocks of files to be uploaded is pre-processed into (Fig. 2 is data label generating process)

●DO_iFixed length segmentation is carried out to file to be uploaded, enables M_ijkIndicate cloud user DO_iIt is stored in server CS_jOn kth A block, each piece is made of s subregion, enables F_ijklIndicate DO_iIt is stored in CS_jOn k-th piece in first of subregion.

●DO_iTo each data block M_ijkGenerate a label value σ_ijk=(S_ijk,T_ijk), specific generation method are as follows: DO_iWith Machine is chosenTo each blocks of files M of oneself_ijkIt calculatesh_i=H₂(ID_i), hpk=H₃ (mpk), it and calculates

5、DO_iBlocks of files and data label are uploaded in corresponding Cloud Server

DO_iBy its all blocks of files { M_ijkAnd corresponding data label { σ_ijkBe sent to accordingly by server index Server.

6, each server verifies the availability such as Fig. 2 for the data label that it is received, and each server receives user's transmission Data block and data label after, by verifying whether following equation at Rob Roy determines whether data label correct.

If equation is set up, illustrate that the data label that user uploads is available, the data block that server storage verification passes through With data label；If equation is invalid, Cloud Server requires user to upload again.

7、DO_iIt generates positioning label and sends it to TPA (Fig. 3 is to position label generating process)

● set storage DO_iThe server indexed set for uploading file data is combined into J_i, and DO_iIn server CS_j(j∈J_i) on deposit The blocks of files block number of storage is N_ij。DO_iRandom selectionDO_iTo each server CS_j(j∈J_i), Respectively with a_it(1≤t≤λ) is MHT parameter, is stored in CS to it_jOn N_ijA data block constructs λ MHT.Each tree is used TR_ijt(1≤t≤λ) is indicated, TR_ijtRoot node R_ijtIt indicates.

Such as user DO₁In server CS₁On house 4 data block M altogether₁₁₁、M₁₁₂、M₁₁₃、M₁₁₄, use a_1t(1≤t ≤ λ) it is used as parameter, TR_11tBuilding such as Fig. 5, the root of tree is R_11t。

●DO_iConstruct a positioning concordance listWherein a_it(1≤t≤λ) For MHT parameter, chr is enabled_ijt=R_ijt(j∈J_i, 1≤t≤λ) and indicate DO_iIt is stored in CS_jT-th of positioning mark of upper all data Label.If chr_ijtIt is not present, i.e.,Then enable chr_ijt=-1.Wherein η indicates the number of server.DO_iThe positioning rope of building Draw Table I ndex_iAs shown in table 2.

●DO_iConcordance list will be positioned, i.e. positioning label is sent to TPA.

Table 2 is user DO_iThe positioning concordance list Index of building_i

8, cloud user DO_iAudit request is initiated to TPA

● audit request DO_iThe indexed set { (i, j, k) } of all data blocks of upper transmitting file, including cloud user DO_iIndex I stores DO_iThe Cloud Server CS of data_jIndex j ∈ J_i, it is stored in Cloud Server CS_jOn data block index k.

9, TPA generates challenge according to the audit request of user (step 9~13 detailed process are reacted by Fig. 4)

● after the audit request for receiving multiple cloud users, all audit requests are done union by TPA, obtain total audit request Set Q=∪ { (i, j, k) }.

● TPA selects c block from total audit request set Q and is verified, and enables(1≤n≤c,(i_n,j_n, k_n) ∈ Q) indicate c selected block, set I={ (i is constructed by element of the index of this c block_n,j_n,k_n) | n=1 ..., c}。

● TPA building mapping f₁:I→Z_q,MeetWork as i_s=i_tWhen, haveEnable set

● TPA is randomly selectedTPA building mapping MeetWork as i_s=i_tWhen, haveWherein MHT parameterBy cloud userIt is generated in step 7, and be sent to TPA by positioning concordance list.Enable MHT parameter sets

● always challenge chal=(I, K, α).

● setting indicates that TPA will be challenged always with U by the index set { j } for the c data block place Cloud Server that TPA chooses Chal is pressed by the difference of challenge Cloud Server, is divided into | U | a point of challenge { chal_j, | U | indicate the element number in set U, MeetEach chal_j=(I_j,K_j,α_j), wherein I_j={ (i_n,j_n,k_n)|(i_n,j_n,k_n) ∈ I and j_n =j },

● TPA is by chal_jIt is sent to server CS_j。

10, the server for receiving challenge calculates corresponding prove

● receive challenge chal_jCloud Server CS_jTo I_jEach of data block index (i_n,j_n,k_n), respectively with phase It answersFor key, calculated using pseudo-random function fI.e. each number A corresponding r is indexed according to block_n.WhereinIt is chosen in the first step by CA and openly.

● Cloud Server CS_jTo I_jIn belong to same user (such as user DO_i) all data block { (i_n,j_n,k_n)|(i_n, j_n,k_n)∈I_jAnd i_n=i, j_n=j } l ∈ [1, s] a subregion, calculateIt is wrapped Set { F containing s element_ij′_l| l=1 ..., s }, whereinIndicate that index is i_nCloud userIt is stored in index For the Cloud Server CS of j_jOn kth_nFirst of subregion of a data block.Cloud Server CS_jTo I_jIn all user do it is above-mentioned Identical operation, and all obtained set are done into union and form new set { F '_ijl|i∈O_j, l=1 ..., s }, wherein O_j Indicate I_jIn include all cloud users index set.

● to I_jIn all data blocks data label CS_jIt calculates It is i-th_nA cloud user is stored in jth_nA clothes The kth being engaged on device_nThe data label of a data block is comprising two partsWith

● Cloud Server CS_jFor each cloud user DO challenged_i(i∈O_j), to all data being stored thereon Block, with α_jIn with cloud user DO_iData block index corresponding a_iτFor parameter, one is constructed according to method as shown in Figure 5 MHT is expressed as TR_ijτ, tree root R_ijτ.Wherein α_jBy chal_j=(I_j,K_j,α_j) provide.All O_jThe data block of medium cloud user The MHT tree root of building user corresponding with its, server index constitute set { (i, j, R_ijτ)|i∈O_j}。

● Cloud Server CS_jConstruction proves P_j=(S '_j,T′_j,{F′_ijl|i∈O_j, l=1 ..., s }, { (i, j, R_ijτ)|i ∈O_j})。

11, all Cloud Servers challenged, which will demonstrate that, is sent to verifier TPA

12, TPA batch processing verification proves

● after TPA receives all proofs returned by challenge server, these are proved to carry out batch processing verification, verification step It is rapid as follows: first to calculateThen whether verification equation (1) is true, medium O indicates the index set of cloud user involved in total challenge chal of verifier generation in formula (1).

If 1) equation (1) is set up, illustrate that batch processing verification passes through, i.e., the Data Audit knot of cloud user involved in total challenge Fruit is to be verified.

2) if equation (1) is invalid, to Cloud Server CS_jSet { (i, j, the R that (j ∈ U) is returned_ijτ)|i∈O_jIn Each element (i, j, R_ijτ), TPA utilizes (i, j) and τ (τ is chosen in step 9 by TPA), Query Location concordance list Index_iIn τ row, jth+1 column in value chr_ijτ, and whether verify equation (2) true

If equation (2) is set up, illustrate cloud user DO_iIt is stored in Cloud Server CS_jOn data it is complete, i.e. DO_iIt is stored in CS_jOn Data Audit result be verified.

If equation (2) is invalid, illustrate cloud user DO_iIt is stored in Cloud Server CS_jOn data destroyed, that is, audit As a result do not pass through for verifying.The index (i, j) of cloud user index belonging to TPA output error data and place server.

13, TPA is that the corresponding cloud user being verified sends successful Audit Report of auditing to auditing result.It is tied to audit Fruit is the index that the unacceptable relative users of verifying send error block subordinate server.

Claims

1. a kind of cloud data public audit method for supporting batch processing to verify and to have wrong data positioning function, the steps include:

1) CA server carries out initiation parameter setting, selectionAs subregion coefficient, and enable λ=k Quantity as the Hash tree MHT that each user constructs identical data, wherein k is security parameter, and s is the subregion number of block, Z_q={ 0,1,2 ..., q-1 }, q are a Big primes and meet q > 2^k；Cloud user DO_iTo the public and private key of CA server application oneself It is right；CA server is by private key sk_iCloud user DO is sent to by safe lane_i；

2) cloud user DO_iIt is several pieces by file division to be uploaded and is each piece of one data label of generation；

3) cloud user DO_iEach piece and its data label are uploaded in corresponding Cloud Server；

4) Cloud Server verifies the availability for the data label that it is received, if verification pass through, store the data label and its Corresponding piece；Then, cloud user DO_iIt generates the positioning label for uploading blocks of files and audit request and sends it to third party and examine Count TPA；

5) after TPA receives the audit request, throw down the gauntlet to the data of cloud users multiple on multiple Cloud Servers, receive by After the proof that the Cloud Server of challenge returns, TPA verifies the correctness of the proof, if TPA is used to all clouds by verification Family sends verification successful information；Otherwise TPA verification positioning label, returns to corresponding cloud user for the index of wrong data；Wherein, Generate the method for uploading the positioning label of blocks of files are as follows:

51) storage DO is set_iThe Cloud Server indexed set for uploading blocks of files is combined into J_i, and cloud user DO_iIn Cloud Server CS_jUpper storage Blocks of files block number be N_ij；Cloud user DO_iRandomly choose λ parameter, a_itFor wherein t-th of parameter；

52)DO_iTo each Cloud Server CS_jRespectively with every a_itFor MHT parameter, Cloud Server CS is stored in it_jOn N_ij A block constructs a MHT；It is total to obtain λ MHT；Wherein, t=1 ..., λ, j ∈ J_i；The t MHT TR_ijtIt indicates, TR_ijt Root node R_ijtIt indicates；Wherein, MHT is Merkle Hash tree；

53) chr is enabled_ijt=R_ijtIf Cloud Server shares η, cloud user DO_iConstruct a positioning concordance listWherein, chr_ijt=R_ijtIndicate DO_iIt is stored in CS_jThe t of upper all data A positioning label, j ∈ J_i；If chr_ijtIt is not present, i.e.,Then enable chr_ijt=-1；The positioning concordance list, that is, positioning mark Label.

2. the method as described in claim 1, which is characterized in that each piece is made of s subregion；M_ijkIndicate cloud user DO_iIt deposits It is placed on Cloud Server CS_jOn k-th of data block, F_ijklIndicate DO_iIt is stored in Cloud Server CS_jOn k-th of data block in First of subregion.

3. method according to claim 2, which is characterized in that block M_ijkGenerate a data label σ_ijk=(S_ijk,T_ijk) Method are as follows: cloud user DO_iRandomly select a parameter u_i, to block M_ijkIt calculatesh_i=H₂(ID_i), hpk=H₃ (mpk), it and calculatesWherein, g is group G₁Generation member, mpk be CA Your Majesty's key, ID_iFor cloud user DO_iIdentity, sk_iFor DO_iPrivate key, H₁()、H₂()、H₃() is respectively different hash functions, v_l For subregion coefficient.

4. method as claimed in claim 3, which is characterized in that Cloud Server passes through formula

The data label availability received is verified, e () is a bilinear map.

5. the method as described in claim 1, which is characterized in that after TPA is according to the audit request, on multiple Cloud Servers The method that the data of multiple cloud users throw down the gauntlet are as follows:

61) audit request received is done union by TPA, obtains an audit request set Q；

62) TPA selects c block from the audit request Q of all cloud users and verifies, and constructs the index for the c block selected Set I={ (i_n,j_n,k_n) | n=1 ..., c }；Indicate n-th of audit request (i in I_n,j_n,k_n) specified data Block；Wherein i_nIt is data blockAffiliated user index, j_nIt is storage blockServer index, k_nForBlock index；

63) TPA building mappingMeetWork as i_s=i_tWhen, haveEnable key Set

64) TPA is randomly selectedBuilding mappingMeetWork as i_s= i_tWhen, haveEnable parameter sets

65) TPA generates total challenge chal=(I, K, α)；

66) the index set { j } of Cloud Server where indicating the block challenged with U, TPA press total challenge chal by challenge cloud The difference of server, is divided into | U | a point of challenge { chal_j, haveTPA will divide challenge chal_j=(I_j, K_j,α_j) it is sent to Cloud Server CS_j；Wherein, I_j={ (i_n,j_n,k_n)(i_n,j_n,k_n) ∈ I and j_n=j },

6. method as claimed in claim 5, which is characterized in that the method that the Cloud Server challenged generates the proof are as follows:

71) challenge chal is received_jCloud Server CS_jTo I_jEach of data block index (i_n,j_n,k_n), respectively with corresponding 'sFor key, calculated using pseudo-random function fTo I_jIn belong to it is same L ∈ [1, s] a subregion of all data blocks of one user calculatesGathered {F′_ijl|i∈O_j, l=1 ..., s }, whereinIndicate that index is i_nCloud userThe cloud that index is j is stored in take Be engaged in device CS_jOn kth_nFirst of subregion of a data block, O_jIndicate I_jIn include all cloud users index set；Then Cloud Server CS_jUtilize I_jIn all data blocks data label It calculates

72) Cloud Server CS_jFor each cloud user DO challenged_i(i∈O_j), to all data blocks being stored thereon, with α_jIn with cloud user DO_iData block index corresponding a_iτFor parameter, a MHT is constructed, TR is expressed as_ijτ, tree root R_ijτ, Wherein α_jBy chal_j=(I_j,K_j,α_j) provide；

73) by O_jIn the MHT tree root that constructs of all blocks by challenge cloud user and the corresponding cloud user of each tree root, cloud service Device index constitutes set { (i, j, R_ijτ)|i∈O_j, obtain Cloud Server CS_jProof

P_j=(S '_j,T′_j,{F′_ijl|i∈O_j, l=1 ..., s }, { (i, j, R_ijτ)|i∈O_j})。

7. method as claimed in claim 6, which is characterized in that the method for verifying the correctness of the proof are as follows: TPA receives institute After the proof for thering is the Cloud Server challenged to send back to, first calculateThen it verifies Equation:It is No establishment；If so, then verification passes through；If not, then to Cloud Server CS_jSet { (i, j, the R of return_ijτ)|i∈O_jIn Each element (i, j, R_ijτ), TPA utilizes (i, j) and τ Query Location concordance list Index_iIn τ row jth+1 column in value chr_ijτ, and verify equationIt is whether true, if so, then verification passes through, and otherwise cloud belonging to output error data is used The index (i, j) of family index and place server.