CN107612687B - ElGamal encryption-based dynamic multi-copy data possession verification method - Google Patents

ElGamal encryption-based dynamic multi-copy data possession verification method Download PDF

Info

Publication number
CN107612687B
CN107612687B CN201710874870.5A CN201710874870A CN107612687B CN 107612687 B CN107612687 B CN 107612687B CN 201710874870 A CN201710874870 A CN 201710874870A CN 107612687 B CN107612687 B CN 107612687B
Authority
CN
China
Prior art keywords
data
key
prf
verification
owner
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710874870.5A
Other languages
Chinese (zh)
Other versions
CN107612687A (en
Inventor
边根庆
邵必林
王栋
贺秦禄
赵煜
叶娜
张维琪
李智杰
张翔
王佳婧
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xian University of Architecture and Technology
Original Assignee
Xian University of Architecture and Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xian University of Architecture and Technology filed Critical Xian University of Architecture and Technology
Priority to CN201710874870.5A priority Critical patent/CN107612687B/en
Publication of CN107612687A publication Critical patent/CN107612687A/en
Application granted granted Critical
Publication of CN107612687B publication Critical patent/CN107612687B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Abstract

The invention discloses a dynamic multi-copy data possession verification method based on ElGamal encryption, which comprises the following steps of: 1) data owner generates public key pkPrivate key skData label Key, data Key and PRF Key for verificationPRFPRF Key for ElGamal encryptionrandAnd label PRF Keytag(ii) a 2) Generating multiple data copy files FiConsists of m data blocks; 3) generating a tag set phi, and then sending the tag set phi to a cloud end; 4) the data owner sends a challenge vector to the cloud end, and the cloud service provider generates a data copy F according to the step 2)iGenerating an evidence P by the label set phi and the challenge vector generated in the step 3), and then sending the evidence P to a data owner; 5) data owner according to public key pkAnd the evidence P completes the dynamic multi-copy data possession verification based on ElGamal encryption, the method realizes the verification of the possession of the dynamic multi-copy data, and the method has the advantages of low calculation overhead and high safety.

Description

ElGamal encryption-based dynamic multi-copy data possession verification method
Technical Field
The invention relates to a dynamic multi-copy data possession verification method, in particular to a dynamic multi-copy data possession verification method based on ElGamal encryption.
Background
Of particular concern when a user stores data in the cloud is the security of the data, as well as the ability of the cloud to maintain data integrity and recover data in the event of data loss or system failure. In order to save storage space and increase storage efficiency, a Cloud Service Provider (CSP) may maliciously delete and tamper with copies of data or materials that are used less frequently. Therefore, the Data Owner (DO) needs to periodically verify whether the untrusted cloud actually stores multiple copies of the data as required by the Service Level Agreement (SLA).
According to the fault-tolerant preprocessing method adopted for Data files, in general, Data Integrity verification can be Data possession verification (PDP) and Data recoverable verification (POR) (Research and progress of Data Integrity certification in Tan frost, Jia flame, Korean. Cloud Storage [ J ] Computer science, 2015,38 (1):164-177.TAN Shuang, JIA Yan, HAN Wei-hong.research and Development of programmable Data Integrity in Cloud Storage [ J ] environmental of Computers,2015,38 (1):164-, 2011,48(z2): 254-.
Atenise et al (Atenise G, Burns R, Curtmola R, et al. changeable data processing at untrusted stores [ C ]// Proceedings of the 14th ACM Conference on Computer and Communications Security, New York, NY, USA: ACM,2007: 598-609.) first defined a PDP model for ensuring file ownership over untrusted cloud storage, with RSA-based homomorphic tags being used to audit the outsourced data. However, this scheme does not take into account the dynamic nature of multi-copy storage. Documents (Atenise G, Pietro R.D, Mancin L.V, et al: Scalable and efficient programmable data handling [ C ]// Proceedings of the 4th International Conference on Security and Privacy in Communication Networks, New York, NY, USA: SecureComm, 2008: 1-10.) propose a PDP scheme based on symmetric cryptography, where the user sets the challenge content and number of times in advance at initialization and stores the response as metadata at the user end, so that there are only a limited number of updates and challenges. Erway et al (Erway C, Kupcu A, Papamthou C, et al. dynamic programmable Data Possesion [ C ]/Proc of the16th ACM conference Computer and communication Security. Chicago, Ilinios, USA: ACM,2009:213-222) extended the document (Atenise, G, Burns, R., Cumorta, R, Herring, J, Kissner, L, Peterson, Z, Song, D: programmable Data point at transmitted storage. in CCS '07: Proceedings of the 14th ACMCC Computer and Communications Security, New York, NY, USA,2007: 598) using a dynamic database based on a model of the storage of the PDP's ranking Data. However, this scheme is relatively inefficient to implement and is only suitable for verifying a single copy. The document (Wang C, Wang Q, Ren K, et al. Privacy-preserving public authentication for data storage security In closed computing [ C ]. In International conference Computer communication-information COM,2010.IEEE,2010: 1-9.) uses MHT for data integrity verification, which supports dynamic operations, but In this scheme, the data is not encrypted, there is a security risk, and it is also only applicable to the case of a single copy. Barsum et al (Barsum A F, Hasan M A. on verification Dynamic Multiple Data Copies over Cloud Servers [ R ]. Cryptology ePrint Archive,2011:447-477) creates different Copies by appending a copy number to the file chunk and encrypting using an encryption scheme (e.g., AES) with strong diffusion properties. This scheme supports dynamic data operations, but during file updates, the copies in all servers need to be encrypted again and updated on the cloud. Therefore, the scheme is suitable for the static multi-copy situation, and a large amount of calculation cost exists in a dynamic scene, so that a method which can verify the holding performance of dynamic multi-copy data and has small calculation cost needs to be designed.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provides a dynamic multi-copy data possession verification method based on ElGamal encryption, which realizes verification of possession of dynamic multi-copy data, and has the advantages of low calculation overhead and high safety.
In order to achieve the above purpose, the method for verifying the possession of the dynamic multi-copy data based on ElGamal encryption comprises the following steps:
1) data owner generates public key pkPrivate key skData label Key, data Key and PRF Key for verificationPRFPRF Key for ElGamal encryptionrandAnd label PRF Keytag
2) The data owner generates a plurality of data copy files F by using an ElGamal encryption method according to the data files F, the number m of data copies, the PRF key for verification and the PRF key for ElGamal encryptioniWherein, the data file F ═ { b ═ b1,b2,......bmThe data block is composed of m data blocks;
3) data owner based on private key skGenerating a tag set phi by the data file F, and sending the tag set phi to the cloud end;
4) the data owner sends a challenge vector to the cloud end, and the cloud service provider generates a data copy F according to the step 2)iGenerating an evidence P by the label set phi and the challenge vector generated in the step 3), and then sending the evidence P to a data owner;
5) data owner according to public key pkAnd the evidence P completes the dynamic multi-copy data possession verification based on the ElGamal encryption.
The data tag key is used for generating a data tag, and the data key is used for data encryption and data copy creation.
Data owner according to PRF Key for verificationPRFGenerating s random numbers ki(ii) a Data owner according to PRF Key for ElGamal encryptionrandGenerating a random number r for ElGamal encryptionij
Generating a plurality of data copies F by using an ElGamal encryption method in step 2)iWherein, in the step (A),
Figure BDA0001417900570000041
is obtained by the formula: fi={(1+b1p)(kiri1)p,(1+b2p)(kiri2)p,...,(1+bmp)(kirim)p}1≤i≤m
One data block corresponding to one tag, data block biIs marked with a label
Figure BDA0001417900570000042
u∈G1,H(·)∈G1Where u denotes the hash value of the data file F, { ai}1≤i≤mRepresentation by label PRF KeytagThe generated random number.
The specific operation of the step 4) is as follows:
the data owner selects a verification method, generates a Key according to the selected verification method, and sends the Key to a cloud service provider, wherein the verification method comprises deterministic verification and probabilistic verification, and when the data owner selects the deterministic verification, a PRF Key is generated1(ii) a When the data owner chooses probabilistic verification, two PRF Key are generated1And Key2
Wherein, when the data owner generates two PRF Key keys1And Key2Then, the cloud service provider according to PRF Key1Generating C random text sets { C }, wherein C is more than or equal to 1 and less than or equal to m, and then using a PRF Key2A tag set of s random numbers is generated, and σ and μ are computed, wherein,
Figure BDA0001417900570000051
Figure BDA0001417900570000052
finally σ and μ are sent to the data owner.
The specific operation of the step 5) is as follows:
the data owner determines from sigma and mu whether the following equation holds, wherein,
Figure BDA0001417900570000053
Figure BDA0001417900570000054
Figure BDA0001417900570000055
Figure BDA0001417900570000056
when equation (5) is satisfied, it indicates that the cloud service provider uses all data copies F in the response phasei(ii) a When the formula (6) is satisfied, it indicates that the cloud uses all data blocks in the response process; when the equations (5) and (6) are satisfied, it indicates that the data stored in the cloud is complete, and the cloud has stored multiple data copies of the data agreed in the service level agreement SLA.
Further comprising: data owner generates update requests<Idf,BlockOp,j,bi',φ'>Then update the request<Idf,BlockOp,j,bi',φ'>Sending to the cloud, wherein, IdfFor the identifier of data file F, BlockOp corresponds to a data block operation comprising data block insert, delete and modify operations, j, bi'and phi' denote an index of the updated data block, and the updated tag, respectively; the cloud service provider requests according to the update<Idf,BlockOp,j,bi',φ'>And updating the data block and the label of the data block.
The invention has the following beneficial effects:
when the dynamic multi-copy data possession verification method based on ElGamal encryption is operated specifically, a data owner sends out a challenge vectorCloud service provider according to data copy FiGenerating evidence P by the label set phi and the challenge vector, and finishing the dynamic multi-copy data possession verification by the data owner according to the public key and the evidence, wherein the private key s is adoptedkAnd generating a label set phi by the data file F, the number m of the data copies, a PRF key for verification and a PRF key for ElGamal encryption, and generating a plurality of data copies F by using an ElGamal encryption methodiTherefore, the security is high, and in the verification process, all data copies only construct one tag set phi, so that the calculation cost is low.
Drawings
FIG. 1 is a system diagram of the present invention;
FIG. 2 is a flow chart of a data block insert operation;
FIG. 3 is a flow chart of a data block modification operation;
FIG. 4a is a graph comparing the initial computational overhead of the present invention with that of the prior art;
FIG. 4b is a graph comparing the computational overhead of the present invention with that of a prior art cloud service provider;
FIG. 4c is a graph comparing user computational overhead for the present invention with that of the prior art;
FIG. 5a is a graph comparing the computational overhead of the present invention and prior art insert operations;
FIG. 5b is a graph comparing the computational overhead of the present invention and prior art modify operations.
Detailed Description
The invention is described in further detail below with reference to the accompanying drawings:
referring to fig. 1, the dynamic multi-copy data possession verification method based on ElGamal encryption includes the following steps:
1) data owner generates public key pkPrivate key skData label Key, data Key and PRF Key for verificationPRFPRF Key for ElGamal encryptionrandAnd label PRF Keytag
2) The data owner according to the data file F, the number m of data copies, the PRF key for verification and the PRF key for ElGamal encryptionGenerating a plurality of data copy files F by using ElGamal encryption methodiWherein, the data file F ═ { b ═ b1,b2,......bmThe data block is composed of m data blocks;
3) data owner based on private key skGenerating a tag set phi by the data file F, and sending the tag set phi to the cloud end;
4) the data owner sends a challenge vector to the cloud end, and the cloud service provider generates a data copy F according to the step 2)iGenerating an evidence P by the label set phi and the challenge vector generated in the step 3), and then sending the evidence P to a data owner;
5) data owner according to public key pkAnd the evidence P completes the dynamic multi-copy data possession verification based on the ElGamal encryption.
The data tag key is used for generating a data tag, and the data key is used for data encryption and data copy creation.
Data owner according to PRF Key for verificationPRFGenerating s random numbers ki(ii) a Data owner according to PRF Key for ElGamal encryptionrandGenerating a random number r for ElGamal encryptionij
Generating a plurality of data copies F by using an ElGamal encryption method in step 2)iWherein, in the step (A),
Figure BDA0001417900570000081
is obtained by the formula: fi={(1+b1p)(kiri1)p,(1+b2p)(kiri2)p,...,(1+bmp)(kirim)p}1≤i≤m
One data block corresponding to one tag, data block biThe labels of (a) are:
Figure BDA0001417900570000082
u∈G1,H(·)∈G1where u denotes the hash value of the data file F, { ai}1≤i≤mRepresentation by label PRF KeytagThe generated random number.
The specific operation of the step 4) is as follows:
the data owner selects a verification method, generates a Key according to the selected verification method, and sends the Key to a cloud service provider, wherein the verification method comprises deterministic verification and probabilistic verification, and when the data owner selects the deterministic verification, a PRF Key is generated1(ii) a When the data owner chooses probabilistic verification, two PRF Key are generated1And Key2
Wherein, when the data owner generates two PRF Key keys1And Key2Then, the cloud service provider according to PRF Key1Generating C random text sets { C }, wherein C is more than or equal to 1 and less than or equal to m, and then using a PRF Key2A tag set of s random numbers is generated, and σ and μ are computed, wherein,
Figure BDA0001417900570000083
Figure BDA0001417900570000084
finally σ and μ are sent to the data owner.
The specific operation of the step 5) is as follows:
the data owner determines from sigma and mu whether the following equation holds, wherein,
Figure BDA0001417900570000091
Figure BDA0001417900570000092
Figure BDA0001417900570000093
Figure BDA0001417900570000094
when equation (5) is satisfied, it indicates that the cloud service provider uses all data copies F in the response phasei(ii) a When the formula (6) is satisfied, it indicates that the cloud uses all data blocks in the response process; when the equations (5) and (6) are satisfied, it indicates that the data stored in the cloud is complete, and the cloud has stored multiple data copies of the data agreed in the service level agreement SLA.
The invention also includes: data owner generates update requests<Idf,BlockOp,j,bi',φ'>Then update the request<Idf,BlockOp,j,bi',φ'>Sending to the cloud, wherein, IdfFor the identifier of data file F, BlockOp corresponds to a data block operation comprising data block insert, delete and modify operations, j, bi'and phi' denote an index of the updated data block, and the updated tag, respectively; the cloud service provider requests according to the update<Idf,BlockOp,j,bi',φ'>And updating the data block and the label of the data block.
First, safety analysis
11. Security analysis for same data block deletion
When a file is divided into data blocks, the same divided data blocks are generated, and then the same data block labels are generatedtagThe generated random number is added to the tag for data block bi=bj
Figure BDA0001417900570000095
Figure BDA0001417900570000096
Wherein, aiAnd ajTo be Keyta from PRF keygThe generated random numbers are identical in data blocks according to the formula (7) and the formula (8), but the generated tags have different values, so that the problem that a cloud service provider cheats a user by storing only one data block and deleting the data block with the same file tag is fundamentally avoided.
12. Security analysis for cloud-based spurious responses
In the challenge phase, the data owner sends two PRF Key keys to the cloud service provider1、 Key2And a parameter c of the number of data blocks that need to be verified. When a data owner initiates a challenge to a cloud service provider each time, the value of the sent parameter c and the PRF key are different, so that the cloud service provider can generate different responses to the challenge sent by the data owner each time, and the condition that the cloud service provider forges the responses is fundamentally avoided.
The security of the multi-copy data possession verification method provided by the invention is derived from the combination of the above security schemes.
Second, analysis of Experimental Properties
In order to further verify the overall performance of the algorithm, a local server is used for carrying out experiments, and communication overhead, storage overhead and calculation overhead of various operations of a cloud service provider and a user are tested. In the experiment, the SHA algorithm was used to compute the file hash, bilinear pairs were generated using the PBC library in C language (version 0.5.11). G1、G2And GTThe MNT elliptic curve domain security using the MNT elliptic curve domain with the parameter | ρ | ═ 160,160 bits is comparable to 1024bit rsa. The file is encrypted by adopting a 128bit ElGamal encryption algorithm, and the experiment assumes that the size of the file F is | F | ═ 223The number of copies is denoted by t, and the size of the data block b is | b | ═ 213bit, then the number of blocks of the data block is calculated to be
Figure 2
All experimental results are the average of 20 trials. In addition, delays in communication costs were tested and file size considerations were taken into account.
21. Communication overhead
The communication overhead is represented by the size of data to be transmitted, the additional communication overhead generated by the user side is mainly the size of a data tag set uploaded to the cloud service provider, the size of a challenge message challenge sent by the data owner to the cloud service provider and the size of evidence P sent by the cloud service provider to the data owner, and the total communication overhead is (460+256+1024+160t) bit. Wherein, the total communication overhead of the Hash-PDP method is (460+128t + (1024+257) t) bit, the total communication overhead of the MR-PDP method is (460+128t +2048t) bit, and Table 1 shows the comparison of the communication overhead of several algorithms.
TABLE 1
Figure BDA0001417900570000111
22. Storage overhead
Assuming that the number of copies of user data stored at the cloud service provider is consistent, a comparison is made here primarily for overhead storage. The TPA mainly realizes the initiation and verification of challenge-response, and the storage overhead is small and therefore negligible, so the storage overhead of a data owner and a cloud service provider is emphasized and contrasted. In the invention, the size of the user key stored by the data owner is 128 × 5+1024 × 2bit which is 0.33kb, the size of the tag set stored by the cloud service provider is | ρ | tbit which is 20tkb, and the storage overhead of several algorithms is shown in table 2.
TABLE 2
Figure BDA0001417900570000112
According to the comparison between table 1 and table 2, the data communication overhead and the storage overhead of the data owner and the cloud service provider are effectively reduced.
23. Data initialization, CSP and user computing overhead comparison
The performance of the dynamic multi-copy data possession verification (DMC-PDP) method of the present invention is compared with that of the prior art document. FIG. 4 comparison of data initialization, CSP, and computational overhead for a user for files of 20MB, 40MB, 80MB, and 120MB, respectively, file sizes (each file having three copies).
Data initialization is performed only once by the data owner, fig. 4a compares the data initialization overhead of the present invention, which differs only within a few minutes, with the DMC-PDP, which performs faster. Data initialization in the DMC-PDP method uses AES encryption that is faster than ElGamal encryption, but the literature DMC-PDP method involves tag construction of all copies, adding complexity, whereas in the present invention only one set of tags is constructed for all copies. Therefore, the computational overhead of data initialization is almost the same for both methods.
Fig. 4b shows a comparison of cloud service provider computing overhead, the cloud service provider computing of the present invention and DMC-PDP involves two operations: one operating on file tags and the other on file blocks. The cloud service provider computing overhead of the present invention is the time taken for the cloud service provider to perform steps (c), (c) and (c) in fig. 3, the data owner only creates one set of file tags for all file copies, the DMC-PDP needs to create a file tag for each file copy, and the time taken for the cloud service provider to operate on file blocks in the two schemes is almost the same. Therefore, compared with DMC-PDP, the operation of the cloud service provider on the file label of the invention only involves less arithmetic operation, and the performance of the cloud service provider in terms of calculation time is better than that of the document DMC-PDP.
Figure 4c shows the user calculated overhead of the present algorithm compared to the user calculated overhead of the document DMC-PDP, which is the time it takes the user to perform steps (r) and (nino) of figure 3, but the document DMC-PDP is somewhat better than the present invention in terms of user calculated overhead due to the additional decryption function in the present invention, but the difference is not obvious.
24. Dynamic operation computation overhead comparison
The data owner executes data updating operation on a plurality of data blocks at a time, wherein the data updating operation comprises the steps of creating a new file tag and storing the file tag in the cloud, and inserting operation, deleting operation and modifying operation of the data blocks. The present invention performs an update experiment on a data block on three copies (20MB files). Fig. 5a represents the computational overhead of performing data block insertion operations simultaneously by both the user and the cloud service provider, experimenting by inserting and modifying 1-50% of the number of file blocks. For example, a file of size 20MB has 163840 data blocks, and the overhead is calculated by inserting 1% (about 1640 data blocks) to 50% (about 81920 data blocks) new data blocks and modifying 1% (about 1640 data blocks) to 50% (about 81920 data blocks). Fig. 5b shows the computational overhead of a user and a cloud service provider when collectively performing a modify operation on a percentage of data blocks. The modification operation takes much less time than the insert operation, the time taken for the modification operation depends on the time taken for the ElGamal homomorphic operation of the encrypted data block, and the time taken for the insert operation depends on the time taken for writing the encrypted data block to the hard disk drive. Furthermore, it is noted that the present invention does not compute the computational overhead of a data block deletion operation, as the deletion operation does not involve any computational overhead.

Claims (1)

1. A dynamic multi-copy data possession verification method based on ElGamal encryption is characterized by comprising the following steps:
1) data owner generates public key pkPrivate key skData label Key, data Key and PRF Key for verificationPRFPRF Key for ElGamal encryptionrandAnd label PRF Keytag
2) The data owner verifies the PRF Key according to the data file F, the number m of the data copies and the PRF KeyPRFAnd PRF Key for ElGamal encryptionrandGenerating a plurality of data copy files F by using an ElGamal encryption methodiWherein, the data file F ═ { b ═ b1,b2,......bmThe data block is composed of m data blocks;
3) data owner based on private key skGenerating a tag set phi by the data file F, and sending the tag set phi to the cloud end;
4) the data owner sends a challenge vector to the cloud end, and the cloud service provider generates a data copy F according to the step 2)iStep 3) generationGenerating an evidence P by the tag set phi and the challenge vector, and then sending the evidence P to a data owner;
5) data owner according to public key pkThe evidence P completes dynamic multi-copy data possession verification based on ElGamal encryption;
the data label key is used for generating a data label, and the data key is used for data encryption and data copy creation;
data owner according to PRF Key for verificationPRFGenerating s random numbers ki(ii) a Data owner according to PRF Key for ElGamal encryptionrandGenerating a random number r for ElGamal encryptionij
Generating a plurality of data copies F by using an ElGamal encryption method in step 2)iWherein, in the step (A),
Figure FDA0002800803250000011
is obtained by the formula: fi={(1+b1p)(kiri1)p,(1+b2p)(kiri2)p,...,(1+bmp)(kirim)p}1≤i≤m
One data block corresponding to one tag, data block biThe labels of (a) are:
Figure FDA0002800803250000021
u∈G1,H(·)∈G1where u denotes the hash value of the data file F, { ai}1≤i≤mRepresentation by label PRF KeytagA generated random number;
the specific operation of the step 4) is as follows:
the data owner selects a verification method, generates a Key according to the selected verification method, and sends the Key to a cloud service provider, wherein the verification method comprises deterministic verification and probabilistic verification, and when the data owner selects the deterministic verification, a PRF Key is generated1(ii) a When the data placeIf one chooses the probabilistic verification, two PRF Key are generated1And Key2
Wherein, when the data owner generates two PRF Key keys1And Key2Then, the cloud service provider according to PRF Key1Generating C random text sets { C }, wherein C is more than or equal to 1 and less than or equal to m, and then using a PRF Key2A tag set of s random numbers is generated, and σ and μ are computed, wherein,
Figure FDA0002800803250000022
Figure FDA0002800803250000023
finally, sending the sigma and the mu to a data owner;
the specific operation of the step 5) is as follows:
the data owner determines from sigma and mu whether the following equation holds, wherein,
Figure FDA0002800803250000024
Figure FDA0002800803250000025
Figure FDA0002800803250000026
Figure FDA0002800803250000031
when equation (5) is satisfied, it indicates that the cloud service provider uses all data copies F in the response phasei(ii) a When formula (6) is as followsWhen the cloud end is set, the cloud end uses all the data blocks in the response process; when the formula (5) and the formula (6) are satisfied, the data stored in the cloud end is complete, and the cloud end already stores a plurality of data copies of the data agreed in the service level agreement SLA;
further comprising: data owner generates update requests<Idf,BlockOp,j,b'i,φ'>Then update the request<Idf,BlockOp,j,b'i,φ'>Sending to the cloud, wherein, IdfFor the identifier of data file F, BlockOp corresponds to data block operations including data block insert, delete and modify operations, j, b'iAnd phi' represents the index of the updated data block, the updated data block and the updated tag, respectively; the cloud service provider requests according to the update<Idf,BlockOp,j,b'i,φ'>And updating the data block and the label of the data block.
CN201710874870.5A 2017-09-25 2017-09-25 ElGamal encryption-based dynamic multi-copy data possession verification method Active CN107612687B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710874870.5A CN107612687B (en) 2017-09-25 2017-09-25 ElGamal encryption-based dynamic multi-copy data possession verification method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710874870.5A CN107612687B (en) 2017-09-25 2017-09-25 ElGamal encryption-based dynamic multi-copy data possession verification method

Publications (2)

Publication Number Publication Date
CN107612687A CN107612687A (en) 2018-01-19
CN107612687B true CN107612687B (en) 2021-04-27

Family

ID=61058107

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710874870.5A Active CN107612687B (en) 2017-09-25 2017-09-25 ElGamal encryption-based dynamic multi-copy data possession verification method

Country Status (1)

Country Link
CN (1) CN107612687B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108229208B (en) * 2018-01-08 2021-03-23 华侨大学 Public auditing method for multi-copy data in cloud storage service
CN108270790B (en) * 2018-01-29 2020-07-10 佳木斯大学附属第一医院 Radiotherapy information management system and management method
EP3999989A4 (en) * 2019-07-18 2023-03-29 Nokia Technologies Oy Integrity auditing for multi-copy storage

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101908960A (en) * 2009-06-02 2010-12-08 上海科大智能科技股份有限公司 Multiple security method of electronic file concerning security matters
CN103605784A (en) * 2013-11-29 2014-02-26 北京航空航天大学 Data integrity verifying method under multi-cloud environment

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3069275A4 (en) * 2013-11-11 2017-04-26 Amazon Technologies, Inc. Data stream ingestion and persistence techniques
CN105227549B (en) * 2015-09-15 2018-07-27 淮阴工学院 A kind of data property held method of proof
US9755832B2 (en) * 2015-12-29 2017-09-05 International Business Machines Corporation Password-authenticated public key encryption and decryption

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101908960A (en) * 2009-06-02 2010-12-08 上海科大智能科技股份有限公司 Multiple security method of electronic file concerning security matters
CN103605784A (en) * 2013-11-29 2014-02-26 北京航空航天大学 Data integrity verifying method under multi-cloud environment

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"基于同态加密的动态多副本数据持有性验证方法研究";王栋;《西安建筑科技大学硕士学位论文》;20170608;正文第3.3节 *

Also Published As

Publication number Publication date
CN107612687A (en) 2018-01-19

Similar Documents

Publication Publication Date Title
US11184157B1 (en) Cryptographic key generation and deployment
CN108418796B (en) Cloud data multi-copy integrity verification and association deletion method and cloud storage system
CN108200172B (en) Cloud storage system and method supporting safe data deduplication and deletion
EP3375129B1 (en) Method for re-keying an encrypted data file
JP6763378B2 (en) Cryptographic information creation device, cryptographic information creation method, cryptographic information creation program, and verification system
US8831228B1 (en) System and method for decentralized management of keys and policies
CN109379182B (en) Efficient data re-encryption method and system supporting data deduplication and cloud storage system
Yan et al. A scheme to manage encrypted data storage with deduplication in cloud
CN108182367B (en) A kind of encrypted data chunk client De-weight method for supporting data to update
CN107612687B (en) ElGamal encryption-based dynamic multi-copy data possession verification method
Mukundan et al. Efficient integrity verification of replicated data in cloud using homomorphic encryption
CN110351297B (en) Verification method and device applied to block chain
Agarwala et al. DICE: A dual integrity convergent encryption protocol for client side secure data deduplication
JP2013239989A (en) Information processing device, data generation method, information processing method, and information processing system
Pawar et al. Providing security and integrity for data stored in cloud storage
Mukundan et al. Replicated Data Integrity Verification in Cloud.
Ding et al. Secure encrypted data deduplication with ownership proof and user revocation
CN112818404B (en) Data access permission updating method, device, equipment and readable storage medium
CN105553661B (en) Key management method and device
Su et al. An efficient and secure deduplication scheme based on rabin fingerprinting in cloud storage
CN108494552B (en) Cloud storage data deduplication method supporting efficient convergence key management
CN112887281B (en) Storage method and system supporting efficient audit and multi-backup ciphertext deduplication and application
Nagendran et al. Hyper Elliptic Curve Cryptography (HECC) to ensure data security in the cloud
Kamboj et al. DEDUP: Deduplication system for encrypted data in cloud
Wang et al. Secure auditing and deduplication with efficient ownership management for cloud storage

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant