CN107800688A - A kind of high in the clouds data deduplication and integrality auditing method based on convergent encryption - Google Patents

A kind of high in the clouds data deduplication and integrality auditing method based on convergent encryption Download PDF

Info

Publication number
CN107800688A
CN107800688A CN201710895786.1A CN201710895786A CN107800688A CN 107800688 A CN107800688 A CN 107800688A CN 201710895786 A CN201710895786 A CN 201710895786A CN 107800688 A CN107800688 A CN 107800688A
Authority
CN
China
Prior art keywords
file
key
client
csp
audit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710895786.1A
Other languages
Chinese (zh)
Other versions
CN107800688B (en
Inventor
付安民
郭晓勇
苏铓
周磊
陈珍珠
丁伟佳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing University of Science and Technology
Original Assignee
Nanjing University of Science and Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing University of Science and Technology filed Critical Nanjing University of Science and Technology
Priority to CN201710895786.1A priority Critical patent/CN107800688B/en
Publication of CN107800688A publication Critical patent/CN107800688A/en
Application granted granted Critical
Publication of CN107800688B publication Critical patent/CN107800688B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • G06F21/645Protecting data integrity, e.g. using checksums, certificates or signatures using a third party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3252Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using DSA or related signature schemes, e.g. elliptic based signatures, ElGamal or Schnorr schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3257Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using blind signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a kind of high in the clouds data deduplication and integrality auditing method based on convergent encryption.Convergence key encapsulation/deblocking algorithm of this method one side based on Proxy Signature, convergence key duplicate removal can be realized while safety stores convergence key, on the other hand the BLS signature algorithms based on convergence key, audit public key is stored using trusted third party TTP and acts on behalf of audit, the duplicate removal to audit signature and audit public key is realized, is concretely comprised the following steps:System initialization;Cipher key initialization;File initializes;Certification evidence initializes;Key encapsulation;Data storage;Repeat to challenge;Duplicate responses;Repeat certification;Request audit;Agency's audit;Audit response;Audit certification;File download.The present invention improves cloud storage space availability ratio, realizes the duplicate removal to audit signature and audit public key, reduces client storage and the cost calculated.

Description

A kind of high in the clouds data deduplication and integrality auditing method based on convergent encryption
Technical field
The present invention relates to cloud storage and field of information security technology, particularly a kind of high in the clouds data based on convergent encryption are gone Weight and integrality auditing method.
Background technology
With the extensive use of cloud storage service, increasing user stores data into high in the clouds.Study and show according to EMC About 75% cloud storage space is occupied by duplicate data, and because Cloud Server is " half is credible ", how to protect Redundant data is eliminated under shield data-privacy, turns into the Tough questions of cloud storage application development;Further, since data storage is to high in the clouds So that user loses the control to data, therefore can not determine whether high in the clouds data are complete, therefore, how number is efficiently verified According to integrality, and the problem of cloud storage safety guarantee needs to consider.
For high in the clouds secret protection data how duplicate removal the problem of, researcher's generally use cipher mode protection data it is hidden Private, on this basis, is shared safely, ciphertext conversion, the mechanism such as convergent encryption realize data deduplication in ciphertext by key, its Middle convergent encryption mechanism is the current way for solving ciphertext Data duplication and commonly using, but because convergence key is by data original text Derive, for substantial amounts of data, must just preserve corresponding convergence key, this adds extra expense to user.
In addition, propose to store the mode of key ciphertext using master key encryption convergence key, then outsourcing in some schemes, Mitigate user and expense is locally stored, but so cause the redundant storage of key ciphertext again.It is proposed to use door also in scheme The mode key distribution of limit, key components are stored to n Cloud Server, opened however, so introducing extra Cloud Server again Pin, while cause verification process also to become complicated.
For this problem of integrity verification, it is remote to realize that researcher proposes public audit, the mode of audit by test The integrity verification of number of passes evidence.But the signature needed for audit certification is all the signature private key and file generated at random by user Information and generate, then for the data original text of redundancy between user, the situation of redundancy necessarily occurs in signature corresponding to it, so Cloud storage can store substantial amounts of redundancy signature.
The content of the invention
It is an object of the invention to provide a kind of safe and efficient high in the clouds data deduplication and integrality based on convergence key Auditing method.
The technical solution for realizing the object of the invention is:A kind of high in the clouds data deduplication and integrality based on convergent encryption Auditing method, including client are Client, the i.e. CSP in cloud storage service device end, trusted third party end i.e. TTP;This method includes Following steps:
Step 1, system initialization:
System randomly chooses a prime number q, creates the elliptic curve equation G of q ranks1, G2, and produce an acceptable line Property pairing e:G1×G1→G2, g1、g2It is G1Two different generations members, make hash function h ():{0,1}*∈Zq, ZqRepresent Q rank prime fields, hash function H ():{0,1}*∈G1, then it is { e, g that components of system as directed, which discloses parameter,1,g2,G1,G2,h(·),H (·)};TTP random selection x ∈ Zq, privately owned parameter tsk=x is made, and calculate y1=g1 x,TTP discloses public key parameter y1And y2, and keep tsk privately owned;
Step 2, cipher key initialization:
Client is that file F calculates corresponding convergence key kF, file signature private key sskF, file signature public key spkF
Step 3, file initialization:
Client is that file F calculates ciphertext CF=Enc (kF, F), while generate file identification Tag=Sha1 (CF), wherein Tag is file identification, the detection for file repeatability;
Step 4, the initialization of certification evidence:
Client cutting file F first be etc. size data block Bi, 1≤i≤n, n are data block total number, are then utilized File convergence key kFEncrypted data chunk obtains block ciphertextIt is finally each data block BiCalculate data block certification evidence σi, wherein σiFor repeating certification and audit certification;
Step 5, key encapsulation:
When file label Tag is not present in CSP, client generates blinding factor r at random, and using blinding factor r to receiving Hold back key kFBlind, the convergence key a after then client will blind is sent to TTP and is signed and return to b;Client is to returning Value b goes to blind, and obtains restraining key kFCiphertext CKF
Step 6, data storage:
When file identification Tag is not present in CSP, client uploads file identification Tag, file cipher text CF, file key it is close Literary CKF, block ciphertext CBiWith data block certification evidence σiTo CSP, whether CSP checking file identifications and file cipher text come from phase identical text Part, and verify block signature sigmaiCorrectness;Meanwhile client uploads file attribute, user's mark, document audit public key extremely TTP;Finally, CSP is each file storage file mark, file cipher text, blocks of files ciphertext, blocks of files certification evidence, and TTP is stored File attribute, user's mark, document audit public key;
Step 7, repeat to challenge:
When CSP has file label Tag, perform file and repeat authentication protocol;CSP generation challenge informations chal=(i, vi)i∈I, challenge information is returned into client, wherein I is the random subset of [1, n], random number vi∈Zq, wherein ZqIt is q ranks element Number field;
Step 8, duplicate responses:
After client receives challenge collection, parsing challenge collects chal, gets the block indexed set I of file, and then processing is treated Upper transmitting file F ' generations duplicate responses evidence σ ', and feed back to CSP;
Step 9, repeat certification:
After CSP sends challenge collection to given client end, CSP utilizes first evidence σi, challenge collection chal file is calculated Certification evidence σ;After CSP receives the response evidence σ ' that client is passed back, checkingIf both are identical, repeat to recognize Demonstrate,prove successfully, CSP adds this client id in the ownership list of this file;Otherwise, authentification failure is repeated, on client continues Transmitting file, CSP feed back to client by authentication result is repeated;
Step 10, request audit:
If client needs the integrality of audit CSP data, audit request information, including user are sent to TTP Identify U, file identification Tag;
Step 11, agency's audit:
The audit request and agreement of auditing of TTP parsing clients, are first depending on user's mark, file identification Tag inspections Rope draws the essential information of file, and generates challenge collection chal=(i, vi)i∈I, then the challenge collection is sent to CSP;Wherein, I be [1, n] subset, random number vi∈Zq, wherein ZqIt is q rank prime fields;
Step 12, audit response:
After CSP receives the audit request from TTP, resolve user identity U, file identification Tag, retrieval obtain document audit Evidence σi, ciphertext blocks Ci, high in the clouds is according to chal, σi、CiPolymerization evidence corresponding to being calculatedAnd polymerization CiphertextThen evidence { μ, σ } will be responded, user identifies U and file identification Tag and is back to TTP;
Step 13, audit certification:
After TTP receives the feedback from CSP, according to file public key information spkFCSP response evidence is verified, then will audit As a result record into log sheet, and auditing result is back to client;
Step 14, file download:
When client needs to download file from CSP, CSP first verifies that the legitimacy of client identity, and by key Ciphertext CKFWith ciphertext CFReturn to client;Client performs key deblocking algorithm with TTP and obtains key plain kF, then utilize Key plain kFDecryption, draws data clear text F.
As a kind of concrete scheme, the cipher key initialization described in step 2, comprise the following steps that:
1) using file F as parameter, file convergence key k is calculatedF=H (F);
2) using file F as parameter, file signature private key ssk is calculatedF=h (F);
3) with file signature private key sskFFor parameter, file signature public key is calculated
As a kind of concrete scheme, the certification evidence initialization described in step 4, comprise the following steps that:
1) block size that client is set according to system, cutting file F are n data block Bi(1≤i≤n);
2) utilize and restrain key kFEncrypted data chunk, obtain Ci=Enc (Bi,kF)(1≤i≤n);
3) file signature private key ssk is generated by file FF=h (F) and file signature public key
4) data block B corresponding to calculation document FiCertification evidence setWherein σi It is the basic element of safe duplicate removal and integrality audit certification.
As a kind of concrete scheme, the key encapsulation described in step 5, comprise the following steps that:
1) client random selection blinding factor r, r ∈ Zq, and convergence key k is blinded, it is close to obtain out the convergence after blinding Key a=kF·g1 r, send to TTP;
2) TTP is signed to obtain b=a using private key tsk to the convergence key a after blindingtsk, and b is returned into client Hold U;
3) client carries out blinding processing to b, the convergence ciphering key K after being encapsulatedF, CKF=by1 -r, and by with Lower equation verifies CKFLegitimacy:
If being proved to be successful, CKFFor key ciphertext, client can be safely by CKFOutsourcing is stored to CSP;Otherwise may By malicious attack, signature failure.
As a kind of concrete scheme, in the file download described in step 14, client file decryption comprises the following steps that:
1) client random selection blinding factor r, r ∈ Zq, and blind key ciphertext CKF, it is close to obtain out the key after blinding Literary a=CKF·g1 r, send to TTP;
2) TTP is signed to obtain using private key tsk to the key ciphertext a after blindingAnd b is returned into use Family U;
3) client carries out blinding processing to b, obtains restraining key kF, kF=by1 -r, and verified by below equation kFLegitimacy:
If being proved to be successful, kFTo restrain key, client utilizes kFDecrypt CFObtain plaintext F, file decryption operation knot Beam;Otherwise authentication fails, and Proxy Signature failure, abandons key, continues to perform ciphertext deblocking algorithm with TTP.
Compared with prior art, its remarkable advantage is the present invention:(1) safely and efficiently management restrains key:Using blind The thought that signature and convergence key combine, will restrain key secure package, while realize the duplicate removal of convergence key;(2) eliminate Effect identical authentication signature, a label two are used:The make of authentication signature has been transformed, make use of the method for convergence key to carry out Signature, same signature both can be used for repeating certification, can be used for certification of auditing;(3) file key need not be obtained in plain text, It is safe:What trusted third party was handled in key encapsulation is the key after blinding, without obtaining file key in plain text, safety Property it is high;When trusted third party, which is acted on behalf of, audits, trusted third party only obtains some attribute informations of file, in verification process of auditing Plaintext document information will not be revealed;The signature verification of safety is carried out using bilinear map relation simultaneously, malice can be resisted and used The inconsistent attack at family;(4) by acting on behalf of storage to convergence key safety, unified encapsulation, authentication signature High Efficiency Reform, public key, Secure cloud data deduplication and integrity verification service are provided, while saves potential redundant data for cloud storage space Waste, reduce the calculating cost of client.
Brief description of the drawings
Fig. 1 is the system construction drawing of high in the clouds data deduplication and integrality auditing method of the present invention based on convergent encryption.
Fig. 2 is the basic flow sheet of high in the clouds data deduplication and integrality auditing method of the present invention based on convergent encryption.
Embodiment
Below in conjunction with the accompanying drawings and implementation example is described in further detail to the present invention.
The present invention provides a kind of high in the clouds data deduplication and integrality auditing method based on convergent encryption, the system of this method Model is as shown in figure 1, including three class entities:Client (Client), cloud storage service device end (CloudStorage ) and trusted third party end (Trusted Third Party) Provider.Wherein, CSP is by master server and storage server group Into it has enough memory spaces and computing capability, provides the user private data storage and repeats certification and audit certification clothes Business.TTP interacts with user, and to restraining key secure package/deblocking, storage audit public key simultaneously acts on behalf of audit.Client bags Numerous domestic consumers are included, the service provided using cloud storage, and realize the important ring in safety certification.
With reference to Fig. 2, a kind of specific implementation step of high in the clouds data deduplication and integrality auditing method based on convergent encryption It is as follows:
Step 1, systematic parameter initialization:System chooses open parameter and initializes the public key and private key at TTP ends.Specifically such as Under:
1) system randomly chooses a prime number q and creates the elliptic curve equation G of q ranks1, G2, and generation one is acceptable Linear pairing e:G1×G1→G2, g1、g2It is G1Two different generations members, make hash function h () → { 0,1 }*∈Zq, Zq Represent q rank prime fields, hash function H () → { 0,1 }*∈G1, then it is { e, g that components of system as directed, which discloses parameter,1,g2,G1,G2,h (·),H(·)};
2) TTP randomly chooses x ∈ Zq, privately owned parameter tsk=x is made, and calculate y1∈g1 x,Make publicly-owned parameter Tpk={ y1,y2, TTP discloses tpk, and keeps tsk privately owned.
Step 2, cipher key initialization:Client is that file F calculates corresponding convergence key kF, file signature private key sskF、 File signature public key spkF;It is specific as follows:
1) using file F as parameter, key k is restrained using one-way Hash function H calculation documentsF=H (F).
2) using file F as parameter, one-way Hash function h calculation document signature private key ssk is utilizedF=h (F).
3) with file signature private key sskFFor parameter, file signature public key is calculated
Step 3, file initialization:Client obtains ciphertext C using the convergence key encryption file F generatedF, CF=Enc (KF, F), and file unique mark Tag=SHA1 (C are generated according to digest algorithm SHA1F), wherein Tag is file identification, is used for The detection of file repeatability.
Step 4, the initialization of certification evidence:Client cutting file F first be etc. size data block Bi, 1≤i≤n, n For data block total number, then key k is restrained using fileFEncrypted data chunk obtains block ciphertextIt is finally each data block BiCalculate data block certification evidence σi, wherein σiFor repeating certification and audit certification.It is specific as follows:
1) block size that client is set according to system, cutting file F are n data block Bi(1≤i≤n);
2) utilize and restrain key kFEncrypted data chunk, obtain Ci=Enc (Bi,kF)(1≤i≤n);
3) file signature private key ssk is generated by file FF=h (F) and file signature public key
4) data block B corresponding to calculation document FiCertification evidence setWherein σiIt is The basic element of safe duplicate removal and integrality audit certification.
Step 5, key encapsulation:When file label Tag is not present in CSP, user generates blinding factor r at random, and utilizes Blinding factor r is to restraining key kFBlind, the convergence key a after then client will blind is sent to TTP and is signed and returned b.Client goes to blind to return value b, obtains restraining key kFCiphertext CKF.It is specific as follows:
1) client randomly selects blinding factor r, r ← Zq
2) using r to restraining key kFBlinded, obtain a=kF·g1 r, and r is transmitted to TTP.
3) TTP is signed to obtain b=a using itself signature private key tsk to atsk, and it is back to user.
4) client goes to blind to obtain the ciphertext CK of convergence key firstF=by1 -r, encrypted by TTP private key tsk.
5) client utilizes equation (1) to CKFCorrectness verified that, if being verified, user can be by CKFAs kFCiphertext outsourcing, which is stored to high in the clouds, safely storage, restrains key.Otherwise, CK is abandonedF, perform key encapsulation algorithm with TTP again To obtain CKF
Step 6, data storage:When file identification Tag is not present in CSP, it is close that client uploads file identification Tag, file Literary CF, file key ciphertext CKF, block ciphertext CBiWith data block certification evidence σiTo CSP, CSP checking file identifications and file cipher text Whether same file is come from, and verify block signature sigmaiCorrectness;Meanwhile client uploads file attribute, user's mark, text Part audits public key to TTP;Finally, CSP is each file storage file mark, file cipher text, blocks of files ciphertext, blocks of files certification Evidence, TTP storage files attribute, user's mark, document audit public key.It is specific as follows:
1) client uploads file identification Tag, file cipher text CF, file key ciphertext CKF, block ciphertextRecognize with data block Demonstrate,prove evidence σiTo CSP, whether CSP checking file identifications and file cipher text come from same file, and verify block signature sigmaiIt is correct Property.
2) it is public to upload file attribute (file block number, file identification, file name), user's mark, document audit for client Key is to TTP.
Step 7, repeat to challenge:When CSP has file label Tag, perform file and repeat authentication protocol;CSP generations are chosen Fight information chal=(i, vi)i∈I, challenge information is returned into client, wherein I is the random subset of [1, n], random number vi∈ Zq, wherein ZqIt is q rank prime fields.It is specific as follows:
1) CSP records generation challenge collection chal, chal=(i, v according to duplicate file F high in the cloudsi)i∈I, wherein I for [1, N] random subset, represent block index set;Random number vi∈Zq, Replay Attack is resisted for malicious attacker.
2) CSP sends challenge collection chal to specified client.
Step 8, duplicate responses:After client receives challenge collection, parsing challenge collects chal, gets the block index of file Collect I, then handle file F ' generations duplicate responses evidence σ ' to be uploaded, and feed back to CSP.It is specific as follows:
1) client parsing challenge collection chal obtains block indexed set I.
2) client initialization duplicate file F ' to be uploaded:
(2a) calculation document convergence key kF=H (F).
(2b) calculation document signature private key sskF=h (F).
It is B that (2c) sets size cutting file F ' by systemi(1≤i≤n), and encrypt and obtain ciphertext block data Ci(1≤i ≤n)。
3) it is all data blocks in I, calculation block signatureBy all σi' calculate To repetition certification evidenceAnd σ ' is sent to high in the clouds.
Step 9, repeat certification:After CSP sends challenge collection to given client end, CSP utilizes first evidence σi, challenge collection Document authentication evidence σ is calculated in chal;After CSP receives the response evidence σ ' that client is passed back, checkingIf Both are identical, then repeatedly certification success, CSP add this client id in the ownership list of this file;Otherwise, certification is repeated Failure, client continue upper transmitting file, and CSP feeds back to client by authentication result is repeated.It is specific as follows:
1) CSP first certification evidence σ ', ciphertext blocks as corresponding to Tag retrieves to obtain file
2) repetition certification evidence is calculated according to challenge collection in CSP
3) after CSP receives client end response evidence σ ', compareIf equation is set up, then file repeats evidence Success, client assign file F ownership to user U (in file F authorities without upper transmitting file F ' and the data of correlation, CSP User U marks are added in table);Otherwise client need to upload All Files.
Step 10, request audit:When user needs the integrality of audit high in the clouds data, user can send to TTP and audit Solicited message (user identifies U, file identification Tag).
Step 11, agency's audit:The audit request and agreement of auditing of TTP parsing clients, are first depending on user's mark Knowledge, file identification Tag retrievals draw the essential information of file, and generate challenge collection chal=(i, vi)i∈I, then this is challenged Collection is sent to CSP;Wherein, I be [1, n] subset, random number vi∈Zq, wherein ZqIt is q rank prime fields.It is specific as follows:
1) TTP parses the audit request information from client U and obtains file identification Tag
2) TTP retrieves locally stored file storehouse according to Tag and obtains file attribute, is generated and chosen on the basis of file total block data n War collection chal=(i, vi)i∈I.And send chal, file identification Tag to high in the clouds.
Step 12, audit response:After CSP receives the audit request from TTP, resolve user identity U, file identification Tag, Retrieval obtains document audit evidence σi, ciphertext blocks Ci, high in the clouds is according to chal, σi、CiPolymerization evidence corresponding to being calculatedAnd polymerization ciphertextThen will response evidence { μ, σ }, user mark U and files-designated Know Tag and be back to TTP.It is specific as follows:
1) CSP parses the audit information that TTP ends are sent, and gets file identification Tag
2) CSP retrieves to obtain first certification evidence σ according to mark Tagi, ciphertext blocks Ci, utilize chal, σi、CiIt is calculated pair The homomorphism audit certification evidence answeredAnd homomorphism ciphertextAnd by { σ, μ, Tag } Return to TTP ends.
Step 13, audit certification:TTP is received after CSP feedbacks, according to file public key information checking high in the clouds response evidence. Then TTP records auditing result into log sheet, and returns to auditing result to client.It is specific as follows:
1) TTP parses feedback information, and retrieves local file storehouse and obtain corresponding document audit public key spkF
2) whether TTP is set up using CSP return informations { σ, μ, Tag } checking equation (3), if equation is set up, user deposits File of the storage in CSP is complete;Otherwise, this document is damaged.Then TTP records auditing result into log sheet, and returns Auditing result is to given client end U.
Step 14, file download:When client needs to download file from CSP, CSP first verifies that the conjunction of client identity Method, and by the ciphertext CK of keyFWith ciphertext CFReturn to client;Client performs key deblocking algorithm with TTP and obtains key Plaintext kF, then utilize key plain kFDecryption, draws data clear text F.It is specific as follows:
1) client random selection blinding factor r, r ∈ Zq, and blind key ciphertext CKF, it is close to obtain out the key after blinding Literary a=CKF·g1 r, send a to TTP.
2) TTP is signed to obtain using private key tsk to aAnd b is returned into user U.
3) client carries out blinding processing to b, obtains restraining key kF, kF=by1 -r, and verified by equation (4) kFLegitimacy, if being proved to be successful, kFTo restrain key, client utilizes kFDecrypt CFObtain plaintext F, file decryption operation Terminate;Otherwise client identity authentication failed, Proxy Signature failure, abandons key, continues to perform ciphertext deblocking algorithm with TTP.
To sum up, convergence key encapsulation/deblocking algorithm proposed by the present invention based on Proxy Signature, convergence key is stored in safety While can realize convergence key duplicate removal, improve cloud storage space availability ratio;On the other hand it is proposed by the present invention based on receipts The BLS signature algorithms of key are held back, audit public key is stored using trusted third party (Trusted Third Party, TTP) and acts on behalf of Audit, the duplicate removal to audit signature and audit public key is realized, alleviates client storage and computing cost.

Claims (5)

1. a kind of high in the clouds data deduplication and integrality auditing method based on convergent encryption, it is characterised in that be including client Client, cloud storage service device end are CSP, trusted third party end i.e. TTP;This method comprises the following steps:
Step 1, system initialization:
System randomly chooses a prime number q, creates the elliptic curve equation G of q ranks1, G2, and produce one and acceptable linearly match somebody with somebody To e:G1×G1→G2, g1、g2It is G1Two different generations members, make hash function h ():{0,1}*∈Zq, ZqRepresent q ranks Prime field, hash function H ():{0,1}*∈G1, then it is { e, g that components of system as directed, which discloses parameter,1,g2,G1,G2,h(·),H (·)};TTP random selection x ∈ Zq, privately owned parameter tsk=x is made, and calculate y1=g1 x,TTP discloses public key parameter y1And y2, and keep tsk privately owned;
Step 2, cipher key initialization:
Client is that file F calculates corresponding convergence key kF, file signature private key sskF, file signature public key spkF
Step 3, file initialization:
Client is that file F calculates ciphertext CF=Enc (kF, F), while generate file identification Tag=Sha1 (CF), wherein Tag is File identification, the detection for file repeatability;
Step 4, the initialization of certification evidence:
Client cutting file F first be etc. size data block Bi, 1≤i≤n, n are data block total number, are then received using file Hold back key kFEncrypted data chunk obtains block ciphertextIt is finally each data block BiCalculate data block certification evidence σi, wherein σi For repeating certification and audit certification;
Step 5, key encapsulation:
When file label Tag is not present in CSP, client generates blinding factor r at random, and close to restraining using blinding factor r Key kFBlind, the convergence key a after then client will blind is sent to TTP and is signed and return to b;Client is to return value b Go to blind, obtain restraining key kFCiphertext CKF
Step 6, data storage:
When file identification Tag is not present in CSP, client uploads file identification Tag, file cipher text CF, file key ciphertext CKF、 Block ciphertext CBiWith data block certification evidence σiTo CSP, whether CSP checking file identifications and file cipher text come from same file, and And checking block signature sigmaiCorrectness;Meanwhile client uploads file attribute, user's mark, document audit public key to TTP;Most Whole, CSP is each file storage file mark, file cipher text, blocks of files ciphertext, blocks of files certification evidence, TTP storage file category Property, user mark, document audit public key;
Step 7, repeat to challenge:
When CSP has file label Tag, perform file and repeat authentication protocol;CSP generation challenge information chal=(i, vi )i∈I, challenge information is returned into client, wherein I is the random subset of [1, n], random number vi∈Zq, wherein ZqIt is q rank prime numbers Domain;
Step 8, duplicate responses:
After client receives challenge collection, parsing challenge collection chal, the block indexed set I of file is got, is then handled to be uploaded File F ' generation duplicate responses evidence σ ', and feed back to CSP;
Step 9, repeat certification:
After CSP sends challenge collection to given client end, CSP utilizes first evidence σi, challenge collection chal be calculated document authentication card According to σ;After CSP receives the response evidence σ ' that client is passed back, checkingIf both are identical, repeatedly certification into Work(, CSP add this client id in the ownership list of this file;Otherwise, authentification failure is repeated, client continues to upload text Part, CSP feed back to client by authentication result is repeated;
Step 10, request audit:
If client needs the integrality of audit CSP data, audit request information, including user's mark are sent to TTP U, file identification Tag;
Step 11, agency's audit:
The audit request and agreement of auditing of TTP parsing clients, are first depending on user's mark, file identification Tag is retrieved Go out the essential information of file, and generate challenge collection chal=(i, vi)i∈I, then the challenge collection is sent to CSP;Wherein, I is The subset of [1, n], random number vi∈Zq, wherein ZqIt is q rank prime fields;
Step 12, audit response:
After CSP receives the audit request from TTP, resolve user identity U, file identification Tag, retrieval obtain document audit evidence σi, ciphertext blocks Ci, high in the clouds is according to chal, σi、CiPolymerization evidence corresponding to being calculatedAnd polymerization ciphertextThen evidence { μ, σ } will be responded, user identifies U and file identification Tag and is back to TTP;
Step 13, audit certification:
After TTP receives the feedback from CSP, according to file public key information spkFCSP response evidence is verified, then by auditing result Record is back to client into log sheet, and by auditing result;
Step 14, file download:
When client needs to download file from CSP, CSP first verifies that the legitimacy of client identity, and by the ciphertext of key CKFWith ciphertext CFReturn to client;Client performs key deblocking algorithm with TTP and obtains key plain kF, then utilize key Plaintext kFDecryption, draws data clear text F.
2. high in the clouds data deduplication and integrality auditing method according to claim 1 based on convergent encryption, its feature exist In the cipher key initialization described in step 2, comprising the following steps that:
1) using file F as parameter, file convergence key k is calculatedF=H (F);
2) using file F as parameter, file signature private key ssk is calculatedF=h (F);
3) with file signature private key sskFFor parameter, file signature public key is calculated
3. high in the clouds data deduplication and integrality auditing method according to claim 1 based on convergent encryption, its feature exist In the certification evidence described in step 4 initializes, and comprises the following steps that:
1) block size that client is set according to system, cutting file F are n data block Bi, 1≤i≤n;
2) utilize and restrain key kFEncrypted data chunk, obtain Ci=Enc (Bi,kF), 1≤i≤n;
3) file signature private key ssk is generated by file FF=h (F) and file signature public key
4) data block B corresponding to calculation document FiCertification evidence set1≤i≤n, wherein σiIt is safety Duplicate removal and the basic element of integrality audit certification.
4. high in the clouds data deduplication and integrality auditing method according to claim 1 based on convergent encryption, its feature exist In the key encapsulation described in step 5, comprising the following steps that:
1) client random selection blinding factor r, r ∈ Zq, and convergence key k is blinded, obtain out the convergence key a=after blinding kF·g1 r, send to TTP;
2) TTP is signed to obtain b=a using private key tsk to the convergence key a after blindingtsk, and b is returned into client U;
3) client carries out blinding processing to b, the convergence ciphering key K after being encapsulatedF, CKF=by1 -r, and by such as the following Formula verifies CKFLegitimacy:
<mrow> <mi>e</mi> <mrow> <mo>(</mo> <msub> <mi>CK</mi> <mi>F</mi> </msub> <mo>,</mo> <msub> <mi>g</mi> <mn>1</mn> </msub> <mo>)</mo> </mrow> <mover> <mo>=</mo> <mo>?</mo> </mover> <mi>e</mi> <mrow> <mo>(</mo> <msub> <mi>k</mi> <mi>F</mi> </msub> <mo>,</mo> <msub> <mi>y</mi> <mn>1</mn> </msub> <mo>)</mo> </mrow> </mrow>
If being proved to be successful, CKFFor key ciphertext, client can be safely by CKFOutsourcing is stored to CSP;Otherwise can suffer from Malicious attack, signature failure.
5. high in the clouds data deduplication and integrality auditing method according to claim 1 based on convergent encryption, its feature exist In in the file download described in step 14, client file decryption comprises the following steps that:
1) client random selection blinding factor r, r ∈ Zq, and blind key ciphertext CKF, obtain out the key ciphertext a after blinding =CKF·g1 r, send to TTP;
2) TTP is signed to obtain using private key tsk to the key ciphertext a after blindingAnd b is returned into user U;
3) client carries out blinding processing to b, obtains restraining key kF, kF=by1 -r, and k is verified by below equationF's Legitimacy:
<mrow> <mi>e</mi> <mrow> <mo>(</mo> <msub> <mi>CK</mi> <mi>F</mi> </msub> <mo>,</mo> <msub> <mi>g</mi> <mn>1</mn> </msub> <mo>)</mo> </mrow> <mover> <mo>=</mo> <mo>?</mo> </mover> <mi>e</mi> <mrow> <mo>(</mo> <msub> <mi>k</mi> <mi>F</mi> </msub> <mo>,</mo> <msub> <mi>y</mi> <mn>1</mn> </msub> <mo>)</mo> </mrow> </mrow>
If being proved to be successful, kFTo restrain key, client utilizes kFDecrypt CFPlaintext F is obtained, file decryption operation terminates;It is no Then authentication fails, and Proxy Signature failure, abandons key, continues to perform ciphertext deblocking algorithm with TTP.
CN201710895786.1A 2017-09-28 2017-09-28 Cloud data deduplication and integrity auditing method based on convergence encryption Active CN107800688B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710895786.1A CN107800688B (en) 2017-09-28 2017-09-28 Cloud data deduplication and integrity auditing method based on convergence encryption

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710895786.1A CN107800688B (en) 2017-09-28 2017-09-28 Cloud data deduplication and integrity auditing method based on convergence encryption

Publications (2)

Publication Number Publication Date
CN107800688A true CN107800688A (en) 2018-03-13
CN107800688B CN107800688B (en) 2020-04-10

Family

ID=61532701

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710895786.1A Active CN107800688B (en) 2017-09-28 2017-09-28 Cloud data deduplication and integrity auditing method based on convergence encryption

Country Status (1)

Country Link
CN (1) CN107800688B (en)

Cited By (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108494552A (en) * 2018-03-16 2018-09-04 西安电子科技大学 Support the cloud storage data duplicate removal method of efficiently convergence key management
CN108600263A (en) * 2018-05-09 2018-09-28 电子科技大学 A kind of safely and effectively client duplicate removal agreement proved based on possessing property
CN108664814A (en) * 2018-05-16 2018-10-16 东南大学 A kind of group data integrity verification method based on agency
CN108776758A (en) * 2018-04-13 2018-11-09 西安电子科技大学 The block level data De-weight method of dynamic ownership management is supported in a kind of storage of mist
CN108881421A (en) * 2018-06-05 2018-11-23 天津大学 Cloud service Data Audit method based on block chain
CN109088720A (en) * 2018-08-14 2018-12-25 广东工业大学 A kind of encryption file De-weight method and device based on mixing cloud storage
CN109286490A (en) * 2018-08-27 2019-01-29 西安电子科技大学 Support close state data deduplication and integrity verification method and system
CN109359483A (en) * 2018-10-19 2019-02-19 东北大学秦皇岛分校 A kind of privacy of user anonymity guard method based on block chain
CN109829326A (en) * 2018-11-20 2019-05-31 西安电子科技大学 Cross-domain certification and fair audit duplicate removal cloud storage system based on block chain
CN109861829A (en) * 2019-03-15 2019-06-07 上海海事大学 The just auditing system of cloud data and its auditing method for supporting dynamic to update
CN109905230A (en) * 2019-02-13 2019-06-18 中国科学院信息工程研究所 Data confidentiality verification method and system in a kind of cloud storage
CN109962769A (en) * 2019-05-09 2019-07-02 长春理工大学 Data safety De-weight method based on threshold blind signature
CN110213042A (en) * 2019-05-09 2019-09-06 电子科技大学 A kind of cloud data duplicate removal method based on no certification agency re-encryption
CN111355705A (en) * 2020-02-08 2020-06-30 西安电子科技大学 Data auditing and safety duplicate removal cloud storage system and method based on block chain
CN111460524A (en) * 2020-03-27 2020-07-28 鹏城实验室 Data integrity detection method and device and computer readable storage medium
CN112567371A (en) * 2018-08-17 2021-03-26 微芯片技术股份有限公司 Authentication of documents
CN112688990A (en) * 2020-12-14 2021-04-20 百果园技术(新加坡)有限公司 Hybrid cloud data auditing method and system, electronic equipment and storage medium
CN112887281A (en) * 2021-01-13 2021-06-01 西安电子科技大学 Storage method and system supporting efficient audit and multi-backup ciphertext deduplication and application
CN113127463A (en) * 2021-03-15 2021-07-16 西安电子科技大学 Data deduplication and sharing auditing method for decentralized storage based on block chain
CN113761594A (en) * 2021-09-09 2021-12-07 安徽师范大学 Three-party authenticable key agreement and data sharing method based on identity
CN114391242A (en) * 2020-07-09 2022-04-22 谷歌有限责任公司 Anonymous event attestation
CN114978780A (en) * 2022-08-01 2022-08-30 四川公众项目咨询管理有限公司 Cloud security deduplication method based on convergence encryption technology
CN115442162A (en) * 2022-11-08 2022-12-06 四川公众项目咨询管理有限公司 Cloud security deduplication method based on convergence encryption technology
CN116245669A (en) * 2023-05-04 2023-06-09 南京青春信息科技有限公司 Homomorphic encryption and classification optimization-based financial audit method and system
US12003649B2 (en) 2020-07-09 2024-06-04 Google Llc Anonymous event attestation with group signatures

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130080765A1 (en) * 2011-09-26 2013-03-28 Subhashis Mohanty Secure cloud storage and synchronization systems and methods
CN105939191A (en) * 2016-07-08 2016-09-14 南京理工大学 Client secure deduplication method of ciphertext data in cloud storage
CN106254374A (en) * 2016-09-05 2016-12-21 电子科技大学 A kind of cloud data public audit method possessing duplicate removal function
CN107172071A (en) * 2017-06-19 2017-09-15 陕西师范大学 A kind of cloud Data Audit method and system based on attribute

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130080765A1 (en) * 2011-09-26 2013-03-28 Subhashis Mohanty Secure cloud storage and synchronization systems and methods
CN105939191A (en) * 2016-07-08 2016-09-14 南京理工大学 Client secure deduplication method of ciphertext data in cloud storage
CN106254374A (en) * 2016-09-05 2016-12-21 电子科技大学 A kind of cloud data public audit method possessing duplicate removal function
CN107172071A (en) * 2017-06-19 2017-09-15 陕西师范大学 A kind of cloud Data Audit method and system based on attribute

Cited By (38)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108494552A (en) * 2018-03-16 2018-09-04 西安电子科技大学 Support the cloud storage data duplicate removal method of efficiently convergence key management
CN108776758A (en) * 2018-04-13 2018-11-09 西安电子科技大学 The block level data De-weight method of dynamic ownership management is supported in a kind of storage of mist
CN108776758B (en) * 2018-04-13 2021-08-17 西安电子科技大学 Block-level data deduplication method supporting dynamic ownership management in fog storage
CN108600263A (en) * 2018-05-09 2018-09-28 电子科技大学 A kind of safely and effectively client duplicate removal agreement proved based on possessing property
CN108600263B (en) * 2018-05-09 2020-09-25 电子科技大学 Safe and effective client duplicate removal method based on possession certification
CN108664814A (en) * 2018-05-16 2018-10-16 东南大学 A kind of group data integrity verification method based on agency
CN108881421A (en) * 2018-06-05 2018-11-23 天津大学 Cloud service Data Audit method based on block chain
CN109088720A (en) * 2018-08-14 2018-12-25 广东工业大学 A kind of encryption file De-weight method and device based on mixing cloud storage
US20220092201A1 (en) * 2018-08-17 2022-03-24 Microchip Technology Incorporated Authentication of files
CN112567371A (en) * 2018-08-17 2021-03-26 微芯片技术股份有限公司 Authentication of documents
CN109286490A (en) * 2018-08-27 2019-01-29 西安电子科技大学 Support close state data deduplication and integrity verification method and system
CN109359483B (en) * 2018-10-19 2021-09-10 东北大学秦皇岛分校 User privacy anonymity protection method based on block chain
CN109359483A (en) * 2018-10-19 2019-02-19 东北大学秦皇岛分校 A kind of privacy of user anonymity guard method based on block chain
CN109829326A (en) * 2018-11-20 2019-05-31 西安电子科技大学 Cross-domain certification and fair audit duplicate removal cloud storage system based on block chain
CN109829326B (en) * 2018-11-20 2023-04-07 西安电子科技大学 Cross-domain authentication and fair audit de-duplication cloud storage system based on block chain
CN109905230A (en) * 2019-02-13 2019-06-18 中国科学院信息工程研究所 Data confidentiality verification method and system in a kind of cloud storage
CN109905230B (en) * 2019-02-13 2020-11-03 中国科学院信息工程研究所 Data confidentiality verification method and system in cloud storage
CN109861829A (en) * 2019-03-15 2019-06-07 上海海事大学 The just auditing system of cloud data and its auditing method for supporting dynamic to update
CN110213042A (en) * 2019-05-09 2019-09-06 电子科技大学 A kind of cloud data duplicate removal method based on no certification agency re-encryption
CN109962769A (en) * 2019-05-09 2019-07-02 长春理工大学 Data safety De-weight method based on threshold blind signature
CN110213042B (en) * 2019-05-09 2021-02-02 电子科技大学 Cloud data deduplication method based on certificate-free proxy re-encryption
CN109962769B (en) * 2019-05-09 2022-03-29 长春理工大学 Data security deduplication method based on threshold blind signature
CN111355705A (en) * 2020-02-08 2020-06-30 西安电子科技大学 Data auditing and safety duplicate removal cloud storage system and method based on block chain
CN111355705B (en) * 2020-02-08 2021-10-15 西安电子科技大学 Data auditing and safety duplicate removal cloud storage system and method based on block chain
CN111460524A (en) * 2020-03-27 2020-07-28 鹏城实验室 Data integrity detection method and device and computer readable storage medium
CN114391242A (en) * 2020-07-09 2022-04-22 谷歌有限责任公司 Anonymous event attestation
CN114391242B (en) * 2020-07-09 2024-02-23 谷歌有限责任公司 Anonymous event attestation
US12003649B2 (en) 2020-07-09 2024-06-04 Google Llc Anonymous event attestation with group signatures
CN112688990A (en) * 2020-12-14 2021-04-20 百果园技术(新加坡)有限公司 Hybrid cloud data auditing method and system, electronic equipment and storage medium
CN112887281A (en) * 2021-01-13 2021-06-01 西安电子科技大学 Storage method and system supporting efficient audit and multi-backup ciphertext deduplication and application
CN113127463A (en) * 2021-03-15 2021-07-16 西安电子科技大学 Data deduplication and sharing auditing method for decentralized storage based on block chain
CN113127463B (en) * 2021-03-15 2024-04-09 西安电子科技大学 Data de-duplication and shared audit method based on block chain for de-centralized storage
CN113761594A (en) * 2021-09-09 2021-12-07 安徽师范大学 Three-party authenticable key agreement and data sharing method based on identity
CN113761594B (en) * 2021-09-09 2024-04-09 安徽师范大学 Three-party authenticatable key negotiation and data sharing method based on identity
CN114978780A (en) * 2022-08-01 2022-08-30 四川公众项目咨询管理有限公司 Cloud security deduplication method based on convergence encryption technology
CN115442162A (en) * 2022-11-08 2022-12-06 四川公众项目咨询管理有限公司 Cloud security deduplication method based on convergence encryption technology
CN116245669A (en) * 2023-05-04 2023-06-09 南京青春信息科技有限公司 Homomorphic encryption and classification optimization-based financial audit method and system
CN116245669B (en) * 2023-05-04 2023-08-25 南京青春信息科技有限公司 Homomorphic encryption and classification optimization-based financial audit method and system

Also Published As

Publication number Publication date
CN107800688B (en) 2020-04-10

Similar Documents

Publication Publication Date Title
CN107800688A (en) A kind of high in the clouds data deduplication and integrality auditing method based on convergent encryption
CN109194466A (en) A kind of cloud data integrity detection method and system based on block chain
CN105939191B (en) The client secure De-weight method of ciphertext data in a kind of cloud storage
CN109347627B (en) Data encryption and decryption method and device, computer equipment and storage medium
Yu et al. Improved security of a dynamic remote data possession checking protocol for cloud storage
Garg et al. RITS-MHT: Relative indexed and time stamped Merkle hash tree based data auditing protocol for cloud computing
CN1922816B (en) One way authentication
CA2693133A1 (en) Method and system for generating implicit certificates and applications to identity-based encryption (ibe)
EP3038287B1 (en) General encoding functions for modular exponentiation encryption schemes
US9230114B1 (en) Remote verification of file protections for cloud data storage
CN111523133A (en) Block chain and cloud data collaborative sharing method
Nirmala et al. Data confidentiality and integrity verification using user authenticator scheme in cloud
Li et al. Lattice‐based signcryption
CN106549963A (en) Safe storage system based on HDFS
CN115001775B (en) Data processing method, device, electronic equipment and computer readable storage medium
Gan et al. Efficient and secure auditing scheme for outsourced big data with dynamicity in cloud
US20140237239A1 (en) Techniques for validating cryptographic applications
Yu et al. Provable data possession supporting secure data transfer for cloud storage
CN105653983B (en) Information distribution, reduction, integrity verification method and device based on cloud storage
CN108809996B (en) Integrity auditing method for duplicate deletion stored data with different popularity
Abo-Alian et al. Auditing-as-a-service for cloud storage
CN117640150A (en) Terminal authentication method, carbon emission supervision integrated platform and terminal authentication device
VS et al. A secure regenerating code‐based cloud storage with efficient integrity verification
Le et al. Auditing for distributed storage systems
Yang et al. Provable Ownership of Encrypted Files in De-duplication Cloud Storage.

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant