CN108182367B - A kind of encrypted data chunk client De-weight method for supporting data to update - Google Patents
A kind of encrypted data chunk client De-weight method for supporting data to update Download PDFInfo
- Publication number
- CN108182367B CN108182367B CN201711347947.XA CN201711347947A CN108182367B CN 108182367 B CN108182367 B CN 108182367B CN 201711347947 A CN201711347947 A CN 201711347947A CN 108182367 B CN108182367 B CN 108182367B
- Authority
- CN
- China
- Prior art keywords
- node
- clear text
- text file
- file
- block
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Abstract
The invention discloses a kind of encrypted data chunk client De-weight methods for supporting data to update, utilize convergent encryption algorithm, so that being mapped as identical cryptograph files block after identical clear text file block encryption, novel dynamic equilibrium skip list is constructed as File Ownership authentication structures, the File Ownership certification carried out between server and the subsequent uploader of file interacts, and realizes encrypted data chunk client duplicate removal.The method for proposing dynamic equilibrium skip list self-balancing, according to the authentication value of dynamic operation instruction and clear text file block to be updated that user uploads, it modifies, be inserted into and delete operation to dynamic equilibrium skip list interior joint, the present invention not only increases server duplicate removal ratio and utilization ratio of storage resources, save user bandwidth and uplink time, and data block is supported to update, realize servers' data elastic management.
Description
Technical field
The invention belongs to field of computer technology, support data more further to one of field of information security technology
New encrypted data chunk client De-weight method.The present invention can be used for supporting the cloud storage system of encrypted data chunk duplicate removal and update
System, not only can be improved duplicate removal ratio, saves the uploading bandwidth of user and the memory space of server, and also support user is to blocks of files
Update operation, realize data elastic management.
Background technique
Cloud storage data deduplication technology, which is widely used in data backup, reduces network and storage overhead.The technology can be with
Data redundancy is eliminated, leaves behind a physical copy, the data copy without retaining multiple identical contents.Data deduplication technology
Based on different duplicate removal strategies, client server duplicate removal, file-level or blocks of files grade duplicate removal etc. can be divided into.Client is gone
Weight is compared to server end duplicate removal, it is possible to reduce user bandwidth and uplink time are saved in the upload of repeated data, are brought preferably
User experience.More fine-grained duplicate removal may be implemented compared to file-level duplicate removal in blocks of files grade duplicate removal, improves duplicate removal ratio and deposits
Store up resource utilization.Therefore, encrypted data chunk duplicate removal technology or encryption data client duplicate removal technology obtain cloud storage service
The affirmative and support of supplier.But in actual life, people generally require to propose to update request to cloud backup file, therefore,
Update of the data deduplication technical support user to cloud data realizes that server to the elastic management of data, has great show
Real demand.
A kind of patent document " safe data de-duplication method " of the Beijing Safe-Code Technology Co., Ltd. in its application
A kind of method of data de-duplication is disclosed in (application number: 201310736892.7, publication number: CN 103731423A).It should
The file that the specific steps of method, which include: client, stores needs is encrypted to close with the different Encryption Algorithm of same key
Text;The cryptographic Hash that server passes through file first judges whether to store this document;The ciphertext that client is returned by server
Key is decrypted, then is encrypted with another Encryption Algorithm;Server encrypts judgement with same Encryption Algorithm by documents twice
Whether data de-duplication is carried out.Shortcoming existing for this method is: the key in this method is randomly generated by user,
The content spoofing attack initiated by file first place uploader cannot be resisted, safety is lower, and this method does not support blocks of files
Grade duplicate removal, duplicate removal granularity is small, and duplicate removal ratio is low.
Paper " the BL-MLE:Block-Level Message- that Chen R, Mu Y and Yang G et al. is delivered at it
Locked Encryption for Secure Large File Deduplication”(IEEE Transactions
2015,10 (12): onInformation Forensics Security proposes a kind of encryption file in 2643-2652.)
The De-weight method of block.This method is based on convergent encryption algorithm and blocks of files is encrypted, and realizes blocks of files grade duplicate removal.The party
The specific steps of method: client encrypts blocks of files using the cryptographic Hash of blocks of files, recycles the cryptographic Hash of file to blocks of files
Content carries out exponent arithmetic, generates blocks of files label.Server judges to whether there is in different files by Bilinear map equation
Same file block is deleted and repeats encryption blocks of files, to realize blocks of files grade duplicate removal.Shortcoming existing for this method is: making
With bilinear algorithm and exponent arithmetic, computation complexity is high, low efficiency;User cannot be supported to operate the update of blocks of files, if
User wants to update cloud backup file, then needs to upload updated entire file, and is not only the blocks of files for needing to update,
To waste user's uploading bandwidth and uplink time.
Paper " the DeyPoS:Deduplicatable Dynamic that He K, Chen J, Du R et al. is delivered at it
Proof of Storage for Multi-User Environments”(IEEE Transactions on Computers,
2016,65 (12): it is all that the file for supporting dynamic to update under a kind of cloud storage data deduplication environment is proposed in 3631-3645.)
The method of power certification and integrity verification.This method devises a kind of new File Ownership authentication structures --- homomorphism certification
Tree, it can support three kinds of update operations, can meet user and upgrade demand to blocks of files.The calculating of each node in homomorphism certification tree
Using homomorphic algorithm, server carries out the certification of File Ownership based on the structure to the subsequent uploader of file.The program exists
Shortcoming be: large-scale insertion and delete operation will lead to the unbalance of homomorphism authentication structures, to lose binary chop
High efficiency;This method does not support encryption blocks of files duplicate removal, duplicate removal ratio low.
Paper " the Updatable Block-Level that Zhao, Yongjun, and S.S.M.Chow are delivered at it
Message-Locked Encryption[C]”(ACM Asia Conference on Computer and
Communications Security.ACM, 2017.) a kind of renewable data based on convergent encryption algorithm are proposed in
Block De-weight method.The specific steps of this method: user encrypts blocks of files using the cryptographic Hash of blocks of files, before blocks of files cryptographic Hash
After be connected to new clear text file block, recycle the cryptographic Hash of new clear text file block to encrypt corresponding new clear text file block, until
Generate the last one clear text file block, master key of the cryptographic Hash of the clear text file block as file, for file encryption and
It updates;Server is based on above-mentioned encryption blocks of files and establishes Merkle Tree, for blocks of files and blocks of files key connection value
Storage and update.Shortcoming existing for this method is: not proposing safe and efficient File Ownership authentication method, causes big
The upload of duplicate file block is measured, user bandwidth is wasted;Using iteration convergence Encryption Algorithm calculation document block ciphertext, so that blocks of files
The decrypting process low efficiency of ciphertext;Merkle Tree only supports the modification of leaf node to update because the structure of itself limits, and
It does not support leaf node is inserted into and deletes to update, upgrades demand it is thus impossible to fully meet user to blocks of files.
Summary of the invention
The purpose of the present invention is in view of the above shortcomings of the prior art, propose a kind of encrypted data chunk for supporting data to update
Client De-weight method.
Concrete thought in order to achieve the object of the present invention is: the method for calculating encryption blocks of files using convergent encryption algorithm,
It is mapped as identical cryptograph files block after ensuring identical clear text file block encryption, realizes going for same file block in different files
Weight protects data privacy, improves the duplicate removal ratio and utilization ratio of storage resources of server end.Based on efficient on skip list probability
It searches and supports to update the characteristic operated, propose have the novel dynamic equilibrium skip list of binary chop advantage all as file
The authentication structures of power and new authentication method are realized that server is interacted with the certification of the File Ownership of the subsequent uploader of file, are kept away
Exempt from identical block to repeat to upload, saves user bandwidth and uplink time.Finally, it is special to use for reference balanced binary tree constitutional balance
Property, it proposes that dynamic equilibrium skip list updates the method for operation self-balancing, is instructed according to the dynamic operation that user uploads and to be updated
Clear text file block authentication value, realize dynamic equilibrium skip list interior joint modification, insertion and delete operation, to support cloud
Servers' data elastic management is realized in the update of blocks of files.
Specific steps of the invention include the following:
Step 1, data block is encrypted in file first place uploader:
File first place uploader utilizes 256 secure hash algorithm SHA256, using clear text file as input, calculates in plain text
The key of file calculates the label of clear text file using the key of clear text file as input;
File first place uploader carries out the piecemeal that length is 4kb to clear text file, generates multiple clear text file blocks;
File first place uploader utilizes 256 secure hash algorithm SHA256, using each clear text file block as input,
Each clear text file block key is calculated, to be connected to input before and after each clear text file block and clear text file block key,
Calculate the authentication value of each clear text file block;
File first place uploader is close with clear text file block using the Encryption Algorithm in 256 Advanced Encryption Standard AES256
Key encrypting plaintext blocks of files, obtains cryptograph files block, with the connection value of clear text file key encrypting plaintext blocks of files key, obtains
The connection value ciphertext of clear text file block key;
File first place uploader is literary by the label of clear text file, the authentication value of clear text file block, cryptograph files block and plaintext
The connection value ciphertext of part block key is uploaded to server;
Step 2, the novel dynamic equilibrium skip list of server construction:
The first step, it is corresponding according to clear text file block authentication value by the corresponding base level nodes of each clear text file block authentication value
Clear text file block tandem, connect into a single linked list;
Second step generates a father for every two node as child node since first node on the left of current chained list
Node;If current chained list interior joint number is odd number, father's section is generated using remaining last three nodes as child node
Point;
Third step, using 256 secure hash algorithm SHA256, by the cryptographic Hash of child node each in each father node,
It is linked in sequence into Hash connection value according to child node or so as inputting, calculates the cryptographic Hash of Hash connection value, Hash is connected
The cryptographic Hash of value is assigned to the cryptographic Hash of each father node;
4th step, by child node each in each father node up to the sum of base level nodes number be assigned to each father node can
The base level nodes number reached;The son node number for number of nodes used in each father node will be generated being assigned to each father node;
5th step is directed toward the position of first child node on the left of the node with the lower pointer of each father node, by generation
Father node is linked into father chain's table according to the sequencing of generation;
6th step deletes the pointer between different father node child nodes;
7th step, judge in father chain's table whether only one node, if so, the exclusive node in father chain's table is labeled as
Root node executes step 3 after obtaining dynamic equilibrium skip list;Otherwise, sheet is executed after using father chain's table of generation as current chained list
The second step of step;
Step 3, server carries out deduplication operation to encrypted data chunk:
256 secure hash algorithm SHA256 of server by utilizing calculate cryptograph files block using cryptograph files block as input
Label, delete and have the repetition cryptograph files block of identical cryptograph files block label, the encrypted data chunk for completing server end is gone
It operates again;
Step 4, the subsequent uploader of file is interacted with server progress File Ownership certification:
Server by utilizing random function generates two positive integers at random, and two positive integers are sent to the subsequent upload of file
Person;
The subsequent uploader of file regard one in two positive integers as random seed, generates equal with another positive integer
Multiple random numbers as by the index value of challenge blocks of files;
The subsequent uploader of file carries out the piecemeal that length is 4kb to clear text file, generates multiple clear text file blocks;
The subsequent uploader of file utilizes 256 secure hash algorithm SHA256, calculates by the index value institute of challenge blocks of files
The corresponding authentication value by challenge blocks of files, sends it to server;
Step 5, server determines whether the subsequent uploader is file owner:
Server regard one in two positive integers as random seed, generate it is equal with another positive integer it is multiple with
Machine number is as by the index value of challenge blocks of files;
In dynamic equilibrium skip list, server searches the father node of the base level nodes corresponding to challenge blocks of files index value
With the brotgher of node of father node;
Using 256 secure hash algorithm SHA256, the cryptographic Hash of the server brotgher of node is challenged with what is received
The authentication value of blocks of files recalculates the cryptographic Hash of dynamic equilibrium skip list root node;
Judge the cryptographic Hash of dynamic equilibrium skip list root node and whether root node cryptographic Hash that server local is stored
Equal, if so, File Ownership certification passes through, server is by subsequent uploader labeled as execution step 6 after file owner;
Otherwise, File Ownership authentification failure;
Step 6, the cryptograph files block at file owner's download server end:
The label of clear text file and downloading request are sent to server by file owner;
Server is by the ciphertext of clear text file label corresponding all cryptograph files blocks and clear text file block key connection value
It is sent to file owner;
Step 7, file owner decrypts the cryptograph files block of server end:
File owner is using the decipherment algorithm in 256 Advanced Encryption Standard AES256, with the key solution of clear text file
The connection value ciphertext of close clear text file block key, obtains the connection value of clear text file block key, is decrypted with clear text file block key
Cryptograph files block obtains clear text file block;
Step 8, new clear text file block is encrypted in file owner:
The label of clear text file and update request are sent to server by file owner;
The ciphertext of blocks of files key connection value is sent to file owner by server;
Using the decipherment algorithm in 256 Advanced Encryption Standard AES256, the key solution of file owner's clear text file
The ciphertext of close clear text file block key connection value, obtains the connection value of clear text file block key;
Using 256 secure hash algorithm SHA256, file owner calculates separately the key of new clear text file, new
The label of clear text file, the to be modified or clear text file block key that is inserted into and to be modified or the clear text file block that is inserted into recognizes
Card value;
File owner using clear text file block that is to be modified or being inserted into index value and its clear text file block key more
The connection value of new clear text file block key, obtains the connection value of new clear text file block key;
Using the Encryption Algorithm in 256 Advanced Encryption Standard AES256, file owner is with to be modified or be inserted into
Clear text file block key encrypts corresponding clear text file block, cryptograph files block that is to be modified or being inserted into is obtained, with new plaintext
The key of file encrypts the connection value of new clear text file block key, obtains the connection value ciphertext of new clear text file block key;
File owner grasps the label of new clear text file, the connection value ciphertext of new clear text file block key, dynamic
It instructs, is to be modified or be inserted into or the index value of blocks of files to be deleted, the to be modified or cryptograph files block, to be modified that is inserted into
The authentication value for the clear text file block being inserted into is sent to server;
Step 9, server carries out deduplication operation to new cryptograph files block:
256 secure hash algorithm SHA256 of server by utilizing calculate the mark of cryptograph files block that is to be modified or being inserted into
Label delete the repetition cryptograph files block for having identical cryptograph files block label, complete the encrypted data chunk duplicate removal behaviour of server end
Make;
Step 10, the base level nodes in server modification dynamic equilibrium skip list:
The index value that server searches blocks of files to be modified corresponds to the father node of base level nodes and the brotgher of node of father node,
Using 256 secure hash algorithm SHA256, the server authentication value of clear text file block to be modified and the certification of the brotgher of node
Value, updates the authentication value of father node;
Step 11, the base level nodes in server insertion dynamic equilibrium skip list:
The first step, the index value that server lookup is inserted into blocks of files correspond to the father node of base level nodes, generate a base
Node layer is assigned to the cryptographic Hash of insertion node with the cryptographic Hash for being inserted into clear text file block as insertion node, is inserted into node
It is assigned a value of 1 up to base level nodes number, the son node number for being inserted into node is assigned a value of 0, and insertion node is inserted into and is inserted into blocks of files
Index value corresponding to base level nodes backpointer position;
The son node number of the father node of lowermost layer is added 1, using the father node of lowermost layer as present node by second step;
Third step, judges whether the son node number of present node is equal to 3, if so, executing the 4th step of this step;It is no
Then, the 5th step of this step is executed;
4th step updates the cryptographic Hash of present node, up to base level nodes using each child node of present node
Number, executes the 6th step of this step;
5th step utilizes the Hash of first, the left side child node of present node and second sub- node updates present node
Value, reachable base level nodes number and son node number;It is generated using the left side third child node of present node and the 4th child node
The node of generation is inserted into the backpointer position of present node by another node, by the child node of the father node of present node
The 6th step of this step is executed after number plus 1;
6th step judges whether present node is root node, if so, thening follow the steps 12;Otherwise, above one layer of father node
As present node, the third step of this step is executed;
Step 12, server deletes the base level nodes in dynamic equilibrium skip list:
The first step, the index value that server searches blocks of files to be deleted correspond to the father node of base level nodes, delete to be deleted
Base level nodes corresponding to the index value of blocks of files;
The son node number of the father node of lowermost layer is subtracted 1, using the father node of lowermost layer as present node by second step;
Third step, judges whether the son node number of present node is equal to 2, if so, executing the 4th step of this step;It is no
Then, the 5th step of this step is executed;
4th step updates the cryptographic Hash of present node, up to base level nodes using each child node of present node
Number, executes the 12nd step of this step;
5th step, judges whether the backpointer of present node is directed toward a brotgher of node, if so, executing the of this step
Six steps;Otherwise, the 9th step of this step is executed;
6th step, judges whether the child node number of the brotgher of node of the backpointer meaning of present node is equal to 3, if so,
Then execute the 7th step of this step;Otherwise, the 8th step of this step is executed;
7th step, using first, the left side child node of the backpointer meaning brotgher of node of present node as present node
Second, left side child node, using the cryptographic Hash of two sub- node updates present nodes of present node, up to base level nodes number
And son node number, utilize remaining two sub- node updates brotghers of node of the brotgher of node of the backpointer meaning of present node
Cryptographic Hash, reachable base level nodes number and son node number, execute the 12nd step of this step;
8th step, using unique child node of present node as the left side first of the present node backpointer meaning brotgher of node
A child node, using the cryptographic Hash of the three sub- node updates brotgher of node of the present node backpointer meaning brotgher of node, can
Up to base level nodes number and son node number, present node is deleted, executes this step after subtracting 1 for the son node number of upper one layer of father node
12nd step;
9th step, judges whether the child node number of the previous brotgher of node of present node is equal to 3, if so, executing
Tenth step of this step;Otherwise, the 11st step of this step is executed;
Tenth step, using the left side third child node of the previous brotgher of node as first, the left side son section of present node
Point, using the cryptographic Hash of two sub- node updates present nodes of present node, up to base level nodes number and son node number, utilization
The cryptographic Hash of the remaining two sub- node updates brotgher of node of the previous brotgher of node of present node, reachable base level nodes number
And son node number, execute the 12nd step of this step;
11st step, using unique child node of present node as the left side third of the previous brotgher of node of present node
A child node utilizes the cryptographic Hash of the three sub- node updates brotgher of node of the previous brotgher of node of present node, reachable
Base level nodes number and son node number delete present node, subtract 1 for the son node number of upper one layer of father node;
12nd step judges whether present node is root node, if so, executing step 13;Otherwise, above one layer of the father section
Point is used as present node, executes the third step of this step;
Step 13, dynamic equilibrium skip list update finishes.
Compared with the prior art, the present invention has the following advantages:
First, since the present invention constructs a novel dynamic equilibrium skip list according to the authentication value of clear text file block, and
Using the dynamic equilibrium skip list as the authentication structures for uploading File Ownership, the upper transmitting file between user and server is realized
Ownership certification interaction, overcomes the prior art and haves the defects that support blocks of files client duplicate removal, so that the present invention has
It avoids identical block from repeating to upload, saves user bandwidth and uplink time, improve the excellent of server stores resources utilization rate
Point.
Second, due to being uploaded according to user the invention proposes a kind of method that dynamic equilibrium skip list updates self-balancing
Dynamic operation instruction and clear text file block to be updated authentication value, the modification of node is carried out to dynamic equilibrium skip list, is inserted
Enter and delete operation, overcomes and be not able to satisfy the defect that user efficiently updates cloud Backup Data in the prior art, so that this hair
It is bright that there is the advantages of supporting data block to update, realizing servers' data elastic management.
Detailed description of the invention
Fig. 1 is flow chart of the invention.
Fig. 2 is the schematic diagram of the novel dynamic equilibrium skip list step of server construction of the invention.
Fig. 3 is the flow chart that new clear text file block is encrypted in the bright file owner of this law;
Fig. 4 is the schematic diagram that the bright server of this law modifies base level nodes in dynamic equilibrium skip list;
Fig. 5 is the schematic diagram that the bright server of this law is inserted into base level nodes in dynamic equilibrium skip list;
Fig. 6 is the schematic diagram that the bright server of this law deletes base level nodes in dynamic equilibrium skip list;
Fig. 7 is the flow chart that the bright server of this law deletes the base level nodes in dynamic equilibrium skip list.
Specific embodiment
The present invention is described in further detail with reference to the accompanying drawing.
The step of 1 couple of present invention realizes with reference to the accompanying drawing is described in further detail.
Step 1, data block is encrypted in file first place uploader.
File first place uploader utilizes 256 secure hash algorithm SHA256, using clear text file as input, calculates in plain text
The key of file calculates the label of clear text file using the key of clear text file as input.
256 secure hash algorithm SHA256 refer to: the federal letter of American National Standard technical research institute publication
256 one-way Hash algorithm SHA256 specified in processing standard FIPS PUB 180-3 are ceased, are suitable for of length no more than 264Two
The message of system position.
File first place uploader carries out the piecemeal that length is 4kb to clear text file, generates multiple clear text file blocks.
File first place uploader utilizes 256 secure hash algorithm SHA256, using each clear text file block as input,
Each clear text file block key is calculated, to be connected to input before and after each clear text file block and clear text file block key,
Calculate the authentication value of each clear text file block.
256 secure hash algorithm SHA256 refer to: the federal letter of American National Standard technical research institute publication
256 one-way Hash algorithm SHA256 specified in processing standard FIPS PUB 180-3 are ceased, are suitable for of length no more than 264Two
The message of system position.
File first place uploader is close with clear text file block using the Encryption Algorithm in 256 Advanced Encryption Standard AES256
Key encrypting plaintext blocks of files, obtains cryptograph files block, with the connection value of the key encrypting plaintext blocks of files key of clear text file, obtains
To the connection value ciphertext of clear text file block key.
256 Advanced Encryption Standard AES256 refer to: a kind of block encryption standard that U.S. Federal Government uses,
Wherein, the Advanced Encryption Standard that the length of key is 256.
File first place uploader is literary by the label of clear text file, the authentication value of clear text file block, cryptograph files block and plaintext
The connection value ciphertext of part block key is uploaded to server.
Step 2, the novel dynamic equilibrium skip list of server construction.
The step of 2 pairs of server construction dynamic equilibrium skip lists are described in further detail with reference to the accompanying drawing.
A, B, C, D indicate four base level nodes in Fig. 2, wherein root node are indicated with the node that " △ " is indicated, with "○" mark
The node shown indicates base level nodes,Indicate deleted pointer.E indicates that the father node of node A and node B, F indicate section
The father node of point C and node D, R indicate the father node of node E and node F, while also illustrating that the root of entire dynamic equilibrium skip list
Node.
The first step, it is corresponding according to clear text file block authentication value by the corresponding base level nodes of each clear text file block authentication value
Clear text file block tandem, connect into a single linked list.
The base level nodes refer to, positioned at the node of dynamic equilibrium skip list bottom.
Second step generates a father for every two node as child node since first node on the left of current chained list
Node;If current chained list interior joint number is odd number, father's section is generated using remaining last three nodes as child node
Point.
The node refers to, constitutes the basic unit of dynamic equilibrium skip list, and each node is made of a five-tuple,
First group membership is respectively node cryptographic Hash, node up to base level nodes number, son node number, backpointer and lower pointer.
Third step, using 256 secure hash algorithm SHA256, by the cryptographic Hash of child node each in each father node,
It is linked in sequence into Hash connection value according to child node or so as inputting, calculates the cryptographic Hash of Hash connection value, Hash is connected
The cryptographic Hash of value is assigned to the cryptographic Hash of each father node.
256 secure hash algorithm SHA256 refer to: the federal letter of American National Standard technical research institute publication
256 one-way Hash algorithm SHA256 specified in processing standard FIPS PUB 180-3 are ceased, are suitable for of length no more than 264Two
The message of system position.
4th step, by child node each in each father node up to the sum of base level nodes number be assigned to each father node can
The base level nodes number reached;The son node number for number of nodes used in each father node will be generated being assigned to each father node.
5th step is directed toward the position of first child node on the left of the node with the lower pointer of each father node, by generation
Father node is linked into father chain's table according to the sequencing of generation.
6th step deletes the pointer between different father node child nodes.
7th step, judge in father chain's table whether only one node, if so, the exclusive node in father chain's table is labeled as
Root node executes step 3 after obtaining dynamic equilibrium skip list;Otherwise, sheet is executed after using father chain's table of generation as current chained list
The second step of step.
Father chain's table refers to, the single linked list being made of multiple father nodes.
Step 3, server carries out deduplication operation to encrypted data chunk.
256 secure hash algorithm SHA256 of server by utilizing calculate cryptograph files block using cryptograph files block as input
Label, delete and have the repetition cryptograph files block of identical cryptograph files block label, the encrypted data chunk for completing server end is gone
It operates again.
256 secure hash algorithm SHA256 refer to: the federal letter of American National Standard technical research institute publication
256 one-way Hash algorithm SHA256 specified in processing standard FIPS PUB 180-3 are ceased, are suitable for of length no more than 264Two
The message of system position.
Step 4, the subsequent uploader of file is interacted with server progress File Ownership certification.
Server by utilizing random function generates two positive integers at random, and two positive integers are sent to the subsequent upload of file
Person.
The subsequent uploader of file regard one in two positive integers as random seed, generates equal with another positive integer
Multiple random numbers as by the index value of challenge blocks of files.
The subsequent uploader of file carries out the piecemeal that length is 4kb to clear text file, generates multiple clear text file blocks.
The subsequent uploader of file utilizes 256 secure hash algorithm SHA256, calculates by the index value institute of challenge blocks of files
The corresponding authentication value by challenge blocks of files, sends it to server.
256 secure hash algorithm SHA256 refer to: the federal letter of American National Standard technical research institute publication
256 one-way Hash algorithm SHA256 specified in processing standard FIPS PUB 180-3 are ceased, are suitable for of length no more than 264Two
The message of system position.
Step 5, server determines whether the subsequent uploader is file owner.
Server regard one in two positive integers as random seed, generate it is equal with another positive integer it is multiple with
Machine number is as by the index value of challenge blocks of files.
In dynamic equilibrium skip list, server searches the father node of the base level nodes corresponding to challenge blocks of files index value
With the brotgher of node of father node.
The father node refers to, full from the node that root node is accessed into the search procedure of some base level nodes
It can include completely the node of the base level nodes up to node, not include base level nodes itself.
The brotgher of node refers to, the general designation of other nodes in same single linked list.
Using 256 secure hash algorithm SHA256, the cryptographic Hash of the server brotgher of node is challenged with what is received
The authentication value of blocks of files recalculates the cryptographic Hash of dynamic equilibrium skip list root node.
256 secure hash algorithm SHA256 refer to: the federal letter of American National Standard technical research institute publication
256 one-way Hash algorithm SHA256 specified in processing standard FIPS PUB 180-3 are ceased, are suitable for of length no more than 264Two
The message of system position.
Judge the cryptographic Hash of dynamic equilibrium skip list root node and whether root node cryptographic Hash that server local is stored
Equal, if so, File Ownership certification passes through, server is by subsequent uploader labeled as execution step 6 after file owner;
Otherwise, File Ownership authentification failure.
Step 6, the cryptograph files block at file owner's download server end.
The label of clear text file and downloading request are sent to server by file owner.
Server is by the ciphertext of clear text file label corresponding all cryptograph files blocks and clear text file block key connection value
It is sent to file owner.
Step 7, file owner decrypts the cryptograph files block of server end.
File owner is using the decipherment algorithm in 256 Advanced Encryption Standard AES256, with the key solution of clear text file
The connection value ciphertext of close clear text file block key, obtains the connection value of clear text file block key, is decrypted with clear text file block key
Cryptograph files block obtains clear text file block.
256 Advanced Encryption Standard AES256 refer to: a kind of block encryption standard that U.S. Federal Government uses,
Wherein, the Advanced Encryption Standard that the length of key is 256.
Step 8, new clear text file block is encrypted in file owner.
The step of 3 pairs of new clear text file block encryptions are described in further detail with reference to the accompanying drawing.
The label of clear text file and update request are sent to server by file owner.
The ciphertext of blocks of files key connection value is sent to file owner by server.
Using the decipherment algorithm in 256 Advanced Encryption Standard AES256, the key solution of file owner's clear text file
The ciphertext of close clear text file block key connection value, obtains the connection value of clear text file block key.
256 Advanced Encryption Standard AES256 refer to: a kind of block encryption standard that U.S. Federal Government uses,
Wherein, the Advanced Encryption Standard that the length of key is 256.
Using 256 secure hash algorithm SHA256, file owner calculates separately the key of new clear text file, new
The label of clear text file, the to be modified or clear text file block key that is inserted into and to be modified or the clear text file block that is inserted into recognizes
Card value.
256 secure hash algorithm SHA256 refer to: the federal letter of American National Standard technical research institute publication
256 one-way Hash algorithm SHA256 specified in processing standard FIPS PUB 180-3 are ceased, are suitable for of length no more than 264Two
The message of system position.
File owner using clear text file block that is to be modified or being inserted into index value and its clear text file block key more
The connection value of new clear text file block key, obtains the connection value of new clear text file block key.
Using the Encryption Algorithm in 256 Advanced Encryption Standard AES256, file owner is with to be modified or be inserted into
Clear text file block key encrypts corresponding clear text file block, cryptograph files block that is to be modified or being inserted into is obtained, with new plaintext
The key of file encrypts the connection value of new clear text file block key, obtains the connection value ciphertext of new clear text file block key.
256 Advanced Encryption Standard AES256 refer to: a kind of block encryption standard that U.S. Federal Government uses,
Wherein, the Advanced Encryption Standard that the length of key is 256.
File owner grasps the label of new clear text file, the connection value ciphertext of new clear text file block key, dynamic
It instructs, is to be modified or be inserted into or the index value of blocks of files to be deleted, the to be modified or cryptograph files block, to be modified that is inserted into
The authentication value for the clear text file block being inserted into is sent to server.
Step 9, server carries out deduplication operation to new cryptograph files block.
256 secure hash algorithm SHA256 of server by utilizing calculate the mark of cryptograph files block that is to be modified or being inserted into
Label delete the repetition cryptograph files block for having identical cryptograph files block label, complete the encrypted data chunk duplicate removal behaviour of server end
Make.
256 secure hash algorithm SHA256 refer to: the federal letter of American National Standard technical research institute publication
256 one-way Hash algorithm SHA256 specified in processing standard FIPS PUB 180-3 are ceased, are suitable for of length no more than 264Two
The message of system position.
Step 10, the base level nodes in server modification dynamic equilibrium skip list.
4 pairs of servers modify the step of base level nodes on some position in dynamic equilibrium skip list bottom with reference to the accompanying drawing
Suddenly it is described in further detail.
In Fig. 4 withThe node of mark indicates father node, withThe node of mark indicates the brotgher of node, with "○"
The node of mark indicates the base level nodes of modification.
Fig. 4 (a) is the dynamic equilibrium skip list stored before server modification operates, and Fig. 4 (b) is after server modification operates
Dynamic equilibrium skip list.
A, B, C, D indicate that four base level nodes, E indicate that the father node of node A and node B, F indicate node C in Fig. 4 (a)
With the father node of node D, R indicates the father node of node E and node F, while also illustrating that the root section of entire dynamic equilibrium skip list
Point.
C in Fig. 4 (b) indicates that the base level nodes of modification, R, F indicate that the father node of node C, E, D indicate the brother of father node
Younger brother's node, wherein E indicates the brotgher of node of node F, and D indicates the brotgher of node of node C.
The index value that server searches blocks of files to be modified corresponds to the father node of base level nodes and the brotgher of node of father node,
Using 256 secure hash algorithm SHA256, the server authentication value of clear text file block to be modified and the certification of the brotgher of node
Value, updates the authentication value of father node.
256 secure hash algorithm SHA256 refer to: the federal letter of American National Standard technical research institute publication
256 one-way Hash algorithm SHA256 specified in processing standard FIPS PUB 180-3 are ceased, are suitable for of length no more than 264Two
The message of system position.
Step 11, the base level nodes in server insertion dynamic equilibrium skip list.
5 pairs of servers are inserted into a base level nodes in some position of dynamic equilibrium skip list bottom with reference to the accompanying drawing
Step is described in further detail.
In Fig. 5 withThe node of mark indicates father node, withThe node of mark indicates the brotgher of node, with "○"
The node of mark indicates the node being inserted into,Indicate deleted pointer.
Fig. 5 (a) is that server is inserted into the dynamic equilibrium skip list stored before node G operation, and Fig. 5 (b) is server insertion
Dynamic equilibrium skip list after base level nodes G operation, Fig. 5 (c) are that server is inserted into the dynamic equilibrium stored before node H operation
Skip list, Fig. 5 (d) are the dynamic equilibrium skip list that server is inserted into after base level nodes H operation.
A, B, C, D indicate that four base level nodes, E indicate that the father node of node A and node B, F indicate node C in Fig. 5 (a)
With the father node of node D, R indicates the father node of node E and node F, while also illustrating that the root section of entire dynamic equilibrium skip list
Point.
G indicates that the base level nodes being inserted into, R, F indicate that the father node of node G, E, C, D indicate father node in Fig. 5 (b)
The brotgher of node, wherein E indicates the brotgher of node of node F, and C, D indicate the brotgher of node of node G.
A, B, G, C, D indicate that five base level nodes, E indicate that the father node of node A and node B, F indicate section in Fig. 5 (c)
The father node of point G, node C and node D, R indicate the father node of node E and node F, while also illustrating that entire dynamic equilibrium is jumped
The root node of jump table.
H indicates that the base level nodes being inserted into, R, F indicate that the father node of node H, E, G, C, D indicate father node in Fig. 5 (d)
The brotgher of node, wherein E indicate node F the brotgher of node, G, C, D indicate node H the brotgher of node;At no point in the update process, raw
The inode of Cheng Xin is inserted into F node backpointer position.
The first step, the index value that server lookup is inserted into blocks of files correspond to the father node of base level nodes, generate a base
Node layer is assigned to the cryptographic Hash of insertion node with the cryptographic Hash for being inserted into clear text file block as insertion node, is inserted into node
It is assigned a value of 1 up to base level nodes number, the son node number for being inserted into node is assigned a value of 0, and insertion node is inserted into and is inserted into blocks of files
Index value corresponding to base level nodes backpointer position.
The son node number of the father node of lowermost layer is added 1, using the father node of lowermost layer as present node by second step.
Third step, judges whether the son node number of present node is equal to 3, if so, executing the 4th step of this step;It is no
Then, the 5th step of this step is executed.
4th step updates the cryptographic Hash of present node, up to base level nodes using each child node of present node
Number, executes the 6th step of this step.
5th step utilizes the Hash of first, the left side child node of present node and second sub- node updates present node
Value, reachable base level nodes number and son node number;It is generated using the left side third child node of present node and the 4th child node
The node of generation is inserted into the backpointer position of present node by another node, by the child node of the father node of present node
Number plus 1.
6th step judges whether present node is root node, if so, thening follow the steps 12;Otherwise, above one layer of father node
As present node, the third step of this step is executed.
Step 12, server deletes the base level nodes in dynamic equilibrium skip list.
The flow chart of 6 schematic diagram and attached drawing 7 with reference to the accompanying drawing is deleted to server in dynamic equilibrium skip list bottom
Except being described in further detail the step of base level nodes on some position.
In Fig. 6 withThe node of mark indicates father node, withThe node of mark indicates the brotgher of node, with "○"
The node of mark indicates deleted node,Indicate deleted pointer.
Fig. 6 (a) is that server deletes the dynamic equilibrium skip list stored before base level nodes G operation, and Fig. 6 (b) is server
Dynamic equilibrium skip list after deleting base level nodes G operation, Fig. 6 (c) move for what is stored before server deletion base level nodes C operation
State balance-jump table, Fig. 6 (d) are that server deletes the dynamic equilibrium skip list after base level nodes C operation;
A, B, G, C, D indicate that five base level nodes, E indicate that the father node of node A and node B, F indicate section in Fig. 6 (a)
The father node of point G, node C and node D, R indicate the father node of node E and node F, while also illustrating that entire dynamic equilibrium is jumped
The root node of jump table.
G indicates that deleted base level nodes, R, F indicate that the father node of node G, E, C, D indicate father node in Fig. 6 (b)
The brotgher of node, wherein E indicates the brotgher of node of node F, and C, D indicate the brotgher of node of node G.
A, B, C, D indicate that four base level nodes, E indicate that the father node of node A and node B, F indicate node C in Fig. 6 (c)
With the father node of node D, R indicates the father node of node E and node F, while also illustrating that the root section of entire dynamic equilibrium skip list
Point.
C indicates that deleted base level nodes, R, F indicate that the father node of node C, E, D indicate the brother of father node in Fig. 6 (d)
Younger brother's node, wherein E indicates the brotgher of node of node F, and D indicates the brotgher of node of node C;At no point in the update process, F node is deleted
It removes, D node is in the position for being moved to B node backpointer.
The first step, the index value that server searches blocks of files to be deleted correspond to the father node of base level nodes, delete to be deleted
Base level nodes corresponding to the index value of blocks of files.
The son node number of the father node of lowermost layer is subtracted 1, using the father node of lowermost layer as present node by second step.
Third step, judges whether the son node number of present node is equal to 2, if so, executing the 4th step of this step;It is no
Then, the 5th step of this step is executed.
4th step updates the cryptographic Hash of present node, up to base level nodes using each child node of present node
Number, executes the 12nd step of this step.
5th step, judges whether the backpointer of present node is directed toward a brotgher of node, if so, executing the of this step
Six steps;Otherwise, the 9th step of this step is executed.
6th step, judges whether the child node number of the brotgher of node of the backpointer meaning of present node is equal to 3, if so,
Then execute the 7th step of this step;Otherwise, the 8th step of this step is executed.
7th step, using first, the left side child node of the backpointer meaning brotgher of node of present node as present node
Second, left side child node, using the cryptographic Hash of two sub- node updates present nodes of present node, up to base level nodes number
And son node number, utilize remaining two sub- node updates brotghers of node of the brotgher of node of the backpointer meaning of present node
Cryptographic Hash, reachable base level nodes number and son node number, execute the 12nd step of this step.
8th step, using unique child node of present node as the left side first of the present node backpointer meaning brotgher of node
A child node, using the cryptographic Hash of the three sub- node updates brotgher of node of the present node backpointer meaning brotgher of node, can
Up to base level nodes number and son node number, present node is deleted, executes this step after subtracting 1 for the son node number of upper one layer of father node
12nd step.
9th step, judges whether the child node number of the previous brotgher of node of present node is equal to 3, if so, executing
Tenth step of this step;Otherwise, the 11st step of this step is executed.
Tenth step, using the left side third child node of the previous brotgher of node as first, the left side son section of present node
Point, using the cryptographic Hash of two sub- node updates present nodes of present node, up to base level nodes number and son node number, utilization
The cryptographic Hash of the remaining two sub- node updates brotgher of node of the previous brotgher of node of present node, reachable base level nodes number
And son node number, execute the 12nd step of this step.
11st step, using unique child node of present node as the left side third of the previous brotgher of node of present node
A child node utilizes the cryptographic Hash of the three sub- node updates brotgher of node of the previous brotgher of node of present node, reachable
Base level nodes number and son node number delete present node, subtract 1 for the son node number of upper one layer of father node.
12nd step judges whether present node is root node, if so, executing the 13rd step of this step;Otherwise, above
One layer of father node executes the third step of this step as present node.
Step 13, dynamic equilibrium skip list update finishes.
Claims (5)
1. a kind of encrypted data chunk client De-weight method for supporting data to update, which comprises the steps of:
Step 1, data block is encrypted in file first place uploader:
File first place uploader utilizes 256 secure hash algorithm SHA256, using clear text file as input, calculates clear text file
Key, using the key of clear text file as input, calculate the label of clear text file;
File first place uploader carries out the piecemeal that length is 4kb to clear text file, generates multiple clear text file blocks;
File first place uploader utilizes 256 secure hash algorithm SHA256, using each clear text file block as input, calculates
Each clear text file block key is calculated with being connected to input before and after each clear text file block and clear text file block key
The authentication value of each clear text file block;
File first place uploader is added using the Encryption Algorithm in 256 Advanced Encryption Standard AES256 with clear text file block key
Close clear text file block, obtains cryptograph files block, with the connection value of clear text file key encrypting plaintext blocks of files key, obtains in plain text
The connection value ciphertext of blocks of files key;
File first place uploader is by the label of clear text file, the authentication value of clear text file block, cryptograph files block and clear text file block
The connection value ciphertext of key is uploaded to server;
Step 2, the novel dynamic equilibrium skip list of server construction:
The first step, it is corresponding bright according to clear text file block authentication value by the corresponding base level nodes of each clear text file block authentication value
The tandem of literary blocks of files connects into a single linked list;
Second step generates a father node for every two node as child node since first node on the left of current chained list;
If current chained list interior joint number is odd number, a father node is generated using remaining last three nodes as child node;
Third step, using 256 secure hash algorithm SHA256, by the cryptographic Hash of child node each in each father node, according to
Child node or so is linked in sequence into Hash connection value as inputting, and the cryptographic Hash of Hash connection value is calculated, by Hash connection value
Cryptographic Hash is assigned to the cryptographic Hash of each father node;
4th step, the sum by child node each in each father node up to base level nodes number are assigned to the reachable of each father node
Base level nodes number;The son node number for number of nodes used in each father node will be generated being assigned to each father node;
5th step is directed toward the position of first child node on the left of the node with the lower pointer of each father node, and the father of generation is saved
Point is linked into father chain's table according to the sequencing of generation;
6th step deletes the pointer between different father node child nodes;
7th step, judge in father chain's table whether only one node, if so, the exclusive node in father chain's table is labeled as root section
Point executes step 3 after obtaining dynamic equilibrium skip list;Otherwise, this step is executed after using father chain's table of generation as current chained list
Second step;
Step 3, server carries out deduplication operation to encrypted data chunk:
256 secure hash algorithm SHA256 of server by utilizing calculate the mark of cryptograph files block using cryptograph files block as input
Label delete the repetition cryptograph files block for having identical cryptograph files block label, complete the encrypted data chunk duplicate removal behaviour of server end
Make;
Step 4, the subsequent uploader of file is interacted with server progress File Ownership certification:
Server by utilizing random function generates two positive integers at random, and two positive integers are sent to the subsequent uploader of file;
The subsequent uploader of file regard one in two positive integers as random seed, generates equal with another positive integer more
A random number is as by the index value of challenge blocks of files;
The subsequent uploader of file carries out the piecemeal that length is 4kb to clear text file, generates multiple clear text file blocks;
The subsequent uploader of file utilizes 256 secure hash algorithm SHA256, calculates corresponding to the index value of challenge blocks of files
The authentication value by challenge blocks of files, send it to server;
Step 5, server determines whether the subsequent uploader is file owner:
Server regard one in two positive integers as random seed, generates the multiple random numbers equal with another positive integer
As by the index value of challenge blocks of files;
In dynamic equilibrium skip list, server searches father node and the father of the base level nodes corresponding to challenge blocks of files index value
The brotgher of node of node;
Using 256 secure hash algorithm SHA256, the cryptographic Hash of the server brotgher of node and receive by challenge file
The authentication value of block recalculates the cryptographic Hash of dynamic equilibrium skip list root node;
Judge whether the cryptographic Hash of dynamic equilibrium skip list root node and the root node cryptographic Hash that server local is stored are equal,
If so, File Ownership certification passes through, server is by subsequent uploader labeled as execution step 6 after file owner;Otherwise,
File Ownership authentification failure;
Step 6, the cryptograph files block at file owner's download server end:
The label of clear text file and downloading request are sent to server by file owner;
Server sends the ciphertext of the corresponding all cryptograph files blocks of clear text file label and clear text file block key connection value
To file owner;
Step 7, file owner decrypts the cryptograph files block of server end:
File owner is bright with the key decryption of clear text file using the decipherment algorithm in 256 Advanced Encryption Standard AES256
The connection value ciphertext of literary blocks of files key, obtains the connection value of clear text file block key, close with the key decryption of clear text file block
Literary blocks of files obtains clear text file block;
Step 8, new clear text file block is encrypted in file owner:
The label of clear text file and update request are sent to server by file owner;
The ciphertext of blocks of files key connection value is sent to file owner by server;
Using the decipherment algorithm in 256 Advanced Encryption Standard AES256, the key decryption of file owner's clear text file is bright
The ciphertext of literary blocks of files key connection value, obtains the connection value of clear text file block key;
Using 256 secure hash algorithm SHA256, file owner calculates separately the key of new clear text file, new plaintext
The label of file, the to be modified or clear text file block key that is inserted into and the certification of clear text file block that is to be modified or being inserted into
Value;
File owner is bright using the index value of clear text file block that is to be modified or being inserted into and its clear text file block key updating
The connection value of literary blocks of files key obtains the connection value of new clear text file block key;
Using the Encryption Algorithm in 256 Advanced Encryption Standard AES256, file owner's plaintext that is to be modified or being inserted into
Blocks of files key encrypts corresponding clear text file block, cryptograph files block that is to be modified or being inserted into is obtained, with new clear text file
Key encrypt the connection value of new clear text file block key, obtain the connection value ciphertext of new clear text file block key;
File owner refers to connection value ciphertext, the dynamic operation of the label of new clear text file, new clear text file block key
It enables, is to be modified or be inserted into or the index value of blocks of files to be deleted, the to be modified or cryptograph files block, to be modified to be inserted that is inserted into
The authentication value of the clear text file block entered is sent to server;
Step 9, server carries out deduplication operation to new cryptograph files block:
256 secure hash algorithm SHA256 of server by utilizing calculate the label of cryptograph files block that is to be modified or being inserted into, delete
Except the repetition cryptograph files block for having identical cryptograph files block label, the encrypted data chunk deduplication operation of server end is completed;
Step 10, the base level nodes in server modification dynamic equilibrium skip list:
The index value that server searches blocks of files to be modified corresponds to the father node of base level nodes and the brotgher of node of father node, utilizes
256 secure hash algorithm SHA256, the server authentication value of clear text file block to be modified and the authentication value of the brotgher of node, more
The authentication value of new father node;
Step 11, the base level nodes in server insertion dynamic equilibrium skip list:
The first step, the index value that server lookup is inserted into blocks of files correspond to the father node of base level nodes, generate base's section
Point is assigned to the cryptographic Hash of insertion node with the cryptographic Hash for being inserted into clear text file block as insertion node, and insertion node is reachable
Base level nodes number is assigned a value of 1, and the son node number for being inserted into node is assigned a value of 0, and insertion node is inserted into the rope for being inserted into blocks of files
Draw the backpointer position of base level nodes corresponding to value;
The son node number of the father node of lowermost layer is added 1, using the father node of lowermost layer as present node by second step;
Third step, judges whether the son node number of present node is equal to 3, if so, executing the 4th step of this step;Otherwise, it holds
5th step of this step of row;
4th step updates the cryptographic Hash of present node, up to base level nodes number, holds using each child node of present node
6th step of this step of row;
5th step, using first, the left side child node of present node and the cryptographic Hash of second sub- node updates present node,
Up to base level nodes number and son node number;It is generated using the left side third child node of present node and the 4th child node another
The node of generation is inserted into the backpointer position of present node, the son node number of the father node of present node is added by a node
1;
6th step judges whether present node is root node, if so, thening follow the steps 12;Otherwise, above one layer of father node conduct
Present node executes the third step of this step;
Step 12, server deletes the base level nodes in dynamic equilibrium skip list:
The first step, the index value that server searches blocks of files to be deleted correspond to the father node of base level nodes, delete file to be deleted
Base level nodes corresponding to the index value of block;
The son node number of the father node of lowermost layer is subtracted 1, using the father node of lowermost layer as present node by second step;
Third step, judges whether the son node number of present node is equal to 2, if so, executing the 4th step of this step;Otherwise, it holds
5th step of this step of row;
4th step updates the cryptographic Hash of present node, up to base level nodes number, holds using each child node of present node
12nd step of this step of row;
5th step, judges whether the backpointer of present node is directed toward a brotgher of node, if so, executing the 6th of this step
Step;Otherwise, the 9th step of this step is executed;
6th step, judges whether the child node number of the brotgher of node of the backpointer meaning of present node is equal to 3, if so, holding
7th step of this step of row;Otherwise, the 8th step of this step is executed;
7th step, using first, the left side child node of the backpointer meaning brotgher of node of present node as the left side of present node
Second child node, using the cryptographic Hash of two sub- node updates present nodes of present node, up to base level nodes number and son
Number of nodes utilizes the Hash of the remaining two sub- node updates brotgher of node of the brotgher of node of the backpointer meaning of present node
Value, reachable base level nodes number and son node number, execute the 12nd step of this step;
8th step, using unique child node of present node as first, left side of the present node backpointer meaning brotgher of node
Node, using the cryptographic Hash of the three sub- node updates brotgher of node of the present node backpointer meaning brotgher of node, up to base
Node layer number and son node number delete present node, execute the tenth of this step after subtracting 1 for the son node number of upper one layer of father node
Two steps;
9th step, judges whether the child node number of the previous brotgher of node of present node is equal to 3, if so, executing this step
The tenth rapid step;Otherwise, the 11st step of this step is executed;
Tenth step, using the left side third child node of the previous brotgher of node as first, the left side child node of present node,
Using the cryptographic Hash of two sub- node updates present nodes of present node, up to base level nodes number and son node number, using working as
The cryptographic Hash of the remaining two sub- node updates brotgher of node of the previous brotgher of node of front nodal point, up to base level nodes number and
Son node number executes the 12nd step of this step;
11st step, using unique child node of present node as the left side third height of the previous brotgher of node of present node
Node, using the cryptographic Hash of the three sub- node updates brotgher of node of the previous brotgher of node of present node, up to base
Number of nodes and son node number delete present node, subtract 1 for the son node number of upper one layer of father node;
12nd step judges whether present node is root node, if so, executing step 13;Otherwise, above one layer of the father node is made
For present node, the third step of this step is executed;
Step 13, dynamic equilibrium skip list update finishes.
2. a kind of encrypted data chunk client De-weight method for supporting data to update according to claim 1, feature exist
In: base level nodes described in step 2 first step refer to, positioned at the node of dynamic equilibrium skip list bottom.
3. a kind of encrypted data chunk client De-weight method for supporting data to update according to claim 1, feature exist
In: node described in step 2 second step refers to, constitutes the basic unit of dynamic equilibrium skip list, each node is by one five
Tuple is constituted, and five-tuple member is respectively node cryptographic Hash, node up to base level nodes number, son node number, backpointer and lower finger
Needle.
4. a kind of encrypted data chunk client De-weight method for supporting data to update according to claim 1, feature exist
In: father node described in step 5 refers to, from the node that root node is accessed into the search procedure of some base level nodes
Meet the node that reachable node includes the base level nodes, does not include base level nodes itself.
5. a kind of encrypted data chunk client De-weight method for supporting data to update according to claim 1, feature exist
Refer in: the brotgher of node described in step 5, the general designation of other nodes in same single linked list.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711347947.XA CN108182367B (en) | 2017-12-15 | 2017-12-15 | A kind of encrypted data chunk client De-weight method for supporting data to update |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711347947.XA CN108182367B (en) | 2017-12-15 | 2017-12-15 | A kind of encrypted data chunk client De-weight method for supporting data to update |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108182367A CN108182367A (en) | 2018-06-19 |
CN108182367B true CN108182367B (en) | 2019-11-15 |
Family
ID=62546160
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711347947.XA Active CN108182367B (en) | 2017-12-15 | 2017-12-15 | A kind of encrypted data chunk client De-weight method for supporting data to update |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108182367B (en) |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109657497B (en) * | 2018-12-21 | 2023-06-13 | 北京思源理想控股集团有限公司 | Secure file system and method thereof |
CN109995505B (en) * | 2019-03-07 | 2021-08-10 | 西安电子科技大学 | Data security duplicate removal system and method in fog computing environment and cloud storage platform |
CN110677429A (en) * | 2019-10-10 | 2020-01-10 | 青岛大学 | File storage method and system, cloud device and terminal device |
CN111914280A (en) * | 2020-08-17 | 2020-11-10 | 南京珥仁科技有限公司 | File self-encryption and decryption method |
CN112231308A (en) * | 2020-10-14 | 2021-01-15 | 深圳前海微众银行股份有限公司 | Method, device, equipment and medium for removing weight of horizontal federal modeling sample data |
CN112231309A (en) * | 2020-10-14 | 2021-01-15 | 深圳前海微众银行股份有限公司 | Method, device, terminal equipment and medium for removing duplicate of longitudinal federal data statistics |
CN112764783B (en) * | 2021-02-02 | 2022-04-29 | 杭州雅观科技有限公司 | Upgrading method of smart home equipment |
CN113347189B (en) * | 2021-06-09 | 2023-03-31 | 福州大学 | Updatable and data ownership transferable message self-locking encryption system and method |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9086819B2 (en) * | 2012-07-25 | 2015-07-21 | Anoosmar Technologies Private Limited | System and method for combining deduplication and encryption of data |
US10764037B2 (en) * | 2014-12-23 | 2020-09-01 | Nokia Technologies Oy | Method and apparatus for duplicated data management in cloud computing |
CN107147615B (en) * | 2017-03-29 | 2019-10-25 | 西安电子科技大学 | Ownership certification and the key transmission method of entropy are not lost under ciphertext duplicate removal scene |
-
2017
- 2017-12-15 CN CN201711347947.XA patent/CN108182367B/en active Active
Also Published As
Publication number | Publication date |
---|---|
CN108182367A (en) | 2018-06-19 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108182367B (en) | A kind of encrypted data chunk client De-weight method for supporting data to update | |
CN108418796B (en) | Cloud data multi-copy integrity verification and association deletion method and cloud storage system | |
CN109379182B (en) | Efficient data re-encryption method and system supporting data deduplication and cloud storage system | |
CN104363215B (en) | A kind of encryption method and system based on attribute | |
US9275250B2 (en) | Searchable encryption processing system | |
CN110213042A (en) | A kind of cloud data duplicate removal method based on no certification agency re-encryption | |
CN108377237A (en) | The data deduplication system and its data duplicate removal method with ownership management for the storage of high in the clouds ciphertext | |
CN110334526A (en) | It is a kind of that the forward secrecy verified is supported to can search for encryption storage system and method | |
CN106612320A (en) | Encrypted data dereplication method for cloud storage | |
CN109660555A (en) | Content safety sharing method and system based on proxy re-encryption | |
CN105320896A (en) | Cloud storage encryption and ciphertext retrieval methods and systems | |
CN107659401B (en) | A kind of secure data duplicate removal encryption method of similitude perception | |
CN105849738A (en) | Storage array password management | |
CN106776904A (en) | The fuzzy query encryption method of dynamic authentication is supported in a kind of insincere cloud computing environment | |
CN105760781A (en) | Storage method, restoration method and operation method of ordered and derivable large-data files | |
CN104967693A (en) | Document similarity calculation method facing cloud storage based on fully homomorphic password technology | |
CN113221155B (en) | Multi-level and multi-level encrypted cloud storage system | |
CN107094075B (en) | Data block dynamic operation method based on convergence encryption | |
CN110351297B (en) | Verification method and device applied to block chain | |
US10733317B2 (en) | Searchable encryption processing system | |
CN114338038A (en) | Memory system for block chain data secret inquiry and careless transmission method | |
Geeta et al. | Sdvadc: secure deduplication and virtual auditing of data in cloud | |
CN106209365A (en) | The method that Backup Data is heavily signed is utilized when user cancels under cloud environment | |
CN107612687B (en) | ElGamal encryption-based dynamic multi-copy data possession verification method | |
CN116502732B (en) | Federal learning method and system based on trusted execution environment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |