CN108182367B - A kind of encrypted data chunk client De-weight method for supporting data to update - Google Patents

A kind of encrypted data chunk client De-weight method for supporting data to update Download PDF

Info

Publication number
CN108182367B
CN108182367B CN201711347947.XA CN201711347947A CN108182367B CN 108182367 B CN108182367 B CN 108182367B CN 201711347947 A CN201711347947 A CN 201711347947A CN 108182367 B CN108182367 B CN 108182367B
Authority
CN
China
Prior art keywords
node
clear text
text file
file
block
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201711347947.XA
Other languages
Chinese (zh)
Other versions
CN108182367A (en
Inventor
刘茂珍
杨超
杨力
张俊伟
马建峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xian University of Electronic Science and Technology
Original Assignee
Xian University of Electronic Science and Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xian University of Electronic Science and Technology filed Critical Xian University of Electronic Science and Technology
Priority to CN201711347947.XA priority Critical patent/CN108182367B/en
Publication of CN108182367A publication Critical patent/CN108182367A/en
Application granted granted Critical
Publication of CN108182367B publication Critical patent/CN108182367B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Abstract

The invention discloses a kind of encrypted data chunk client De-weight methods for supporting data to update, utilize convergent encryption algorithm, so that being mapped as identical cryptograph files block after identical clear text file block encryption, novel dynamic equilibrium skip list is constructed as File Ownership authentication structures, the File Ownership certification carried out between server and the subsequent uploader of file interacts, and realizes encrypted data chunk client duplicate removal.The method for proposing dynamic equilibrium skip list self-balancing, according to the authentication value of dynamic operation instruction and clear text file block to be updated that user uploads, it modifies, be inserted into and delete operation to dynamic equilibrium skip list interior joint, the present invention not only increases server duplicate removal ratio and utilization ratio of storage resources, save user bandwidth and uplink time, and data block is supported to update, realize servers' data elastic management.

Description

A kind of encrypted data chunk client De-weight method for supporting data to update
Technical field
The invention belongs to field of computer technology, support data more further to one of field of information security technology New encrypted data chunk client De-weight method.The present invention can be used for supporting the cloud storage system of encrypted data chunk duplicate removal and update System, not only can be improved duplicate removal ratio, saves the uploading bandwidth of user and the memory space of server, and also support user is to blocks of files Update operation, realize data elastic management.
Background technique
Cloud storage data deduplication technology, which is widely used in data backup, reduces network and storage overhead.The technology can be with Data redundancy is eliminated, leaves behind a physical copy, the data copy without retaining multiple identical contents.Data deduplication technology Based on different duplicate removal strategies, client server duplicate removal, file-level or blocks of files grade duplicate removal etc. can be divided into.Client is gone Weight is compared to server end duplicate removal, it is possible to reduce user bandwidth and uplink time are saved in the upload of repeated data, are brought preferably User experience.More fine-grained duplicate removal may be implemented compared to file-level duplicate removal in blocks of files grade duplicate removal, improves duplicate removal ratio and deposits Store up resource utilization.Therefore, encrypted data chunk duplicate removal technology or encryption data client duplicate removal technology obtain cloud storage service The affirmative and support of supplier.But in actual life, people generally require to propose to update request to cloud backup file, therefore, Update of the data deduplication technical support user to cloud data realizes that server to the elastic management of data, has great show Real demand.
A kind of patent document " safe data de-duplication method " of the Beijing Safe-Code Technology Co., Ltd. in its application A kind of method of data de-duplication is disclosed in (application number: 201310736892.7, publication number: CN 103731423A).It should The file that the specific steps of method, which include: client, stores needs is encrypted to close with the different Encryption Algorithm of same key Text;The cryptographic Hash that server passes through file first judges whether to store this document;The ciphertext that client is returned by server Key is decrypted, then is encrypted with another Encryption Algorithm;Server encrypts judgement with same Encryption Algorithm by documents twice Whether data de-duplication is carried out.Shortcoming existing for this method is: the key in this method is randomly generated by user, The content spoofing attack initiated by file first place uploader cannot be resisted, safety is lower, and this method does not support blocks of files Grade duplicate removal, duplicate removal granularity is small, and duplicate removal ratio is low.
Paper " the BL-MLE:Block-Level Message- that Chen R, Mu Y and Yang G et al. is delivered at it Locked Encryption for Secure Large File Deduplication”(IEEE Transactions 2015,10 (12): onInformation Forensics Security proposes a kind of encryption file in 2643-2652.) The De-weight method of block.This method is based on convergent encryption algorithm and blocks of files is encrypted, and realizes blocks of files grade duplicate removal.The party The specific steps of method: client encrypts blocks of files using the cryptographic Hash of blocks of files, recycles the cryptographic Hash of file to blocks of files Content carries out exponent arithmetic, generates blocks of files label.Server judges to whether there is in different files by Bilinear map equation Same file block is deleted and repeats encryption blocks of files, to realize blocks of files grade duplicate removal.Shortcoming existing for this method is: making With bilinear algorithm and exponent arithmetic, computation complexity is high, low efficiency;User cannot be supported to operate the update of blocks of files, if User wants to update cloud backup file, then needs to upload updated entire file, and is not only the blocks of files for needing to update, To waste user's uploading bandwidth and uplink time.
Paper " the DeyPoS:Deduplicatable Dynamic that He K, Chen J, Du R et al. is delivered at it Proof of Storage for Multi-User Environments”(IEEE Transactions on Computers, 2016,65 (12): it is all that the file for supporting dynamic to update under a kind of cloud storage data deduplication environment is proposed in 3631-3645.) The method of power certification and integrity verification.This method devises a kind of new File Ownership authentication structures --- homomorphism certification Tree, it can support three kinds of update operations, can meet user and upgrade demand to blocks of files.The calculating of each node in homomorphism certification tree Using homomorphic algorithm, server carries out the certification of File Ownership based on the structure to the subsequent uploader of file.The program exists Shortcoming be: large-scale insertion and delete operation will lead to the unbalance of homomorphism authentication structures, to lose binary chop High efficiency;This method does not support encryption blocks of files duplicate removal, duplicate removal ratio low.
Paper " the Updatable Block-Level that Zhao, Yongjun, and S.S.M.Chow are delivered at it Message-Locked Encryption[C]”(ACM Asia Conference on Computer and Communications Security.ACM, 2017.) a kind of renewable data based on convergent encryption algorithm are proposed in Block De-weight method.The specific steps of this method: user encrypts blocks of files using the cryptographic Hash of blocks of files, before blocks of files cryptographic Hash After be connected to new clear text file block, recycle the cryptographic Hash of new clear text file block to encrypt corresponding new clear text file block, until Generate the last one clear text file block, master key of the cryptographic Hash of the clear text file block as file, for file encryption and It updates;Server is based on above-mentioned encryption blocks of files and establishes Merkle Tree, for blocks of files and blocks of files key connection value Storage and update.Shortcoming existing for this method is: not proposing safe and efficient File Ownership authentication method, causes big The upload of duplicate file block is measured, user bandwidth is wasted;Using iteration convergence Encryption Algorithm calculation document block ciphertext, so that blocks of files The decrypting process low efficiency of ciphertext;Merkle Tree only supports the modification of leaf node to update because the structure of itself limits, and It does not support leaf node is inserted into and deletes to update, upgrades demand it is thus impossible to fully meet user to blocks of files.
Summary of the invention
The purpose of the present invention is in view of the above shortcomings of the prior art, propose a kind of encrypted data chunk for supporting data to update Client De-weight method.
Concrete thought in order to achieve the object of the present invention is: the method for calculating encryption blocks of files using convergent encryption algorithm, It is mapped as identical cryptograph files block after ensuring identical clear text file block encryption, realizes going for same file block in different files Weight protects data privacy, improves the duplicate removal ratio and utilization ratio of storage resources of server end.Based on efficient on skip list probability It searches and supports to update the characteristic operated, propose have the novel dynamic equilibrium skip list of binary chop advantage all as file The authentication structures of power and new authentication method are realized that server is interacted with the certification of the File Ownership of the subsequent uploader of file, are kept away Exempt from identical block to repeat to upload, saves user bandwidth and uplink time.Finally, it is special to use for reference balanced binary tree constitutional balance Property, it proposes that dynamic equilibrium skip list updates the method for operation self-balancing, is instructed according to the dynamic operation that user uploads and to be updated Clear text file block authentication value, realize dynamic equilibrium skip list interior joint modification, insertion and delete operation, to support cloud Servers' data elastic management is realized in the update of blocks of files.
Specific steps of the invention include the following:
Step 1, data block is encrypted in file first place uploader:
File first place uploader utilizes 256 secure hash algorithm SHA256, using clear text file as input, calculates in plain text The key of file calculates the label of clear text file using the key of clear text file as input;
File first place uploader carries out the piecemeal that length is 4kb to clear text file, generates multiple clear text file blocks;
File first place uploader utilizes 256 secure hash algorithm SHA256, using each clear text file block as input, Each clear text file block key is calculated, to be connected to input before and after each clear text file block and clear text file block key, Calculate the authentication value of each clear text file block;
File first place uploader is close with clear text file block using the Encryption Algorithm in 256 Advanced Encryption Standard AES256 Key encrypting plaintext blocks of files, obtains cryptograph files block, with the connection value of clear text file key encrypting plaintext blocks of files key, obtains The connection value ciphertext of clear text file block key;
File first place uploader is literary by the label of clear text file, the authentication value of clear text file block, cryptograph files block and plaintext The connection value ciphertext of part block key is uploaded to server;
Step 2, the novel dynamic equilibrium skip list of server construction:
The first step, it is corresponding according to clear text file block authentication value by the corresponding base level nodes of each clear text file block authentication value Clear text file block tandem, connect into a single linked list;
Second step generates a father for every two node as child node since first node on the left of current chained list Node;If current chained list interior joint number is odd number, father's section is generated using remaining last three nodes as child node Point;
Third step, using 256 secure hash algorithm SHA256, by the cryptographic Hash of child node each in each father node, It is linked in sequence into Hash connection value according to child node or so as inputting, calculates the cryptographic Hash of Hash connection value, Hash is connected The cryptographic Hash of value is assigned to the cryptographic Hash of each father node;
4th step, by child node each in each father node up to the sum of base level nodes number be assigned to each father node can The base level nodes number reached;The son node number for number of nodes used in each father node will be generated being assigned to each father node;
5th step is directed toward the position of first child node on the left of the node with the lower pointer of each father node, by generation Father node is linked into father chain's table according to the sequencing of generation;
6th step deletes the pointer between different father node child nodes;
7th step, judge in father chain's table whether only one node, if so, the exclusive node in father chain's table is labeled as Root node executes step 3 after obtaining dynamic equilibrium skip list;Otherwise, sheet is executed after using father chain's table of generation as current chained list The second step of step;
Step 3, server carries out deduplication operation to encrypted data chunk:
256 secure hash algorithm SHA256 of server by utilizing calculate cryptograph files block using cryptograph files block as input Label, delete and have the repetition cryptograph files block of identical cryptograph files block label, the encrypted data chunk for completing server end is gone It operates again;
Step 4, the subsequent uploader of file is interacted with server progress File Ownership certification:
Server by utilizing random function generates two positive integers at random, and two positive integers are sent to the subsequent upload of file Person;
The subsequent uploader of file regard one in two positive integers as random seed, generates equal with another positive integer Multiple random numbers as by the index value of challenge blocks of files;
The subsequent uploader of file carries out the piecemeal that length is 4kb to clear text file, generates multiple clear text file blocks;
The subsequent uploader of file utilizes 256 secure hash algorithm SHA256, calculates by the index value institute of challenge blocks of files The corresponding authentication value by challenge blocks of files, sends it to server;
Step 5, server determines whether the subsequent uploader is file owner:
Server regard one in two positive integers as random seed, generate it is equal with another positive integer it is multiple with Machine number is as by the index value of challenge blocks of files;
In dynamic equilibrium skip list, server searches the father node of the base level nodes corresponding to challenge blocks of files index value With the brotgher of node of father node;
Using 256 secure hash algorithm SHA256, the cryptographic Hash of the server brotgher of node is challenged with what is received The authentication value of blocks of files recalculates the cryptographic Hash of dynamic equilibrium skip list root node;
Judge the cryptographic Hash of dynamic equilibrium skip list root node and whether root node cryptographic Hash that server local is stored Equal, if so, File Ownership certification passes through, server is by subsequent uploader labeled as execution step 6 after file owner; Otherwise, File Ownership authentification failure;
Step 6, the cryptograph files block at file owner's download server end:
The label of clear text file and downloading request are sent to server by file owner;
Server is by the ciphertext of clear text file label corresponding all cryptograph files blocks and clear text file block key connection value It is sent to file owner;
Step 7, file owner decrypts the cryptograph files block of server end:
File owner is using the decipherment algorithm in 256 Advanced Encryption Standard AES256, with the key solution of clear text file The connection value ciphertext of close clear text file block key, obtains the connection value of clear text file block key, is decrypted with clear text file block key Cryptograph files block obtains clear text file block;
Step 8, new clear text file block is encrypted in file owner:
The label of clear text file and update request are sent to server by file owner;
The ciphertext of blocks of files key connection value is sent to file owner by server;
Using the decipherment algorithm in 256 Advanced Encryption Standard AES256, the key solution of file owner's clear text file The ciphertext of close clear text file block key connection value, obtains the connection value of clear text file block key;
Using 256 secure hash algorithm SHA256, file owner calculates separately the key of new clear text file, new The label of clear text file, the to be modified or clear text file block key that is inserted into and to be modified or the clear text file block that is inserted into recognizes Card value;
File owner using clear text file block that is to be modified or being inserted into index value and its clear text file block key more The connection value of new clear text file block key, obtains the connection value of new clear text file block key;
Using the Encryption Algorithm in 256 Advanced Encryption Standard AES256, file owner is with to be modified or be inserted into Clear text file block key encrypts corresponding clear text file block, cryptograph files block that is to be modified or being inserted into is obtained, with new plaintext The key of file encrypts the connection value of new clear text file block key, obtains the connection value ciphertext of new clear text file block key;
File owner grasps the label of new clear text file, the connection value ciphertext of new clear text file block key, dynamic It instructs, is to be modified or be inserted into or the index value of blocks of files to be deleted, the to be modified or cryptograph files block, to be modified that is inserted into The authentication value for the clear text file block being inserted into is sent to server;
Step 9, server carries out deduplication operation to new cryptograph files block:
256 secure hash algorithm SHA256 of server by utilizing calculate the mark of cryptograph files block that is to be modified or being inserted into Label delete the repetition cryptograph files block for having identical cryptograph files block label, complete the encrypted data chunk duplicate removal behaviour of server end Make;
Step 10, the base level nodes in server modification dynamic equilibrium skip list:
The index value that server searches blocks of files to be modified corresponds to the father node of base level nodes and the brotgher of node of father node, Using 256 secure hash algorithm SHA256, the server authentication value of clear text file block to be modified and the certification of the brotgher of node Value, updates the authentication value of father node;
Step 11, the base level nodes in server insertion dynamic equilibrium skip list:
The first step, the index value that server lookup is inserted into blocks of files correspond to the father node of base level nodes, generate a base Node layer is assigned to the cryptographic Hash of insertion node with the cryptographic Hash for being inserted into clear text file block as insertion node, is inserted into node It is assigned a value of 1 up to base level nodes number, the son node number for being inserted into node is assigned a value of 0, and insertion node is inserted into and is inserted into blocks of files Index value corresponding to base level nodes backpointer position;
The son node number of the father node of lowermost layer is added 1, using the father node of lowermost layer as present node by second step;
Third step, judges whether the son node number of present node is equal to 3, if so, executing the 4th step of this step;It is no Then, the 5th step of this step is executed;
4th step updates the cryptographic Hash of present node, up to base level nodes using each child node of present node Number, executes the 6th step of this step;
5th step utilizes the Hash of first, the left side child node of present node and second sub- node updates present node Value, reachable base level nodes number and son node number;It is generated using the left side third child node of present node and the 4th child node The node of generation is inserted into the backpointer position of present node by another node, by the child node of the father node of present node The 6th step of this step is executed after number plus 1;
6th step judges whether present node is root node, if so, thening follow the steps 12;Otherwise, above one layer of father node As present node, the third step of this step is executed;
Step 12, server deletes the base level nodes in dynamic equilibrium skip list:
The first step, the index value that server searches blocks of files to be deleted correspond to the father node of base level nodes, delete to be deleted Base level nodes corresponding to the index value of blocks of files;
The son node number of the father node of lowermost layer is subtracted 1, using the father node of lowermost layer as present node by second step;
Third step, judges whether the son node number of present node is equal to 2, if so, executing the 4th step of this step;It is no Then, the 5th step of this step is executed;
4th step updates the cryptographic Hash of present node, up to base level nodes using each child node of present node Number, executes the 12nd step of this step;
5th step, judges whether the backpointer of present node is directed toward a brotgher of node, if so, executing the of this step Six steps;Otherwise, the 9th step of this step is executed;
6th step, judges whether the child node number of the brotgher of node of the backpointer meaning of present node is equal to 3, if so, Then execute the 7th step of this step;Otherwise, the 8th step of this step is executed;
7th step, using first, the left side child node of the backpointer meaning brotgher of node of present node as present node Second, left side child node, using the cryptographic Hash of two sub- node updates present nodes of present node, up to base level nodes number And son node number, utilize remaining two sub- node updates brotghers of node of the brotgher of node of the backpointer meaning of present node Cryptographic Hash, reachable base level nodes number and son node number, execute the 12nd step of this step;
8th step, using unique child node of present node as the left side first of the present node backpointer meaning brotgher of node A child node, using the cryptographic Hash of the three sub- node updates brotgher of node of the present node backpointer meaning brotgher of node, can Up to base level nodes number and son node number, present node is deleted, executes this step after subtracting 1 for the son node number of upper one layer of father node 12nd step;
9th step, judges whether the child node number of the previous brotgher of node of present node is equal to 3, if so, executing Tenth step of this step;Otherwise, the 11st step of this step is executed;
Tenth step, using the left side third child node of the previous brotgher of node as first, the left side son section of present node Point, using the cryptographic Hash of two sub- node updates present nodes of present node, up to base level nodes number and son node number, utilization The cryptographic Hash of the remaining two sub- node updates brotgher of node of the previous brotgher of node of present node, reachable base level nodes number And son node number, execute the 12nd step of this step;
11st step, using unique child node of present node as the left side third of the previous brotgher of node of present node A child node utilizes the cryptographic Hash of the three sub- node updates brotgher of node of the previous brotgher of node of present node, reachable Base level nodes number and son node number delete present node, subtract 1 for the son node number of upper one layer of father node;
12nd step judges whether present node is root node, if so, executing step 13;Otherwise, above one layer of the father section Point is used as present node, executes the third step of this step;
Step 13, dynamic equilibrium skip list update finishes.
Compared with the prior art, the present invention has the following advantages:
First, since the present invention constructs a novel dynamic equilibrium skip list according to the authentication value of clear text file block, and Using the dynamic equilibrium skip list as the authentication structures for uploading File Ownership, the upper transmitting file between user and server is realized Ownership certification interaction, overcomes the prior art and haves the defects that support blocks of files client duplicate removal, so that the present invention has It avoids identical block from repeating to upload, saves user bandwidth and uplink time, improve the excellent of server stores resources utilization rate Point.
Second, due to being uploaded according to user the invention proposes a kind of method that dynamic equilibrium skip list updates self-balancing Dynamic operation instruction and clear text file block to be updated authentication value, the modification of node is carried out to dynamic equilibrium skip list, is inserted Enter and delete operation, overcomes and be not able to satisfy the defect that user efficiently updates cloud Backup Data in the prior art, so that this hair It is bright that there is the advantages of supporting data block to update, realizing servers' data elastic management.
Detailed description of the invention
Fig. 1 is flow chart of the invention.
Fig. 2 is the schematic diagram of the novel dynamic equilibrium skip list step of server construction of the invention.
Fig. 3 is the flow chart that new clear text file block is encrypted in the bright file owner of this law;
Fig. 4 is the schematic diagram that the bright server of this law modifies base level nodes in dynamic equilibrium skip list;
Fig. 5 is the schematic diagram that the bright server of this law is inserted into base level nodes in dynamic equilibrium skip list;
Fig. 6 is the schematic diagram that the bright server of this law deletes base level nodes in dynamic equilibrium skip list;
Fig. 7 is the flow chart that the bright server of this law deletes the base level nodes in dynamic equilibrium skip list.
Specific embodiment
The present invention is described in further detail with reference to the accompanying drawing.
The step of 1 couple of present invention realizes with reference to the accompanying drawing is described in further detail.
Step 1, data block is encrypted in file first place uploader.
File first place uploader utilizes 256 secure hash algorithm SHA256, using clear text file as input, calculates in plain text The key of file calculates the label of clear text file using the key of clear text file as input.
256 secure hash algorithm SHA256 refer to: the federal letter of American National Standard technical research institute publication 256 one-way Hash algorithm SHA256 specified in processing standard FIPS PUB 180-3 are ceased, are suitable for of length no more than 264Two The message of system position.
File first place uploader carries out the piecemeal that length is 4kb to clear text file, generates multiple clear text file blocks.
File first place uploader utilizes 256 secure hash algorithm SHA256, using each clear text file block as input, Each clear text file block key is calculated, to be connected to input before and after each clear text file block and clear text file block key, Calculate the authentication value of each clear text file block.
256 secure hash algorithm SHA256 refer to: the federal letter of American National Standard technical research institute publication 256 one-way Hash algorithm SHA256 specified in processing standard FIPS PUB 180-3 are ceased, are suitable for of length no more than 264Two The message of system position.
File first place uploader is close with clear text file block using the Encryption Algorithm in 256 Advanced Encryption Standard AES256 Key encrypting plaintext blocks of files, obtains cryptograph files block, with the connection value of the key encrypting plaintext blocks of files key of clear text file, obtains To the connection value ciphertext of clear text file block key.
256 Advanced Encryption Standard AES256 refer to: a kind of block encryption standard that U.S. Federal Government uses, Wherein, the Advanced Encryption Standard that the length of key is 256.
File first place uploader is literary by the label of clear text file, the authentication value of clear text file block, cryptograph files block and plaintext The connection value ciphertext of part block key is uploaded to server.
Step 2, the novel dynamic equilibrium skip list of server construction.
The step of 2 pairs of server construction dynamic equilibrium skip lists are described in further detail with reference to the accompanying drawing.
A, B, C, D indicate four base level nodes in Fig. 2, wherein root node are indicated with the node that " △ " is indicated, with "○" mark The node shown indicates base level nodes,Indicate deleted pointer.E indicates that the father node of node A and node B, F indicate section The father node of point C and node D, R indicate the father node of node E and node F, while also illustrating that the root of entire dynamic equilibrium skip list Node.
The first step, it is corresponding according to clear text file block authentication value by the corresponding base level nodes of each clear text file block authentication value Clear text file block tandem, connect into a single linked list.
The base level nodes refer to, positioned at the node of dynamic equilibrium skip list bottom.
Second step generates a father for every two node as child node since first node on the left of current chained list Node;If current chained list interior joint number is odd number, father's section is generated using remaining last three nodes as child node Point.
The node refers to, constitutes the basic unit of dynamic equilibrium skip list, and each node is made of a five-tuple, First group membership is respectively node cryptographic Hash, node up to base level nodes number, son node number, backpointer and lower pointer.
Third step, using 256 secure hash algorithm SHA256, by the cryptographic Hash of child node each in each father node, It is linked in sequence into Hash connection value according to child node or so as inputting, calculates the cryptographic Hash of Hash connection value, Hash is connected The cryptographic Hash of value is assigned to the cryptographic Hash of each father node.
256 secure hash algorithm SHA256 refer to: the federal letter of American National Standard technical research institute publication 256 one-way Hash algorithm SHA256 specified in processing standard FIPS PUB 180-3 are ceased, are suitable for of length no more than 264Two The message of system position.
4th step, by child node each in each father node up to the sum of base level nodes number be assigned to each father node can The base level nodes number reached;The son node number for number of nodes used in each father node will be generated being assigned to each father node.
5th step is directed toward the position of first child node on the left of the node with the lower pointer of each father node, by generation Father node is linked into father chain's table according to the sequencing of generation.
6th step deletes the pointer between different father node child nodes.
7th step, judge in father chain's table whether only one node, if so, the exclusive node in father chain's table is labeled as Root node executes step 3 after obtaining dynamic equilibrium skip list;Otherwise, sheet is executed after using father chain's table of generation as current chained list The second step of step.
Father chain's table refers to, the single linked list being made of multiple father nodes.
Step 3, server carries out deduplication operation to encrypted data chunk.
256 secure hash algorithm SHA256 of server by utilizing calculate cryptograph files block using cryptograph files block as input Label, delete and have the repetition cryptograph files block of identical cryptograph files block label, the encrypted data chunk for completing server end is gone It operates again.
256 secure hash algorithm SHA256 refer to: the federal letter of American National Standard technical research institute publication 256 one-way Hash algorithm SHA256 specified in processing standard FIPS PUB 180-3 are ceased, are suitable for of length no more than 264Two The message of system position.
Step 4, the subsequent uploader of file is interacted with server progress File Ownership certification.
Server by utilizing random function generates two positive integers at random, and two positive integers are sent to the subsequent upload of file Person.
The subsequent uploader of file regard one in two positive integers as random seed, generates equal with another positive integer Multiple random numbers as by the index value of challenge blocks of files.
The subsequent uploader of file carries out the piecemeal that length is 4kb to clear text file, generates multiple clear text file blocks.
The subsequent uploader of file utilizes 256 secure hash algorithm SHA256, calculates by the index value institute of challenge blocks of files The corresponding authentication value by challenge blocks of files, sends it to server.
256 secure hash algorithm SHA256 refer to: the federal letter of American National Standard technical research institute publication 256 one-way Hash algorithm SHA256 specified in processing standard FIPS PUB 180-3 are ceased, are suitable for of length no more than 264Two The message of system position.
Step 5, server determines whether the subsequent uploader is file owner.
Server regard one in two positive integers as random seed, generate it is equal with another positive integer it is multiple with Machine number is as by the index value of challenge blocks of files.
In dynamic equilibrium skip list, server searches the father node of the base level nodes corresponding to challenge blocks of files index value With the brotgher of node of father node.
The father node refers to, full from the node that root node is accessed into the search procedure of some base level nodes It can include completely the node of the base level nodes up to node, not include base level nodes itself.
The brotgher of node refers to, the general designation of other nodes in same single linked list.
Using 256 secure hash algorithm SHA256, the cryptographic Hash of the server brotgher of node is challenged with what is received The authentication value of blocks of files recalculates the cryptographic Hash of dynamic equilibrium skip list root node.
256 secure hash algorithm SHA256 refer to: the federal letter of American National Standard technical research institute publication 256 one-way Hash algorithm SHA256 specified in processing standard FIPS PUB 180-3 are ceased, are suitable for of length no more than 264Two The message of system position.
Judge the cryptographic Hash of dynamic equilibrium skip list root node and whether root node cryptographic Hash that server local is stored Equal, if so, File Ownership certification passes through, server is by subsequent uploader labeled as execution step 6 after file owner; Otherwise, File Ownership authentification failure.
Step 6, the cryptograph files block at file owner's download server end.
The label of clear text file and downloading request are sent to server by file owner.
Server is by the ciphertext of clear text file label corresponding all cryptograph files blocks and clear text file block key connection value It is sent to file owner.
Step 7, file owner decrypts the cryptograph files block of server end.
File owner is using the decipherment algorithm in 256 Advanced Encryption Standard AES256, with the key solution of clear text file The connection value ciphertext of close clear text file block key, obtains the connection value of clear text file block key, is decrypted with clear text file block key Cryptograph files block obtains clear text file block.
256 Advanced Encryption Standard AES256 refer to: a kind of block encryption standard that U.S. Federal Government uses, Wherein, the Advanced Encryption Standard that the length of key is 256.
Step 8, new clear text file block is encrypted in file owner.
The step of 3 pairs of new clear text file block encryptions are described in further detail with reference to the accompanying drawing.
The label of clear text file and update request are sent to server by file owner.
The ciphertext of blocks of files key connection value is sent to file owner by server.
Using the decipherment algorithm in 256 Advanced Encryption Standard AES256, the key solution of file owner's clear text file The ciphertext of close clear text file block key connection value, obtains the connection value of clear text file block key.
256 Advanced Encryption Standard AES256 refer to: a kind of block encryption standard that U.S. Federal Government uses, Wherein, the Advanced Encryption Standard that the length of key is 256.
Using 256 secure hash algorithm SHA256, file owner calculates separately the key of new clear text file, new The label of clear text file, the to be modified or clear text file block key that is inserted into and to be modified or the clear text file block that is inserted into recognizes Card value.
256 secure hash algorithm SHA256 refer to: the federal letter of American National Standard technical research institute publication 256 one-way Hash algorithm SHA256 specified in processing standard FIPS PUB 180-3 are ceased, are suitable for of length no more than 264Two The message of system position.
File owner using clear text file block that is to be modified or being inserted into index value and its clear text file block key more The connection value of new clear text file block key, obtains the connection value of new clear text file block key.
Using the Encryption Algorithm in 256 Advanced Encryption Standard AES256, file owner is with to be modified or be inserted into Clear text file block key encrypts corresponding clear text file block, cryptograph files block that is to be modified or being inserted into is obtained, with new plaintext The key of file encrypts the connection value of new clear text file block key, obtains the connection value ciphertext of new clear text file block key.
256 Advanced Encryption Standard AES256 refer to: a kind of block encryption standard that U.S. Federal Government uses, Wherein, the Advanced Encryption Standard that the length of key is 256.
File owner grasps the label of new clear text file, the connection value ciphertext of new clear text file block key, dynamic It instructs, is to be modified or be inserted into or the index value of blocks of files to be deleted, the to be modified or cryptograph files block, to be modified that is inserted into The authentication value for the clear text file block being inserted into is sent to server.
Step 9, server carries out deduplication operation to new cryptograph files block.
256 secure hash algorithm SHA256 of server by utilizing calculate the mark of cryptograph files block that is to be modified or being inserted into Label delete the repetition cryptograph files block for having identical cryptograph files block label, complete the encrypted data chunk duplicate removal behaviour of server end Make.
256 secure hash algorithm SHA256 refer to: the federal letter of American National Standard technical research institute publication 256 one-way Hash algorithm SHA256 specified in processing standard FIPS PUB 180-3 are ceased, are suitable for of length no more than 264Two The message of system position.
Step 10, the base level nodes in server modification dynamic equilibrium skip list.
4 pairs of servers modify the step of base level nodes on some position in dynamic equilibrium skip list bottom with reference to the accompanying drawing Suddenly it is described in further detail.
In Fig. 4 withThe node of mark indicates father node, withThe node of mark indicates the brotgher of node, with "○" The node of mark indicates the base level nodes of modification.
Fig. 4 (a) is the dynamic equilibrium skip list stored before server modification operates, and Fig. 4 (b) is after server modification operates Dynamic equilibrium skip list.
A, B, C, D indicate that four base level nodes, E indicate that the father node of node A and node B, F indicate node C in Fig. 4 (a) With the father node of node D, R indicates the father node of node E and node F, while also illustrating that the root section of entire dynamic equilibrium skip list Point.
C in Fig. 4 (b) indicates that the base level nodes of modification, R, F indicate that the father node of node C, E, D indicate the brother of father node Younger brother's node, wherein E indicates the brotgher of node of node F, and D indicates the brotgher of node of node C.
The index value that server searches blocks of files to be modified corresponds to the father node of base level nodes and the brotgher of node of father node, Using 256 secure hash algorithm SHA256, the server authentication value of clear text file block to be modified and the certification of the brotgher of node Value, updates the authentication value of father node.
256 secure hash algorithm SHA256 refer to: the federal letter of American National Standard technical research institute publication 256 one-way Hash algorithm SHA256 specified in processing standard FIPS PUB 180-3 are ceased, are suitable for of length no more than 264Two The message of system position.
Step 11, the base level nodes in server insertion dynamic equilibrium skip list.
5 pairs of servers are inserted into a base level nodes in some position of dynamic equilibrium skip list bottom with reference to the accompanying drawing Step is described in further detail.
In Fig. 5 withThe node of mark indicates father node, withThe node of mark indicates the brotgher of node, with "○" The node of mark indicates the node being inserted into,Indicate deleted pointer.
Fig. 5 (a) is that server is inserted into the dynamic equilibrium skip list stored before node G operation, and Fig. 5 (b) is server insertion Dynamic equilibrium skip list after base level nodes G operation, Fig. 5 (c) are that server is inserted into the dynamic equilibrium stored before node H operation Skip list, Fig. 5 (d) are the dynamic equilibrium skip list that server is inserted into after base level nodes H operation.
A, B, C, D indicate that four base level nodes, E indicate that the father node of node A and node B, F indicate node C in Fig. 5 (a) With the father node of node D, R indicates the father node of node E and node F, while also illustrating that the root section of entire dynamic equilibrium skip list Point.
G indicates that the base level nodes being inserted into, R, F indicate that the father node of node G, E, C, D indicate father node in Fig. 5 (b) The brotgher of node, wherein E indicates the brotgher of node of node F, and C, D indicate the brotgher of node of node G.
A, B, G, C, D indicate that five base level nodes, E indicate that the father node of node A and node B, F indicate section in Fig. 5 (c) The father node of point G, node C and node D, R indicate the father node of node E and node F, while also illustrating that entire dynamic equilibrium is jumped The root node of jump table.
H indicates that the base level nodes being inserted into, R, F indicate that the father node of node H, E, G, C, D indicate father node in Fig. 5 (d) The brotgher of node, wherein E indicate node F the brotgher of node, G, C, D indicate node H the brotgher of node;At no point in the update process, raw The inode of Cheng Xin is inserted into F node backpointer position.
The first step, the index value that server lookup is inserted into blocks of files correspond to the father node of base level nodes, generate a base Node layer is assigned to the cryptographic Hash of insertion node with the cryptographic Hash for being inserted into clear text file block as insertion node, is inserted into node It is assigned a value of 1 up to base level nodes number, the son node number for being inserted into node is assigned a value of 0, and insertion node is inserted into and is inserted into blocks of files Index value corresponding to base level nodes backpointer position.
The son node number of the father node of lowermost layer is added 1, using the father node of lowermost layer as present node by second step.
Third step, judges whether the son node number of present node is equal to 3, if so, executing the 4th step of this step;It is no Then, the 5th step of this step is executed.
4th step updates the cryptographic Hash of present node, up to base level nodes using each child node of present node Number, executes the 6th step of this step.
5th step utilizes the Hash of first, the left side child node of present node and second sub- node updates present node Value, reachable base level nodes number and son node number;It is generated using the left side third child node of present node and the 4th child node The node of generation is inserted into the backpointer position of present node by another node, by the child node of the father node of present node Number plus 1.
6th step judges whether present node is root node, if so, thening follow the steps 12;Otherwise, above one layer of father node As present node, the third step of this step is executed.
Step 12, server deletes the base level nodes in dynamic equilibrium skip list.
The flow chart of 6 schematic diagram and attached drawing 7 with reference to the accompanying drawing is deleted to server in dynamic equilibrium skip list bottom Except being described in further detail the step of base level nodes on some position.
In Fig. 6 withThe node of mark indicates father node, withThe node of mark indicates the brotgher of node, with "○" The node of mark indicates deleted node,Indicate deleted pointer.
Fig. 6 (a) is that server deletes the dynamic equilibrium skip list stored before base level nodes G operation, and Fig. 6 (b) is server Dynamic equilibrium skip list after deleting base level nodes G operation, Fig. 6 (c) move for what is stored before server deletion base level nodes C operation State balance-jump table, Fig. 6 (d) are that server deletes the dynamic equilibrium skip list after base level nodes C operation;
A, B, G, C, D indicate that five base level nodes, E indicate that the father node of node A and node B, F indicate section in Fig. 6 (a) The father node of point G, node C and node D, R indicate the father node of node E and node F, while also illustrating that entire dynamic equilibrium is jumped The root node of jump table.
G indicates that deleted base level nodes, R, F indicate that the father node of node G, E, C, D indicate father node in Fig. 6 (b) The brotgher of node, wherein E indicates the brotgher of node of node F, and C, D indicate the brotgher of node of node G.
A, B, C, D indicate that four base level nodes, E indicate that the father node of node A and node B, F indicate node C in Fig. 6 (c) With the father node of node D, R indicates the father node of node E and node F, while also illustrating that the root section of entire dynamic equilibrium skip list Point.
C indicates that deleted base level nodes, R, F indicate that the father node of node C, E, D indicate the brother of father node in Fig. 6 (d) Younger brother's node, wherein E indicates the brotgher of node of node F, and D indicates the brotgher of node of node C;At no point in the update process, F node is deleted It removes, D node is in the position for being moved to B node backpointer.
The first step, the index value that server searches blocks of files to be deleted correspond to the father node of base level nodes, delete to be deleted Base level nodes corresponding to the index value of blocks of files.
The son node number of the father node of lowermost layer is subtracted 1, using the father node of lowermost layer as present node by second step.
Third step, judges whether the son node number of present node is equal to 2, if so, executing the 4th step of this step;It is no Then, the 5th step of this step is executed.
4th step updates the cryptographic Hash of present node, up to base level nodes using each child node of present node Number, executes the 12nd step of this step.
5th step, judges whether the backpointer of present node is directed toward a brotgher of node, if so, executing the of this step Six steps;Otherwise, the 9th step of this step is executed.
6th step, judges whether the child node number of the brotgher of node of the backpointer meaning of present node is equal to 3, if so, Then execute the 7th step of this step;Otherwise, the 8th step of this step is executed.
7th step, using first, the left side child node of the backpointer meaning brotgher of node of present node as present node Second, left side child node, using the cryptographic Hash of two sub- node updates present nodes of present node, up to base level nodes number And son node number, utilize remaining two sub- node updates brotghers of node of the brotgher of node of the backpointer meaning of present node Cryptographic Hash, reachable base level nodes number and son node number, execute the 12nd step of this step.
8th step, using unique child node of present node as the left side first of the present node backpointer meaning brotgher of node A child node, using the cryptographic Hash of the three sub- node updates brotgher of node of the present node backpointer meaning brotgher of node, can Up to base level nodes number and son node number, present node is deleted, executes this step after subtracting 1 for the son node number of upper one layer of father node 12nd step.
9th step, judges whether the child node number of the previous brotgher of node of present node is equal to 3, if so, executing Tenth step of this step;Otherwise, the 11st step of this step is executed.
Tenth step, using the left side third child node of the previous brotgher of node as first, the left side son section of present node Point, using the cryptographic Hash of two sub- node updates present nodes of present node, up to base level nodes number and son node number, utilization The cryptographic Hash of the remaining two sub- node updates brotgher of node of the previous brotgher of node of present node, reachable base level nodes number And son node number, execute the 12nd step of this step.
11st step, using unique child node of present node as the left side third of the previous brotgher of node of present node A child node utilizes the cryptographic Hash of the three sub- node updates brotgher of node of the previous brotgher of node of present node, reachable Base level nodes number and son node number delete present node, subtract 1 for the son node number of upper one layer of father node.
12nd step judges whether present node is root node, if so, executing the 13rd step of this step;Otherwise, above One layer of father node executes the third step of this step as present node.
Step 13, dynamic equilibrium skip list update finishes.

Claims (5)

1. a kind of encrypted data chunk client De-weight method for supporting data to update, which comprises the steps of:
Step 1, data block is encrypted in file first place uploader:
File first place uploader utilizes 256 secure hash algorithm SHA256, using clear text file as input, calculates clear text file Key, using the key of clear text file as input, calculate the label of clear text file;
File first place uploader carries out the piecemeal that length is 4kb to clear text file, generates multiple clear text file blocks;
File first place uploader utilizes 256 secure hash algorithm SHA256, using each clear text file block as input, calculates Each clear text file block key is calculated with being connected to input before and after each clear text file block and clear text file block key The authentication value of each clear text file block;
File first place uploader is added using the Encryption Algorithm in 256 Advanced Encryption Standard AES256 with clear text file block key Close clear text file block, obtains cryptograph files block, with the connection value of clear text file key encrypting plaintext blocks of files key, obtains in plain text The connection value ciphertext of blocks of files key;
File first place uploader is by the label of clear text file, the authentication value of clear text file block, cryptograph files block and clear text file block The connection value ciphertext of key is uploaded to server;
Step 2, the novel dynamic equilibrium skip list of server construction:
The first step, it is corresponding bright according to clear text file block authentication value by the corresponding base level nodes of each clear text file block authentication value The tandem of literary blocks of files connects into a single linked list;
Second step generates a father node for every two node as child node since first node on the left of current chained list; If current chained list interior joint number is odd number, a father node is generated using remaining last three nodes as child node;
Third step, using 256 secure hash algorithm SHA256, by the cryptographic Hash of child node each in each father node, according to Child node or so is linked in sequence into Hash connection value as inputting, and the cryptographic Hash of Hash connection value is calculated, by Hash connection value Cryptographic Hash is assigned to the cryptographic Hash of each father node;
4th step, the sum by child node each in each father node up to base level nodes number are assigned to the reachable of each father node Base level nodes number;The son node number for number of nodes used in each father node will be generated being assigned to each father node;
5th step is directed toward the position of first child node on the left of the node with the lower pointer of each father node, and the father of generation is saved Point is linked into father chain's table according to the sequencing of generation;
6th step deletes the pointer between different father node child nodes;
7th step, judge in father chain's table whether only one node, if so, the exclusive node in father chain's table is labeled as root section Point executes step 3 after obtaining dynamic equilibrium skip list;Otherwise, this step is executed after using father chain's table of generation as current chained list Second step;
Step 3, server carries out deduplication operation to encrypted data chunk:
256 secure hash algorithm SHA256 of server by utilizing calculate the mark of cryptograph files block using cryptograph files block as input Label delete the repetition cryptograph files block for having identical cryptograph files block label, complete the encrypted data chunk duplicate removal behaviour of server end Make;
Step 4, the subsequent uploader of file is interacted with server progress File Ownership certification:
Server by utilizing random function generates two positive integers at random, and two positive integers are sent to the subsequent uploader of file;
The subsequent uploader of file regard one in two positive integers as random seed, generates equal with another positive integer more A random number is as by the index value of challenge blocks of files;
The subsequent uploader of file carries out the piecemeal that length is 4kb to clear text file, generates multiple clear text file blocks;
The subsequent uploader of file utilizes 256 secure hash algorithm SHA256, calculates corresponding to the index value of challenge blocks of files The authentication value by challenge blocks of files, send it to server;
Step 5, server determines whether the subsequent uploader is file owner:
Server regard one in two positive integers as random seed, generates the multiple random numbers equal with another positive integer As by the index value of challenge blocks of files;
In dynamic equilibrium skip list, server searches father node and the father of the base level nodes corresponding to challenge blocks of files index value The brotgher of node of node;
Using 256 secure hash algorithm SHA256, the cryptographic Hash of the server brotgher of node and receive by challenge file The authentication value of block recalculates the cryptographic Hash of dynamic equilibrium skip list root node;
Judge whether the cryptographic Hash of dynamic equilibrium skip list root node and the root node cryptographic Hash that server local is stored are equal, If so, File Ownership certification passes through, server is by subsequent uploader labeled as execution step 6 after file owner;Otherwise, File Ownership authentification failure;
Step 6, the cryptograph files block at file owner's download server end:
The label of clear text file and downloading request are sent to server by file owner;
Server sends the ciphertext of the corresponding all cryptograph files blocks of clear text file label and clear text file block key connection value To file owner;
Step 7, file owner decrypts the cryptograph files block of server end:
File owner is bright with the key decryption of clear text file using the decipherment algorithm in 256 Advanced Encryption Standard AES256 The connection value ciphertext of literary blocks of files key, obtains the connection value of clear text file block key, close with the key decryption of clear text file block Literary blocks of files obtains clear text file block;
Step 8, new clear text file block is encrypted in file owner:
The label of clear text file and update request are sent to server by file owner;
The ciphertext of blocks of files key connection value is sent to file owner by server;
Using the decipherment algorithm in 256 Advanced Encryption Standard AES256, the key decryption of file owner's clear text file is bright The ciphertext of literary blocks of files key connection value, obtains the connection value of clear text file block key;
Using 256 secure hash algorithm SHA256, file owner calculates separately the key of new clear text file, new plaintext The label of file, the to be modified or clear text file block key that is inserted into and the certification of clear text file block that is to be modified or being inserted into Value;
File owner is bright using the index value of clear text file block that is to be modified or being inserted into and its clear text file block key updating The connection value of literary blocks of files key obtains the connection value of new clear text file block key;
Using the Encryption Algorithm in 256 Advanced Encryption Standard AES256, file owner's plaintext that is to be modified or being inserted into Blocks of files key encrypts corresponding clear text file block, cryptograph files block that is to be modified or being inserted into is obtained, with new clear text file Key encrypt the connection value of new clear text file block key, obtain the connection value ciphertext of new clear text file block key;
File owner refers to connection value ciphertext, the dynamic operation of the label of new clear text file, new clear text file block key It enables, is to be modified or be inserted into or the index value of blocks of files to be deleted, the to be modified or cryptograph files block, to be modified to be inserted that is inserted into The authentication value of the clear text file block entered is sent to server;
Step 9, server carries out deduplication operation to new cryptograph files block:
256 secure hash algorithm SHA256 of server by utilizing calculate the label of cryptograph files block that is to be modified or being inserted into, delete Except the repetition cryptograph files block for having identical cryptograph files block label, the encrypted data chunk deduplication operation of server end is completed;
Step 10, the base level nodes in server modification dynamic equilibrium skip list:
The index value that server searches blocks of files to be modified corresponds to the father node of base level nodes and the brotgher of node of father node, utilizes 256 secure hash algorithm SHA256, the server authentication value of clear text file block to be modified and the authentication value of the brotgher of node, more The authentication value of new father node;
Step 11, the base level nodes in server insertion dynamic equilibrium skip list:
The first step, the index value that server lookup is inserted into blocks of files correspond to the father node of base level nodes, generate base's section Point is assigned to the cryptographic Hash of insertion node with the cryptographic Hash for being inserted into clear text file block as insertion node, and insertion node is reachable Base level nodes number is assigned a value of 1, and the son node number for being inserted into node is assigned a value of 0, and insertion node is inserted into the rope for being inserted into blocks of files Draw the backpointer position of base level nodes corresponding to value;
The son node number of the father node of lowermost layer is added 1, using the father node of lowermost layer as present node by second step;
Third step, judges whether the son node number of present node is equal to 3, if so, executing the 4th step of this step;Otherwise, it holds 5th step of this step of row;
4th step updates the cryptographic Hash of present node, up to base level nodes number, holds using each child node of present node 6th step of this step of row;
5th step, using first, the left side child node of present node and the cryptographic Hash of second sub- node updates present node, Up to base level nodes number and son node number;It is generated using the left side third child node of present node and the 4th child node another The node of generation is inserted into the backpointer position of present node, the son node number of the father node of present node is added by a node 1;
6th step judges whether present node is root node, if so, thening follow the steps 12;Otherwise, above one layer of father node conduct Present node executes the third step of this step;
Step 12, server deletes the base level nodes in dynamic equilibrium skip list:
The first step, the index value that server searches blocks of files to be deleted correspond to the father node of base level nodes, delete file to be deleted Base level nodes corresponding to the index value of block;
The son node number of the father node of lowermost layer is subtracted 1, using the father node of lowermost layer as present node by second step;
Third step, judges whether the son node number of present node is equal to 2, if so, executing the 4th step of this step;Otherwise, it holds 5th step of this step of row;
4th step updates the cryptographic Hash of present node, up to base level nodes number, holds using each child node of present node 12nd step of this step of row;
5th step, judges whether the backpointer of present node is directed toward a brotgher of node, if so, executing the 6th of this step Step;Otherwise, the 9th step of this step is executed;
6th step, judges whether the child node number of the brotgher of node of the backpointer meaning of present node is equal to 3, if so, holding 7th step of this step of row;Otherwise, the 8th step of this step is executed;
7th step, using first, the left side child node of the backpointer meaning brotgher of node of present node as the left side of present node Second child node, using the cryptographic Hash of two sub- node updates present nodes of present node, up to base level nodes number and son Number of nodes utilizes the Hash of the remaining two sub- node updates brotgher of node of the brotgher of node of the backpointer meaning of present node Value, reachable base level nodes number and son node number, execute the 12nd step of this step;
8th step, using unique child node of present node as first, left side of the present node backpointer meaning brotgher of node Node, using the cryptographic Hash of the three sub- node updates brotgher of node of the present node backpointer meaning brotgher of node, up to base Node layer number and son node number delete present node, execute the tenth of this step after subtracting 1 for the son node number of upper one layer of father node Two steps;
9th step, judges whether the child node number of the previous brotgher of node of present node is equal to 3, if so, executing this step The tenth rapid step;Otherwise, the 11st step of this step is executed;
Tenth step, using the left side third child node of the previous brotgher of node as first, the left side child node of present node, Using the cryptographic Hash of two sub- node updates present nodes of present node, up to base level nodes number and son node number, using working as The cryptographic Hash of the remaining two sub- node updates brotgher of node of the previous brotgher of node of front nodal point, up to base level nodes number and Son node number executes the 12nd step of this step;
11st step, using unique child node of present node as the left side third height of the previous brotgher of node of present node Node, using the cryptographic Hash of the three sub- node updates brotgher of node of the previous brotgher of node of present node, up to base Number of nodes and son node number delete present node, subtract 1 for the son node number of upper one layer of father node;
12nd step judges whether present node is root node, if so, executing step 13;Otherwise, above one layer of the father node is made For present node, the third step of this step is executed;
Step 13, dynamic equilibrium skip list update finishes.
2. a kind of encrypted data chunk client De-weight method for supporting data to update according to claim 1, feature exist In: base level nodes described in step 2 first step refer to, positioned at the node of dynamic equilibrium skip list bottom.
3. a kind of encrypted data chunk client De-weight method for supporting data to update according to claim 1, feature exist In: node described in step 2 second step refers to, constitutes the basic unit of dynamic equilibrium skip list, each node is by one five Tuple is constituted, and five-tuple member is respectively node cryptographic Hash, node up to base level nodes number, son node number, backpointer and lower finger Needle.
4. a kind of encrypted data chunk client De-weight method for supporting data to update according to claim 1, feature exist In: father node described in step 5 refers to, from the node that root node is accessed into the search procedure of some base level nodes Meet the node that reachable node includes the base level nodes, does not include base level nodes itself.
5. a kind of encrypted data chunk client De-weight method for supporting data to update according to claim 1, feature exist Refer in: the brotgher of node described in step 5, the general designation of other nodes in same single linked list.
CN201711347947.XA 2017-12-15 2017-12-15 A kind of encrypted data chunk client De-weight method for supporting data to update Active CN108182367B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711347947.XA CN108182367B (en) 2017-12-15 2017-12-15 A kind of encrypted data chunk client De-weight method for supporting data to update

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711347947.XA CN108182367B (en) 2017-12-15 2017-12-15 A kind of encrypted data chunk client De-weight method for supporting data to update

Publications (2)

Publication Number Publication Date
CN108182367A CN108182367A (en) 2018-06-19
CN108182367B true CN108182367B (en) 2019-11-15

Family

ID=62546160

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711347947.XA Active CN108182367B (en) 2017-12-15 2017-12-15 A kind of encrypted data chunk client De-weight method for supporting data to update

Country Status (1)

Country Link
CN (1) CN108182367B (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109657497B (en) * 2018-12-21 2023-06-13 北京思源理想控股集团有限公司 Secure file system and method thereof
CN109995505B (en) * 2019-03-07 2021-08-10 西安电子科技大学 Data security duplicate removal system and method in fog computing environment and cloud storage platform
CN110677429A (en) * 2019-10-10 2020-01-10 青岛大学 File storage method and system, cloud device and terminal device
CN111914280A (en) * 2020-08-17 2020-11-10 南京珥仁科技有限公司 File self-encryption and decryption method
CN112231308A (en) * 2020-10-14 2021-01-15 深圳前海微众银行股份有限公司 Method, device, equipment and medium for removing weight of horizontal federal modeling sample data
CN112231309A (en) * 2020-10-14 2021-01-15 深圳前海微众银行股份有限公司 Method, device, terminal equipment and medium for removing duplicate of longitudinal federal data statistics
CN112764783B (en) * 2021-02-02 2022-04-29 杭州雅观科技有限公司 Upgrading method of smart home equipment
CN113347189B (en) * 2021-06-09 2023-03-31 福州大学 Updatable and data ownership transferable message self-locking encryption system and method

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9086819B2 (en) * 2012-07-25 2015-07-21 Anoosmar Technologies Private Limited System and method for combining deduplication and encryption of data
US10764037B2 (en) * 2014-12-23 2020-09-01 Nokia Technologies Oy Method and apparatus for duplicated data management in cloud computing
CN107147615B (en) * 2017-03-29 2019-10-25 西安电子科技大学 Ownership certification and the key transmission method of entropy are not lost under ciphertext duplicate removal scene

Also Published As

Publication number Publication date
CN108182367A (en) 2018-06-19

Similar Documents

Publication Publication Date Title
CN108182367B (en) A kind of encrypted data chunk client De-weight method for supporting data to update
CN108418796B (en) Cloud data multi-copy integrity verification and association deletion method and cloud storage system
CN109379182B (en) Efficient data re-encryption method and system supporting data deduplication and cloud storage system
CN104363215B (en) A kind of encryption method and system based on attribute
US9275250B2 (en) Searchable encryption processing system
CN110213042A (en) A kind of cloud data duplicate removal method based on no certification agency re-encryption
CN108377237A (en) The data deduplication system and its data duplicate removal method with ownership management for the storage of high in the clouds ciphertext
CN110334526A (en) It is a kind of that the forward secrecy verified is supported to can search for encryption storage system and method
CN106612320A (en) Encrypted data dereplication method for cloud storage
CN109660555A (en) Content safety sharing method and system based on proxy re-encryption
CN105320896A (en) Cloud storage encryption and ciphertext retrieval methods and systems
CN107659401B (en) A kind of secure data duplicate removal encryption method of similitude perception
CN105849738A (en) Storage array password management
CN106776904A (en) The fuzzy query encryption method of dynamic authentication is supported in a kind of insincere cloud computing environment
CN105760781A (en) Storage method, restoration method and operation method of ordered and derivable large-data files
CN104967693A (en) Document similarity calculation method facing cloud storage based on fully homomorphic password technology
CN113221155B (en) Multi-level and multi-level encrypted cloud storage system
CN107094075B (en) Data block dynamic operation method based on convergence encryption
CN110351297B (en) Verification method and device applied to block chain
US10733317B2 (en) Searchable encryption processing system
CN114338038A (en) Memory system for block chain data secret inquiry and careless transmission method
Geeta et al. Sdvadc: secure deduplication and virtual auditing of data in cloud
CN106209365A (en) The method that Backup Data is heavily signed is utilized when user cancels under cloud environment
CN107612687B (en) ElGamal encryption-based dynamic multi-copy data possession verification method
CN116502732B (en) Federal learning method and system based on trusted execution environment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant