CN108229208B - Public auditing method for multi-copy data in cloud storage service - Google Patents

Public auditing method for multi-copy data in cloud storage service Download PDF

Info

Publication number
CN108229208B
CN108229208B CN201810015840.3A CN201810015840A CN108229208B CN 108229208 B CN108229208 B CN 108229208B CN 201810015840 A CN201810015840 A CN 201810015840A CN 108229208 B CN108229208 B CN 108229208B
Authority
CN
China
Prior art keywords
data block
data
user
file
evidence
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810015840.3A
Other languages
Chinese (zh)
Other versions
CN108229208A (en
Inventor
田晖
陈文琪
卢璥
陈永红
王田
蔡奕侨
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huaqiao University
Original Assignee
Huaqiao University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huaqiao University filed Critical Huaqiao University
Priority to CN201810015840.3A priority Critical patent/CN108229208B/en
Publication of CN108229208A publication Critical patent/CN108229208A/en
Application granted granted Critical
Publication of CN108229208B publication Critical patent/CN108229208B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • G06F21/645Protecting data integrity, e.g. using checksums, certificates or signatures using a third party

Abstract

The invention discloses a public auditing method for multi-copy data in cloud storage service, which belongs to the field of information security and aims to realize efficient auditing on the integrity of dynamic multi-copy data in a cloud storage environment; the invention includes (1) a key generation step; (2) a user data preprocessing step; (3) preprocessing data of a cloud service side; (4) preprocessing third party auditor data; (5) a challenge step; (6) an evidence generating step; (7) an evidence verification step; (8) dynamically updating data; (9) and (5) batch auditing. The public auditing method provided by the invention can support dynamic updating of multi-copy data and batch auditing of the multi-copy data while ensuring high-efficiency auditing of the multi-copy cloud data.

Description

Public auditing method for multi-copy data in cloud storage service
Technical Field
The invention belongs to the field of information security, and particularly relates to cloud storage-oriented data security audit, which is suitable for integrity open audit of multi-copy data in a cloud storage environment.
Background
With the rapid development of cloud storage technology and its related industries, more and more individuals and enterprises tend to outsource their data to the cloud to improve the reliability of data storage and reduce their maintenance overhead. However, cloud storage also poses many security issues while providing convenience to users. In particular, due to the separation of data ownership and administrative rights, it is difficult for a user to verify the integrity of data in a conventional manner, thereby allowing a trust gap between the user and the cloud service.
In recent years, with the appearance and popularization of multi-copy storage service in the cloud, people gradually attract attention to the security audit problem facing multi-copy data. Curtmola et al, focusing on The problem for The first time, proposed a multi-copy data possession certification scheme, which uses RSA signature and random mask technology to realize integrity audit on multi-copy data, but does not support public audit (see Curtmola R, Khan O, Burns R, et al. MR-PDP: Multiple-repeatable data processing [ C ]// Distributed Computing Systems,2008.ICDCS'08.The 28th International Conference on. IEEE,2008: 411-; hao et al propose a Boneh-Lynn-Shacham signature scheme based on which public auditing of multi-copy Data is achieved (see Hao Z, Yu N.A multiple-duplication Data publication checking protocol with public verification [ C ]// Data, Privacy and E-Commerce (ISDPE),2010Second International Symposium on.IEEE 2010: 84-89); chen et al, on this basis, present a multi-user multi-copy data-consistent batch audit scheme (see Chenfeng, forest cypress, Yang 26104, etc.. BLS-based multi-user multi-copy data-consistent batch audit [ J ] Cryptographic report 2014, (04): 368) 378). However, none of these schemes support dynamic updating of multiple copies of data. To achieve Dynamic auditing of Multiple Copies of Data, Liu et al (see Liu C, Chen J, Yang L T, et al. automated publishing of Dynamic big Data storage on closed with efficient vertical extent fine-grained updates [ J ]. IEEE Transactions on Parallel and Distributed Systems,2014,25(9): 2234-. The former uses a MR-MHT tree combined by a plurality of Merkle hash trees as an authentication structure of multi-copy dynamic data. The latter abandons the index hash table to record the data block sequence number, designs the version mapping table as the authentication structure, and avoids the label generation to be related to the corresponding data block sequence number. Compared with the former, the data dynamic updating is more efficient. However, since it needs to aggregate tags with the same sequence number in different copies, the tag generation overhead is large.
Aiming at the problems existing in the existing research, the invention provides a novel integrity auditing scheme of multi-copy data. The method and the system support dynamic updating of the multi-copy data and batch auditing of the multi-copy data (namely, a third party auditor can audit tasks from multiple users at one time) while ensuring efficient auditing of the multi-copy cloud data.
Disclosure of Invention
The invention provides a public auditing method for multi-copy data in cloud storage service, and aims to provide efficient public auditing of the integrity of the multi-copy cloud data and support dynamic updating of the multi-copy data and batch auditing of the multi-copy data.
The invention adopts the following technical scheme:
a public auditing method for multi-copy data in cloud storage service comprises the following steps:
(1) a key generation step: a user generates a key pair, namely a private key SK is { x }, and a public key PK is { g, u, v, y }; the user saves the private key SK and issues the public key PK to the cloud service party and the third party auditor; wherein x is a set of integers ZpIn (3), u, v are cyclic groups G of order prime p1G is a cyclic group G whose order is a prime number p2And y is gx
(2) User data preprocessing step: a user firstly generates a file identification ID for a file F to be processed; and divides file F into n data blocks, i.e. F ═ b1,b2,···,bnIn which b isi(i ═ 1, 2.. times, n) is the ith data block; simultaneously recording version information of each data block to obtain a set phi { (v)i,ti) I is more than or equal to 1 and less than or equal to n, wherein vi,tiAre respectively data block biVersion number and timestamp of; in addition, the user also assigns each data block biGenerating a corresponding digital signature σiSo as to obtain the digital signature set Λ ═ σ { (σ ═ σ }iI is more than or equal to 1 and less than or equal to n; subsequently, t different copy files are generated by inserting different random masks into the data blocks, and the multiple copy set is recorded as FS ═ { F'1,F’2,…,F’tOf which is F'j( j 1, 2.. times, t) is the jth copy file; finally, the user saves the file identification ID and the version information phi by a third party auditor, sends the file identification ID, the data block signature set Lambda and the multi-copy set FS to a cloud service party, and then deletes all the numbers except the private keyAccordingly;
(3) preprocessing data of a cloud server side: after receiving a multi-copy set FS, a data block signature set Lambda and a file identification ID sent by a user, a cloud service party firstly signs a sigma on each data blockiCarrying out bilinear pairing calculation to obtain a data block label omegaiI.e. omegai=e(σiG), and set of tags Ω ═ ω { ω ═ ωiI is more than or equal to 1 and less than or equal to n, and simultaneously storing each copy in different servers;
(4) a third party auditor data preprocessing step: the third party auditor identifies the file ID and the version information phi transmitted by the user { (v)i,ti) And i is more than or equal to 1 and less than or equal to n is stored in the dynamic hash table so as to realize auditable data freshness (latest version state). A dynamic hash table is a newly proposed authentication data structure for supporting data dynamics (see Tian H, Chen Y, Chang C, et al]IEEE Transactions on Services Computing,2017, 10(5):701-714) is essentially a two-dimensional table in which a plurality of files are organized in an array manner and version information of each data block in each file is organized in a linked list manner.
(5) The challenge step is as follows: responding to the user audit request or periodically auditing the data on behalf of the user by a third party auditor, first generating challenge information including randomly selected data block sequence number set psi { [ PSI ]s1,2, …, c, random number set t ═ rs|rs∈ZpS-1, 2, …, c }, and a random mask R-yaWherein c is the number of data blocks needing to be challenged in each copy file, and a is an integer set ZpA medium random number; subsequently, the third party auditor sends challenge information (Ψ, Τ, R) to the cloud service party;
(6) an evidence generation step: after the cloud service party receives the challenge information of the third party auditor, data-bearing evidence needs to be generated, wherein the data-bearing evidence comprises a tag evidence theta and a data block evidence set Pp ═ ρ {jJ is more than or equal to 1 and less than or equal to t, wherein rhojThe data block evidence of the jth copy file; evidence information (Θ, Ρ) is then returned to the third party reviewCounting;
(7) and (3) evidence verification step: the third party auditor verifies the evidence information (Θ, p) returned by the cloud service party; if the verification is successful, the multiple copies of the file are complete; otherwise, it indicates that the data in some multi-copy files has been damaged;
(8) and a data dynamic updating step: when data needs to be updated (including modification, insertion and deletion), a user needs to send update information U to a third-party auditorTPASending update information U to cloud service sideCSP(ii) a After receiving the update information, the third party auditor updates the dynamic hash table accordingly, and the cloud service party updates the corresponding data block and the corresponding label.
(9) Batch auditing step: when w different users simultaneously initiate audit requests, the cloud service side respectively generates label evidence theta for each userkAnd data block evidence set pk={ρk,jJ is less than or equal to 1 and less than or equal to t, wherein k is 1, 2. Then, all the label evidences are aggregated again to obtain a label batch audit evidence thetaBAnd aggregating the data block evidences of different copy files of each user again to obtain a data block batch audit evidence set f ═ { Ρ ^ pBjJ is more than or equal to 1 and less than or equal to t }; subsequently, the cloud service party will audit the evidence (Θ)BR) to a three-party auditor; the third party auditor verifies the batch audit evidence; if the verification is successful, the multiple copies of the files of all the users are complete; otherwise, it indicates that the data in some of the multiple copies has been corrupted.
Preferably, the user data preprocessing step includes the following processes:
(2.1) firstly, generating a file identification ID for a file F to be processed by a user; and divides file F into n data blocks, i.e. F ═ b1,b2,···,bn) Wherein b isiIs the ith data block; simultaneously recording version information of each data block to obtain a set phi { (v)i,ti) I is more than or equal to 1 and less than or equal to n, wherein vi,tiAre respectively data block biVersion number and timestamp of; in addition, the user also assigns each data block biGenerating corresponding numbersSignature sigmaiThe calculation process is as follows:
Figure BDA0001541904740000051
where H (-) is a secure hash function whose function is to map a string to a set of integers ZpThe above step (1);
(2.2) the user generates t different copy files by inserting different random masks into the data blocks, and records that the multiple copy sets are FS ═ F'1,F’2,…,F’t) Of which is F'j={mj,1,mj,2,…,mj,nJ is 1,2, t, and mj,i(i-1, 2, …, n) is composed of data block biDifferentiation is obtained, and the calculation process is as follows:
mj,i=bi+H(vi||ti||j)。
(2.3) the user passes the file identification ID and the version information phi to a third party auditor for storage, and sets the file identification ID and the data block signature lambda as { sigma ═ sigmaiAnd |1 is not less than i and not more than n and the plurality of copy sets FS are sent to the cloud service side, and then all data except the private key are deleted.
Preferably, the evidence generating step includes the following processes:
(6.1) after receiving the challenge information of the third party auditor, the cloud service side firstly generates a label evidence for the multiple copies of the files, and the calculation process is as follows:
Figure BDA0001541904740000061
wherein the content of the first and second substances,
Figure BDA0001541904740000062
is a multi-copy documentsA tag of each data block;
(6.2) the cloud service side generates data block evidence rho for each copy filej(j ═ 1,2, …, t), which is calculated as:
Figure BDA0001541904740000063
wherein e is a bilinear mapping function;
Figure BDA0001541904740000064
is the jth copy filesA data block;
(6.3) the cloud service side will evidence information (Θ, p ═ ρ {jJ is more than or equal to 1 and less than or equal to t) to the third party auditor.
Preferably, the evidence verification step includes the following processes:
the third party auditor substitutes the evidence information (Θ, p) returned by the cloud service party into the following equation for verification:
Figure BDA0001541904740000065
wherein the content of the first and second substances,
Figure BDA0001541904740000066
Figure BDA0001541904740000067
are respectively phisA data block
Figure BDA0001541904740000068
Version number and timestamp of; if the equation is established, the multiple copies of the file are complete; otherwise, it indicates that the data in some of the multiple copies has been corrupted.
Preferably, the step of dynamically updating the data includes the following steps:
(8.1) data block modification: if the user needs to put the ith data block b of the file F into the fileiModified as bi', the user is first bi' Generation of version information (v)i’,ti') and then sends update information UTPA=(ID,modify,i,vi’,ti') to a third party auditor, wherein the ID is an identifier of the file F;modify represents an update operation as a modification. The third party auditor receives the update information UTPAThen, find the version information of the ith data block of the file F in the dynamic hash table, and replace it with (v)i’,ti'). In addition, the user needs to generate a new signature for the modified data block
Figure BDA0001541904740000071
And t data block copies M '═ M'j,i=bi’+H(vi’||ti' | j) |1 ≦ j ≦ t }, and then update information U is sentCSP=(ID,modify,i,M’,σ’i) Giving the cloud service party, wherein the ID is the identifier of the file F; modify represents an update operation as a modification. The cloud service side receives the update information UCSPAfterwards, sign σ 'to the digit'iReprocessing to obtain a data block label omega'i=e(σ’iG), then updates are made to the i-th data block tag and the multiple copies, i.e., ω isiIs replaced by ω'iCopy the data block mj,iIs replaced by m'j,i,j=1,2,…,t。
(8.2) data block insertion: b is inserted behind ith data block of file F according to user requirement*The user is first b*Generating version information (v)*,t*) Then sends update information UTPA=(ID,insert,i,v*,t*) Giving a third party auditor, wherein the ID is the identifier of the file F; insert stands for update operation as insert. The third party auditor receives the update information UTPAThen, finding the position of the i-th data block version information of the file F in the dynamic hash table, and inserting the version information (v) after the position*,t*). In addition, the user needs to generate a new signature σ for the inserted data block*=(vH(v*||t*)ub*)xAnd t data block copies M*={m* j=b*+H(v*||t*J is more than or equal to 1 and less than or equal to t, and then update information U is sentCSP=(ID,insert,i,M*,σ*) To the cloud server, where ID is of file FAn identifier; insert stands for update operation as insert. The cloud service side receives the update information UCSPThen, sign the digital signature σ*The data block label omega is obtained by reprocessing*=e(σ*G) will then tag ω at the ith data blockiRear insert tag omega*And at data block copy mj,iPost-insertion data block m* j,j=1,2,…,t。
(8.3) data block deletion: if the user needs to put the ith data block b of the file F into the fileiDeleting, the user sends the updated information UTPAGiving (ID, delete, i) to the third party auditor, wherein ID is the identifier of file F; delete represents the update operation as delete. The third party auditor receives the update information UTPAAnd then finding the version information of the ith data block of the file F in the dynamic hash table, and deleting the version information. In addition, the user sends update information UCSPGiving (ID, delete, i) to the cloud server, wherein ID is an identifier of file F; delete represents the update operation as delete. The cloud service side receives the update information UCSPThen, tag ω will be tagged at the ith data blockiDelete, and delete b at the same timeiAll data block copies of, i.e. { mj,i|j=1,2,…,t}。
Preferably, the batch auditing step comprises the following processes:
(9.1) when w different users simultaneously initiate audit requests, the cloud service side respectively generates label evidence theta for each userkAnd data block evidence set pk={ρk,jJ is more than or equal to 1 and less than or equal to t }; wherein, the label evidence thetakThe calculation process of (2) is as follows:
Figure BDA0001541904740000081
wherein the content of the first and second substances,
Figure BDA0001541904740000082
is the k-th usersA tag; r isk,sAn s-th random number that is a set of random numbers in the challenge information about the k-th user;
each element ρ in the data block evidence setk,jThe calculation process of (2) is as follows:
Figure BDA0001541904740000083
wherein u iskIs the public key of the kth user; rkIs the random mask of the kth user in the challenge information;
Figure BDA0001541904740000084
is the jth psi in the jth copy file of the kth usersA data block;
(9.2) the cloud service party aggregates all the label evidences again to obtain a label batch audit evidence thetaBThe calculation process is as follows:
Figure BDA0001541904740000085
and aggregating the data block evidences of different copy files of each user again to obtain a data block batch audit evidence set f ═ { PiBjJ ≦ 1 ≦ t }, where PpBjThe calculation process of (2) is as follows:
Figure BDA0001541904740000086
(9.3) the cloud service party audits the evidence (theta) in batchesBR) to a three-party auditor.
(9.4) the third party auditor audits the batch audit evidence (theta) returned by the cloud service partyBR) into the following equation:
Figure BDA0001541904740000091
wherein v isk,ukAre public keys of the kth user;
Figure BDA0001541904740000092
Figure BDA0001541904740000093
phi's for the k-th user respectivelysA data block
Figure BDA0001541904740000094
Version number and timestamp of; rkIs a random mask of the kth user in the challenge information, an
Figure BDA0001541904740000095
Wherein y iskIs the public key of the kth user, a is the integer set ZpA medium random number;
if the equation is established, the multiple copies of the file are complete; otherwise, it indicates that the data in some of the multiple copies has been corrupted.
The technical scheme provided by the invention has the beneficial effects that:
the public auditing method provided by the invention can support dynamic updating of multi-copy data and batch auditing of the multi-copy data while ensuring high-efficiency auditing of the multi-copy cloud data.
The present invention is described in further detail with reference to the accompanying drawings and embodiments, but the method for public auditing multiple copies of data in a cloud storage service according to the present invention is not limited to the embodiments.
Drawings
FIG. 1 is a timing diagram illustrating an audit according to an embodiment of the present invention;
FIG. 2 is a diagram of a dynamic hash table according to an embodiment of the present invention;
FIG. 3 is a timing diagram illustrating dynamic update of data according to an embodiment of the present invention.
Detailed Description
The invention is further described below by means of specific embodiments.
The invention provides a public auditing method for multi-copy data in cloud storage service, which is further explained by combining the attached drawings.
Referring to fig. 1, the public auditing method for multiple copies of data in cloud storage service of the present invention includes a key generation step, a user data preprocessing step, a cloud service side data preprocessing step, a third party auditor data preprocessing step, a challenge step, an evidence generation step, and an evidence verification step, and specifically includes the following steps:
1. a key generation step: a user generates a key pair, namely a private key SK is { x }, and a public key PK is { g, u, v, y }; the user saves the private key SK and issues the public key PK to the cloud service party and the third party auditor; wherein x is a set of integers ZpIn (3), u, v are cyclic groups G of order prime p1G is a cyclic group G whose order is a prime number p2And y is gx
2. The user data preprocessing step comprises the following processes:
2.1 the user firstly generates a file identification ID for a file F to be processed; and divides file F into n data blocks, i.e. F ═ b1,b2,···,bn) Wherein b isiIs the ith data block; simultaneously recording version information of each data block to obtain a set phi { (v)i,ti) I is more than or equal to 1 and less than or equal to n, wherein vi,tiAre respectively data block biVersion number and timestamp of; in addition, the user also assigns each data block biGenerating a corresponding digital signature σiThe calculation process is as follows:
Figure BDA0001541904740000101
where H (-) is a secure hash function whose function is to map a string to a set of integers ZpThe above step (1);
2.2 the user generates t different copy files by inserting different random masks into each data block, and records the multiple copy sets as FS ═ F'1,F’2,…,F’t) Of which is F'j={mj,1,mj,2,…,mj,nJ is 1,2, t, and mj,i(i-1, 2, …, n) is composed of data block biDifferentiation is obtained, and the calculation process is as follows:
mj,i=bi+H(vi||ti||j)。
2.3 the user passes the file identification ID and the version information phi to a third party auditor for storage, and sets the file identification ID and the data block signature lambda are { sigma }iAnd |1 is not less than i and not more than n and the plurality of copy sets FS are sent to the cloud service side, and then all data except the private key are deleted.
3. Preprocessing data of a cloud server side: after receiving a multi-copy set FS, a data block signature set Lambda and a file identification ID sent by a user, a cloud service party firstly signs a sigma on each data blockiCarrying out bilinear pairing calculation to obtain a data block label omegaiI.e. omegai=e(σiG), and set of tags Ω ═ ω { ω ═ ωiI is more than or equal to 1 and less than or equal to n, and simultaneously storing each copy in different servers;
4. a third party auditor data preprocessing step: the third party auditor identifies the file ID and the version information phi transmitted by the user { (v)i,ti) And i is more than or equal to 1 and less than or equal to n is stored in the dynamic hash table so as to realize auditable data freshness (latest version state). A dynamic hash table is a newly proposed authentication data structure for supporting data dynamics (see Tian H, Chen Y, Chang C, et al]IEEE Transactions on Services Computing,2017, 10(5):701-714), as shown in FIG. 2, the dynamic hash table is essentially a two-dimensional table, in which a plurality of files are organized in an array manner, and version information of each data block in each file is organized in a linked list manner.
5. The challenge step is as follows: responding to the user audit request or periodically auditing the data on behalf of the user by a third party auditor, first generating challenge information including randomly selected data block sequence number set psi { [ PSI ]s1,2, …, c, random number set t ═ rs|rs∈ZpS-1, 2, …, c }, and a random mask R-yaWherein c is the number of data blocks needing to be challenged in each copy file, and a is an integer set ZpA medium random number; the third party auditor then sends the challenge information (Ψ,sending the T, R) to a cloud service side;
6. the evidence generating step includes the following processes:
6.1 after the cloud service side receives the challenge information of the third party auditor, firstly generating a label evidence for the multiple copies of the file, wherein the calculation process is as follows:
Figure BDA0001541904740000121
wherein the content of the first and second substances,
Figure BDA0001541904740000122
is a multi-copy documentsA tag of each data block;
6.2 cloud service side generates data block evidence rho for each copy filej(j ═ 1,2, …, t), which is calculated as:
Figure BDA0001541904740000123
wherein e is a bilinear mapping function;
Figure BDA0001541904740000124
is the jth copy filesA data block;
6.3 cloud service side will evidence information (Θ, p ═ ρ { (ρ })jJ is more than or equal to 1 and less than or equal to t) to the third party auditor.
7. The third party auditor substitutes the evidence information (Θ, p) returned by the cloud service party into the following equation for verification:
Figure BDA0001541904740000125
wherein the content of the first and second substances,
Figure BDA0001541904740000126
Figure BDA0001541904740000127
are respectively the firstψsA data block
Figure BDA0001541904740000128
Version number and timestamp of; if the equation is established, the multiple copies of the file are complete; otherwise, it indicates that the data in some of the multiple copies has been corrupted.
Referring to fig. 3, the time sequence diagram of the dynamic data update of the present invention includes that a user sends update information, a third party auditor performs update, and a cloud service party performs update.
8.The step of dynamically updating data comprises the following processes:
8.1 when data needs to be updated (including modification, insertion and deletion), a user needs to send update information U to a third party auditorTPASending update information U to cloud service sideCSP(ii) a After receiving the update information, the third party auditor updates the dynamic hash table accordingly, and the cloud service party updates the corresponding data block and the corresponding label.
8.2 data Block modification: if the user needs to put the ith data block b of the file F into the fileiModified as bi The user is first bi' Generation of version information (v)i’,ti') and then sends update information UTPA=(ID,modify,i,vi’,ti') to a third party auditor, wherein the ID is an identifier of the file F; modify represents an update operation as a modification. The third party auditor receives the update information UTPAThen, find the version information of the ith data block of the file F in the dynamic hash table, and replace it with (v)i’,ti'). In addition, the user needs to generate a new signature for the modified data block
Figure BDA0001541904740000131
And t data block copies M '═ M'j,i=bi’+H(vi’||ti' | j) |1 ≦ j ≦ t }, and then update information U is sentCSP=(ID,modify,i,M’,σ i) Giving the cloud service party, wherein the ID is the identifier of the file F; modify represents an update operation as a modification. CloudThe server receives the update information UCSPAfterwards, sign σ 'to the digit'iReprocessing to obtain a data block label omega'i=e(σ’iG), then updates are made to the i-th data block tag and the multiple copies, i.e., ω isiIs replaced by ω'iCopy the data block mj,iIs replaced by m'j,i,j=1,2,…,t。
8.3 data Block insertion: b is inserted behind ith data block of file F according to user requirement*The user is first b*Generating version information (v)*,t*) Then sends update information UTPA=(ID,insert,i,v*,t*) Giving a third party auditor, wherein the ID is the identifier of the file F; insert stands for update operation as insert. The third party auditor receives the update information UTPAThen, finding the position of the i-th data block version information of the file F in the dynamic hash table, and inserting the version information (v) after the position*,t*). In addition, the user needs to generate a new signature σ for the inserted data block*=(vH(v*||t*)ub*)xAnd t data block copies M*={m* j=b*+H(v*||t*J is more than or equal to 1 and less than or equal to t, and then update information U is sentCSP=(ID,insert,i,M*,σ*) Giving the cloud service party, wherein the ID is the identifier of the file F; insert stands for update operation as insert. The cloud service side receives the update information UCSPThen, sign the digital signature σ*The data block label omega is obtained by reprocessing*=e(σ*G) will then tag ω at the ith data blockiRear insert tag omega*And at data block copy mj,iPost-insertion data block m* j,j=1,2,…,t。
8.4 data Block deletion: if the user needs to put the ith data block b of the file F into the fileiDeleting, the user sends the updated information UTPAGiving (ID, delete, i) to the third party auditor, wherein ID is the identifier of file F; delete represents the update operation as delete. The third party auditor receives the update information UTPAThen in a dynamic stateAnd finding the version information of the ith data block of the file F in the hash table, and deleting the version information. In addition, the user sends update information UCSPGiving (ID, delete, i) to the cloud server, wherein ID is an identifier of file F; delete represents the update operation as delete. The cloud service side receives the update information UCSPThen, tag ω will be tagged at the ith data blockiDelete, and delete b at the same timeiAll data block copies of, i.e. { mj,i|j=1,2,…,t}。
9. The batch auditing step comprises the following processes:
9.1 when w different users simultaneously initiate audit requests, the cloud service side respectively generates a label evidence theta for each userkAnd data block evidence set pk={ρk,jJ is more than or equal to 1 and less than or equal to t }; wherein, the label evidence thetakThe calculation process of (2) is as follows:
Figure BDA0001541904740000141
wherein the content of the first and second substances,
Figure BDA0001541904740000142
is the k-th usersA tag; r isk,sAn s-th random number that is a set of random numbers in the challenge information about the k-th user;
each element ρ in the data block evidence setk,jThe calculation process of (2) is as follows:
Figure BDA0001541904740000143
wherein u iskIs the public key of the kth user; rkIs the random mask of the kth user in the challenge information;
Figure BDA0001541904740000144
is the jth psi in the jth copy file of the kth usersA data block;
9.2 the cloud service side carries out polymerization again on all the label evidences to obtain label batch examinationCalculate evidence ΘBThe calculation process is as follows:
Figure BDA0001541904740000145
and aggregating the data block evidences of different copy files of each user again to obtain a data block batch audit evidence set f ═ { PiBjJ ≦ t }, where PbBjThe calculation process of (2) is as follows:
Figure BDA0001541904740000151
9.3 cloud service will audit evidence (Θ)BR) to a three-party auditor.
9.4 third party Auditer Audit evidence (theta) returned by cloud service partyBR) into the following equation:
Figure BDA0001541904740000152
wherein v isk,ukAre public keys of the kth user;
Figure BDA0001541904740000153
Figure BDA0001541904740000154
phi's for the k-th user respectivelysA data block
Figure BDA0001541904740000155
Version number and timestamp of; rkIs a random mask of the kth user in the challenge information, an
Figure BDA0001541904740000156
Wherein y iskIs the public key of the kth user, a is the integer set ZpA medium random number;
if the equation is established, the multiple copies of the file are complete; otherwise, it indicates that the data in some of the multiple copies has been corrupted.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.

Claims (6)

1. A public auditing method for multi-copy data in cloud storage service is characterized by comprising the following steps:
(1) a key generation step: a user generates a key pair, namely a private key SK is { x }, and a public key PK is { g, u, v, y }; the user saves the private key SK and issues the public key PK to the cloud service party and the third party auditor; wherein x is a set of integers ZpIn (3), u, v are cyclic groups G of order prime p1G is a cyclic group G whose order is a prime number p2And y is gx
(2) User data preprocessing step: a user firstly generates a file identification ID for a file F to be processed; and divides file F into n data blocks, i.e. F ═ b1,b2,···,bnIn which b isi(i ═ 1, 2.. times, n) is the ith data block; simultaneously recording version information of each data block to obtain a set phi { (v)i,ti) I is more than or equal to 1 and less than or equal to n, wherein vi,tiAre respectively data block biVersion number and timestamp of; in addition, the user also assigns each data block biGenerating a corresponding digital signature σiSo as to obtain the digital signature set Λ ═ σ { (σ ═ σ }iI is more than or equal to 1 and less than or equal to n; subsequently, t different copy files are generated by inserting different random masks into the data blocks, and the multiple copy set is recorded as FS ═ { F'1,F’2,…,F’tOf which is F'j(j 1, 2.. times, t) is the jth copy file; finally, the user saves the file identification ID and the version information phi by a third party auditor, sends the file identification ID, the data block signature set Lambda and the multi-copy set FS to a cloud service party, and then deletes all data except the private key;
(3) preprocessing data of a cloud server side: after receiving a multi-copy set FS, a data block signature set Lambda and a file identification ID sent by a user, a cloud service party firstly signs a sigma on each data blockiCarrying out bilinear pairing calculation to obtain a data block label omegaiI.e. omegai=e(σiG), and set of tags Ω ═ ω { ω ═ ωiI is more than or equal to 1 and less than or equal to n, and simultaneously storing each copy in different servers;
(4) a third party auditor data preprocessing step: the third party auditor identifies the file ID and the version information phi transmitted by the user { (v)i,ti) I is more than or equal to 1 and less than or equal to n is stored in the dynamic hash table to realize auditable data freshness;
(5) the challenge step is as follows: responding to the user audit request or periodically auditing the data on behalf of the user by a third party auditor, first generating challenge information including randomly selected data block sequence number set psi { [ PSI ]s1,2, …, c, random number set t ═ rs|rs∈ZpS-1, 2, …, c }, and a random mask R-yaWherein c is the number of data blocks needing to be challenged in each copy file, and a is an integer set ZpA medium random number; subsequently, the third party auditor sends challenge information (Ψ, Τ, R) to the cloud service party;
(6) an evidence generation step: after the cloud service party receives the challenge information of the third party auditor, data-bearing evidence needs to be generated, wherein the data-bearing evidence comprises a tag evidence theta and a data block evidence set Pp ═ ρ {jJ is more than or equal to 1 and less than or equal to t, wherein rhojThe data block evidence of the jth copy file; subsequently returning evidence information (Θ, Ρ) to the third party auditor;
(7) and (3) evidence verification step: the third party auditor verifies the evidence information (Θ, p) returned by the cloud service party; if the verification is successful, the multiple copies of the file are complete; otherwise, it indicates that the data in some multi-copy files has been damaged;
(8) and a data dynamic updating step: when the data needs to be updated, the user needs to send update information U to a third party auditorTPASending update information U to cloud service sideCSP(ii) a In harvestingWhen the information is updated, the third party auditor updates the dynamic hash table, and the cloud service party updates the corresponding data block and the corresponding label;
(9) batch auditing step: when w different users simultaneously initiate audit requests, the cloud service side respectively generates label evidence theta for each userkAnd data block evidence set pk={ρk,jJ is less than or equal to 1 and less than or equal to t, wherein k is 1, 2. Then, all the label evidences are aggregated again to obtain a label batch audit evidence thetaBAnd aggregating the data block evidences of different copy files of each user again to obtain a data block batch audit evidence set
Figure FDA0002914436530000021
Subsequently, the cloud service party will audit the evidence (Θ)BR) to a three-party auditor; the third party auditor verifies the batch audit evidence; if the verification is successful, the multiple copies of the files of all the users are complete; otherwise, it indicates that the data in some of the multiple copies has been corrupted.
2. The method for publicly auditing the data of multiple copies in the cloud storage service according to claim 1, characterized in that:
the user also being for each data block biGenerating a corresponding digital signature σiThe calculation process is as follows:
Figure FDA0002914436530000031
where H (-) is a secure hash function whose function is to map a string to a set of integers ZpThe above step (1);
j ═ 1,2,... t) copy files F 'in the multi-copy set FS'j={mj,1,mj,2,…,mj,nIn (v), mj,iBy data block biDifferentiation is obtained, and the calculation process is as follows:
mj,i=bi+H(vi||ti||j)。
3. the method for publicly auditing the data of multiple copies in the cloud storage service according to claim 1, wherein the evidence generating step includes the following processes:
(3.1) after receiving the challenge information of the third party auditor, the cloud service side firstly generates a label evidence for the multiple copies of the files, and the calculation process is as follows:
Figure FDA0002914436530000032
wherein the content of the first and second substances,
Figure FDA0002914436530000038
is a multi-copy documentsA tag of each data block;
(3.2) the cloud service side generates data block evidence rho for each copy filejThe calculation process is as follows:
Figure FDA0002914436530000033
wherein e is a bilinear mapping function;
Figure FDA0002914436530000034
is the jth copy filesA data block;
(3.3) the cloud service side will evidence information (Θ, p ═ ρjJ is more than or equal to 1 and less than or equal to t) to the third party auditor.
4. The method for publicly auditing the data of multiple copies in the cloud storage service according to claim 1, wherein the evidence verification step comprises the following processes:
the third party auditor substitutes the evidence information (Θ, p) returned by the cloud service party into the following equation for verification:
Figure FDA0002914436530000035
wherein the content of the first and second substances,
Figure FDA0002914436530000036
are respectively phisA data block
Figure FDA0002914436530000037
Version number and timestamp of; if the equation is established, the multiple copies of the file are complete; otherwise, it indicates that the data in some of the multiple copies has been corrupted.
5. The method for publicly auditing the data of multiple copies in the cloud storage service according to claim 1, wherein the step of dynamically updating the data comprises the following processes:
(5.1) data block modification: if the user needs to put the ith data block b of the file F into the fileiModified as bi', the user is first bi' Generation of version information (v)i’,ti') and then sends update information UTPA=(ID,modify,i,vi’,ti') to a third party auditor, wherein the ID is an identifier of the file F; modify represents the update operation as modified; the third party auditor receives the update information UTPAThen, find the version information of the ith data block of the file F in the dynamic hash table, and replace it with (v)i’,ti') to a host; in addition, the user needs to generate a new signature for the modified data block
Figure FDA0002914436530000041
And t data block copies M '═ M'j,i=bi’+H(vi’||ti' | j) |1 ≦ j ≦ t }, and then update information U is sentCSP=(ID,modify,i,M’,σ’i) Giving the cloud service party, wherein the ID is the identifier of the file F; modify represents the update operation as modified; the cloud service side receives the orderNew information UCSPAfterwards, sign σ 'to the digit'iReprocessing to obtain a data block label omega'i=e(σ’iG), then updates are made to the i-th data block tag and the multiple copies, i.e., ω isiIs replaced by ω'iCopy the data block mj,iIs replaced by m'j,i
(5.2) data block insertion: b is inserted behind ith data block of file F according to user requirement*The user is first b*Generating version information (v)*,t*) Then sends update information UTPA=(ID,insert,i,v*,t*) Giving a third party auditor, wherein the ID is the identifier of the file F; insert stands for update operation as insert; the third party auditor receives the update information UTPAThen, finding the position of the i-th data block version information of the file F in the dynamic hash table, and inserting the version information (v) after the position*,t*) (ii) a In addition, the user needs to generate a new signature for the inserted data block
Figure FDA0002914436530000042
And t data block copies M*={m* j=b*+H(v*||t*J is more than or equal to 1 and less than or equal to t, and then update information U is sentCSP=(ID,insert,i,M*,σ*) Giving the cloud service party, wherein the ID is the identifier of the file F; insert stands for update operation as insert; the cloud service side receives the update information UCSPThen, sign the digital signature σ*The data block label omega is obtained by reprocessing*=e(σ*G) will then tag ω at the ith data blockiRear insert tag omega*And at data block copy mj,iPost-insertion data block m* j
(5.3) data block deletion: if the user needs to put the ith data block b of the file F into the fileiDeleting, the user sends the updated information UTPAGiving (ID, delete, i) to the third party auditor, wherein ID is the identifier of file F; delete represents an update operation as delete; the third party auditor receives the updated informationUTPAThen, finding the version information of the ith data block of the file F in the dynamic hash table, and deleting the version information; in addition, the user sends update information UCSPGiving (ID, delete, i) to the cloud server, wherein ID is an identifier of file F; delete represents an update operation as delete; the cloud service side receives the update information UCSPThen, tag ω will be tagged at the ith data blockiDelete, and delete b at the same timeiAll data block copies of, i.e. { mj,i|j=1,2,…,t}。
6. The public auditing method for multi-copy data in cloud storage service according to claim 1, where the batch auditing step includes the following steps:
(6.1) when w different users simultaneously initiate audit requests, the cloud service side respectively generates label evidence theta for each userkAnd data block evidence set pk={ρk,jJ is more than or equal to 1 and less than or equal to t }; wherein, the label evidence thetakThe calculation process of (2) is as follows:
Figure FDA0002914436530000051
wherein the content of the first and second substances,
Figure FDA0002914436530000052
is the k-th usersA tag; r isk,sAn s-th random number that is a set of random numbers in the challenge information about the k-th user;
each element ρ in the data block evidence setk,jThe calculation process of (2) is as follows:
Figure FDA0002914436530000053
wherein u iskIs the public key of the kth user; rkIs the random mask of the kth user in the challenge information;
Figure FDA0002914436530000054
is the jth psi in the jth copy file of the kth usersA data block;
(6.2) the cloud service party aggregates all the label evidences again to obtain a label batch audit evidence thetaBThe calculation process is as follows:
Figure FDA0002914436530000055
and aggregating the data block evidences of different copy files of each user again to obtain a data block batch audit evidence set
Figure FDA0002914436530000061
Wherein
Figure FDA0002914436530000062
The calculation process of (2) is as follows:
Figure FDA0002914436530000063
(6.3) the cloud service party audits the evidence (theta) in batchesBR) to a three-party auditor;
(6.4) the third party auditor audits the batch audit evidence (theta) returned by the cloud service partyBR) into the following equation:
Figure FDA0002914436530000064
wherein v isk,ukAre public keys of the kth user;
Figure FDA0002914436530000065
phi's for the k-th user respectivelysA data block
Figure FDA0002914436530000066
Version number and timestamp of; rkIs a random mask of the kth user in the challenge information, an
Figure FDA0002914436530000067
Wherein y iskIs the public key of the kth user, a is the integer set ZpA medium random number;
if the equation is established, the multiple copies of the file are complete; otherwise, it indicates that the data in some of the multiple copies has been corrupted.
CN201810015840.3A 2018-01-08 2018-01-08 Public auditing method for multi-copy data in cloud storage service Active CN108229208B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810015840.3A CN108229208B (en) 2018-01-08 2018-01-08 Public auditing method for multi-copy data in cloud storage service

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810015840.3A CN108229208B (en) 2018-01-08 2018-01-08 Public auditing method for multi-copy data in cloud storage service

Publications (2)

Publication Number Publication Date
CN108229208A CN108229208A (en) 2018-06-29
CN108229208B true CN108229208B (en) 2021-03-23

Family

ID=62643080

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810015840.3A Active CN108229208B (en) 2018-01-08 2018-01-08 Public auditing method for multi-copy data in cloud storage service

Country Status (1)

Country Link
CN (1) CN108229208B (en)

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109525403B (en) * 2018-12-29 2021-11-02 广州市溢信科技股份有限公司 Anti-leakage public cloud auditing method supporting full-dynamic parallel operation of user
CN110011998B (en) * 2019-03-29 2021-07-27 福建师范大学 Identity-based multi-backup remote data holding verification method
CN110266475A (en) * 2019-05-20 2019-09-20 广东工业大学 A kind of cloud storage data safety auditing method
EP3999989A4 (en) * 2019-07-18 2023-03-29 Nokia Technologies Oy Integrity auditing for multi-copy storage
CN112311548A (en) * 2020-03-25 2021-02-02 北京沃东天骏信息技术有限公司 Data possession verification method, system, apparatus, and computer-readable storage medium
CN111783148A (en) * 2020-06-30 2020-10-16 中国工商银行股份有限公司 Justice-supporting lightweight multi-copy data cloud auditing method and device
CN112688990A (en) * 2020-12-14 2021-04-20 百果园技术(新加坡)有限公司 Hybrid cloud data auditing method and system, electronic equipment and storage medium
CN114415943B (en) * 2021-12-23 2023-08-15 贵州航天计量测试技术研究所 Public auditing method and auditing system for cloud multi-copy data
CN115242454B (en) * 2022-06-27 2023-05-12 中国电子科技集团公司第三十研究所 Real-time video data integrity protection method and system
CN117555864B (en) * 2024-01-11 2024-04-16 华侨大学 Cloud data safe deleting method based on trusted execution environment

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105787389A (en) * 2016-03-02 2016-07-20 四川师范大学 Cloud file integrity public audit evidence generating method and public auditing method
CN106845280A (en) * 2017-03-14 2017-06-13 广东工业大学 A kind of Merkle Hash trees cloud data integrity auditing method and system
CN107423637A (en) * 2017-07-31 2017-12-01 南京理工大学 Support the traceable integrality auditing method of electronic health record data on cloud
CN107566118A (en) * 2017-09-13 2018-01-09 陕西师范大学 The cloud auditing method that lightweight user Dynamic Revocable and data can dynamically update
CN107612687A (en) * 2017-09-25 2018-01-19 西安建筑科技大学 A kind of more copy data property held verification methods of dynamic based on ElGamal encryptions

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9749418B2 (en) * 2015-08-06 2017-08-29 Koc University Efficient dynamic proofs of retrievability

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105787389A (en) * 2016-03-02 2016-07-20 四川师范大学 Cloud file integrity public audit evidence generating method and public auditing method
CN106845280A (en) * 2017-03-14 2017-06-13 广东工业大学 A kind of Merkle Hash trees cloud data integrity auditing method and system
CN107423637A (en) * 2017-07-31 2017-12-01 南京理工大学 Support the traceable integrality auditing method of electronic health record data on cloud
CN107566118A (en) * 2017-09-13 2018-01-09 陕西师范大学 The cloud auditing method that lightweight user Dynamic Revocable and data can dynamically update
CN107612687A (en) * 2017-09-25 2018-01-19 西安建筑科技大学 A kind of more copy data property held verification methods of dynamic based on ElGamal encryptions

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"MuR-DPA:Top-Down Levelled Multi-Replica Merkle HashTree Based Secure PublicAuditing for Dynamic Big Data Storage on Cloud";Chang Liu et al;《IEEE Transactions on Computers》;20150901;2609-2622 *

Also Published As

Publication number Publication date
CN108229208A (en) 2018-06-29

Similar Documents

Publication Publication Date Title
CN108229208B (en) Public auditing method for multi-copy data in cloud storage service
US10992649B2 (en) Systems and methods for privacy in distributed ledger transactions
CN109829326B (en) Cross-domain authentication and fair audit de-duplication cloud storage system based on block chain
Jin et al. Dynamic and public auditing with fair arbitration for cloud data
WO2019218717A1 (en) Distributed storage method and apparatus, computer device, and storage medium
CN106131048B (en) Non-trust remote transaction file safe storage system for block chain
Rashmi et al. Rdpc: Secure cloud storage with deduplication technique
CN109241754B (en) Cloud file repeated data deleting method based on block chain
CN112866990B (en) Conditional identity anonymous privacy protection public auditing method with incentive mechanism
CN110704864B (en) Block chain-based government integrity archive license management method
CN110225012B (en) Method for checking and updating ownership of outsourced data based on alliance chain
CN107094075B (en) Data block dynamic operation method based on convergence encryption
CN112532650A (en) Block chain-based multi-backup safe deletion method and system
WO2018032378A1 (en) Program-controlled encrypted file storage system for block chain, and method thereof
CN110851848B (en) Privacy protection method for symmetric searchable encryption
El Ghazouani et al. Efficient method based on blockchain ensuring data integrity auditing with deduplication in cloud
CN117235342A (en) Dynamic cloud auditing method based on homomorphic hash function and virtual index
CN116366259A (en) Public verifiable Boolean search system and method for ciphertext data
CN113342802A (en) Method and device for storing block chain data
CN107395355B (en) Cloud storage data integrity verification method based on implicit trusted third party
Vineela et al. Data Integrity Auditing Scheme for Preserving Security in Cloud based Big Data
Chen et al. Adjacency-hash-table based public auditing for data integrity in mobile cloud computing
Yang et al. Public auditing scheme for cloud data with user revocation and data dynamics
CN111966638B (en) Dynamic updating method suitable for IDA data recovery on industrial cloud
Abraham et al. Proving possession and retrievability within a cloud environment: A comparative survey

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant