CN108234504A - Identity-based proxy data integrity detection method in cloud storage - Google Patents
Identity-based proxy data integrity detection method in cloud storage Download PDFInfo
- Publication number
- CN108234504A CN108234504A CN201810031030.7A CN201810031030A CN108234504A CN 108234504 A CN108234504 A CN 108234504A CN 201810031030 A CN201810031030 A CN 201810031030A CN 108234504 A CN108234504 A CN 108234504A
- Authority
- CN
- China
- Prior art keywords
- data
- cloud server
- client
- identity
- agency
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 23
- 238000004364 calculation method Methods 0.000 claims abstract description 3
- 238000012795 verification Methods 0.000 claims description 9
- 238000010200 validation analysis Methods 0.000 claims description 7
- 238000000605 extraction Methods 0.000 claims description 3
- 125000004122 cyclic group Chemical group 0.000 claims description 2
- 239000000284 extract Substances 0.000 claims description 2
- 230000009897 systematic effect Effects 0.000 claims description 2
- 238000007726 management method Methods 0.000 description 5
- 238000000034 method Methods 0.000 description 5
- 239000003795 chemical substances by application Substances 0.000 description 4
- 238000007689 inspection Methods 0.000 description 2
- 239000003643 water by type Substances 0.000 description 2
- 230000008859 change Effects 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000000151 deposition Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000000737 periodic effect Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0884—Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses an identity-based proxy data integrity detection method in cloud storage, which comprises the following steps: a trusted third party PKG (key generator) generates a master private key and public parameters; the trusted third party PKG generates a corresponding private key according to the identities of different users; the client generates a commission book, signs the commission book by using a private key of the client, and sends the commission book and the signature to the agent and the cloud server; the client generates a data label for each data block by using a private key and uploads the data and the corresponding data label to the cloud server; the agent sends a challenge to the cloud server, and the cloud server calculates integrity evidence according to the challenge information and returns the integrity evidence to the agent; the agent verifies the integrity of the data based on the evidence. The invention reduces the public key certificate management and calculation cost of the system by using the signature based on the identity, and the client can delegate the credible agent to regularly check the integrity of the data when being limited to enter the Internet, thereby improving the availability of the system.
Description
Technical field
The present invention relates to cloud computing safe practices, and in particular to the proxy data integrality of identity-based in a kind of cloud storage
Detection method.
Background technology
Cloud storage is a very important service form in cloud computing, it is that storage resource is put on Cloud Server to supply
A kind of service of people's access.
Its data is stored on Cloud Server, simultaneously by client in order to reduce the burden safeguarded in local to data
They can at any time, be Anywhere connected to through any web-enabled device on cloud and easily access data.
Since Cloud Server is insincere, it may lose some clients and seldom access or almost to save memory space
The data not accessed, it is also possible in order to safeguard the reputation of oneself, the situation that hiding data is lost, so we are using data
It needs to carry out periodic detection to data in cloud before.But in some cases, client enters internet because being limited, and can not
The integrality of stored data on Cloud Server is examined in person, then needs to appoint a third-party agent at this time, agency's meeting basis is awarded
Power performs remote data integrity and checks agreement.
At present, cloud storage integrality detection method is largely dependent on the digital certificate based on PKI (Public Key Infrastructure)
To ensure the authenticity of client public key.It is time-consuming and expensive better than the generation of certificate, storage, verification, update and revocation, therefore
There are complicated cipher key management procedures in these consultations.
In order to reduce the certificate management work that verifier is additional in the integrality detection method based on PKI, the present invention uses
The method of identity-based generates main private key and system public key, and according to the generation pair of each identity using credible PKG (key generator)
The private key answered.
Invention content
The purpose of the present invention is to provide a kind of proxy data integrality detection method for depositing middle identity-based, with solution
Certainly act on behalf of the deficiency in terms of certificate expense during cloud storage data integrity validation.
For this purpose, the present invention provides a kind of proxy data integrality detection method of identity-based in cloud storage, including four
A participation object:Secret key generator PKG, it client, Cloud Server, is acted on behalf of by customer consignment, the data integrity detection method
Include the following steps:System initialisation phase:Trusted third party PKG generates main private key and open parameter;Secret key extracts the stage:It can
Letter third party PKG generates corresponding private key according to the identity that client, agency and Cloud Server provide;Certificate of appointment generation phase:Visitor
Family generates the certificate of appointment, and with the private key of oneself to appointing bookmark name, and the certificate of appointment and signature then are sent to agency and cloud takes
Business device;Label generation phase:Client generates data label, and by data and corresponding data using its private key for each data block
Label uploads to Cloud Server;Prove generation phase:It acts on behalf of to send to Cloud Server and challenge, Cloud Server is according to challenge information meter
It calculates integrality evidence and returns to agency;And the checking stage:The integrality according to proof validation data is acted on behalf of, if just
Really, then show that the data being stored in the cloud may be complete, conversely, data are destroyed.
Compared with prior art, the present invention has the following advantages that:
1st, the present invention reduces what verifier's needs in integrity detection system undertook using id-based signatures method
The public key certificate management work that certificate expense and system need.
2nd, the present invention provides Proxy Methods so that when client can not carry out data integrity validation, can entrust to
Third-party agent, through entrusting offspring's reason that can regularly detect the integrality of data in cloud.
Other than objects, features and advantages described above, the present invention also has other objects, features and advantages.
Below with reference to figure, the present invention is described in further detail.
Description of the drawings
The accompanying drawings which form a part of this application are used to provide further understanding of the present invention, and of the invention shows
Meaning property embodiment and its explanation do not constitute improper limitations of the present invention for explaining the present invention.In the accompanying drawings:
Fig. 1 is the flow chart according to the proxy data integrality detection method of the present invention;And
Fig. 2 is the system model schematic diagram according to the proxy data integrality detection method of the present invention.
Specific embodiment
It should be noted that in the absence of conflict, the feature in embodiment and embodiment in the application can phase
Mutually combination.The present invention will be described in detail below with reference to the accompanying drawings and in conjunction with the embodiments.
As shown in Figure 1, the proxy data integrality detection method of the identity-based of the present invention is applied to cloud storage system, it should
System includes four participation objects:PKG, client, Cloud Server and agency.
Wherein, PKG:That is secret key generator is a trusted third party, it can carry out each side authentication, and root
According to respective identity private key is issued for it.
Wherein, client:It can be individual or entity, there are a large amount of data to need to be transferred on Cloud Server and deposited
Storage, while also can label be calculated, and data and label are uploaded to Cloud Server for each data block according to its private key;
Wherein, Cloud Server:It is a kind of distributed storage system for possessing a large amount of memory spaces by cloud service provider management
System, data storage service is provided for client;
Wherein, it acts on behalf of:It, can be according to requiring to examine the complete of data on cloud storage service device by the third party of customer consignment
Property.
As shown in Figure 1, in cloud storage identity-based proxy data integrality detection method, include the following steps:
S101, system initialisation phase:Trusted third party PKG generates main private key and open parameter;
S103, secret key extraction:Trusted third party PKG generates corresponding private key according to the identity of different user;
S105, certificate of appointment generation:Client generate the certificate of appointment, and with the private key of oneself to appoint bookmark name, by the certificate of appointment with
Signature is sent to agency and Cloud Server.
S107, label generation:Client using its private key for each data block generate data label, and by data with it is corresponding
Data label uploads to Cloud Server.
S109, generation is proved:It acts on behalf of to send to Cloud Server and challenge, Cloud Server is demonstrate,proved according to challenge information calculation of integrity
According to and return to agency.
S111, checking:Act on behalf of the integrality according to proof validation data.If correct, show to be stored in the cloud
Data may be complete.Conversely, data are destroyed.
The present invention reduces the public key certificate management of system using id-based signatures and calculates cost, and client exists
The believable integrality for acting on behalf of regularly inspection data can be appointed when entering internet by limitation, improves the available of system
Property.
Wherein, system initialisation phase includes following sub-step:
(1) PKG selects the cyclic group G of two q ranks1、G2An and Bilinear map e:G1×G1→G2, wherein G1Generation
Member is g;Select a random elementThe hash function of two safetyWithAnd
Two pseudo-random functionAnd pseudo-random sequence
(2) random number is selectedAs main private key, and calculate X=gxAs Your Majesty's key;And
(3) systematic parameter params={ G1,G2,q,e,g,H1,H2,X,f1,f2,β,u}。
Wherein, the cipher key-extraction stage includes following sub-step:
(1) user is by its identity IDiIt is sent to PKG, PKG random selectionsIt calculatesski=ri+xH1
(IDi,Ri) modq, and safeguard an open list { (IDi,Ri)};
(2) PKG is by the private key sk of useriUser is sent to by cryptochannel;
(3) user passes through equationVerify the validity of private key.If effectively, user receives, conversely,
User abandons;And
(4) rerun aforesaid operations, obtains client, agency and the respective effective private key (sk of Cloud Serveru,skp,sks)
With open parameter (Ru,Rp,Rs)。
Wherein, certificate of entrustment generation phase includes following sub-step:
Client generates letter of delegation w, which includes trustee and the information such as procuratorial identity and the term of validity, so
Client signs to the certificate of entrustment afterwards, that is, randomly choosesCalculate R=gr, sig=r+sku·H1(w,R)modq。
Finally, (w, R, sig) is sent to agency and Cloud Server by client.Agency and Cloud Server are after (w, R, sig) is received, verificationIt is whether true.If set up, accept commission, otherwise refuse.
4th, label generation phase includes following sub-step:
(1) assume the client file F=(m to be uploaded1,m2,...,mn), to each blocks of files miCalculate label Ti, mistake
Journey is as follows:(a) it calculates(b) it calculates(c) (m is exportedi,Ti)。
(2) client is denoted as ∑=(T for the tag set of file F generations1,T2,...,Tn)。
(3) client is by ({ (mi,Ti)}i∈[1,n], w) and cloud storage service device is uploaded to, and delete local all data.
(4) Cloud Server is to every a pair (m of receivingi,Ti) proceed as follows:(a) it calculates (b) it verifiesWhether into
It is vertical.If equation is set up, receive data, otherwise refuse.
Wherein, it was demonstrated that generation phase includes following sub-step:
(1) agency's generation challenge chal=(c, k1,k2), wherein c ∈ [1, n],
(2) agency's random selectionCalculate R=gr, sig'=r+skp·H1(chal,R)modq.Then will
(chal, R, sig ') it is sent to Cloud Server.Cloud Server is after (chal, R, sig ') is received, verificationWhether true and agent's identity and the certificate of appointment it is whether consistent.If invalid,
Then refuse, otherwise carry out in next step;
(3) Cloud Server proceeds as follows:(a) to j ∈ [1, c], i is calculatedj=β (k1, j), aj=f2(k2,j);(b)
It calculates(c) (m, T) is exported, and sends V=(m, T) to agency as this challenge
Response.
Wherein, it was demonstrated that Qualify Phase includes following sub-step:
(1) agency calculates
(2) proxy authentication equationWhether
It sets up.If set up, represent that data may be complete;Conversely, data are centainly destroyed.
Program analysis
1st, correctness
(1) if client is honest, then his any appointment bookmark name can pass through the verification of agency, it was demonstrated that such as
Under:
(2) if client is honest, then his any blocks of files label to can by the inspection of Cloud Server,
Namely the label Verification stage meets correctness.It proves as follows:
Therefore, Wo Menyou
(3) if agency is honest, then acting on behalf of can be by the authentication of Cloud Server to the signature of challenge.Card
It is bright as follows:
(4) if agency and Cloud Server are all honest, then the evidence that Cloud Server returns can pass through agency's
Data integrity validation.It proves as follows:
Therefore:
2nd, safety
The Security Proof of scheme includes two aspects:On the one hand to consider that other third parties cannot replace agent to verify visitor
Family stores the integrality of cloud data, and it is procuratorial on the other hand to ensure that Cloud Server cannot out-trick in the case of corrupted data
Integrity checking.Illustrate separately below at this 2 points:
(1) it can be seen that, in scheme three integrity checkings that can complete cloud data be due to client, Cloud Server and
An equal t value can be calculated in agency:
Any other user, which calculates identical t values, can crack a CDH problem, and can according to the difficulty of CDH problems
Know, opponent can not obtain t values.
(2) because based on a kind of common integrity detection scheme, i.e., the integrity verification method core of this programme is
Shacham-Waters schemes (H.Shacham and B.Waters, Compact proofs of retrievability,
Asiacrypt 2008,pp.90-107).The safety of former scheme is when the file on Cloud Server is damaged, cloud clothes
Being engaged in device can not be by acting on behalf of the data integrity validation initiated, so as to ensure that the safety of this programme.
The foregoing is only a preferred embodiment of the present invention, is not intended to restrict the invention, for the skill of this field
For art personnel, the invention may be variously modified and varied.All within the spirits and principles of the present invention, that is made any repaiies
Change, equivalent replacement, improvement etc., should all be included in the protection scope of the present invention.
Claims (7)
1. the proxy data integrality detection method of identity-based in a kind of cloud storage, which is characterized in that including four participations pair
As:Secret key generator PKG, it client, Cloud Server, is acted on behalf of by customer consignment, which includes following
Step:
System initialisation phase:Trusted third party PKG generates main private key and open parameter;
Secret key extracts the stage:Trusted third party PKG generates corresponding private according to the identity that client, agency and Cloud Server provide
Key;
Certificate of appointment generation phase:Client generates the certificate of appointment, and with the private key of oneself to appointing bookmark name, then by the certificate of appointment and label
Name is sent to agency and Cloud Server;
Label generation phase:Client generates data label, and by data and corresponding data using its private key for each data block
Label uploads to Cloud Server;
Prove generation phase:Act on behalf of to Cloud Server send challenge, Cloud Server according to challenge information calculation of integrity evidence simultaneously
Return to agency;And
The checking stage:The integrality according to proof validation data is acted on behalf of, if correctly, showing the data being stored in the cloud
May be complete, conversely, data are destroyed.
2. the proxy data integrality detection method of identity-based in cloud storage according to claim 1, which is characterized in that
The system initialisation phase includes following sub-step:
(1) PKG selects the cyclic group G of two q ranks1、G2An and Bilinear map e:G1×G1→G2, wherein G1Generation member be
g;Select a random elementThe hash function of two safetyWithAnd two puppets
Random functionAnd pseudo-random sequence
(2) random number is selectedAs main private key, and calculate X=gxAs Your Majesty's key;And
(3) systematic parameter params={ G1,G2,q,e,g,H1,H2,X,f1,f2,β,u}。
3. the proxy data integrality detection method of identity-based in cloud storage according to claim 2, which is characterized in that
The secret key extraction stage includes following sub-step:
(1) user is by its identity IDiIt is sent to PKG, PKG random selectionsIt calculatesski=ri+xH1(IDi,Ri)
Mod q, and safeguard an open list { (IDi,Ri)};
(2) PKG is by the private key sk of useriUser is sent to by cryptochannel;
(3) user passes through equationThe validity of private key is verified, if effectively, user receives.Conversely, user
It abandons;And
(4) rerun aforesaid operations, obtains client, agency and the respective effective private key (sk of Cloud Serveru,skp,sks) and it is public
Open parameter (Ru,Rp,Rs)。
4. the proxy data integrality detection method of identity-based in cloud storage according to claim 3, which is characterized in that
The certificate of appointment generation phase includes following sub-step:
(1) client generates letter of delegation w, which includes trustee and the information such as procuratorial identity and the term of validity;
(2) client signs to the certificate of entrustment, that is, randomly choosesCalculate R=gr, sig=r+sku·H1(w,R)mod
q;
(3) (w, R, sig) is sent to agency and Cloud Server by client;And
(4) agency and Cloud Server are after (w, R, sig) is received, verificationIt is whether true,
If set up, accept commission, otherwise refuse.
5. the proxy data integrality detection method of identity-based in cloud storage according to claim 4, which is characterized in that
The label generation phase includes following sub-step:
(1) client is to the file F=(m to be uploaded1,m2,...,mn) each blocks of files miCalculate label Ti;
(2) client is denoted as ∑=(T for the tag set of file F generations1,T2,...,Tn);
(3) client is by ({ (mi,Ti)}i∈[1,n], w) and cloud storage service device is uploaded to, and delete local all data;And
(4) Cloud Server is to every a pair (m of receivingi,Ti) proceed as follows:It calculates
Verification
It is whether true, if equation is set up, receive data, otherwise refuse.
6. the proxy data integrality detection method of identity-based in cloud storage according to claim 5, which is characterized in that
The proof generation phase includes following sub-step:
(1) agency's generation challenge chal=(c, k1,k2), wherein c ∈ [1, n],
(2) agency's random selectionCalculate R=gr, sig'=r+skp·H1(chal, R) mod q, then incite somebody to action (chal, R,
Sig ') it is sent to Cloud Server;
(3) Cloud Server is after (chal, R, sig ') is received, verificationWhether it is true with
And whether agent's identity is consistent with the certificate of appointment, if invalid, refuses, and otherwise carries out in next step;
(4) Cloud Server proceeds as follows:To j ∈ [1, c], i is calculatedj=β (k1, j), aj=f2(k2,j);It calculatesThen (m, T) is exported, and sends V=(m, T) to agency as this challenge
It responds.
7. the proxy data integrality detection method of identity-based in cloud storage according to claim 6, which is characterized in that
(1) agency calculatesAnd
(2) proxy authentication equationIt is whether true, if
It sets up, represents that data may be complete;Conversely, data are centainly destroyed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810031030.7A CN108234504A (en) | 2018-01-12 | 2018-01-12 | Identity-based proxy data integrity detection method in cloud storage |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810031030.7A CN108234504A (en) | 2018-01-12 | 2018-01-12 | Identity-based proxy data integrity detection method in cloud storage |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN108234504A true CN108234504A (en) | 2018-06-29 |
Family
ID=62640181
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810031030.7A Pending CN108234504A (en) | 2018-01-12 | 2018-01-12 | Identity-based proxy data integrity detection method in cloud storage |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108234504A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110011998A (en) * | 2019-03-29 | 2019-07-12 | 福建师范大学 | A kind of prepare more part teledata of identity-based holds verification method |
| CN110110554A (en) * | 2019-04-04 | 2019-08-09 | 安徽大学 | A kind of cloud storage data integrity detection method based on agency |
| CN114978753A (en) * | 2022-06-21 | 2022-08-30 | 金陵科技学院 | Secret key leakage resistant cloud storage data integrity verification method |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104202168A (en) * | 2014-09-19 | 2014-12-10 | 浪潮电子信息产业股份有限公司 | Cloud data integrity verification method based on trusted third party |
| CN104717217A (en) * | 2015-03-18 | 2015-06-17 | 电子科技大学 | Certifiable security data possession verifying method in cloud storage based on partial delegation |
| CN104980437A (en) * | 2015-06-12 | 2015-10-14 | 电子科技大学 | Identity-based authorized third party data integrity proving method |
| CN106411999A (en) * | 2016-07-22 | 2017-02-15 | 青岛大学 | Cloud storage key generation method, cloud data storage method and auditing methods |
| US9641617B2 (en) * | 2013-12-20 | 2017-05-02 | Infosys Limited | System and method for verifying integrity of cloud data using unconnected trusted device |
| CN107426165A (en) * | 2017-05-16 | 2017-12-01 | 安徽大学 | Bidirectional secure cloud storage data integrity detection method supporting key updating |
-
2018
- 2018-01-12 CN CN201810031030.7A patent/CN108234504A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9641617B2 (en) * | 2013-12-20 | 2017-05-02 | Infosys Limited | System and method for verifying integrity of cloud data using unconnected trusted device |
| CN104202168A (en) * | 2014-09-19 | 2014-12-10 | 浪潮电子信息产业股份有限公司 | Cloud data integrity verification method based on trusted third party |
| CN104717217A (en) * | 2015-03-18 | 2015-06-17 | 电子科技大学 | Certifiable security data possession verifying method in cloud storage based on partial delegation |
| CN104980437A (en) * | 2015-06-12 | 2015-10-14 | 电子科技大学 | Identity-based authorized third party data integrity proving method |
| CN106411999A (en) * | 2016-07-22 | 2017-02-15 | 青岛大学 | Cloud storage key generation method, cloud data storage method and auditing methods |
| CN107426165A (en) * | 2017-05-16 | 2017-12-01 | 安徽大学 | Bidirectional secure cloud storage data integrity detection method supporting key updating |
Non-Patent Citations (6)
| Title |
|---|
| HUAQUN WANG: "Proxy Provable Data Possession in Public Clouds", 《IEEE TRANSACTIONS ON SERVICES COMPUTING》 * |
| QIANHONG WU等: "Identity-based remote data possession checking in public clouds", 《IET INFORMATION SECURITY》 * |
| 刘文化等: "代理多签名方案的密码学分析与修正", 《计算机工程》 * |
| 赵洋等: "云环境下一种可撤销授权的数据拥有性证明方案", 《信息网络安全》 * |
| 金婷婷等: "一个改进的基于身份具有消息恢复功能代理签名方案", 《贵州师范大学学报(自然科学版)》 * |
| 金瑜等: "基于MapReduce的云存储数据审计方法研究", 《计算机科学》 * |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110011998A (en) * | 2019-03-29 | 2019-07-12 | 福建师范大学 | A kind of prepare more part teledata of identity-based holds verification method |
| CN110011998B (en) * | 2019-03-29 | 2021-07-27 | 福建师范大学 | Identity-based multi-backup remote data holding verification method |
| CN110110554A (en) * | 2019-04-04 | 2019-08-09 | 安徽大学 | A kind of cloud storage data integrity detection method based on agency |
| CN110110554B (en) * | 2019-04-04 | 2023-03-21 | 安徽大学 | Agent-based cloud storage data integrity detection method |
| CN114978753A (en) * | 2022-06-21 | 2022-08-30 | 金陵科技学院 | Secret key leakage resistant cloud storage data integrity verification method |
| CN114978753B (en) * | 2022-06-21 | 2023-05-05 | 金陵科技学院 | Cloud storage data integrity verification method for resisting key leakage |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106254374B (en) | A kind of cloud data public audit method having duplicate removal function | |
| Yu et al. | Attribute-based cloud data integrity auditing for secure outsourced storage | |
| CN104811450B (en) | The date storage method and integrity verification method of a kind of identity-based in cloud computing | |
| US9397839B2 (en) | Non-hierarchical infrastructure for managing twin-security keys of physical persons or of elements (IGCP/PKI) | |
| CN104811300B (en) | The key updating method of cloud storage and the implementation method of cloud data accountability system | |
| CN107948143A (en) | Identity-based privacy protection integrity detection method and system in cloud storage | |
| US10846372B1 (en) | Systems and methods for trustless proof of possession and transmission of secured data | |
| JP2006115550A (en) | Secret shuffle for making encrypted data like el gamal encryption data for safe plural authority elections to be verifiable | |
| Brunner et al. | SPROOF: A Platform for Issuing and Verifying Documents in a Public Blockchain. | |
| JP2017522807A (en) | Systems and devices that bind metadata with hardware-specific characteristics | |
| CN108769020A (en) | A kind of the identity attribute proof system and method for secret protection | |
| CN110113156A (en) | A kind of traceable layering authorizes ciphertext policy ABE base authentication method more | |
| CN106487786A (en) | A kind of cloud data integrity verification method based on biological characteristic and system | |
| Brunner et al. | A Comparison of Blockchain-based PKI Implementations. | |
| WO2019110399A1 (en) | Two-party signature device and method | |
| CN104901804A (en) | User autonomy-based identity authentication implementation method | |
| CN109831458A (en) | A kind of IOT electronic behavior record management system | |
| CN108234504A (en) | Identity-based proxy data integrity detection method in cloud storage | |
| CN113468570A (en) | Private data sharing method based on intelligent contract | |
| Gulati et al. | Self-sovereign dynamic digital identities based on blockchain technology | |
| CN109902508A (en) | A kind of method for authenticating entities and system of the anonymity of voucher label originator | |
| Zhu et al. | Anonymous voting scheme for boardroom with blockchain | |
| CN110457928B (en) | Hospital-enterprise cooperation internet hospital data security guarantee method based on block chain | |
| WO2001020562A2 (en) | Multiway election method and apparatus | |
| CN106533681B (en) | A kind of attribute method of proof and system that support section is shown |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180629 |
|
| RJ01 | Rejection of invention patent application after publication |