CN108400970B

CN108400970B - Similar data message locking, encrypting and de-duplicating method in cloud environment and cloud storage system

Info

Publication number: CN108400970B
Application number: CN201810055819.6A
Authority: CN
Inventors: 姜涛; 袁浩然; 陈晓峰
Original assignee: Xidian University
Current assignee: Xidian University
Priority date: 2018-01-20
Filing date: 2018-01-20
Publication date: 2020-10-02
Anticipated expiration: 2038-01-20
Also published as: CN108400970A

Abstract

The invention belongs to the technical field of cloud storage, and discloses a similar data message locking, encrypting and de-duplicating method in a cloud environment. Compared with the existing data deduplication method, the realization of the scheme can further improve the deduplication efficiency of the existing scheme, can further improve the utilization rate of the storage space of the cloud server, and can further reduce the calculation overhead and the storage overhead of the user and the cloud server. The method can realize safe and efficient duplicate removal of similar ciphertext data; the invention also adopts a Hamming distance reduction and label cutting optimization method, and the efficiency of the cloud server for label query can be improved through the Hamming distance reduction and label cutting optimization method, and the experimental result shows that the invention is efficient in the aspects of storage and communication expense.

Description

Similar data message locking, encrypting and de-duplicating method in cloud environment and cloud storage system

Technical Field

The invention belongs to the technical field of cloud storage, and particularly relates to a method for locking, encrypting and de-duplicating similar data messages in a cloud environment and a cloud storage system.

Background

Today, a large amount of data is generated and processed every day. International data corporation's research in the digital domain indicates that by 2020, data in the internet will reach 40000EB, and that data will continue to grow at a rate that doubles every two years. Cloud computing brings a transition to the paradigm of data storage schemes. Great convenience is provided to personal and enterprise data management by providing reliable, scalable, on-demand cloud storage services and charging relatively inexpensive prices. Cisco Global cloud index indicates that 83% of all data center traffic is from the cloud and by 2019, 80% of the data center workload will be processed on the cloud. According to present research, 20% to 30% of the data in main memory is redundant. Specifically, by implementing a deduplication technology for all files in backup storage, over 50% of the storage space of a standard file system and over 72% of the storage space of a backup file system will be saved. Therefore, the data deduplication technology can effectively relieve the pressure of data storage, reduce network traffic by deleting redundant data, and improve the service quality of the system. A series of online/offline storage systems have provided Data deduplication functionality, such as duplicate Data detection supported by commercial Data integration tools like IBM's InfoSphere QualityStage service and FirstLogic's SAP Data Services. There are many clustering-based techniques, classification techniques, link analysis techniques, or statistical techniques for detecting duplicate records. There are also many software applications that aim to detect and eliminate Duplicate data that are the same or similar, such as Duplicate Cleaner, VisiPics and DupeGuru. However, since users will lose physical control of their data in a cloud storage system, this makes security of user data the most appealing. Therefore, in order to protect the security of the cloud user sensitive data, the data is generally encrypted before being outsourced by the user. However, the goal of encryption techniques is to provide semantic security for plaintext data such that ciphertext data is indistinguishable from random data. Therefore, in the multi-user cloud storage system, how to implement data deduplication on the premise of protecting data security becomes a key and extremely challenging problem. To solve this problem, a convergent encryption scheme is proposed. In the convergent encryption, the same key is always obtained for the same data by using the hash value of the file as a convergent key, and the decryption of the data is encrypted by using the convergent key, which makes the ciphertext deduplicated. The encryption scheme is formally defined as message locking encryption, and a method for encrypting data by obtaining the same key from the same data enables a cloud server to judge whether two ciphertext data are obtained from the same plaintext. A new series of message lock encryption schemes then attempt to improve the security of the scheme or provide other new features. However, those schemes only consider the deduplication of the same data and cannot be applied to realize the deduplication of similar data. Many practical systems require deduplication or searching for similar data items, such as errors, misspellings, and content inconsistencies, in the context of data detection, data cleansing, and data aggregation. Some similar data retrieval schemes and deduplication systems have been proposed, and many schemes and software have been used to delete web pages, text documents, music, pictures, videos, or binary data of local disks with similar contents. However, those schemes and software mainly address deduplication of plaintext data rather than ciphertext data. Further, their solutions are suitable for personal use and not for multi-user scenarios in a cloud environment. Therefore, the existing scheme is difficult to be directly applied to safe similar data deduplication in a cloud environment. While existing schemes may support similar image deduplication in a privacy-preserving cloud environment, they assume that there is a group of users and that the encryption key is shared among the group. However, it is difficult for a user to know other users who have the same data in a cloud environment. Generally, the challenge of similar data deduplication in a cloud environment is that it is difficult for a cloud user to communicate with other users to negotiate a common encryption key, and it is difficult for a cloud server to determine whether two ciphertexts are encrypted by similar data.

In summary, the prior art has the problems that：

(1) The key of the existing message locking encryption scheme is obtained by calculating the hash value of the plaintext, and the characteristics of the hash function are that the obtained hash value is quite different even if the plaintext has 1bit difference. Therefore, ciphertexts obtained by encryption by using the traditional message locking encryption scheme no longer have similarity, and the cloud server cannot judge whether the plaintexts of the two cipher text data are similar, so that the existing message locking encryption scheme is difficult to be directly applied to safe similar data deduplication in a cloud environment.

(2) On the other hand, although some schemes can implement group user key agreement and sharing in a group, a user can upload data anytime and anywhere in a cloud environment, and a cloud server cannot know all data owners before the user uploads the data, so that the scheme in which the group users jointly negotiate the key cannot be used for implementing similar data deduplication.

The difficulty and significance of solving the technical problems：

(1) How to break through the limitation of the existing message locking encryption scheme to ensure that similar data is still similar after encryption is the problem to be solved by the similar data message locking encryption deduplication method.

(2) Through the structure of realizing the similar data message locking encryption scheme, the method can be used for realizing a similar data encryption duplication removal system, so that the cloud server can realize the ciphertext duplication removal of similar data, the efficiency of ciphertext duplication removal is further improved, and a large amount of storage resources and management resources of the cloud server are saved.

Disclosure of Invention

Aiming at the problems in the prior art, the invention provides a similar data message locking, encrypting and de-duplicating method and a cloud storage system in a cloud environment.

The method for locking, encrypting and de-duplicating similar data messages in the cloud environment is realized by using a similarity preserving hash function (such as SimHash or PHash) to enable similar data to obtain similar labels, using a secret key extraction method based on an error correcting code to enable similar plaintext data to always obtain the same encryption key, and locking, encrypting and de-duplicating the similar data messages based on a security symmetric encryption algorithm of a pseudo-random generator; if a user wants to upload data, firstly, a similarity-preserving hash algorithm is used for generating a duplicate removal tag of a plaintext and sending the duplicate removal tag to a cloud server, the cloud server judges whether similar data are stored on the cloud server, if the cloud server does not possess the similar data, the user is required to generate a similar data key and auxiliary information for recovering the similar key, and encrypted ciphertext data and the auxiliary information are sent to the cloud server; if the cloud server has similar data, returning auxiliary information for recovering the similar key to the user, encrypting the data by the user through the recovered similar key, and performing similar data ownership verification by using the obtained ciphertext and the server, wherein if the data is verified, the cloud server allows the user to access the data. In addition, the invention also improves the label query efficiency by a Hamming distance reduction and label cutting optimization method.

Further, the method for locking, encrypting and de-duplicating the similar data messages in the cloud environment comprises the following steps:

the client generates a duplicate removal label of a plaintext by using a similarity retention hash algorithm and sends the duplicate removal label to a cloud server, and the cloud server judges whether similar data are stored on the cloud server;

if the cloud server does not have similar data, the user is required to generate a similar data key and auxiliary information for similar key recovery, and encrypted ciphertext data and the auxiliary information are sent to the cloud server;

if the cloud server has similar data, returning auxiliary information for recovering the similar key to the user, encrypting the data by the user through the recovered similar key, and performing similar data ownership verification by using the obtained ciphertext and the server, wherein if the data is verified, the cloud server allows the user to access the data.

Further, the method for locking, encrypting and de-duplicating similar data messages in the cloud environment uses [ n, k,2t +1 ]]_FThe error correction code C of (1) corrects data w by using the error correction code C, inputs w, uniformly and randomly selects a code word C ∈ C, makes s ss (w) w-C be the transformation required from C to w, calculates Rec (w ', s), obtains C by formula C ' w ' -s and then decodes C ', and obtains w by w ' C + s.

Further, a client of the similar data message locking, encrypting and de-duplicating method in the cloud environment applies a similarity preserving hash algorithm to generate a de-duplication label and a similar data key of a plaintext; using the similarity-preserving hash, similar plaintext data will be mapped to similar labels and similar data keys having a particular length; the same random encryption key can be always obtained from similar data within a specific Hamming distance, and a first user selects some auxiliary parameters and calculates the random key of a plaintext w'; the auxiliary parameters are stored on the cloud server; when subsequent users haveTag t of similar plaintext data w (w ≈ w')_wAnd when the cloud server wants to execute similar data deduplication operation, the cloud server sends the auxiliary parameters to the subsequent users, and the subsequent users generate the key k by running a key regeneration algorithm_w(ii) a If the Hamming distance of file w and file w' is less than a certain value, (f)_w,f_w') If t is less than t, the key regeneration algorithm outputs the same random key k_w'＝k_w。

Further, the similar message locking encryption scheme of the similar data message locking encryption deduplication method in the cloud environment is composed of six polynomial time algorithms (FKG, KG, REP, ENC, DEC, TAG):

FKG(1^λ,r₂,w)→fk_w: the method is a similar key generation algorithm based on a similar reserved hash function and is used for enabling a user to calculate summary information of data; with a security parameter lambda, a random number r₂∈{0,1}^λThe similar abstract fk of a file is output by taking the file w as input_w；

RKG(1^λ,r₃,fk_w)→{k_w,P_w}: is a key generation algorithm for the user to calculate the encryption key and auxiliary parameters of the data; x is a public parameter, RKG algorithm uses the outline algorithm SS r of the safety outline₃,w}→P_wAnd the extraction algorithm Ext (w, x) → { K ] in the blur extractor_wGenerating auxiliary parameters P ═ x, s and a random encryption key K_wWherein r is₃Is a random parameter for generating a random code C (r)₃) Algorithm C (-) is a code generation algorithm, code C is used for the SS algorithm in the safety sketch;

REP(fk_w',P_w)→k_w: is a key regeneration algorithm, which is run by the user by applying the auxiliary parameter P_wAnd fuzzy summary fk of the file_w'As input, if and only if fk_w'And fk_wOutputting the private key k at similar times_w(ii) a Otherwise, outputting a random value;

ENC(k_w,w)→c_w: is an encryption algorithm, which is run by the user to calculate the encryptionData and obtaining corresponding ciphertext, file w and a private key k_wReturning as input ciphertext

Wherein G (k)_w)→{0,1}^|w|Is a pseudo-random generator, with k_wAs input and output a pseudorandom encryption key G (k) of length | w |_w)；

DEC(k_w,c_w) → w: is a decryption algorithm run by the user to calculate the plaintext of the input data; it uses the ciphertext c_wAnd a private key k_wReturning as input the plaintext

TAG(1^λ,r₁,w)→t_w: is a label generation algorithm implemented by using a similar preserving hash function, run by the user to compute a digest of the input data. It uses the safety parameter lambda and the random number r₁And data w as input, return data tag t_w。

The invention further aims to provide a cloud storage system applying the similar data message locking encryption and de-duplication method in the cloud environment.

In summary, the advantages and positive effects of the invention are: a scheme capable of implementing secure and efficient similar data deduplication, called fuzzy message locked encryption scheme (FuzzyMLE); the technical route of the invention is formed by adopting a similarity-preserving hash function, a secret key proposing method based on an error correcting code and a safe symmetrical encryption algorithm based on a pseudo-random generator. In addition, the label query efficiency is improved by a Hamming distance reduction and label cutting optimization method. Finally, the efficiency of the present invention was analyzed and the overhead of the present invention was evaluated on the public database by building a realistic system. Experimental results show that the present invention is efficient in terms of storage and communication overhead.

The invention aims at safe and efficient cross-user data deduplication of similar data. If the cloud server already stores the data of the user A, the data of the user B is similar to the data of the user A, and the cloud server can achieve ciphertext deduplication without communicating with the user A. Formalization defines a similar message lock encryption scheme and constructs a similar message lock encryption system. By improving and combining various technologies, the challenge of safe and efficient similar repeated data deduplication in a cloud storage system is overcome. First, similar data is processed using a similarity-preserving Hash function and a similar tag is generated for each data, as opposed to the conventional cryptographic Hash tags used in conventional message-locking encryption schemes. Second, instead of the same tag query, Hamming tag queries are improved and used to provide efficient similar data query functionality. Meanwhile, a similar encryption key generation method based on the error correction code is adopted, and a similar data encryption key is generated according to the user data under the condition of similar data. Moreover, a secure exclusive-or encryption scheme based on a pseudo-random generator is employed instead of the conventional symmetric encryption algorithm (e.g., AES) to implement the encryption operation. In addition, the invention further improves the label query efficiency by introducing a Hamming distance reduction and label cutting optimization method.

The cloud storage system consists of a remote cloud storage server (S) and a set of clients (Cs) that wish to store sensitive data on S. To protect the security of the data, Cs wants to encrypt its sensitive data before uploading it. In order to reduce the storage overhead and unnecessary communication overhead between the S and the Cs, the S and the Cs need to realize the deduplication of the security repeated data of the uploaded ciphertext. Different from the existing safe duplicate data deduplication method which can only perform safe duplicate data deduplication on the same data, the invention considers the more challenging situation: secure deduplication of similar data. To improve communication efficiency, only the first user needs to upload the ciphertext of the data to S if Cs already stores some similar data in S' database. In fact, similar to most existing accurate and secure deduplication methods of duplicate data, users do not need to communicate directly with each other in the system. They communicate with S, respectively, which processes or forwards messages as needed.

Drawings

Fig. 1 is a flowchart of a method for locking, encrypting and de-duplicating a similar data message in a cloud environment according to an embodiment of the present invention.

Fig. 2 is a schematic diagram of a safety sketch provided by an embodiment of the present invention.

Fig. 3 is a schematic diagram of a blur extractor provided by an embodiment of the present invention.

Fig. 4 is a schematic diagram of similar data locking encryption provided by the embodiment of the present invention.

Fig. 5 is a schematic diagram of the SimHash calculation time provided by the embodiment of the present invention.

Fig. 6 is a diagram illustrating the calculation time of PHash according to the embodiment of the present invention.

FIG. 7 is a schematic diagram illustrating the time spent on text data deduplication provided by an embodiment of the present invention

FIG. 8 is a schematic diagram illustrating the time taken to deduplicate image data according to an embodiment of the present invention.

FIG. 9 is a diagram of a test hardware environment according to an embodiment of the present invention.

Detailed Description

In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail with reference to the following embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.

With the explosive growth of data, the efficiency of data storage becomes the most important goal that cloud storage systems need to achieve. Most cloud storage providers use data deduplication to ease data storage and management costs. In recent years, to further protect the privacy of user data, many secure deduplication methods have been proposed. At the same time, many practical applications indicate that eliminating similar (or erroneous) data can further reduce the storage overhead of cloud storage providers and can improve data storage quality. However, there is still a lack of secure and efficient similar data deduplication methods in cloud storage environments.

As shown in fig. 1, the method for locking, encrypting and de-duplicating similar data messages in a cloud environment according to the embodiment of the present invention includes the following steps:

s101: the client generates a plaintext duplicate removal label by using a similarity retention hash algorithm and sends the plaintext duplicate removal label to the cloud server, and the cloud server judges whether similar data are stored on the cloud server.

S102: if the cloud server does not have similar data, the user is required to generate a similar data key and auxiliary information for recovering the similar key, and encrypted ciphertext data and the auxiliary information are sent to the cloud server.

And S103, if the cloud server has similar data, returning auxiliary information for recovering the similar key to the user, encrypting the data by the user through the recovered similar key, verifying the similar data possession by using the obtained ciphertext and the server, and if the similar data possession passes the verification, allowing the user to access the data by the cloud server.

The application of the principles of the present invention will now be described in further detail with reference to the accompanying drawings.

1. Safety sketch map

The security thumbnail can reconstruct similar data and pass side information and get exactly the same data. Let M be the metric space of the distance function dis, fig. 2 depicts a schematic diagram of a safety sketch. It is defined as follows:

a safety sketch with the parameters (M, M, M', t,) consists of two efficient random sketch algorithms and a recovery algorithm (SS, Rec).

Sketch Algorithm SS, which takes element w ∈ M as input and outputs a string s ∈ {0,1}^*。

Recovery algorithm Rec with element w' ∈ M and string s ∈ {0,1}^*Is the most input. When dis (w, w ') ≦ t, then Rec (w ', SS (w)) ≦ w, and when dis (w, w ') ≦ t, then the output of Rec is not guaranteed.

A safety sketch algorithm based on Hamming distance is as follows: to get from FⁿThe Hamming distance error correcting code obtains a safety outline, and the invention uses [ n, k,2t +1 ]]_FFor example, input w, code word C ∈ C is uniformly randomly selected, s ═ ss (w) w-C is the transformation required for C to wc (w ', s), which is obtained by the formula c' ═ w '-s and then decoding c'. Since dis (w, w ') ≦ t, dis (c, c') ≦ t. Finally, w is obtained by w ═ c + s.

2. Fuzzy extractor

The fuzzy extractor can make two similar data obtain the same character string K. A fuzzy extractor with parameters (M, M, l, t,) is composed of a pair of efficient generation and regeneration algorithms (KG, REP).

Generating algorithm KG (w) → { K, P }, inputting w ∈ M, outputting an extraction string K ∈ {0,1}^lAnd a public auxiliary string P ∈ {0,1}^*。

The algorithm REP (w ', P) → { K } is regenerated in w' ∈ M and string P ∈ {0,1}^*As an input, if dis (w, w ') ≦ t and kg (w) → { K, P }, REP (w', P) ═ K. If the minimum entropy of M

Then (R, P, E) ≈(U, P, E), then the fuzzy extractor is safe.

Because conventional hash function algorithms (such as SHA-1 or SHA-256) and symmetric encryption algorithms (such as AES-128 or AES-256) cannot be directly applied to achieve secure duplicate data deduplication of similar data. The invention integrates new technologies such as a similarity preserving hash algorithm (SimHash and PHash), a fuzzy key extraction algorithm based on an error correcting code, an XOR encryption scheme based on one-time filling and the like, thereby realizing safe and efficient similar data deduplication in the system. The similar data deduplication method can realize encryption/decryption of client data, and allows the cloud server to perform secure similar data deduplication on ciphertext data of a user.

The similar data deduplication method is designed to enable a client to encrypt data, and a cloud server detects similar duplicated data of a ciphertext. In the invention, a client firstly applies a similarity-preserving hash algorithm to generate a deduplication label of a plaintext and a similar data key. Using the similarity-preserving hash, similar plaintext data will map to a similar tag and similar data key (e.g., 64 bits) having a particular length. These fixed-length tags may also significantly reduce storage overhead. The invention is provided withA random key generation algorithm based on a fuzzy extractor is designed, and similar data within a specific Hamming distance can always obtain the same random encryption key. At this stage, the first user selects some auxiliary parameters and computes a random key (e.g., k) of the plaintext w_w'). The secondary parameters will then be stored on the cloud server. When the subsequent user has a label t of similar plaintext data w (w ≈ w')/t_wAnd when the cloud server wants to execute similar data deduplication operation, the cloud server sends the auxiliary parameters to the subsequent users, and the subsequent users generate the key k by running a key regeneration algorithm_w. If the Hamming distance of file w and file w' is less than a certain value, e.g., (f)_w,f_w') If t is less than t, the key regeneration algorithm outputs the same random key k_w'＝k_w。

Since the cloud server needs to perform similarity detection on user sensitive data, similar data must be encrypted into similar ciphertext. This would violate the traditional encryption method employed for message lock encryption. To solve this problem, the present invention uses a simple one-time pad generator based xor encryption algorithm. Similar to the stream cipher, a pseudo-random generator G (-) generates an encryption key of sufficient bit length by using a similar key. If there are two plaintexts w and w' that are similar, then their respective similar key is k_wAnd k_w'And k is_w'＝k_w(ii) a Otherwise, k_w'≠k_w. The invention can be intuitively obtained

A similar message-lock encryption scheme consists of six polynomial time algorithms (FKG, KG, REP, ENC, DEC, TAG):

FKG(1^λ,r₂,w)→fk_w: this is a similar key generation algorithm based on a similar retained hash function for the user to compute the digest information of the data. It uses safety parameter lambda and random number r₂∈{0,1}^λThe similar abstract fk of a file is output by taking the file w as input_w. In practical use, SimHas is usedh or PHash.

RKG(1^λ,r₃,fk_w)→{k_w,P_w}: this is a key generation algorithm for the user to calculate the encryption key and auxiliary parameters of the data. x is a public parameter, RKG algorithm uses the outline algorithm SS r of the safety outline₃,w}→P_wAnd the extraction algorithm Ext (w, x) → { K ] in the blur extractor_wGenerating auxiliary parameters P ═ x, s and a random encryption key K_w. Wherein r is₃Is a random parameter for generating a random code C (r)₃) → C (algorithm C (-) is a code generation algorithm). The code c is used for the SS algorithm in the security profile.

REP(fk_w',P_w)→k_w: this is a key regeneration algorithm, run by the user. Similar to the regeneration algorithm in the fuzzy extractor, by applying the auxiliary parameter P_wAnd fuzzy summary fk of the file_w'As input, if and only if fk_w'And fk_wOutputting the private key k at similar times_w(ii) a Otherwise, a random value is output.

ENC(k_w,w)→c_w: this is an encryption algorithm that is run by the user to compute the encrypted data and obtain the corresponding ciphertext. It uses file w and a private key k_wReturning as input ciphertext

Wherein G (k)_w)→{0,1}^|w|Is a pseudo-random generator, with k_wAs input and output a pseudorandom encryption key G (k) of length | w |_w)。

DEC(k_w,c_w) → w: this is a decryption algorithm that is run by the user to calculate the plaintext of the input data. It uses the ciphertext c_wAnd a private key k_wReturning as input the plaintext

TAG(1^λ,r₁,w)→t_w: this is a label-generating algorithm that is,by using a similar retained hash function implementation, the same digest may be generated for similar data. The algorithm is run by the user to compute a summary of the input data. It uses the safety parameter lambda and the random number r₁And data w as input, return data tag t_w。

Based on the definition of the similar data message locking encryption scheme, the present invention presents a scheme diagram in fig. 4. Similar to message-locked encryption, all algorithms may rely on the public parameter P_wIt is open to all parties and even adversaries.

The application of the principles of the present invention will now be described in further detail with reference to specific embodiments.

In the system of the invention, the invention assumes that the user Cs is the owner of the data and that they wish to outsource their data for storage on a cloud server and similar deduplication storage. After the user uploads the data, the user only needs to keep the identity link (such as ID) of each data entry (such as data w)_w) And encryption keys (e.g., k)_w). By downloading the ciphertext c from the cloud server_wAnd decrypted to obtain plaintext data w. The cloud server S stores all data information obtained from the user and maintains a data set DB ═ Tag, ID, Cipher. In the system of the present invention, the data set DB provides three necessary files, i.e., a tag file, an identity link file, and a ciphertext file.

The similar data locking encryption scheme consists of three phases, namely a system establishing phase, an uploading phase and a downloading phase. Because the uploading stage and the downloading stage are two-party interactive protocols, the interactive protocol is formally defined as follows: II: [ P₁:in₁；P₂:in₂]→[P₁:out₁；P₂:out₂]. Protocol n denotes an interactive protocol which is transmitted by two parties P₁And P₂Operation in_iAnd out_iRepresenting a participant P_iInput and output of (c). The details of the three phases of a similar data-locking encryption system are constructed as follows:

the system set-up phase is run by user C, where r₁And r₂Are two public parameters, r₃Is a randomly selected parameter for being [ n, k,2t +1 ]]_FAn error correction code is input. Without loss of generality, the present invention assumes that user a is the first data owner of data w' and that he wishes to upload the data onto cloud storage server S. User A first runs the TAG generation algorithm TAG (1)^λ,r₁,w')→t_w'And similar key generation algorithm FKG (1)^λ,r₂,w')→fk_w'Generating labels t of data w_w'And similar data digests fk_w'. (in practice, both the TAG generation algorithm TAG and the similar key generation algorithm FKG are implemented with SimHash or PHash, so the user will do so

And

as input to the algorithm TAG and algorithm FKG, respectively. ) After this, the user a runs the key generation algorithm RKG (1)^λ,r₃,fk_w')→{k_w',P_w'Get similar encryption key k_w'And an auxiliary parameter P_w'。

The upload phase is an interactive protocol, running between the user C and the cloud server S. User C first sends a tag t_w'And giving the cloud server S the label for the server S to perform similar repeated detection on the database stored by the server S. In this phase, there are two different situations that occur on the cloud server:

duplicate data does not exist, if the existing data of the cloud server S does not have the label t_wAnd a label t_w'Similarly, the user needs to upload data. The uploading stage operates as follows: upload [ C: t:_w',w',r₃；s:DedupTb]→[C:k_w',c_w',P_w',Link_w'；S:t_w',R_w',c_w',Link_w']。

the user first runs a random key generation algorithm RKG (1)^λ,r₃,fk_w)→{k_w,P_w} generating randomThe encryption key and the auxiliary parameters. Then encrypted to obtain a ciphertext ENC (k)_w,w')→c_w'And transmits t_w',P_w',c_w'And giving the cloud server S. S store { t_w',P_w',c_w'And returns the Link_w'For user C to download ciphertext C_w'。

Repeated data exists, if the cloud server stores the data w and the label t of the data w_wAnd a label t_w'Similarly, the upload phase operates as follows: upload [ C: t:_w',w'；s:DedupTb,P_w']→[C:k_w,c_w',Link_w；S:Link_w]. According to the label t_w'The cloud server S returns the auxiliary information P_w＝{x_w,s_wGive user C. When the user receives P_w＝{x_w,s_wAfter this he first runs the key regeneration algorithm REP (fk)_w',P_w)→k_w. Then the user encrypts to obtain the ciphertext ENC (k) of the data w_w,w')→c_w'. Then the cloud server S and the user C execute a similar data possession proof protocol which can effectively verify the ciphertext data C of the user_w'Whether or not to match data c stored on the server_wSimilarly. If the user passes the verification, the cloud server returns the user connection Link_wThe ciphertext data c stored on the cloud server S can be downloaded_wSince similar data are stored on the cloud server, the user does not need to upload the data c again_w'。

The download phase is an interactive protocol to be initiated by user C to obtain outsourced data on server S. The protocol is as follows, Download [ C: Link_w,k_w；s:DedupTb,c_w]→[C:w；s:⊥](ii) a Intuitively, if user C wants to download the ciphertext of w from server S, the user first sends the data identity Link_wFor the server, the server queries the database DB for the Link being the identity Link_wCipher text C of_w. The server then sends the ciphertext C_wAnd sending to user C. After receiving the ciphertext C_wThereafter, the user C runs the decryption algorithm DEC (k)_w,c_w) → w gets the plaintext w. In this process, the user first runs a pseudo-random generation algorithm to obtain a decryption key G (k)_w) And calculates the plaintext

In order to further improve the receiving of the label t by the server_w'Then find similar label t_wAnd returns the auxiliary information P_w＝{x_w,s_wFor user C, a Hamming distance reduction and label cutting optimization method is further designed to improve label query efficiency. The idea of hamming distance reduction is as follows: since the cloud server stores a large amount of data and has a large number of tags, if all tags are traversed to find the tag t_w'Similar labels t_wThis would entail a significant computational overhead. Therefore, we have designed a 1bits (x) function, and the 1bits (x) function is used to count the number of 1bits in the data x. If the threshold of the similar data is set as t, the similarity of the two data x and the data y must satisfy-t ≦ 1bits (x) -1bits (y ≦ t. We compute the values of their 1bits (x) functions for all tags stored in the cloud server and sort them in descending order. Looking up and tagging t at server_w'Similar labels t_wOnly when-t is less than or equal to 1bits (t)_w')-1bits(t_w) And searching in the label less than or equal to t. When finding the bit satisfying-t ≦ 1bits (t)_w')-1bits(t_w) After the t-less label we use label cut optimization to further improve the efficiency of determining the Hamming distance of the two data. The principle is that data is divided into blocks with the same size, the Hamming distance of each block is calculated from front to back, and if the Hamming distance when a certain block is calculated is larger than t, the two data are certainly dissimilar. Therefore, we no longer need to calculate the specific hamming distance between two data, but when the hamming distance between two data exceeds t when calculating a certain block, the calculation does not need to be continued and it can be determined that the two data are not similar. In practice, for two data x and data y of length n, we divide data x and data y into (x) and (y), respectively₁,x₂,...,x_r) And (y)₁,y₂,...,y_r). The first r- (nmodr) strings are of length

The rear nmodr strings are of length

We first compute the Hamming distance dis of block 1_Ham(x₁,y₁) Initially, the Hamming distance dis is calculated up to the r-th block_Ham(x_r,y_r) If there is dis when the ith block is calculated_Ham(x₁,y₁)+...+dis_Ham(x_i,y_i) T > t. It is stated that the two data are not similar and the server will not continue to calculate the hamming distance of the following block.

In order to further improve the security of the scheme, a similar data message locking encryption de-duplication scheme based on the auxiliary server and a similar data locking encryption de-duplication scheme based on a similar label are designed. The secondary server-based similar data message locking encryption deduplication scheme is resistant to offline brute force attacks by combining with the RSA-based blind signature scheme. Suppose that the server of our system uses the RSA key generation algorithm, with parameter e as input, and outputs N and d such that

N is the product of two large prime numbers. ((N, e), (N, d)) is the exported private-public key pair. Every legal user firstly registers in the key server, inputs the public key and plaintext data w of the key server, selects a random number r and passes FKG (r₂W) Algorithm calculation fk_wThen through the algorithm RKG (r)₃,fk_w) K is obtained by calculation_wAnd P_w. Finally, the user calculates x ← H (k)_w·r^e) And sends x to the key server. Key server computing y ← x after receiving x^dmodN and returns y to the user. User receives y and then calculates z ← y r^-1And verifying whether z is^emodN＝H(k_w). If equal, return z, if not equal, return zGo back ⊥. z is used to compute the private encryption key of the plaintext w and the similar data validation tag t by using a pseudo-random generation algorithm_wH (g (z)). In a similar data message lock encryption deduplication scheme based on a secondary server, the key server cannot obtain any information of the encryption key. In the similar data locking encryption de-duplication scheme based on similar labels, the inquiry label of each data (such as data w) is marked by TAG (1)^λ,)→t_wAnd (4) obtaining the product. More precisely in the sense that it is,

where g is the generator of the bilinear group, h is the collision-resistant hash function, and r is the random number. Suppose user C owns data w'. User C first calculates fk' ← FKG (r)₂W') then run the key regeneration algorithm calculation

Finally, whether the cloud server S exists or not is verified for each recording user

And a label

In detail, the server S authenticates

Whether or not equal. After finding the corresponding tag, user C enters into a data-possession proof protocol with the server.

The effect of the present invention will be described in detail with reference to the experiments.

The system of the present invention is implemented on a MySQL database system using 3000 lines of C + + code. The invention utilizes a free GMP library to realize the SimHash algorithm. The cryptographic hash algorithm and the exclusive-or encryption algorithm (SHA-256 and exclusive-or encryption algorithm) are implemented by the OpenSSL library. The invention respectively runs a client and a server application program on two computers running Linux 14.04, and the used computer hardware is configured as follows: 1.70GHz Intel i5-3317U CPU, 4GB memory. In order to carry out experiments on the local area network, the invention realizes the communication between the client and the server and places the two machines in the same area. The communication bandwidth of the wired connection between the server and the client is set to 10 Mbps. To measure the performance of the system of the present invention on a real dataset, the present invention used an amazon movie review text dataset containing 7911684 text files, each text file being approximately 1-15KB in length, with image data exceeding 1400 million images.

TABLE 1 calculation times for different algorithms

The test results for similar data lock encryption systems are shown in table 1. The specific situation is as follows: FKG is a similar hash function, the invention is implemented herein using a 64-bit SimHash and a 64-bit PHash (SimHash can only be used to process text files, PHash can be applied to text and image files). Given fixed-length text data (1KB), the average computation time of SimHash and PHash is 1386us and 5312us, respectively. Given one image JPEG data (10KB), the average calculation time of PHash was 6439 us. The RKG algorithm requires 261us and 885us for calculations at 64 and 256 bit lengths, respectively. The REP algorithm requires 124us and 368us at 64 and 256 bit lengths, respectively. Encrypting and decrypting data in the ENC and DEC using an XOR operation requires 338us to perform the ENC and DEC operations on a 1KB bit string. Similar to FKG, implementation of TAG is also achieved by using a similar hash function (i.e. the 64-bit SimHash algorithm used in the scheme of the present invention). In addition, the present invention observes that the computation time of FKG, ENC, DEC and TAG is related to the size of the inputs, and the present invention gives the simulation results in FIG. 5 and FIG. 6, respectively. As the size of the input data amount increases, their computation time increases linearly.

Finally, the present invention tests the similar data deduplication system of the present invention with text data and image data. As shown in fig. 7, the experiment was run on a text database of 100,000 records, each with a 256-bit mark. As shown in fig. 8, the experiment was run on an image database of 1000 records, each with a 64-bit mark. In the two tests, the plaintext client interacts with the server to verify whether similar ciphertext exists in the database. If there is no duplicate similar data in the server database, the client will upload its ciphertext. Otherwise, the server performs similar data deduplication with the user and sends a link of the similar data to the user.

The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents and improvements made within the spirit and principle of the present invention are intended to be included within the scope of the present invention.

Claims

1. A locking, encrypting and de-duplicating method for similar data messages in a cloud environment is characterized in that the locking, encrypting and de-duplicating method for similar data messages in the cloud environment adopts a similarity preserving hash function, and realizes the de-duplication of similar data by a secret key extraction method based on an error correcting code and a secure symmetric encryption algorithm based on a pseudo-random generator; the label query efficiency is improved by a Hamming distance reduction and label cutting optimization method;

a client of the similar data message locking encryption deduplication method in the cloud environment applies a similarity preserving hash algorithm to generate a deduplication label of a plaintext and a similar data key; using the similarity-preserving hash, similar plaintext data will be mapped to similar labels and similar data keys having a particular length; the same random encryption key can be always obtained from similar data within a specific Hamming distance, and a first user selects some auxiliary parameters and calculates the random key of a plaintext w'; the auxiliary parameters are stored on the cloud server; when the subsequent user has a label t of similar plaintext data w (w ≈ w')/t_wAnd when the similar data deduplication operation is required to be executed, the cloud server sends the auxiliary parameters to the later uploaded user, and the later uploaded user generates the key k by running a key regeneration algorithm_w(ii) a If the Hamming distance of file w and file w' is less than a specified value, if (f)_w,f_w') If t is less than t, the key regeneration algorithm outputs the same random key k_w'＝k_w；

The similar message locking encryption scheme of the similar data message locking encryption deduplication method in the cloud environment is formed by six polynomial time algorithms (FKG, KG, REP, ENC, DEC, TAG):

ENC(k_w,w)→c_w: is an encryption algorithm operated by user to calculate encrypted data and obtain corresponding ciphertext, a file w and a private key k_wReturning as input ciphertext

TAG(1^λ,r₁,w)→t_w: is a label generation algorithm, realized by using a similar retention hash function, operated by a user to calculate the abstract of input data; with a security parameter lambda, a random number r₁And data w as input, return data tag t_w。

2. The method for locking encryption and de-duplication of similar data messages in cloud environment according to claim 1, wherein the method for locking encryption and de-duplication of similar data messages in cloud environment comprises the following steps:

3. The method for locking encryption and de-duplication of similar data messages in cloud environment as claimed in claim 1, wherein the method for locking encryption and de-duplication of similar data messages in cloud environment uses [ n, k,2t +1 ]]_FThe idea of the hamming distance-based safety sketch is to use an error correction codeThe method comprises the steps of correcting error of data w, inputting w, uniformly and randomly selecting a code word C ∈ C, enabling s to be SS (w) to be w-C to be the transformation needed from C to w, calculating Rec (w ', s), obtaining C through a formula C' to w '-s and then decoding C', and obtaining w through w to C + s.