CN108629040A - Data proof of possession method, apparatus and system - Google Patents

Data proof of possession method, apparatus and system Download PDF

Info

Publication number
CN108629040A
CN108629040A CN201810450384.5A CN201810450384A CN108629040A CN 108629040 A CN108629040 A CN 108629040A CN 201810450384 A CN201810450384 A CN 201810450384A CN 108629040 A CN108629040 A CN 108629040A
Authority
CN
China
Prior art keywords
file
file fragmentation
root node
merkle
credible
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810450384.5A
Other languages
Chinese (zh)
Inventor
胡宇光
殷宇辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Qihoo Technology Co Ltd
Original Assignee
Beijing Qihoo Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Qihoo Technology Co Ltd filed Critical Beijing Qihoo Technology Co Ltd
Priority to CN201810450384.5A priority Critical patent/CN108629040A/en
Publication of CN108629040A publication Critical patent/CN108629040A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data

Abstract

The invention discloses a kind of data proof of possession method, apparatus and systems, can solve the problems, such as the existing personal no data proof of possession mechanism of storage.Method includes:Receive the root node of the file fragmentation mark and the credible trees of Merkle of file to be verified;Search and the corresponding credible trees of Merkle of root node and file fragmentation corresponding with the leafy node of the credible trees of Merkle;The certification path of file fragmentation mark corresponding file fragmentation and file fragmentation is sent to authentication, holds verification so that authentication carries out data according to file fragmentation, certification path and root node to storage side;Or the certification path of the operation values obtained to file fragmentation and file fragmentation mark progress operation according to preset algorithm, file fragmentation is sent to authentication, so that authentication holds verification to operation values, certification path and the root node of file fragmentation mark progress operation according to the operation values, based on preset algorithm to storage side's progress data.The present invention is mainly suitable for the scenes that data are stored based on block chain.

Description

Data proof of possession method, apparatus and system
Technical field
The present invention relates to technical field of data processing, more particularly to a kind of data proof of possession method, apparatus and system.
Background technology
Block chain technology is a kind of decentralization and resides in data storage, transmission and the method proved of distributed frame, Dependence with data block instead of current internet to central server.Currently, in block chain field, a kind of is provided People's store function, i.e. user can will need in the file stored storage to other nodes of block chain, and be storage file Node awards reward, such as pays.It is possible to do evil however, personal, may claim and deposit in the case of no storage Storage, it is impaired so as to cause interests of another.Therefore, it is urgently to be resolved hurrily for how providing a kind of data proof of possession mechanism.
Invention content
In view of this, data proof of possession method, apparatus provided by the invention and system, can solve existing individual and deposit No data proof of possession mechanism is stored up, the problem for causing interests of another impaired.
The purpose of the present invention is what is realized using following technical scheme:
In a first aspect, the present invention provides a kind of data proof of possession method, the method includes:
The Merkle of the file fragmentation mark and the file to be verified that receive the file to be verified that authentication is sent is credible The root node of tree, the root node are that deposit side deposits the credible trees of the Merkle of the file to be verified and the file to be verified When entering storage side, the root node of the credible trees of same Merkle of write verification side;
Search the credible trees of Merkle corresponding with the root node and the leafy node with the credible trees of the Merkle Corresponding file fragmentation;
The certification path of file fragmentation mark corresponding file fragmentation and the file fragmentation is sent to described Authentication, so as to the authentication according to the file fragmentation, certification path and the root node received to the storage side into Row data hold verification;Or operation will be carried out to the file fragmentation and file fragmentation mark according to preset algorithm and obtained Operation values, the file fragmentation certification path be sent to the authentication, so that the authentication is according to the fortune received Calculation value identifies the file fragmentation based on the preset algorithm operation values, the certification path and the institute for carrying out operation and obtaining It states root node and verification is held to storage side progress data.
Second aspect, the present invention provides a kind of data proof of possession method, the method includes:
The root node of the file fragmentation mark of file to be verified and the credible trees of Merkle of the file to be verified is sent To storage side, the root node is that the credible trees of the Merkle of the file to be verified and the file to be verified are stored in by deposit side When the storage side, the root node of the credible trees of same Merkle of write verification side;
Receive the corresponding file fragmentation and the file fragmentation of file fragmentation mark that the storage side is sent Certification path, and data are carried out to the storage side according to the file fragmentation, the certification path and the root node and are held Verification;Alternatively, receiving the certification path for the file fragmentation that the storage side is sent, being divided the file according to preset algorithm Piece and file fragmentation mark carry out the obtained operation values of operation, and according to the operation values received, be based on the pre- imputation Method, which identifies the file fragmentation, carries out operation obtained operation values, the certification path and the root node to the storage side It carries out data and holds verification.
The third aspect, the present invention provides a kind of data proof of possession device, described device includes:
Receiving unit, the file fragmentation mark of the file to be verified for receiving authentication transmission and the file to be verified The credible trees of Merkle root node, the root node is deposit side by the file to be verified and the file to be verified When Merkle is credible tree deposit storage side, the root node of the credible trees of same Merkle of write verification side;
Searching unit, for searching, Merkle corresponding with the root node is credible to be set and credible with the Merkle The corresponding file fragmentation of leafy node of tree;
Transmission unit, the certification road for the file fragmentation to be identified to corresponding file fragmentation and the file fragmentation Diameter is sent to the authentication, so that the authentication is according to the file fragmentation, certification path and the root node pair received The storage side carries out data and holds verification;Or the file fragmentation and the file fragmentation will be identified according to preset algorithm The certification path of operation values, the file fragmentation that progress operation obtains is sent to the authentication, so as to the verification root According to the operation values received, the operation values, described for carrying out operation and obtaining are identified to the file fragmentation based on the preset algorithm Certification path and the root node carry out data to the storage side and hold verification.
Fourth aspect, the present invention provides a kind of data proof of possession device, described device includes:
Transmission unit, for the file fragmentation of file to be verified to be identified to the credible trees of Merkle with the file to be verified Root node be sent to storage side, the root node is deposit side by the file to be verified and the file to be verified When Merkle is credible tree is stored in the storage side, the root node of the credible trees of same Merkle of write verification side;
Receiving unit, for receiving file fragmentation and institute corresponding to the file fragmentation mark that the storage side is sent State the certification path of file fragmentation;Alternatively, receiving the certification path for the file fragmentation that the storage side is sent, according to default Algorithm carries out the file fragmentation and the file fragmentation mark operation values that operation obtains;
Authentication unit, for according to the file fragmentation, the certification path and the root node to the storage side into Row data hold verification;Alternatively, identifying progress to the file fragmentation according to the operation values received, based on the preset algorithm Operation values, the certification path and the root node that operation obtains carry out data to the storage side and hold verification.
5th aspect, the present invention provides a kind of storage medium, the storage medium is stored with a plurality of instruction, described instruction Suitable for being loaded by processor and being executed data proof of possession method as described in relation to the first aspect;Or it loads and executes such as second Data proof of possession method described in aspect.
6th aspect, the present invention provides a kind of data proof of possession device, described device includes storage medium and processing Device;
The processor is adapted for carrying out each instruction;
The storage medium is suitable for storing a plurality of instruction;
Described instruction is suitable for being loaded by the processor and holding data proof of possession method as described in relation to the first aspect.
7th aspect, the present invention provides a kind of data proof of possession device, described device includes storage medium and processing Device;
The processor is adapted for carrying out each instruction;
The storage medium is suitable for storing a plurality of instruction;
Described instruction is suitable for being loaded by the processor and executing the data proof of possession method as described in second aspect.
Eighth aspect, the present invention provides a kind of data proof of possession system, the system comprises deposit side, storage side and Authentication;
The deposit side, for the credible trees of the Merkle of file and file to be stored in the storage side, and will be described The root node of Merkle is credible tree and the device identification of the storage side are stored in the authentication;
The storage side includes the device described in the 6th aspect;
The authentication includes the device described in the 7th aspect.
By above-mentioned technical proposal, data proof of possession method, apparatus and system provided by the invention can be first by being stored in The credible trees of the Merkle of file and file are stored in storage side by side, and the root node of the credible trees of the Merkle is stored in authentication; Then the root node of the file fragmentation mark of file to be verified and the credible trees of Merkle of file to be verified is sent by authentication To storage side, after storage side receives these information, search Merkle corresponding with the root node it is credible set and with The corresponding file fragmentation of leafy node of Merkle is credible tree;Finally by corresponding to this document segmental identification file fragmentation and should The certification path of file fragmentation is sent to authentication, so that authentication is according to the information received and the root node pair being locally stored Storage side carries out data and holds verification;Or operation will be carried out to this document fragment and this document segmental identification according to preset algorithm The certification path of obtained operation values, this document fragment is sent to authentication, so as to authentication according to the information received, be based on Preset algorithm carries out the obtained operation values of operation and the root node being locally stored to storage side into line number to this document segmental identification It is verified according to holding.The data proof of possession mechanism provided through the invention can prevent personal storage from doing evil, to avoid other people Benefit damage.
Above description is only the general introduction of technical solution of the present invention, in order to better understand the technical means of the present invention, And can be implemented in accordance with the contents of the specification, and in order to allow above and other objects of the present invention, feature and advantage can It is clearer and more comprehensible, below the special specific implementation mode for lifting the present invention.
Description of the drawings
By reading the detailed description of hereafter preferred embodiment, various other advantages and benefit are common for this field Technical staff will become clear.Attached drawing only for the purpose of illustrating preferred embodiments, and is not considered as to the present invention Limitation.And throughout the drawings, the same reference numbers will be used to refer to the same parts.In the accompanying drawings:
Fig. 1 shows a kind of flow chart of data proof of possession method provided in an embodiment of the present invention;
Fig. 2 shows a kind of exemplary plots of the credible trees of Merkle provided in an embodiment of the present invention;
Fig. 3 shows the flow chart of another data proof of possession method provided in an embodiment of the present invention;
Fig. 4 shows a kind of composition frame chart of data proof of possession device provided in an embodiment of the present invention;
Fig. 5 shows the composition frame chart of another data proof of possession device provided in an embodiment of the present invention;
Fig. 6 shows the composition frame chart of another data proof of possession device provided in an embodiment of the present invention;
Fig. 7 shows a kind of data proof of possession system construction drawing provided in an embodiment of the present invention;
Fig. 8 shows another data proof of possession system construction drawing provided in an embodiment of the present invention.
Specific implementation mode
The exemplary embodiment of the disclosure is more fully described below with reference to accompanying drawings.Although showing the disclosure in attached drawing Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure without should be by embodiments set forth here It is limited.On the contrary, these embodiments are provided to facilitate a more thoroughly understanding of the present invention, and can be by the scope of the present disclosure Completely it is communicated to those skilled in the art.
An embodiment of the present invention provides a kind of data proof of possession method, the method is mainly used in storage side, such as Fig. 1 It is shown, the method includes:
101, the Merkle of the file fragmentation mark and the file to be verified of the file to be verified that authentication is sent is received The root node of credible tree.
Wherein, root node is that the credible trees of the Merkle of the file to be verified and the file to be verified are stored in by deposit side When storage side, the root node of the credible trees of same Merkle of write verification side.That is, when some file is stored in by deposit side Before storage side, the credible trees of Merkle of this document can be first calculated, are then sent to the credible trees of the Merkle and file content Storage side is stored, and the device identification of the root node of the credible trees of the Merkle and storage side is sent to authentication and is deposited Storage holds verification in order to which subsequent authentication side is based on these information to storage side's progress data.
In practical applications, authentication periodically can hold verification to storage side's progress data, whether to determine storage side Pay storage labour.When authentication needs to hold verification to some storage side progress data, can be deposited according to what is be locally stored Corresponding not authenticated root node is searched in the device identification of Chu Fang, then random to generate a file fragmentation mark (such as Position or fragment number of the file fragmentation in entire file), and the root node that file fragmentation is identified and found is sent To storage side, to store root according to the verification information needed for file fragmentation mark and root node feedback validation side.
It should be noted that the authentication of the embodiment of the present invention includes any one of following or several combinations:Deposit side, There are other nodes of storage verifying authorization on server and block chain.
It is to be understood that the generating process of the credible trees of Merkle is as follows:
If being 4 file fragmentations, respectively L1, L2, L3 and L4 by file declustering, then L1, L2, L3 and L4 are calculated separately Then cryptographic Hash calculates two neighboring leaf as the credible leaf child nodes of Merkle if cryptographic Hash is respectively H1, H2, H3 and H4 Father node of the cryptographic Hash of child node as the two leafy nodes, in this way until obtaining root node.Such as H1 and H2 It is the father node of H6, H5 and H6 is H7 (i.e. root node) that father node, which is the father node of H5, H3 and H4,.The Merkle ultimately generated can Letter tree is as shown in Figure 2.
102, the credible trees of Merkle corresponding with the root node and the leaf with the credible trees of the Merkle are searched The corresponding file fragmentation of node.
After storage side receives file fragmentation mark and root node, it can first be found and to be locally stored according to root node Merkle is credible tree, that is, include the credible trees of Merkle of the root node, then find each leaf knot of the credible trees of the Merkle The corresponding file fragmentation of point, to obtain the verification needed for authentication according to the credible trees of the Merkle found and file fragmentation Information.For example, if the root node that storage side receives is H7, file fragmentation mark is 3, then the Merkle found is credible to be set such as Shown in Fig. 2, file fragmentation is the file L3 corresponding to leafy node H3.
After getting the credible trees of Merkle and file fragmentation, can by executing following step 103 or step 104, So that authentication realization holds verification to the data of storage side:
103, the certification path of file fragmentation mark corresponding file fragmentation and the file fragmentation is sent to The authentication, so as to the authentication according to the file fragmentation, certification path and the root node received to the storage Fang Jinhang data hold verification.
Wherein, certification path refers to the road of the sibling composition of all nodes from certification leafy node to root node Diameter.For example, if the file fragmentation corresponding to file fragmentation mark is the L1 in Fig. 2, the certification path of L1 is H2->H6.
After the certification path of file fragmentation and file fragmentation is sent to authentication, authentication can be according to receiving File fragmentation and certification path calculate a root node, then carry out calculated root node with the root node locally preserved Comparison is realized to storage number formulary according to the verification held.
104, the operation that operation obtains will be carried out to the file fragmentation and file fragmentation mark according to preset algorithm Value, the file fragmentation certification path be sent to the authentication, so as to the authentication according to receive operation values, base Operation values, the certification path and the root node for carrying out operation and obtaining are identified to the file fragmentation in the preset algorithm Data are carried out to the storage side and hold verification.
The verification method of above-mentioned steps 103 needs to store direction authentication one file fragmentation of feedback, if the verification of malice Side constantly sends different file fragmentation marks to storage side, then the side of storage can send different file fragmentations to authentication, To which there are the risks that entire file is leaked.In order to avoid outflow of document, file fragmentation content can not be sent to authentication Itself, but the operation values and certification path that file fragmentation and file fragmentation mark progress operation obtain are sent to verification Side, so that authentication is not in the case where knowing file fragmentation content, directly according to the operation values and being based solely on file fragmentation The operation values being calculated are identified, calculate the corresponding leafy node of file fragmentation, and according to calculated leafy node and recognize Card path computing goes out root node, is compared further according to calculated root node and the root node being locally stored, and realizes to storage The data of side hold verification.
Wherein, preset algorithm includes BLS hash algorithms.BLS hash algorithms meet following characteristic:BLS_Hash (A+B)= BLS_Hash (A) ^BLS_Hash (B), the even known cryptographic Hash of A+B and the cryptographic Hash of A, it will be able to calculate the cryptographic Hash of B.
Data proof of possession method provided in an embodiment of the present invention, can be first by deposit side by the Merkle of file and file Credible tree is stored in storage side, and the root node of the credible trees of the Merkle is stored in authentication;Then by authentication by text to be verified The root node of the file fragmentation mark of part and the credible trees of Merkle of file to be verified is sent to storage side, and storage side receives this After a little information, search and the corresponding Merkle of the root node is credible sets and corresponding with the leafy node of the credible trees of Merkle File fragmentation;The certification path of file fragmentation and this document fragment corresponding to this document segmental identification is finally sent to verification Side holds verification so that authentication carries out data according to the information received and the root node being locally stored to storage side;Or Operation values that operation obtains will be carried out to this document fragment and this document segmental identification according to preset algorithm, this document fragment is recognized Card path be sent to authentication, so as to authentication according to the information received, be based on preset algorithm to this document segmental identification into The operation values that row operation obtains carry out data to storage side with the root node being locally stored and hold verification.It provides through the invention Data proof of possession mechanism can prevent personal storage from doing evil, to avoid interests of another impaired.
Further, according to method shown in FIG. 1, an alternative embodiment of the invention additionally provides a kind of data and holds card Bright method, the method are mainly used in authentication, as shown in figure 3, the method includes mainly:
201, by the root node of the file fragmentation of file to be verified mark and the credible trees of Merkle of the file to be verified It is sent to storage side.
Wherein, root node is that the credible trees of the Merkle of the file to be verified and the file to be verified are stored in by deposit side When the storage side, the root node of the credible trees of same Merkle of write verification side.That is, working as deposit side by some file Before being stored in storage side, the credible trees of Merkle of this document can be first calculated, then send out the credible trees of the Merkle and file content Storage side is given to be stored, and by the device identification of the root node of the credible trees of the Merkle and storage side be sent to authentication into Row storage holds verification in order to which subsequent authentication side is based on these information to storage side's progress data.
In practical applications, authentication periodically can hold verification to storage side's progress data, whether to determine storage side Pay storage labour.When authentication needs to hold verification to some storage side progress data, can be deposited according to what is be locally stored Corresponding not authenticated root node is searched in the device identification of Chu Fang, then random to generate a file fragmentation mark (such as Position or fragment number of the file fragmentation in entire file), and the root node that file fragmentation is identified and found is sent To storage side, to store root according to the verification information needed for file fragmentation mark and root node feedback validation side.
It should be noted that the authentication of the embodiment of the present invention includes any one of following or several combinations:Deposit side, There are other nodes of storage verifying authorization on server and block chain.
It, can be by executing following step 202 or step after file fragmentation mark and root node are sent to storage side Rapid 203 so that authentication realization holds verification to the data of storage side:
202, the corresponding file fragmentation of file fragmentation mark and the file point that the storage side is sent are received The certification path of piece, and data are carried out to the storage side according to the file fragmentation, the certification path and the root node Hold verification.
Wherein, certification path refers to the road of the sibling composition of all nodes from certification leafy node to root node Diameter.
After receiving the file fragmentation and certification path that storage root is found according to file fragmentation mark and root node, test A root node can be calculated in card side according to file fragmentation and certification path, then by the root node and the root being locally stored Node (root node that storage side is issued in step 201) is compared, if the two is identical, illustrates the file that the side of storage stores Fragment is the file fragmentation that the side of deposit is stored in, and may thereby determine that storage side is stored with the file to be verified, if the two is different, Illustrate that file fragmentation that the side of storage stores is not the file fragmentation that the side of deposit is stored in, may thereby determine that storage side is to be tested without this Demonstrate,prove file.
For example, if the file fragmentation corresponding to file fragmentation mark is the L1 in Fig. 2, the certification path of L1 is H2->H6, L1 cryptographic Hash H1 ' then can be first calculated, the cryptographic Hash H5 ' of H1 ' and H2 are then calculated, finally calculate the cryptographic Hash of H5 ' and H6 H7′.And compare H7 ' and H7, if the two is identical, it is determined that storage side is stored with the file to be verified, no person, and determination is deposited Chu Fang does not store the file to be verified.
203, receive the certification path for the file fragmentation that the storage side is sent, according to preset algorithm to the file Fragment and file fragmentation mark carry out the operation values that operation obtains, and are preset according to the operation values received, based on described Algorithm, which identifies the file fragmentation, carries out operation obtained operation values, the certification path and the root node to the storage Fang Jinhang data hold verification.
The verification method of above-mentioned steps 202 needs to store direction authentication one file fragmentation of feedback, if the verification of malice Side constantly sends different file fragmentation marks to storage side, then the side of storage can send different file fragmentations to authentication, To which there are the risks that entire file is leaked.In order to avoid outflow of document, file fragmentation content can not be sent to authentication Itself, but the operation values and certification path that file fragmentation and file fragmentation mark progress operation obtain are sent to verification Side, so that authentication is not in the case where knowing file fragmentation content, directly according to the operation values and being based solely on file fragmentation The operation values being calculated are identified, calculate the corresponding leafy node of file fragmentation, and according to calculated leafy node and recognize Card path computing goes out root node, is compared further according to calculated root node and the root node being locally stored, and realizes to storage The data of side hold verification.
Specifically, on the certification road for receiving the file fragmentation that storage root is determined according to file fragmentation mark and root node After diameter, the operation values obtained to file fragmentation and file fragmentation mark progress operation, authentication can first be based on preset algorithm pair File fragmentation mark carry out operation obtain operation values, then according to the two operation values calculate be stored in storage side side, and be somebody's turn to do The operation values of the corresponding file fragmentation of file fragmentation mark are to get to the corresponding leafy node of file fragmentation, further according to basis The operation values and certification path of file fragmentation calculate the root node of the credible trees of Merkle, and root node and local will finally be calculated The root node of storage is compared, if the two is identical, illustrates that file fragmentation that the side of storage stores is the file that the side of deposit is stored in Fragment may thereby determine that storage side is stored with the file to be verified, if the two is different, illustrate the file point that the side of storage stores Piece is not the file fragmentation that the side of deposit is stored in, and may thereby determine that storage side without the file to be verified.
Wherein, preset algorithm includes BLS hash algorithms.BLS hash algorithms meet following characteristic:BLS_Hash (A+B)= BLS_Hash (A) ^BLS_Hash (B), the even known cryptographic Hash of A+B and the cryptographic Hash of A, it will be able to calculate the cryptographic Hash of B. If A is file fragmentation mark, B is file fragmentation, then in the operation values BLS_Hash for knowing file fragmentation mark and file fragmentation (A+B), in the case of the operation values BLS_Hash (A) of file fragmentation mark, formula BLS_ can be passed through
Hash (A+B)=BLS_Hash (A) ^BLS_Hash (B), is calculated the operation values BLS_Hash of file fragmentation (B)。
Data proof of possession method provided in an embodiment of the present invention, can be first by deposit side by the Merkle of file and file Credible tree is stored in storage side, and the root node of the credible trees of the Merkle is stored in authentication;Then by authentication by text to be verified The root node of the file fragmentation mark of part and the credible trees of Merkle of file to be verified is sent to storage side;Last authentication receives The file fragmentation and certification path that storage side is sent, and according to the information that receives and the root node being locally stored to storage side into Row data hold verification;Or authentication receive storage side send according to preset algorithm to this document fragment and this document fragment Mark carry out operation obtain operation values, this document fragment certification path, and according to the information received, be based on preset algorithm The operation values obtained to the progress operation of this document segmental identification and the root node being locally stored, which hold storage side's progress data, to be tested Card.The data proof of possession mechanism provided through the invention can prevent personal storage from doing evil, to avoid interests of another by Damage.
Further, the method executed according to above-mentioned storage side, an alternative embodiment of the invention additionally provide a kind of number According to proof of possession device, described device is mainly used in storage side, as shown in figure 4, described device includes:
Receiving unit 31, the file fragmentation mark of the file to be verified for receiving authentication transmission and the text to be verified The root node of the credible trees of Merkle of part, the root node are deposit sides by the file to be verified and the file to be verified When Merkle is credible tree deposit storage side, the root node of the credible trees of same Merkle of write verification side;
Searching unit 32, for searching, Merkle corresponding with the root node is credible to be set and can with the Merkle Believe the corresponding file fragmentation of leafy node of tree;
Transmission unit 33, the certification for the file fragmentation to be identified to corresponding file fragmentation and the file fragmentation Path is sent to the authentication, so that the authentication is according to the file fragmentation, certification path and the root node received Data are carried out to storage side and hold verification;Or will according to preset algorithm to the file fragmentation and the file fragmentation identify into The certification path of operation values, the file fragmentation that row operation obtains is sent to the authentication, so as to the authentication according to The operation values that receive identify the file fragmentation based on the preset algorithm operation values for carrying out operation and obtaining, described recognize Card path and the root node carry out data to the storage side and hold verification.
Optionally, the preset algorithm includes BLS hash algorithms.
Optionally, the authentication includes any one of following or several combinations:
There are other nodes of storage verifying authorization on the deposit side, server and block chain.
Data proof of possession device provided in an embodiment of the present invention, can be first by deposit side by the Merkle of file and file Credible tree is stored in storage side, and the root node of the credible trees of the Merkle is stored in authentication;Then by authentication by text to be verified The root node of the file fragmentation mark of part and the credible trees of Merkle of file to be verified is sent to storage side, and storage side receives this After a little information, search and the corresponding Merkle of the root node is credible sets and corresponding with the leafy node of the credible trees of Merkle File fragmentation;The certification path of file fragmentation and this document fragment corresponding to this document segmental identification is finally sent to verification Side holds verification so that authentication carries out data according to the information received and the root node being locally stored to storage side;Or Operation values that operation obtains will be carried out to this document fragment and this document segmental identification according to preset algorithm, this document fragment is recognized Card path be sent to authentication, so as to authentication according to the information received, be based on preset algorithm to this document segmental identification into The operation values that row operation obtains carry out data to storage side with the root node being locally stored and hold verification.It provides through the invention Data proof of possession mechanism can prevent personal storage from doing evil, to avoid interests of another impaired.
Further, the method executed according to above-mentioned authentication, an alternative embodiment of the invention additionally provide a kind of number According to proof of possession device, described device is mainly used in authentication, as shown in figure 5, described device includes:
Transmission unit 41, for the Merkle of the file fragmentation mark of file to be verified and the file to be verified is credible The root node of tree is sent to storage side, and the root node is deposit side by the file to be verified and the file to be verified When Merkle is credible tree is stored in the storage side, the root node of the credible trees of same Merkle of write verification side;
Receiving unit 42, for receive the corresponding file fragmentation of file fragmentation mark that the storage side sends and The certification path of the file fragmentation;Alternatively, receiving the certification path for the file fragmentation that the storage side is sent, according to pre- Imputation method carries out the file fragmentation and the file fragmentation mark operation values that operation obtains;
Authentication unit 43 is used for according to the file fragmentation, the certification path and the root node to the storage side It carries out data and holds verification;Alternatively, according to the operation values received, based on the preset algorithm to the file fragmentation identify into Operation values, the certification path and the root node that row operation obtains carry out data to the storage side and hold verification.
Optionally, as shown in fig. 6, the authentication unit 43 includes:
First computing module 431, for calculating the credible trees of Merkle according to the file fragmentation and the certification path Root node;
First contrast module 432 is compared for root node will to be calculated with the root node being locally stored;
First determining module 433, for when identical, determining that the storage side is stored with the file to be verified.
Optionally, as shown in fig. 6, the authentication unit 43 includes:
Second computing module 434, for the operation values that receive according to and based on the preset algorithm to the text Part segmental identification carries out the obtained operation values of operation, calculates be stored in the storage side side and file fragmentation mark institute The operation values of corresponding file fragmentation;
Second computing module 434 is additionally operable to be calculated according to the operation values of the file fragmentation and the certification path The root node of Merkle is credible tree;
Second contrast module 435 is compared for root node will to be calculated with the root node being locally stored;
Second determining module 436, for when identical, determining that the storage side is stored with the file to be verified.
Optionally, the preset algorithm includes BLS hash algorithms.
Optionally, the authentication includes any one of following or several combinations:
Other nodes with verifying authorization on the deposit side, server and block chain.
Data proof of possession device provided in an embodiment of the present invention, can be first by deposit side by the Merkle of file and file Credible tree is stored in storage side, and the root node of the credible trees of the Merkle is stored in authentication;Then by authentication by text to be verified The root node of the file fragmentation mark of part and the credible trees of Merkle of file to be verified is sent to storage side;Last authentication receives The file fragmentation and certification path that storage side is sent, and according to the information that receives and the root node being locally stored to storage side into Row data hold verification;Or authentication receive storage side send according to preset algorithm to this document fragment and this document fragment Mark carry out operation obtain operation values, this document fragment certification path, and according to the information received, be based on preset algorithm The operation values obtained to the progress operation of this document segmental identification and the root node being locally stored, which hold storage side's progress data, to be tested Card.The data proof of possession mechanism provided through the invention can prevent personal storage from doing evil, to avoid interests of another by Damage.
Further, the method executed according to above-mentioned storage side, an alternative embodiment of the invention additionally provide one kind and deposit Storage media, the storage medium are stored with a plurality of instruction, and described instruction is suitable for being loaded by processor and being executed such as above-mentioned storage The data proof of possession method of Fang Zhihang.
Further, the method executed according to above-mentioned authentication, an alternative embodiment of the invention additionally provide one kind and deposit Storage media, the storage medium are stored with a plurality of instruction, and described instruction is suitable for being loaded by processor and being executed such as above-mentioned verification The data proof of possession method of Fang Zhihang.
Further, the method executed according to above-mentioned storage side, an alternative embodiment of the invention additionally provide a kind of number According to proof of possession device, described device includes storage medium and processor;
The processor is adapted for carrying out each instruction;
The storage medium is suitable for storing a plurality of instruction;
Described instruction is suitable for being loaded by the processor and holding the data proof of possession method executed such as above-mentioned storage side.
Further, the method executed according to above-mentioned authentication, an alternative embodiment of the invention additionally provide a kind of number According to proof of possession device, described device includes storage medium and processor;
The processor is adapted for carrying out each instruction;
The storage medium is suitable for storing a plurality of instruction;
Described instruction is suitable for being loaded by the processor and holding the data proof of possession method executed such as above-mentioned authentication.
Further, according to above method embodiment, an alternative embodiment of the invention additionally provides a kind of data and holds Proof system, the system comprises deposit side, storage side and authentications;
The deposit side, for the credible trees of the Merkle of file and file to be stored in the storage side, and will be described The root node of Merkle is credible tree and the device identification of the storage side are stored in the authentication;
The storage side includes above application in the device of storage side side;
The authentication includes above application in the device of authentication side.
Wherein, it needs to the data proof of possession system of authentication feedback file fragment as shown in fig. 7, need not be to verification The data proof of possession system of square feedback file fragment is as shown in Figure 8.
Data proof of possession system provided by the invention, can be first by deposit side by the credible trees of the Merkle of file and file It is stored in storage side, and the root node of the credible trees of the Merkle is stored in authentication;Then by authentication by the text of file to be verified The root node of the Merkle of part segmental identification and file to be verified is credible tree is sent to storage side, and storage side receives these information Afterwards, and the credible trees of the corresponding Merkle of the root node and file corresponding with the leafy node of the credible trees of Merkle point are searched Piece;The certification path of file fragmentation and this document fragment corresponding to this document segmental identification is finally sent to authentication, with Just authentication holds verification according to the information received and the root node being locally stored to storage side's progress data;Or by basis The certification path of operation values, this document fragment that preset algorithm obtains this document fragment and the progress operation of this document segmental identification It is sent to authentication, so that authentication carries out operation according to the information received, based on preset algorithm to this document segmental identification Obtained operation values and the root node being locally stored carry out data to storage side and hold verification.The data provided through the invention are held There is proof mechanism, can prevent personal storage from doing evil, to avoid interests of another impaired.
The embodiment of the present invention additionally provides:
A1, a kind of data proof of possession method, the method includes:
The Merkle of the file fragmentation mark and the file to be verified that receive the file to be verified that authentication is sent is credible The root node of tree, the root node are that deposit side deposits the credible trees of the Merkle of the file to be verified and the file to be verified When entering storage side, the root node of the credible trees of same Merkle of write verification side;
Search the credible trees of Merkle corresponding with the root node and the leafy node with the credible trees of the Merkle Corresponding file fragmentation;
The certification path of file fragmentation mark corresponding file fragmentation and the file fragmentation is sent to described Authentication, so as to the authentication according to the file fragmentation, certification path and the root node received to the storage side into Row data hold verification;Or operation will be carried out to the file fragmentation and file fragmentation mark according to preset algorithm and obtained Operation values, the file fragmentation certification path be sent to the authentication, so that the authentication is according to the fortune received Calculation value identifies the file fragmentation based on the preset algorithm operation values, the certification path and the institute for carrying out operation and obtaining It states root node and verification is held to storage side progress data.
A2, the method according to A1, the preset algorithm include BLS hash algorithms.
A3, the method according to A1 or A2, the authentication include any one of following or several combinations:
There are other nodes of storage verifying authorization on the deposit side, server and block chain.
B4, a kind of data proof of possession method, the method includes:
The root node of the file fragmentation mark of file to be verified and the credible trees of Merkle of the file to be verified is sent To storage side, the root node is that the credible trees of the Merkle of the file to be verified and the file to be verified are stored in by deposit side When the storage side, the root node of the credible trees of same Merkle of write verification side;
Receive the corresponding file fragmentation and the file fragmentation of file fragmentation mark that the storage side is sent Certification path, and data are carried out to the storage side according to the file fragmentation, the certification path and the root node and are held Verification;Alternatively, receiving the certification path for the file fragmentation that the storage side is sent, being divided the file according to preset algorithm Piece and file fragmentation mark carry out the obtained operation values of operation, and according to the operation values received, be based on the pre- imputation Method, which identifies the file fragmentation, carries out operation obtained operation values, the certification path and the root node to the storage side It carries out data and holds verification.
B5, according to B4 the methods, according to the file fragmentation, the certification path and the root node to the storage Fang Jinhang data hold verification:
The root node of the credible trees of Merkle is calculated according to the file fragmentation and the certification path;
Root node will be calculated to compare with the root node being locally stored;
If identical, it is determined that the storage side is stored with the file to be verified.
B6, according to B4 the methods, according to the operation values received, based on the preset algorithm to the file fragmentation mark Know operation values, the certification path and the root node that progress operation obtains and verification packet is held to storage side progress data It includes:
It is obtained according to the operation values received and based on the preset algorithm to file fragmentation mark progress operation The operation values arrived calculate the operation of the file fragmentation corresponding with file fragmentation mark that be being stored in the storage side side Value;
The root node of the credible trees of Merkle is calculated according to the operation values of the file fragmentation and the certification path;
Root node will be calculated to compare with the root node being locally stored;
If identical, it is determined that the storage side is stored with the file to be verified.
B7, the method according to B1, the preset algorithm include BLS hash algorithms.
B8, the method according to any one of B4-B7, the authentication include any one of following or several groups It closes:
Other nodes with verifying authorization on the deposit side, server and block chain.
C9, a kind of data proof of possession device, described device include:
Receiving unit, the file fragmentation mark of the file to be verified for receiving authentication transmission and the file to be verified The credible trees of Merkle root node, the root node is deposit side by the file to be verified and the file to be verified When Merkle is credible tree deposit storage side, the root node of the credible trees of same Merkle of write verification side;
Searching unit, for searching, Merkle corresponding with the root node is credible to be set and credible with the Merkle The corresponding file fragmentation of leafy node of tree;
Transmission unit, the certification road for the file fragmentation to be identified to corresponding file fragmentation and the file fragmentation Diameter is sent to the authentication, so that the authentication is according to the file fragmentation, certification path and the root node pair received The storage side carries out data and holds verification;Or the file fragmentation and the file fragmentation will be identified according to preset algorithm The certification path of operation values, the file fragmentation that progress operation obtains is sent to the authentication, so as to the verification root According to the operation values received, the operation values, described for carrying out operation and obtaining are identified to the file fragmentation based on the preset algorithm Certification path and the root node carry out data to the storage side and hold verification.
C10, the device according to C9, the preset algorithm include BLS hash algorithms.
C11, the device according to C9 or C10, the authentication include any one of following or several combinations:
There are other nodes of storage verifying authorization on the deposit side, server and block chain.
D12, a kind of data proof of possession device, described device include:
Transmission unit, for the file fragmentation of file to be verified to be identified to the credible trees of Merkle with the file to be verified Root node be sent to storage side, the root node is deposit side by the file to be verified and the file to be verified When Merkle is credible tree is stored in the storage side, the root node of the credible trees of same Merkle of write verification side;
Receiving unit, for receiving file fragmentation and institute corresponding to the file fragmentation mark that the storage side is sent State the certification path of file fragmentation;Alternatively, receiving the certification path for the file fragmentation that the storage side is sent, according to default Algorithm carries out the file fragmentation and the file fragmentation mark operation values that operation obtains;
Authentication unit, for according to the file fragmentation, the certification path and the root node to the storage side into Row data hold verification;Alternatively, identifying progress to the file fragmentation according to the operation values received, based on the preset algorithm Operation values, the certification path and the root node that operation obtains carry out data to the storage side and hold verification.
D13, according to D12 the methods, the authentication unit includes:
First computing module, the root knot for calculating the credible trees of Merkle according to the file fragmentation and the certification path Point;
First contrast module is compared for root node will to be calculated with the root node being locally stored;
First determining module, for when identical, determining that the storage side is stored with the file to be verified.
D14, according to D12 described devices, the authentication unit includes:
Second computing module, for the operation values that receive according to and based on the preset algorithm to the file point Piece mark carries out the obtained operation values of operation, calculates corresponding to the be stored in the storage side side and file fragmentation identifies File fragmentation operation values;
Second computing module is additionally operable to be calculated according to the operation values of the file fragmentation and the certification path The root node of Merkle is credible tree;
Second contrast module is compared for root node will to be calculated with the root node being locally stored;
Second determining module, for when identical, determining that the storage side is stored with the file to be verified.
D15, the device according to D14, the preset algorithm include BLS hash algorithms.
D16, the device according to any one of D9-D15, the authentication include any one of following or several groups It closes:
Other nodes with verifying authorization on the deposit side, server and block chain.
E17, a kind of storage medium, the storage medium are stored with a plurality of instruction, and described instruction is suitable for being added by processor It carries and executes the data proof of possession method as described in any one of A1-A4;Or it loads and executes such as any one of B5-B8 institutes The data proof of possession method stated.
F18, a kind of data proof of possession device, described device includes storage medium and processor;
The processor is adapted for carrying out each instruction;
The storage medium is suitable for storing a plurality of instruction;
Described instruction is suitable for being loaded by the processor and holding the data proof of possession side as described in any one of A1-A4 Method.
G19, a kind of data proof of possession device, described device includes storage medium and processor;
The processor is adapted for carrying out each instruction;
The storage medium is suitable for storing a plurality of instruction;
Described instruction is suitable for being loaded by the processor and executing the data proof of possession side as described in any one of B5-B8 Method.
H20, a kind of data proof of possession system, the system comprises deposit side, storage side and authentications;
The deposit side, for the credible trees of the Merkle of file and file to be stored in the storage side, and will be described The root node of Merkle is credible tree and the device identification of the storage side are stored in the authentication;
The storage side includes the device described in F18;
The authentication includes the device described in G19.
In the above-described embodiments, it all emphasizes particularly on different fields to the description of each embodiment, there is no the portion being described in detail in some embodiment Point, it may refer to the associated description of other embodiment.
It is understood that the correlated characteristic in the above method and device can be referred to mutually.In addition, in above-described embodiment " first ", " second " etc. be and not represent the quality of each embodiment for distinguishing each embodiment.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description, The specific work process of device and unit, can refer to corresponding processes in the foregoing method embodiment, and details are not described herein.
Algorithm and display be not inherently related to any certain computer, virtual system or miscellaneous equipment provided herein. Various general-purpose systems can also be used together with teaching based on this.As described above, it constructs required by this kind of system Structure be obvious.In addition, the present invention is not also directed to any certain programmed language.It should be understood that can utilize various Programming language realizes the content of invention described herein, and the description done above to language-specific is to disclose this hair Bright preferred forms.
In the instructions provided here, numerous specific details are set forth.It is to be appreciated, however, that the implementation of the present invention Example can be put into practice without these specific details.In some instances, well known method, structure is not been shown in detail And technology, so as not to obscure the understanding of this description.
Similarly, it should be understood that in order to simplify the disclosure and help to understand one or more of each inventive aspect, Above in the description of exemplary embodiment of the present invention, each feature of the invention is grouped together into single implementation sometimes In example, figure or descriptions thereof.However, the method for the disclosure should be construed to reflect following intention:It is i.e. required anti- Shield the present invention claims the more features of feature than being expressly recited in each claim.More precisely, as following Claims reflect as, inventive aspect is all features less than single embodiment disclosed above.Therefore, Thus the claims for following specific implementation mode are expressly incorporated in the specific implementation mode, wherein each claim itself All as a separate embodiment of the present invention.
Those skilled in the art, which are appreciated that, to carry out adaptively the module in the equipment in embodiment Change and they are arranged in the one or more equipment different from the embodiment.It can be the module or list in embodiment Member or component be combined into a module or unit or component, and can be divided into addition multiple submodule or subelement or Sub-component.Other than such feature and/or at least some of process or unit exclude each other, it may be used any Combination is disclosed to all features disclosed in this specification (including adjoint claim, abstract and attached drawing) and so to appoint Where all processes or unit of method or equipment are combined.Unless expressly stated otherwise, this specification (including adjoint power Profit requires, abstract and attached drawing) disclosed in each feature can be by providing the alternative features of identical, equivalent or similar purpose come generation It replaces.
In addition, it will be appreciated by those of skill in the art that although some embodiments described herein include other embodiments In included certain features rather than other feature, but the combination of the feature of different embodiments means in of the invention Within the scope of and form different embodiments.For example, in the following claims, the embodiment of required protection is appointed One of meaning mode can use in any combination.
The all parts embodiment of the present invention can be with hardware realization, or to run on one or more processors Software module realize, or realized with combination thereof.It will be understood by those of skill in the art that can use in practice Microprocessor or digital signal processor (DSP) realize data proof of possession method, apparatus according to the ... of the embodiment of the present invention And some or all functions of some or all components in system.The present invention is also implemented as executing institute here Some or all equipment or program of device of the method for description are (for example, computer program and computer program production Product).It is such to realize that the program of the present invention may be stored on the computer-readable medium, or can have one or more The form of signal.Such signal can be downloaded from internet website and be obtained, and either be provided on carrier signal or to appoint What other forms provides.
It should be noted that the present invention will be described rather than limits the invention for above-described embodiment, and ability Field technique personnel can design alternative embodiment without departing from the scope of the appended claims.In the claims, Any reference mark between bracket should not be configured to limitations on claims.Word "comprising" does not exclude the presence of not Element or step listed in the claims.Word "a" or "an" before element does not exclude the presence of multiple such Element.The present invention can be by means of including the hardware of several different elements and being come by means of properly programmed computer real It is existing.In the unit claims listing several devices, several in these devices can be by the same hardware branch To embody.The use of word first, second, and third does not indicate that any sequence.These words can be explained and be run after fame Claim.

Claims (10)

1. a kind of data proof of possession method, which is characterized in that the method includes:
Receive file fragmentation mark and the credible trees of Merkle of the file to be verified of the file to be verified that authentication is sent Root node, the root node are that deposit side deposits the credible trees of the Merkle of the file to be verified and the file to be verified When storage side, the root node of the credible trees of same Merkle of write verification side;
Lookup is corresponding with the credible trees of the corresponding Merkle of the root node and with the leafy node of the credible trees of the Merkle File fragmentation;
The certification path of file fragmentation mark corresponding file fragmentation and the file fragmentation is sent to the verification Side, so as to the authentication according to the file fragmentation, certification path and the root node received to the storage side into line number It is verified according to holding;Or the fortune that operation obtains will be carried out to the file fragmentation and file fragmentation mark according to preset algorithm Calculation value, the file fragmentation certification path be sent to the authentication, so as to the authentication according to the operation values received, Operation values, the certification path and the root knot for carrying out operation and obtaining are identified to the file fragmentation based on the preset algorithm Point carries out data to the storage side and holds verification.
2. a kind of data proof of possession method, which is characterized in that the method includes:
The root node of the file fragmentation mark of file to be verified and the credible trees of Merkle of the file to be verified is sent to and is deposited Chu Fang, the root node are that deposit side will be described in the credible tree deposits of the Merkle of the file to be verified and the file to be verified When storage side, the root node of the credible trees of same Merkle of write verification side;
Receive the certification for the corresponding file fragmentation and the file fragmentation of file fragmentation mark that the storage side is sent Path, and data are carried out to the storage side according to the file fragmentation, the certification path and the root node and hold verification; Alternatively, receive the certification path for the file fragmentation that the storage side is sent, according to preset algorithm to the file fragmentation and File fragmentation mark carries out the operation values that operation obtains, and according to the operation values received, be based on the preset algorithm pair The file fragmentation mark carries out operation values, the certification path and the root node that operation obtains and is carried out to the storage side Data hold verification.
3. method according to claim 2, which is characterized in that according to the file fragmentation, the certification path and described Node holds verification to storage side progress data:
The root node of the credible trees of Merkle is calculated according to the file fragmentation and the certification path;
Root node will be calculated to compare with the root node being locally stored;
If identical, it is determined that the storage side is stored with the file to be verified.
4. method according to claim 2, which is characterized in that according to the operation values received, be based on the preset algorithm pair The file fragmentation mark carries out operation values, the certification path and the root node that operation obtains and is carried out to the storage side Data hold verification:
Identify what progress operation obtained according to the operation values received and based on the preset algorithm to the file fragmentation Operation values calculate the operation values of the file fragmentation corresponding with file fragmentation mark that be being stored in the storage side side;
The root node of the credible trees of Merkle is calculated according to the operation values of the file fragmentation and the certification path;
Root node will be calculated to compare with the root node being locally stored;
If identical, it is determined that the storage side is stored with the file to be verified.
5. a kind of data proof of possession device, which is characterized in that described device includes:
Receiving unit, the file fragmentation mark of the file to be verified for receiving authentication transmission and the file to be verified The root node of Merkle is credible tree, the root node are deposit sides by the file to be verified and the file to be verified When Merkle is credible tree deposit storage side, the root node of the credible trees of same Merkle of write verification side;
Searching unit, for searches Merkle corresponding with the root node it is credible set and with the credible trees of the Merkle The corresponding file fragmentation of leafy node;
Transmission unit, for sending out the certification path of file fragmentation mark corresponding file fragmentation and the file fragmentation Give the authentication, so as to the authentication according to the file fragmentation, certification path and the root node received to described Storage side carries out data and holds verification;Or the file fragmentation and file fragmentation mark will be carried out according to preset algorithm The certification path of operation values, the file fragmentation that operation obtains is sent to the authentication, so that the authentication is according to connecing The operation values that receive identify the file fragmentation operation values for carrying out operation and obtaining, the certification based on the preset algorithm Path and the root node carry out data to the storage side and hold verification.
6. a kind of data proof of possession device, which is characterized in that described device includes:
Transmission unit, for the file fragmentation of file to be verified to be identified to the root with the credible trees of Merkle of the file to be verified Node is sent to storage side, and the root node is that deposit side can by the Merkle of the file to be verified and the file to be verified When letter tree is stored in the storage side, the root node of the credible trees of same Merkle of write verification side;
Receiving unit, for receiving the corresponding file fragmentation of file fragmentation mark and the text that the storage side is sent The certification path of part fragment;Alternatively, receiving the certification path for the file fragmentation that the storage side is sent, according to preset algorithm The operation values that operation obtains are carried out to the file fragmentation and file fragmentation mark;
Authentication unit, for according to the file fragmentation, the certification path and the root node to the storage side into line number It is verified according to holding;Alternatively, identifying progress operation to the file fragmentation according to the operation values received, based on the preset algorithm Obtained operation values, the certification path and the root node carries out data to the storage side and holds verification.
7. a kind of storage medium, which is characterized in that the storage medium is stored with a plurality of instruction, and described instruction is suitable for by handling Device loads and executes data proof of possession method as described in claim 1;Or it loads and executes as claimed in claim 2 Data proof of possession method.
8. a kind of data proof of possession device, which is characterized in that described device includes storage medium and processor;
The processor is adapted for carrying out each instruction;
The storage medium is suitable for storing a plurality of instruction;
Described instruction is suitable for being loaded by the processor and holding data proof of possession method as described in claim 1.
9. a kind of data proof of possession device, which is characterized in that described device includes storage medium and processor;
The processor is adapted for carrying out each instruction;
The storage medium is suitable for storing a plurality of instruction;
Described instruction is suitable for being loaded by the processor and executing data proof of possession method as claimed in claim 2.
10. a kind of data proof of possession system, which is characterized in that the system comprises deposit side, storage side and authentications;
The deposit side, for the credible trees of the Merkle of file and file to be stored in the storage side, and can by the Merkle The device identification of the root node and the storage side of believing tree is stored in the authentication;
The storage side includes device according to any one of claims 8;
The authentication includes the device described in claim 9.
CN201810450384.5A 2018-05-11 2018-05-11 Data proof of possession method, apparatus and system Pending CN108629040A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810450384.5A CN108629040A (en) 2018-05-11 2018-05-11 Data proof of possession method, apparatus and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810450384.5A CN108629040A (en) 2018-05-11 2018-05-11 Data proof of possession method, apparatus and system

Publications (1)

Publication Number Publication Date
CN108629040A true CN108629040A (en) 2018-10-09

Family

ID=63692880

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810450384.5A Pending CN108629040A (en) 2018-05-11 2018-05-11 Data proof of possession method, apparatus and system

Country Status (1)

Country Link
CN (1) CN108629040A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110933044A (en) * 2019-11-08 2020-03-27 华中科技大学 Data possession proving method capable of realizing public audit in distributed storage system
CN112435026A (en) * 2020-11-27 2021-03-02 从法信息科技有限公司 Method and device for protecting file transaction information by using zero-knowledge proof and electronic equipment
WO2023098769A1 (en) * 2021-12-02 2023-06-08 中兴通讯股份有限公司 Identity authentication method, electronic device and computer-readable storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103268460A (en) * 2013-06-20 2013-08-28 北京航空航天大学 Integrity verification method of cloud storage data
CN106301789A (en) * 2016-08-16 2017-01-04 电子科技大学 Apply the dynamic verification method of the cloud storage data that linear homomorphism based on lattice signs
CN106407795A (en) * 2016-09-05 2017-02-15 北京众享比特科技有限公司 Data existence authentication system, authentication method and verification method
US20170250815A1 (en) * 2016-01-26 2017-08-31 Stampery Inc. Systems and methods for certification of data units and/or certification verification
CN107247773A (en) * 2017-06-07 2017-10-13 北京邮电大学 A kind of method that inquiry is traded in distributed data base based on block chain
CN107807951A (en) * 2017-09-18 2018-03-16 联动优势科技有限公司 A kind of block chain generation method, data verification method, node and system

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103268460A (en) * 2013-06-20 2013-08-28 北京航空航天大学 Integrity verification method of cloud storage data
US20170250815A1 (en) * 2016-01-26 2017-08-31 Stampery Inc. Systems and methods for certification of data units and/or certification verification
CN106301789A (en) * 2016-08-16 2017-01-04 电子科技大学 Apply the dynamic verification method of the cloud storage data that linear homomorphism based on lattice signs
CN106407795A (en) * 2016-09-05 2017-02-15 北京众享比特科技有限公司 Data existence authentication system, authentication method and verification method
CN107247773A (en) * 2017-06-07 2017-10-13 北京邮电大学 A kind of method that inquiry is traded in distributed data base based on block chain
CN107807951A (en) * 2017-09-18 2018-03-16 联动优势科技有限公司 A kind of block chain generation method, data verification method, node and system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
刘芳: "Merkle可信树遍历算法及在数字签名上的应用研究", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110933044A (en) * 2019-11-08 2020-03-27 华中科技大学 Data possession proving method capable of realizing public audit in distributed storage system
CN112435026A (en) * 2020-11-27 2021-03-02 从法信息科技有限公司 Method and device for protecting file transaction information by using zero-knowledge proof and electronic equipment
CN112435026B (en) * 2020-11-27 2023-03-28 从法信息科技有限公司 Method and device for protecting file transaction information by using zero-knowledge proof and electronic equipment
WO2023098769A1 (en) * 2021-12-02 2023-06-08 中兴通讯股份有限公司 Identity authentication method, electronic device and computer-readable storage medium

Similar Documents

Publication Publication Date Title
CN108737109A (en) Data proof of possession method, apparatus and system
CN108681583A (en) Data proof of possession method, apparatus and readable storage medium storing program for executing based on block chain
CN106533696B (en) Identity identifying method, certificate server and user terminal based on block chain
CN108664221A (en) A kind of data proof of possession method, apparatus and readable storage medium storing program for executing
CN108629040A (en) Data proof of possession method, apparatus and system
US8694980B2 (en) Efficient egonet computation in a weighted directed graph
CN109685528A (en) System and method based on deep learning detection counterfeit product
US20200186517A1 (en) Secure token passing via hash chains
CN106230867A (en) Prediction domain name whether method, system and the model training method thereof of malice, system
CN108121795A (en) User's behavior prediction method and device
CN111415161B (en) Block chain-based data verification method and device and computer readable storage medium
CN108234134A (en) Block synchronous method and system
CN107851143A (en) Apparatus and method for using customer equipment certificate in equipment
CN108769057A (en) Personal identification method based on block chain and device
CN108234474A (en) A kind of method and apparatus of website identification
WO2019038424A1 (en) Edit script verification with match operations and difference operations
CN109656829A (en) Test method and device based on docker
EP4182823A1 (en) Threat analysis and risk assessment for cyber-physical systems based on physical architecture and asset-centric threat modeling
CN108156165A (en) A kind of method and system for reporting detection by mistake
CN109583223A (en) A kind of detection method and device of pair of big data security deployment
CN108712379A (en) Data push method and device
US20170091451A1 (en) Creating rules describing malicious files based on file properties
CN110311884A (en) Equipment, method and program product for the secure communication in uncertainty network
CN106104546A (en) Multistage password and phishing protection are provided
CN104375935B (en) The test method and device of SQL injection attack

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20181009

RJ01 Rejection of invention patent application after publication