CN108629040A - Data proof of possession method, apparatus and system - Google Patents
Data proof of possession method, apparatus and system Download PDFInfo
- Publication number
- CN108629040A CN108629040A CN201810450384.5A CN201810450384A CN108629040A CN 108629040 A CN108629040 A CN 108629040A CN 201810450384 A CN201810450384 A CN 201810450384A CN 108629040 A CN108629040 A CN 108629040A
- Authority
- CN
- China
- Prior art keywords
- file
- file fragmentation
- root node
- merkle
- credible
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
Abstract
The invention discloses a kind of data proof of possession method, apparatus and systems, can solve the problems, such as the existing personal no data proof of possession mechanism of storage.Method includes:Receive the root node of the file fragmentation mark and the credible trees of Merkle of file to be verified;Search and the corresponding credible trees of Merkle of root node and file fragmentation corresponding with the leafy node of the credible trees of Merkle;The certification path of file fragmentation mark corresponding file fragmentation and file fragmentation is sent to authentication, holds verification so that authentication carries out data according to file fragmentation, certification path and root node to storage side;Or the certification path of the operation values obtained to file fragmentation and file fragmentation mark progress operation according to preset algorithm, file fragmentation is sent to authentication, so that authentication holds verification to operation values, certification path and the root node of file fragmentation mark progress operation according to the operation values, based on preset algorithm to storage side's progress data.The present invention is mainly suitable for the scenes that data are stored based on block chain.
Description
Technical field
The present invention relates to technical field of data processing, more particularly to a kind of data proof of possession method, apparatus and system.
Background technology
Block chain technology is a kind of decentralization and resides in data storage, transmission and the method proved of distributed frame,
Dependence with data block instead of current internet to central server.Currently, in block chain field, a kind of is provided
People's store function, i.e. user can will need in the file stored storage to other nodes of block chain, and be storage file
Node awards reward, such as pays.It is possible to do evil however, personal, may claim and deposit in the case of no storage
Storage, it is impaired so as to cause interests of another.Therefore, it is urgently to be resolved hurrily for how providing a kind of data proof of possession mechanism.
Invention content
In view of this, data proof of possession method, apparatus provided by the invention and system, can solve existing individual and deposit
No data proof of possession mechanism is stored up, the problem for causing interests of another impaired.
The purpose of the present invention is what is realized using following technical scheme:
In a first aspect, the present invention provides a kind of data proof of possession method, the method includes:
The Merkle of the file fragmentation mark and the file to be verified that receive the file to be verified that authentication is sent is credible
The root node of tree, the root node are that deposit side deposits the credible trees of the Merkle of the file to be verified and the file to be verified
When entering storage side, the root node of the credible trees of same Merkle of write verification side;
Search the credible trees of Merkle corresponding with the root node and the leafy node with the credible trees of the Merkle
Corresponding file fragmentation;
The certification path of file fragmentation mark corresponding file fragmentation and the file fragmentation is sent to described
Authentication, so as to the authentication according to the file fragmentation, certification path and the root node received to the storage side into
Row data hold verification;Or operation will be carried out to the file fragmentation and file fragmentation mark according to preset algorithm and obtained
Operation values, the file fragmentation certification path be sent to the authentication, so that the authentication is according to the fortune received
Calculation value identifies the file fragmentation based on the preset algorithm operation values, the certification path and the institute for carrying out operation and obtaining
It states root node and verification is held to storage side progress data.
Second aspect, the present invention provides a kind of data proof of possession method, the method includes:
The root node of the file fragmentation mark of file to be verified and the credible trees of Merkle of the file to be verified is sent
To storage side, the root node is that the credible trees of the Merkle of the file to be verified and the file to be verified are stored in by deposit side
When the storage side, the root node of the credible trees of same Merkle of write verification side;
Receive the corresponding file fragmentation and the file fragmentation of file fragmentation mark that the storage side is sent
Certification path, and data are carried out to the storage side according to the file fragmentation, the certification path and the root node and are held
Verification;Alternatively, receiving the certification path for the file fragmentation that the storage side is sent, being divided the file according to preset algorithm
Piece and file fragmentation mark carry out the obtained operation values of operation, and according to the operation values received, be based on the pre- imputation
Method, which identifies the file fragmentation, carries out operation obtained operation values, the certification path and the root node to the storage side
It carries out data and holds verification.
The third aspect, the present invention provides a kind of data proof of possession device, described device includes:
Receiving unit, the file fragmentation mark of the file to be verified for receiving authentication transmission and the file to be verified
The credible trees of Merkle root node, the root node is deposit side by the file to be verified and the file to be verified
When Merkle is credible tree deposit storage side, the root node of the credible trees of same Merkle of write verification side;
Searching unit, for searching, Merkle corresponding with the root node is credible to be set and credible with the Merkle
The corresponding file fragmentation of leafy node of tree;
Transmission unit, the certification road for the file fragmentation to be identified to corresponding file fragmentation and the file fragmentation
Diameter is sent to the authentication, so that the authentication is according to the file fragmentation, certification path and the root node pair received
The storage side carries out data and holds verification;Or the file fragmentation and the file fragmentation will be identified according to preset algorithm
The certification path of operation values, the file fragmentation that progress operation obtains is sent to the authentication, so as to the verification root
According to the operation values received, the operation values, described for carrying out operation and obtaining are identified to the file fragmentation based on the preset algorithm
Certification path and the root node carry out data to the storage side and hold verification.
Fourth aspect, the present invention provides a kind of data proof of possession device, described device includes:
Transmission unit, for the file fragmentation of file to be verified to be identified to the credible trees of Merkle with the file to be verified
Root node be sent to storage side, the root node is deposit side by the file to be verified and the file to be verified
When Merkle is credible tree is stored in the storage side, the root node of the credible trees of same Merkle of write verification side;
Receiving unit, for receiving file fragmentation and institute corresponding to the file fragmentation mark that the storage side is sent
State the certification path of file fragmentation;Alternatively, receiving the certification path for the file fragmentation that the storage side is sent, according to default
Algorithm carries out the file fragmentation and the file fragmentation mark operation values that operation obtains;
Authentication unit, for according to the file fragmentation, the certification path and the root node to the storage side into
Row data hold verification;Alternatively, identifying progress to the file fragmentation according to the operation values received, based on the preset algorithm
Operation values, the certification path and the root node that operation obtains carry out data to the storage side and hold verification.
5th aspect, the present invention provides a kind of storage medium, the storage medium is stored with a plurality of instruction, described instruction
Suitable for being loaded by processor and being executed data proof of possession method as described in relation to the first aspect;Or it loads and executes such as second
Data proof of possession method described in aspect.
6th aspect, the present invention provides a kind of data proof of possession device, described device includes storage medium and processing
Device;
The processor is adapted for carrying out each instruction;
The storage medium is suitable for storing a plurality of instruction;
Described instruction is suitable for being loaded by the processor and holding data proof of possession method as described in relation to the first aspect.
7th aspect, the present invention provides a kind of data proof of possession device, described device includes storage medium and processing
Device;
The processor is adapted for carrying out each instruction;
The storage medium is suitable for storing a plurality of instruction;
Described instruction is suitable for being loaded by the processor and executing the data proof of possession method as described in second aspect.
Eighth aspect, the present invention provides a kind of data proof of possession system, the system comprises deposit side, storage side and
Authentication;
The deposit side, for the credible trees of the Merkle of file and file to be stored in the storage side, and will be described
The root node of Merkle is credible tree and the device identification of the storage side are stored in the authentication;
The storage side includes the device described in the 6th aspect;
The authentication includes the device described in the 7th aspect.
By above-mentioned technical proposal, data proof of possession method, apparatus and system provided by the invention can be first by being stored in
The credible trees of the Merkle of file and file are stored in storage side by side, and the root node of the credible trees of the Merkle is stored in authentication;
Then the root node of the file fragmentation mark of file to be verified and the credible trees of Merkle of file to be verified is sent by authentication
To storage side, after storage side receives these information, search Merkle corresponding with the root node it is credible set and with
The corresponding file fragmentation of leafy node of Merkle is credible tree;Finally by corresponding to this document segmental identification file fragmentation and should
The certification path of file fragmentation is sent to authentication, so that authentication is according to the information received and the root node pair being locally stored
Storage side carries out data and holds verification;Or operation will be carried out to this document fragment and this document segmental identification according to preset algorithm
The certification path of obtained operation values, this document fragment is sent to authentication, so as to authentication according to the information received, be based on
Preset algorithm carries out the obtained operation values of operation and the root node being locally stored to storage side into line number to this document segmental identification
It is verified according to holding.The data proof of possession mechanism provided through the invention can prevent personal storage from doing evil, to avoid other people
Benefit damage.
Above description is only the general introduction of technical solution of the present invention, in order to better understand the technical means of the present invention,
And can be implemented in accordance with the contents of the specification, and in order to allow above and other objects of the present invention, feature and advantage can
It is clearer and more comprehensible, below the special specific implementation mode for lifting the present invention.
Description of the drawings
By reading the detailed description of hereafter preferred embodiment, various other advantages and benefit are common for this field
Technical staff will become clear.Attached drawing only for the purpose of illustrating preferred embodiments, and is not considered as to the present invention
Limitation.And throughout the drawings, the same reference numbers will be used to refer to the same parts.In the accompanying drawings:
Fig. 1 shows a kind of flow chart of data proof of possession method provided in an embodiment of the present invention;
Fig. 2 shows a kind of exemplary plots of the credible trees of Merkle provided in an embodiment of the present invention;
Fig. 3 shows the flow chart of another data proof of possession method provided in an embodiment of the present invention;
Fig. 4 shows a kind of composition frame chart of data proof of possession device provided in an embodiment of the present invention;
Fig. 5 shows the composition frame chart of another data proof of possession device provided in an embodiment of the present invention;
Fig. 6 shows the composition frame chart of another data proof of possession device provided in an embodiment of the present invention;
Fig. 7 shows a kind of data proof of possession system construction drawing provided in an embodiment of the present invention;
Fig. 8 shows another data proof of possession system construction drawing provided in an embodiment of the present invention.
Specific implementation mode
The exemplary embodiment of the disclosure is more fully described below with reference to accompanying drawings.Although showing the disclosure in attached drawing
Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure without should be by embodiments set forth here
It is limited.On the contrary, these embodiments are provided to facilitate a more thoroughly understanding of the present invention, and can be by the scope of the present disclosure
Completely it is communicated to those skilled in the art.
An embodiment of the present invention provides a kind of data proof of possession method, the method is mainly used in storage side, such as Fig. 1
It is shown, the method includes:
101, the Merkle of the file fragmentation mark and the file to be verified of the file to be verified that authentication is sent is received
The root node of credible tree.
Wherein, root node is that the credible trees of the Merkle of the file to be verified and the file to be verified are stored in by deposit side
When storage side, the root node of the credible trees of same Merkle of write verification side.That is, when some file is stored in by deposit side
Before storage side, the credible trees of Merkle of this document can be first calculated, are then sent to the credible trees of the Merkle and file content
Storage side is stored, and the device identification of the root node of the credible trees of the Merkle and storage side is sent to authentication and is deposited
Storage holds verification in order to which subsequent authentication side is based on these information to storage side's progress data.
In practical applications, authentication periodically can hold verification to storage side's progress data, whether to determine storage side
Pay storage labour.When authentication needs to hold verification to some storage side progress data, can be deposited according to what is be locally stored
Corresponding not authenticated root node is searched in the device identification of Chu Fang, then random to generate a file fragmentation mark (such as
Position or fragment number of the file fragmentation in entire file), and the root node that file fragmentation is identified and found is sent
To storage side, to store root according to the verification information needed for file fragmentation mark and root node feedback validation side.
It should be noted that the authentication of the embodiment of the present invention includes any one of following or several combinations:Deposit side,
There are other nodes of storage verifying authorization on server and block chain.
It is to be understood that the generating process of the credible trees of Merkle is as follows:
If being 4 file fragmentations, respectively L1, L2, L3 and L4 by file declustering, then L1, L2, L3 and L4 are calculated separately
Then cryptographic Hash calculates two neighboring leaf as the credible leaf child nodes of Merkle if cryptographic Hash is respectively H1, H2, H3 and H4
Father node of the cryptographic Hash of child node as the two leafy nodes, in this way until obtaining root node.Such as H1 and H2
It is the father node of H6, H5 and H6 is H7 (i.e. root node) that father node, which is the father node of H5, H3 and H4,.The Merkle ultimately generated can
Letter tree is as shown in Figure 2.
102, the credible trees of Merkle corresponding with the root node and the leaf with the credible trees of the Merkle are searched
The corresponding file fragmentation of node.
After storage side receives file fragmentation mark and root node, it can first be found and to be locally stored according to root node
Merkle is credible tree, that is, include the credible trees of Merkle of the root node, then find each leaf knot of the credible trees of the Merkle
The corresponding file fragmentation of point, to obtain the verification needed for authentication according to the credible trees of the Merkle found and file fragmentation
Information.For example, if the root node that storage side receives is H7, file fragmentation mark is 3, then the Merkle found is credible to be set such as
Shown in Fig. 2, file fragmentation is the file L3 corresponding to leafy node H3.
After getting the credible trees of Merkle and file fragmentation, can by executing following step 103 or step 104,
So that authentication realization holds verification to the data of storage side:
103, the certification path of file fragmentation mark corresponding file fragmentation and the file fragmentation is sent to
The authentication, so as to the authentication according to the file fragmentation, certification path and the root node received to the storage
Fang Jinhang data hold verification.
Wherein, certification path refers to the road of the sibling composition of all nodes from certification leafy node to root node
Diameter.For example, if the file fragmentation corresponding to file fragmentation mark is the L1 in Fig. 2, the certification path of L1 is H2->H6.
After the certification path of file fragmentation and file fragmentation is sent to authentication, authentication can be according to receiving
File fragmentation and certification path calculate a root node, then carry out calculated root node with the root node locally preserved
Comparison is realized to storage number formulary according to the verification held.
104, the operation that operation obtains will be carried out to the file fragmentation and file fragmentation mark according to preset algorithm
Value, the file fragmentation certification path be sent to the authentication, so as to the authentication according to receive operation values, base
Operation values, the certification path and the root node for carrying out operation and obtaining are identified to the file fragmentation in the preset algorithm
Data are carried out to the storage side and hold verification.
The verification method of above-mentioned steps 103 needs to store direction authentication one file fragmentation of feedback, if the verification of malice
Side constantly sends different file fragmentation marks to storage side, then the side of storage can send different file fragmentations to authentication,
To which there are the risks that entire file is leaked.In order to avoid outflow of document, file fragmentation content can not be sent to authentication
Itself, but the operation values and certification path that file fragmentation and file fragmentation mark progress operation obtain are sent to verification
Side, so that authentication is not in the case where knowing file fragmentation content, directly according to the operation values and being based solely on file fragmentation
The operation values being calculated are identified, calculate the corresponding leafy node of file fragmentation, and according to calculated leafy node and recognize
Card path computing goes out root node, is compared further according to calculated root node and the root node being locally stored, and realizes to storage
The data of side hold verification.
Wherein, preset algorithm includes BLS hash algorithms.BLS hash algorithms meet following characteristic:BLS_Hash (A+B)=
BLS_Hash (A) ^BLS_Hash (B), the even known cryptographic Hash of A+B and the cryptographic Hash of A, it will be able to calculate the cryptographic Hash of B.
Data proof of possession method provided in an embodiment of the present invention, can be first by deposit side by the Merkle of file and file
Credible tree is stored in storage side, and the root node of the credible trees of the Merkle is stored in authentication;Then by authentication by text to be verified
The root node of the file fragmentation mark of part and the credible trees of Merkle of file to be verified is sent to storage side, and storage side receives this
After a little information, search and the corresponding Merkle of the root node is credible sets and corresponding with the leafy node of the credible trees of Merkle
File fragmentation;The certification path of file fragmentation and this document fragment corresponding to this document segmental identification is finally sent to verification
Side holds verification so that authentication carries out data according to the information received and the root node being locally stored to storage side;Or
Operation values that operation obtains will be carried out to this document fragment and this document segmental identification according to preset algorithm, this document fragment is recognized
Card path be sent to authentication, so as to authentication according to the information received, be based on preset algorithm to this document segmental identification into
The operation values that row operation obtains carry out data to storage side with the root node being locally stored and hold verification.It provides through the invention
Data proof of possession mechanism can prevent personal storage from doing evil, to avoid interests of another impaired.
Further, according to method shown in FIG. 1, an alternative embodiment of the invention additionally provides a kind of data and holds card
Bright method, the method are mainly used in authentication, as shown in figure 3, the method includes mainly:
201, by the root node of the file fragmentation of file to be verified mark and the credible trees of Merkle of the file to be verified
It is sent to storage side.
Wherein, root node is that the credible trees of the Merkle of the file to be verified and the file to be verified are stored in by deposit side
When the storage side, the root node of the credible trees of same Merkle of write verification side.That is, working as deposit side by some file
Before being stored in storage side, the credible trees of Merkle of this document can be first calculated, then send out the credible trees of the Merkle and file content
Storage side is given to be stored, and by the device identification of the root node of the credible trees of the Merkle and storage side be sent to authentication into
Row storage holds verification in order to which subsequent authentication side is based on these information to storage side's progress data.
In practical applications, authentication periodically can hold verification to storage side's progress data, whether to determine storage side
Pay storage labour.When authentication needs to hold verification to some storage side progress data, can be deposited according to what is be locally stored
Corresponding not authenticated root node is searched in the device identification of Chu Fang, then random to generate a file fragmentation mark (such as
Position or fragment number of the file fragmentation in entire file), and the root node that file fragmentation is identified and found is sent
To storage side, to store root according to the verification information needed for file fragmentation mark and root node feedback validation side.
It should be noted that the authentication of the embodiment of the present invention includes any one of following or several combinations:Deposit side,
There are other nodes of storage verifying authorization on server and block chain.
It, can be by executing following step 202 or step after file fragmentation mark and root node are sent to storage side
Rapid 203 so that authentication realization holds verification to the data of storage side:
202, the corresponding file fragmentation of file fragmentation mark and the file point that the storage side is sent are received
The certification path of piece, and data are carried out to the storage side according to the file fragmentation, the certification path and the root node
Hold verification.
Wherein, certification path refers to the road of the sibling composition of all nodes from certification leafy node to root node
Diameter.
After receiving the file fragmentation and certification path that storage root is found according to file fragmentation mark and root node, test
A root node can be calculated in card side according to file fragmentation and certification path, then by the root node and the root being locally stored
Node (root node that storage side is issued in step 201) is compared, if the two is identical, illustrates the file that the side of storage stores
Fragment is the file fragmentation that the side of deposit is stored in, and may thereby determine that storage side is stored with the file to be verified, if the two is different,
Illustrate that file fragmentation that the side of storage stores is not the file fragmentation that the side of deposit is stored in, may thereby determine that storage side is to be tested without this
Demonstrate,prove file.
For example, if the file fragmentation corresponding to file fragmentation mark is the L1 in Fig. 2, the certification path of L1 is H2->H6,
L1 cryptographic Hash H1 ' then can be first calculated, the cryptographic Hash H5 ' of H1 ' and H2 are then calculated, finally calculate the cryptographic Hash of H5 ' and H6
H7′.And compare H7 ' and H7, if the two is identical, it is determined that storage side is stored with the file to be verified, no person, and determination is deposited
Chu Fang does not store the file to be verified.
203, receive the certification path for the file fragmentation that the storage side is sent, according to preset algorithm to the file
Fragment and file fragmentation mark carry out the operation values that operation obtains, and are preset according to the operation values received, based on described
Algorithm, which identifies the file fragmentation, carries out operation obtained operation values, the certification path and the root node to the storage
Fang Jinhang data hold verification.
The verification method of above-mentioned steps 202 needs to store direction authentication one file fragmentation of feedback, if the verification of malice
Side constantly sends different file fragmentation marks to storage side, then the side of storage can send different file fragmentations to authentication,
To which there are the risks that entire file is leaked.In order to avoid outflow of document, file fragmentation content can not be sent to authentication
Itself, but the operation values and certification path that file fragmentation and file fragmentation mark progress operation obtain are sent to verification
Side, so that authentication is not in the case where knowing file fragmentation content, directly according to the operation values and being based solely on file fragmentation
The operation values being calculated are identified, calculate the corresponding leafy node of file fragmentation, and according to calculated leafy node and recognize
Card path computing goes out root node, is compared further according to calculated root node and the root node being locally stored, and realizes to storage
The data of side hold verification.
Specifically, on the certification road for receiving the file fragmentation that storage root is determined according to file fragmentation mark and root node
After diameter, the operation values obtained to file fragmentation and file fragmentation mark progress operation, authentication can first be based on preset algorithm pair
File fragmentation mark carry out operation obtain operation values, then according to the two operation values calculate be stored in storage side side, and be somebody's turn to do
The operation values of the corresponding file fragmentation of file fragmentation mark are to get to the corresponding leafy node of file fragmentation, further according to basis
The operation values and certification path of file fragmentation calculate the root node of the credible trees of Merkle, and root node and local will finally be calculated
The root node of storage is compared, if the two is identical, illustrates that file fragmentation that the side of storage stores is the file that the side of deposit is stored in
Fragment may thereby determine that storage side is stored with the file to be verified, if the two is different, illustrate the file point that the side of storage stores
Piece is not the file fragmentation that the side of deposit is stored in, and may thereby determine that storage side without the file to be verified.
Wherein, preset algorithm includes BLS hash algorithms.BLS hash algorithms meet following characteristic:BLS_Hash (A+B)=
BLS_Hash (A) ^BLS_Hash (B), the even known cryptographic Hash of A+B and the cryptographic Hash of A, it will be able to calculate the cryptographic Hash of B.
If A is file fragmentation mark, B is file fragmentation, then in the operation values BLS_Hash for knowing file fragmentation mark and file fragmentation
(A+B), in the case of the operation values BLS_Hash (A) of file fragmentation mark, formula BLS_ can be passed through
Hash (A+B)=BLS_Hash (A) ^BLS_Hash (B), is calculated the operation values BLS_Hash of file fragmentation
(B)。
Data proof of possession method provided in an embodiment of the present invention, can be first by deposit side by the Merkle of file and file
Credible tree is stored in storage side, and the root node of the credible trees of the Merkle is stored in authentication;Then by authentication by text to be verified
The root node of the file fragmentation mark of part and the credible trees of Merkle of file to be verified is sent to storage side;Last authentication receives
The file fragmentation and certification path that storage side is sent, and according to the information that receives and the root node being locally stored to storage side into
Row data hold verification;Or authentication receive storage side send according to preset algorithm to this document fragment and this document fragment
Mark carry out operation obtain operation values, this document fragment certification path, and according to the information received, be based on preset algorithm
The operation values obtained to the progress operation of this document segmental identification and the root node being locally stored, which hold storage side's progress data, to be tested
Card.The data proof of possession mechanism provided through the invention can prevent personal storage from doing evil, to avoid interests of another by
Damage.
Further, the method executed according to above-mentioned storage side, an alternative embodiment of the invention additionally provide a kind of number
According to proof of possession device, described device is mainly used in storage side, as shown in figure 4, described device includes:
Receiving unit 31, the file fragmentation mark of the file to be verified for receiving authentication transmission and the text to be verified
The root node of the credible trees of Merkle of part, the root node are deposit sides by the file to be verified and the file to be verified
When Merkle is credible tree deposit storage side, the root node of the credible trees of same Merkle of write verification side;
Searching unit 32, for searching, Merkle corresponding with the root node is credible to be set and can with the Merkle
Believe the corresponding file fragmentation of leafy node of tree;
Transmission unit 33, the certification for the file fragmentation to be identified to corresponding file fragmentation and the file fragmentation
Path is sent to the authentication, so that the authentication is according to the file fragmentation, certification path and the root node received
Data are carried out to storage side and hold verification;Or will according to preset algorithm to the file fragmentation and the file fragmentation identify into
The certification path of operation values, the file fragmentation that row operation obtains is sent to the authentication, so as to the authentication according to
The operation values that receive identify the file fragmentation based on the preset algorithm operation values for carrying out operation and obtaining, described recognize
Card path and the root node carry out data to the storage side and hold verification.
Optionally, the preset algorithm includes BLS hash algorithms.
Optionally, the authentication includes any one of following or several combinations:
There are other nodes of storage verifying authorization on the deposit side, server and block chain.
Data proof of possession device provided in an embodiment of the present invention, can be first by deposit side by the Merkle of file and file
Credible tree is stored in storage side, and the root node of the credible trees of the Merkle is stored in authentication;Then by authentication by text to be verified
The root node of the file fragmentation mark of part and the credible trees of Merkle of file to be verified is sent to storage side, and storage side receives this
After a little information, search and the corresponding Merkle of the root node is credible sets and corresponding with the leafy node of the credible trees of Merkle
File fragmentation;The certification path of file fragmentation and this document fragment corresponding to this document segmental identification is finally sent to verification
Side holds verification so that authentication carries out data according to the information received and the root node being locally stored to storage side;Or
Operation values that operation obtains will be carried out to this document fragment and this document segmental identification according to preset algorithm, this document fragment is recognized
Card path be sent to authentication, so as to authentication according to the information received, be based on preset algorithm to this document segmental identification into
The operation values that row operation obtains carry out data to storage side with the root node being locally stored and hold verification.It provides through the invention
Data proof of possession mechanism can prevent personal storage from doing evil, to avoid interests of another impaired.
Further, the method executed according to above-mentioned authentication, an alternative embodiment of the invention additionally provide a kind of number
According to proof of possession device, described device is mainly used in authentication, as shown in figure 5, described device includes:
Transmission unit 41, for the Merkle of the file fragmentation mark of file to be verified and the file to be verified is credible
The root node of tree is sent to storage side, and the root node is deposit side by the file to be verified and the file to be verified
When Merkle is credible tree is stored in the storage side, the root node of the credible trees of same Merkle of write verification side;
Receiving unit 42, for receive the corresponding file fragmentation of file fragmentation mark that the storage side sends and
The certification path of the file fragmentation;Alternatively, receiving the certification path for the file fragmentation that the storage side is sent, according to pre-
Imputation method carries out the file fragmentation and the file fragmentation mark operation values that operation obtains;
Authentication unit 43 is used for according to the file fragmentation, the certification path and the root node to the storage side
It carries out data and holds verification;Alternatively, according to the operation values received, based on the preset algorithm to the file fragmentation identify into
Operation values, the certification path and the root node that row operation obtains carry out data to the storage side and hold verification.
Optionally, as shown in fig. 6, the authentication unit 43 includes:
First computing module 431, for calculating the credible trees of Merkle according to the file fragmentation and the certification path
Root node;
First contrast module 432 is compared for root node will to be calculated with the root node being locally stored;
First determining module 433, for when identical, determining that the storage side is stored with the file to be verified.
Optionally, as shown in fig. 6, the authentication unit 43 includes:
Second computing module 434, for the operation values that receive according to and based on the preset algorithm to the text
Part segmental identification carries out the obtained operation values of operation, calculates be stored in the storage side side and file fragmentation mark institute
The operation values of corresponding file fragmentation;
Second computing module 434 is additionally operable to be calculated according to the operation values of the file fragmentation and the certification path
The root node of Merkle is credible tree;
Second contrast module 435 is compared for root node will to be calculated with the root node being locally stored;
Second determining module 436, for when identical, determining that the storage side is stored with the file to be verified.
Optionally, the preset algorithm includes BLS hash algorithms.
Optionally, the authentication includes any one of following or several combinations:
Other nodes with verifying authorization on the deposit side, server and block chain.
Data proof of possession device provided in an embodiment of the present invention, can be first by deposit side by the Merkle of file and file
Credible tree is stored in storage side, and the root node of the credible trees of the Merkle is stored in authentication;Then by authentication by text to be verified
The root node of the file fragmentation mark of part and the credible trees of Merkle of file to be verified is sent to storage side;Last authentication receives
The file fragmentation and certification path that storage side is sent, and according to the information that receives and the root node being locally stored to storage side into
Row data hold verification;Or authentication receive storage side send according to preset algorithm to this document fragment and this document fragment
Mark carry out operation obtain operation values, this document fragment certification path, and according to the information received, be based on preset algorithm
The operation values obtained to the progress operation of this document segmental identification and the root node being locally stored, which hold storage side's progress data, to be tested
Card.The data proof of possession mechanism provided through the invention can prevent personal storage from doing evil, to avoid interests of another by
Damage.
Further, the method executed according to above-mentioned storage side, an alternative embodiment of the invention additionally provide one kind and deposit
Storage media, the storage medium are stored with a plurality of instruction, and described instruction is suitable for being loaded by processor and being executed such as above-mentioned storage
The data proof of possession method of Fang Zhihang.
Further, the method executed according to above-mentioned authentication, an alternative embodiment of the invention additionally provide one kind and deposit
Storage media, the storage medium are stored with a plurality of instruction, and described instruction is suitable for being loaded by processor and being executed such as above-mentioned verification
The data proof of possession method of Fang Zhihang.
Further, the method executed according to above-mentioned storage side, an alternative embodiment of the invention additionally provide a kind of number
According to proof of possession device, described device includes storage medium and processor;
The processor is adapted for carrying out each instruction;
The storage medium is suitable for storing a plurality of instruction;
Described instruction is suitable for being loaded by the processor and holding the data proof of possession method executed such as above-mentioned storage side.
Further, the method executed according to above-mentioned authentication, an alternative embodiment of the invention additionally provide a kind of number
According to proof of possession device, described device includes storage medium and processor;
The processor is adapted for carrying out each instruction;
The storage medium is suitable for storing a plurality of instruction;
Described instruction is suitable for being loaded by the processor and holding the data proof of possession method executed such as above-mentioned authentication.
Further, according to above method embodiment, an alternative embodiment of the invention additionally provides a kind of data and holds
Proof system, the system comprises deposit side, storage side and authentications;
The deposit side, for the credible trees of the Merkle of file and file to be stored in the storage side, and will be described
The root node of Merkle is credible tree and the device identification of the storage side are stored in the authentication;
The storage side includes above application in the device of storage side side;
The authentication includes above application in the device of authentication side.
Wherein, it needs to the data proof of possession system of authentication feedback file fragment as shown in fig. 7, need not be to verification
The data proof of possession system of square feedback file fragment is as shown in Figure 8.
Data proof of possession system provided by the invention, can be first by deposit side by the credible trees of the Merkle of file and file
It is stored in storage side, and the root node of the credible trees of the Merkle is stored in authentication;Then by authentication by the text of file to be verified
The root node of the Merkle of part segmental identification and file to be verified is credible tree is sent to storage side, and storage side receives these information
Afterwards, and the credible trees of the corresponding Merkle of the root node and file corresponding with the leafy node of the credible trees of Merkle point are searched
Piece;The certification path of file fragmentation and this document fragment corresponding to this document segmental identification is finally sent to authentication, with
Just authentication holds verification according to the information received and the root node being locally stored to storage side's progress data;Or by basis
The certification path of operation values, this document fragment that preset algorithm obtains this document fragment and the progress operation of this document segmental identification
It is sent to authentication, so that authentication carries out operation according to the information received, based on preset algorithm to this document segmental identification
Obtained operation values and the root node being locally stored carry out data to storage side and hold verification.The data provided through the invention are held
There is proof mechanism, can prevent personal storage from doing evil, to avoid interests of another impaired.
The embodiment of the present invention additionally provides:
A1, a kind of data proof of possession method, the method includes:
The Merkle of the file fragmentation mark and the file to be verified that receive the file to be verified that authentication is sent is credible
The root node of tree, the root node are that deposit side deposits the credible trees of the Merkle of the file to be verified and the file to be verified
When entering storage side, the root node of the credible trees of same Merkle of write verification side;
Search the credible trees of Merkle corresponding with the root node and the leafy node with the credible trees of the Merkle
Corresponding file fragmentation;
The certification path of file fragmentation mark corresponding file fragmentation and the file fragmentation is sent to described
Authentication, so as to the authentication according to the file fragmentation, certification path and the root node received to the storage side into
Row data hold verification;Or operation will be carried out to the file fragmentation and file fragmentation mark according to preset algorithm and obtained
Operation values, the file fragmentation certification path be sent to the authentication, so that the authentication is according to the fortune received
Calculation value identifies the file fragmentation based on the preset algorithm operation values, the certification path and the institute for carrying out operation and obtaining
It states root node and verification is held to storage side progress data.
A2, the method according to A1, the preset algorithm include BLS hash algorithms.
A3, the method according to A1 or A2, the authentication include any one of following or several combinations:
There are other nodes of storage verifying authorization on the deposit side, server and block chain.
B4, a kind of data proof of possession method, the method includes:
The root node of the file fragmentation mark of file to be verified and the credible trees of Merkle of the file to be verified is sent
To storage side, the root node is that the credible trees of the Merkle of the file to be verified and the file to be verified are stored in by deposit side
When the storage side, the root node of the credible trees of same Merkle of write verification side;
Receive the corresponding file fragmentation and the file fragmentation of file fragmentation mark that the storage side is sent
Certification path, and data are carried out to the storage side according to the file fragmentation, the certification path and the root node and are held
Verification;Alternatively, receiving the certification path for the file fragmentation that the storage side is sent, being divided the file according to preset algorithm
Piece and file fragmentation mark carry out the obtained operation values of operation, and according to the operation values received, be based on the pre- imputation
Method, which identifies the file fragmentation, carries out operation obtained operation values, the certification path and the root node to the storage side
It carries out data and holds verification.
B5, according to B4 the methods, according to the file fragmentation, the certification path and the root node to the storage
Fang Jinhang data hold verification:
The root node of the credible trees of Merkle is calculated according to the file fragmentation and the certification path;
Root node will be calculated to compare with the root node being locally stored;
If identical, it is determined that the storage side is stored with the file to be verified.
B6, according to B4 the methods, according to the operation values received, based on the preset algorithm to the file fragmentation mark
Know operation values, the certification path and the root node that progress operation obtains and verification packet is held to storage side progress data
It includes:
It is obtained according to the operation values received and based on the preset algorithm to file fragmentation mark progress operation
The operation values arrived calculate the operation of the file fragmentation corresponding with file fragmentation mark that be being stored in the storage side side
Value;
The root node of the credible trees of Merkle is calculated according to the operation values of the file fragmentation and the certification path;
Root node will be calculated to compare with the root node being locally stored;
If identical, it is determined that the storage side is stored with the file to be verified.
B7, the method according to B1, the preset algorithm include BLS hash algorithms.
B8, the method according to any one of B4-B7, the authentication include any one of following or several groups
It closes:
Other nodes with verifying authorization on the deposit side, server and block chain.
C9, a kind of data proof of possession device, described device include:
Receiving unit, the file fragmentation mark of the file to be verified for receiving authentication transmission and the file to be verified
The credible trees of Merkle root node, the root node is deposit side by the file to be verified and the file to be verified
When Merkle is credible tree deposit storage side, the root node of the credible trees of same Merkle of write verification side;
Searching unit, for searching, Merkle corresponding with the root node is credible to be set and credible with the Merkle
The corresponding file fragmentation of leafy node of tree;
Transmission unit, the certification road for the file fragmentation to be identified to corresponding file fragmentation and the file fragmentation
Diameter is sent to the authentication, so that the authentication is according to the file fragmentation, certification path and the root node pair received
The storage side carries out data and holds verification;Or the file fragmentation and the file fragmentation will be identified according to preset algorithm
The certification path of operation values, the file fragmentation that progress operation obtains is sent to the authentication, so as to the verification root
According to the operation values received, the operation values, described for carrying out operation and obtaining are identified to the file fragmentation based on the preset algorithm
Certification path and the root node carry out data to the storage side and hold verification.
C10, the device according to C9, the preset algorithm include BLS hash algorithms.
C11, the device according to C9 or C10, the authentication include any one of following or several combinations:
There are other nodes of storage verifying authorization on the deposit side, server and block chain.
D12, a kind of data proof of possession device, described device include:
Transmission unit, for the file fragmentation of file to be verified to be identified to the credible trees of Merkle with the file to be verified
Root node be sent to storage side, the root node is deposit side by the file to be verified and the file to be verified
When Merkle is credible tree is stored in the storage side, the root node of the credible trees of same Merkle of write verification side;
Receiving unit, for receiving file fragmentation and institute corresponding to the file fragmentation mark that the storage side is sent
State the certification path of file fragmentation;Alternatively, receiving the certification path for the file fragmentation that the storage side is sent, according to default
Algorithm carries out the file fragmentation and the file fragmentation mark operation values that operation obtains;
Authentication unit, for according to the file fragmentation, the certification path and the root node to the storage side into
Row data hold verification;Alternatively, identifying progress to the file fragmentation according to the operation values received, based on the preset algorithm
Operation values, the certification path and the root node that operation obtains carry out data to the storage side and hold verification.
D13, according to D12 the methods, the authentication unit includes:
First computing module, the root knot for calculating the credible trees of Merkle according to the file fragmentation and the certification path
Point;
First contrast module is compared for root node will to be calculated with the root node being locally stored;
First determining module, for when identical, determining that the storage side is stored with the file to be verified.
D14, according to D12 described devices, the authentication unit includes:
Second computing module, for the operation values that receive according to and based on the preset algorithm to the file point
Piece mark carries out the obtained operation values of operation, calculates corresponding to the be stored in the storage side side and file fragmentation identifies
File fragmentation operation values;
Second computing module is additionally operable to be calculated according to the operation values of the file fragmentation and the certification path
The root node of Merkle is credible tree;
Second contrast module is compared for root node will to be calculated with the root node being locally stored;
Second determining module, for when identical, determining that the storage side is stored with the file to be verified.
D15, the device according to D14, the preset algorithm include BLS hash algorithms.
D16, the device according to any one of D9-D15, the authentication include any one of following or several groups
It closes:
Other nodes with verifying authorization on the deposit side, server and block chain.
E17, a kind of storage medium, the storage medium are stored with a plurality of instruction, and described instruction is suitable for being added by processor
It carries and executes the data proof of possession method as described in any one of A1-A4;Or it loads and executes such as any one of B5-B8 institutes
The data proof of possession method stated.
F18, a kind of data proof of possession device, described device includes storage medium and processor;
The processor is adapted for carrying out each instruction;
The storage medium is suitable for storing a plurality of instruction;
Described instruction is suitable for being loaded by the processor and holding the data proof of possession side as described in any one of A1-A4
Method.
G19, a kind of data proof of possession device, described device includes storage medium and processor;
The processor is adapted for carrying out each instruction;
The storage medium is suitable for storing a plurality of instruction;
Described instruction is suitable for being loaded by the processor and executing the data proof of possession side as described in any one of B5-B8
Method.
H20, a kind of data proof of possession system, the system comprises deposit side, storage side and authentications;
The deposit side, for the credible trees of the Merkle of file and file to be stored in the storage side, and will be described
The root node of Merkle is credible tree and the device identification of the storage side are stored in the authentication;
The storage side includes the device described in F18;
The authentication includes the device described in G19.
In the above-described embodiments, it all emphasizes particularly on different fields to the description of each embodiment, there is no the portion being described in detail in some embodiment
Point, it may refer to the associated description of other embodiment.
It is understood that the correlated characteristic in the above method and device can be referred to mutually.In addition, in above-described embodiment
" first ", " second " etc. be and not represent the quality of each embodiment for distinguishing each embodiment.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description,
The specific work process of device and unit, can refer to corresponding processes in the foregoing method embodiment, and details are not described herein.
Algorithm and display be not inherently related to any certain computer, virtual system or miscellaneous equipment provided herein.
Various general-purpose systems can also be used together with teaching based on this.As described above, it constructs required by this kind of system
Structure be obvious.In addition, the present invention is not also directed to any certain programmed language.It should be understood that can utilize various
Programming language realizes the content of invention described herein, and the description done above to language-specific is to disclose this hair
Bright preferred forms.
In the instructions provided here, numerous specific details are set forth.It is to be appreciated, however, that the implementation of the present invention
Example can be put into practice without these specific details.In some instances, well known method, structure is not been shown in detail
And technology, so as not to obscure the understanding of this description.
Similarly, it should be understood that in order to simplify the disclosure and help to understand one or more of each inventive aspect,
Above in the description of exemplary embodiment of the present invention, each feature of the invention is grouped together into single implementation sometimes
In example, figure or descriptions thereof.However, the method for the disclosure should be construed to reflect following intention:It is i.e. required anti-
Shield the present invention claims the more features of feature than being expressly recited in each claim.More precisely, as following
Claims reflect as, inventive aspect is all features less than single embodiment disclosed above.Therefore,
Thus the claims for following specific implementation mode are expressly incorporated in the specific implementation mode, wherein each claim itself
All as a separate embodiment of the present invention.
Those skilled in the art, which are appreciated that, to carry out adaptively the module in the equipment in embodiment
Change and they are arranged in the one or more equipment different from the embodiment.It can be the module or list in embodiment
Member or component be combined into a module or unit or component, and can be divided into addition multiple submodule or subelement or
Sub-component.Other than such feature and/or at least some of process or unit exclude each other, it may be used any
Combination is disclosed to all features disclosed in this specification (including adjoint claim, abstract and attached drawing) and so to appoint
Where all processes or unit of method or equipment are combined.Unless expressly stated otherwise, this specification (including adjoint power
Profit requires, abstract and attached drawing) disclosed in each feature can be by providing the alternative features of identical, equivalent or similar purpose come generation
It replaces.
In addition, it will be appreciated by those of skill in the art that although some embodiments described herein include other embodiments
In included certain features rather than other feature, but the combination of the feature of different embodiments means in of the invention
Within the scope of and form different embodiments.For example, in the following claims, the embodiment of required protection is appointed
One of meaning mode can use in any combination.
The all parts embodiment of the present invention can be with hardware realization, or to run on one or more processors
Software module realize, or realized with combination thereof.It will be understood by those of skill in the art that can use in practice
Microprocessor or digital signal processor (DSP) realize data proof of possession method, apparatus according to the ... of the embodiment of the present invention
And some or all functions of some or all components in system.The present invention is also implemented as executing institute here
Some or all equipment or program of device of the method for description are (for example, computer program and computer program production
Product).It is such to realize that the program of the present invention may be stored on the computer-readable medium, or can have one or more
The form of signal.Such signal can be downloaded from internet website and be obtained, and either be provided on carrier signal or to appoint
What other forms provides.
It should be noted that the present invention will be described rather than limits the invention for above-described embodiment, and ability
Field technique personnel can design alternative embodiment without departing from the scope of the appended claims.In the claims,
Any reference mark between bracket should not be configured to limitations on claims.Word "comprising" does not exclude the presence of not
Element or step listed in the claims.Word "a" or "an" before element does not exclude the presence of multiple such
Element.The present invention can be by means of including the hardware of several different elements and being come by means of properly programmed computer real
It is existing.In the unit claims listing several devices, several in these devices can be by the same hardware branch
To embody.The use of word first, second, and third does not indicate that any sequence.These words can be explained and be run after fame
Claim.
Claims (10)
1. a kind of data proof of possession method, which is characterized in that the method includes:
Receive file fragmentation mark and the credible trees of Merkle of the file to be verified of the file to be verified that authentication is sent
Root node, the root node are that deposit side deposits the credible trees of the Merkle of the file to be verified and the file to be verified
When storage side, the root node of the credible trees of same Merkle of write verification side;
Lookup is corresponding with the credible trees of the corresponding Merkle of the root node and with the leafy node of the credible trees of the Merkle
File fragmentation;
The certification path of file fragmentation mark corresponding file fragmentation and the file fragmentation is sent to the verification
Side, so as to the authentication according to the file fragmentation, certification path and the root node received to the storage side into line number
It is verified according to holding;Or the fortune that operation obtains will be carried out to the file fragmentation and file fragmentation mark according to preset algorithm
Calculation value, the file fragmentation certification path be sent to the authentication, so as to the authentication according to the operation values received,
Operation values, the certification path and the root knot for carrying out operation and obtaining are identified to the file fragmentation based on the preset algorithm
Point carries out data to the storage side and holds verification.
2. a kind of data proof of possession method, which is characterized in that the method includes:
The root node of the file fragmentation mark of file to be verified and the credible trees of Merkle of the file to be verified is sent to and is deposited
Chu Fang, the root node are that deposit side will be described in the credible tree deposits of the Merkle of the file to be verified and the file to be verified
When storage side, the root node of the credible trees of same Merkle of write verification side;
Receive the certification for the corresponding file fragmentation and the file fragmentation of file fragmentation mark that the storage side is sent
Path, and data are carried out to the storage side according to the file fragmentation, the certification path and the root node and hold verification;
Alternatively, receive the certification path for the file fragmentation that the storage side is sent, according to preset algorithm to the file fragmentation and
File fragmentation mark carries out the operation values that operation obtains, and according to the operation values received, be based on the preset algorithm pair
The file fragmentation mark carries out operation values, the certification path and the root node that operation obtains and is carried out to the storage side
Data hold verification.
3. method according to claim 2, which is characterized in that according to the file fragmentation, the certification path and described
Node holds verification to storage side progress data:
The root node of the credible trees of Merkle is calculated according to the file fragmentation and the certification path;
Root node will be calculated to compare with the root node being locally stored;
If identical, it is determined that the storage side is stored with the file to be verified.
4. method according to claim 2, which is characterized in that according to the operation values received, be based on the preset algorithm pair
The file fragmentation mark carries out operation values, the certification path and the root node that operation obtains and is carried out to the storage side
Data hold verification:
Identify what progress operation obtained according to the operation values received and based on the preset algorithm to the file fragmentation
Operation values calculate the operation values of the file fragmentation corresponding with file fragmentation mark that be being stored in the storage side side;
The root node of the credible trees of Merkle is calculated according to the operation values of the file fragmentation and the certification path;
Root node will be calculated to compare with the root node being locally stored;
If identical, it is determined that the storage side is stored with the file to be verified.
5. a kind of data proof of possession device, which is characterized in that described device includes:
Receiving unit, the file fragmentation mark of the file to be verified for receiving authentication transmission and the file to be verified
The root node of Merkle is credible tree, the root node are deposit sides by the file to be verified and the file to be verified
When Merkle is credible tree deposit storage side, the root node of the credible trees of same Merkle of write verification side;
Searching unit, for searches Merkle corresponding with the root node it is credible set and with the credible trees of the Merkle
The corresponding file fragmentation of leafy node;
Transmission unit, for sending out the certification path of file fragmentation mark corresponding file fragmentation and the file fragmentation
Give the authentication, so as to the authentication according to the file fragmentation, certification path and the root node received to described
Storage side carries out data and holds verification;Or the file fragmentation and file fragmentation mark will be carried out according to preset algorithm
The certification path of operation values, the file fragmentation that operation obtains is sent to the authentication, so that the authentication is according to connecing
The operation values that receive identify the file fragmentation operation values for carrying out operation and obtaining, the certification based on the preset algorithm
Path and the root node carry out data to the storage side and hold verification.
6. a kind of data proof of possession device, which is characterized in that described device includes:
Transmission unit, for the file fragmentation of file to be verified to be identified to the root with the credible trees of Merkle of the file to be verified
Node is sent to storage side, and the root node is that deposit side can by the Merkle of the file to be verified and the file to be verified
When letter tree is stored in the storage side, the root node of the credible trees of same Merkle of write verification side;
Receiving unit, for receiving the corresponding file fragmentation of file fragmentation mark and the text that the storage side is sent
The certification path of part fragment;Alternatively, receiving the certification path for the file fragmentation that the storage side is sent, according to preset algorithm
The operation values that operation obtains are carried out to the file fragmentation and file fragmentation mark;
Authentication unit, for according to the file fragmentation, the certification path and the root node to the storage side into line number
It is verified according to holding;Alternatively, identifying progress operation to the file fragmentation according to the operation values received, based on the preset algorithm
Obtained operation values, the certification path and the root node carries out data to the storage side and holds verification.
7. a kind of storage medium, which is characterized in that the storage medium is stored with a plurality of instruction, and described instruction is suitable for by handling
Device loads and executes data proof of possession method as described in claim 1;Or it loads and executes as claimed in claim 2
Data proof of possession method.
8. a kind of data proof of possession device, which is characterized in that described device includes storage medium and processor;
The processor is adapted for carrying out each instruction;
The storage medium is suitable for storing a plurality of instruction;
Described instruction is suitable for being loaded by the processor and holding data proof of possession method as described in claim 1.
9. a kind of data proof of possession device, which is characterized in that described device includes storage medium and processor;
The processor is adapted for carrying out each instruction;
The storage medium is suitable for storing a plurality of instruction;
Described instruction is suitable for being loaded by the processor and executing data proof of possession method as claimed in claim 2.
10. a kind of data proof of possession system, which is characterized in that the system comprises deposit side, storage side and authentications;
The deposit side, for the credible trees of the Merkle of file and file to be stored in the storage side, and can by the Merkle
The device identification of the root node and the storage side of believing tree is stored in the authentication;
The storage side includes device according to any one of claims 8;
The authentication includes the device described in claim 9.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810450384.5A CN108629040A (en) | 2018-05-11 | 2018-05-11 | Data proof of possession method, apparatus and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810450384.5A CN108629040A (en) | 2018-05-11 | 2018-05-11 | Data proof of possession method, apparatus and system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108629040A true CN108629040A (en) | 2018-10-09 |
Family
ID=63692880
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810450384.5A Pending CN108629040A (en) | 2018-05-11 | 2018-05-11 | Data proof of possession method, apparatus and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108629040A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110933044A (en) * | 2019-11-08 | 2020-03-27 | 华中科技大学 | Data possession proving method capable of realizing public audit in distributed storage system |
CN112435026A (en) * | 2020-11-27 | 2021-03-02 | 从法信息科技有限公司 | Method and device for protecting file transaction information by using zero-knowledge proof and electronic equipment |
WO2023098769A1 (en) * | 2021-12-02 | 2023-06-08 | 中兴通讯股份有限公司 | Identity authentication method, electronic device and computer-readable storage medium |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103268460A (en) * | 2013-06-20 | 2013-08-28 | 北京航空航天大学 | Integrity verification method of cloud storage data |
CN106301789A (en) * | 2016-08-16 | 2017-01-04 | 电子科技大学 | Apply the dynamic verification method of the cloud storage data that linear homomorphism based on lattice signs |
CN106407795A (en) * | 2016-09-05 | 2017-02-15 | 北京众享比特科技有限公司 | Data existence authentication system, authentication method and verification method |
US20170250815A1 (en) * | 2016-01-26 | 2017-08-31 | Stampery Inc. | Systems and methods for certification of data units and/or certification verification |
CN107247773A (en) * | 2017-06-07 | 2017-10-13 | 北京邮电大学 | A kind of method that inquiry is traded in distributed data base based on block chain |
CN107807951A (en) * | 2017-09-18 | 2018-03-16 | 联动优势科技有限公司 | A kind of block chain generation method, data verification method, node and system |
-
2018
- 2018-05-11 CN CN201810450384.5A patent/CN108629040A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103268460A (en) * | 2013-06-20 | 2013-08-28 | 北京航空航天大学 | Integrity verification method of cloud storage data |
US20170250815A1 (en) * | 2016-01-26 | 2017-08-31 | Stampery Inc. | Systems and methods for certification of data units and/or certification verification |
CN106301789A (en) * | 2016-08-16 | 2017-01-04 | 电子科技大学 | Apply the dynamic verification method of the cloud storage data that linear homomorphism based on lattice signs |
CN106407795A (en) * | 2016-09-05 | 2017-02-15 | 北京众享比特科技有限公司 | Data existence authentication system, authentication method and verification method |
CN107247773A (en) * | 2017-06-07 | 2017-10-13 | 北京邮电大学 | A kind of method that inquiry is traded in distributed data base based on block chain |
CN107807951A (en) * | 2017-09-18 | 2018-03-16 | 联动优势科技有限公司 | A kind of block chain generation method, data verification method, node and system |
Non-Patent Citations (1)
Title |
---|
刘芳: "Merkle可信树遍历算法及在数字签名上的应用研究", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110933044A (en) * | 2019-11-08 | 2020-03-27 | 华中科技大学 | Data possession proving method capable of realizing public audit in distributed storage system |
CN112435026A (en) * | 2020-11-27 | 2021-03-02 | 从法信息科技有限公司 | Method and device for protecting file transaction information by using zero-knowledge proof and electronic equipment |
CN112435026B (en) * | 2020-11-27 | 2023-03-28 | 从法信息科技有限公司 | Method and device for protecting file transaction information by using zero-knowledge proof and electronic equipment |
WO2023098769A1 (en) * | 2021-12-02 | 2023-06-08 | 中兴通讯股份有限公司 | Identity authentication method, electronic device and computer-readable storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108737109A (en) | Data proof of possession method, apparatus and system | |
CN108681583A (en) | Data proof of possession method, apparatus and readable storage medium storing program for executing based on block chain | |
CN106533696B (en) | Identity identifying method, certificate server and user terminal based on block chain | |
CN108664221A (en) | A kind of data proof of possession method, apparatus and readable storage medium storing program for executing | |
CN108629040A (en) | Data proof of possession method, apparatus and system | |
US8694980B2 (en) | Efficient egonet computation in a weighted directed graph | |
CN109685528A (en) | System and method based on deep learning detection counterfeit product | |
US20200186517A1 (en) | Secure token passing via hash chains | |
CN106230867A (en) | Prediction domain name whether method, system and the model training method thereof of malice, system | |
CN108121795A (en) | User's behavior prediction method and device | |
CN111415161B (en) | Block chain-based data verification method and device and computer readable storage medium | |
CN108234134A (en) | Block synchronous method and system | |
CN107851143A (en) | Apparatus and method for using customer equipment certificate in equipment | |
CN108769057A (en) | Personal identification method based on block chain and device | |
CN108234474A (en) | A kind of method and apparatus of website identification | |
WO2019038424A1 (en) | Edit script verification with match operations and difference operations | |
CN109656829A (en) | Test method and device based on docker | |
EP4182823A1 (en) | Threat analysis and risk assessment for cyber-physical systems based on physical architecture and asset-centric threat modeling | |
CN108156165A (en) | A kind of method and system for reporting detection by mistake | |
CN109583223A (en) | A kind of detection method and device of pair of big data security deployment | |
CN108712379A (en) | Data push method and device | |
US20170091451A1 (en) | Creating rules describing malicious files based on file properties | |
CN110311884A (en) | Equipment, method and program product for the secure communication in uncertainty network | |
CN106104546A (en) | Multistage password and phishing protection are provided | |
CN104375935B (en) | The test method and device of SQL injection attack |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20181009 |
|
RJ01 | Rejection of invention patent application after publication |