CN109246098B - A Method for Supporting Synchronous Ciphertext Comparison of Backup Servers - Google Patents

A Method for Supporting Synchronous Ciphertext Comparison of Backup Servers Download PDF

Info

Publication number
CN109246098B
CN109246098B CN201811009670.4A CN201811009670A CN109246098B CN 109246098 B CN109246098 B CN 109246098B CN 201811009670 A CN201811009670 A CN 201811009670A CN 109246098 B CN109246098 B CN 109246098B
Authority
CN
China
Prior art keywords
server
data
ciphertext
backup server
authorization
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811009670.4A
Other languages
Chinese (zh)
Other versions
CN109246098A (en
Inventor
王玉珏
丁勇
赵萌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guilin University of Electronic Technology
Original Assignee
Guilin University of Electronic Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guilin University of Electronic Technology filed Critical Guilin University of Electronic Technology
Priority to CN201811009670.4A priority Critical patent/CN109246098B/en
Publication of CN109246098A publication Critical patent/CN109246098A/en
Application granted granted Critical
Publication of CN109246098B publication Critical patent/CN109246098B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1095Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
    • H04L9/3033Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters details relating to pseudo-prime or prime number generation, e.g. primality test
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • H04L9/3073Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • H04L9/3213Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

本发明提出一种支持备份服务器同步密文比较的方法,包括:可信任权威机构TA选取安全参数和抗碰撞哈希函数,生成公开参数;每个用户生成各自的公钥及私钥,用户包括数据解密者;主服务器和备份服务器生成各自的公钥和私钥;数据加密者利用两个数据解密者的公钥执行加密算法,所生成的密文被发送到两台服务器;数据解密者从任一服务器下载对应的密文,然后利用各自的私钥对密文进行解密;数据解密者生成授权令牌ctk,同时授权主服务器和备份服务器对其密文进行等值比较;两台服务器对收到的授权令牌ctk进行解密,以得到授权令牌tk;两台服务器利用授权令牌tk,对存储的用户密文数据进行比较,以判断被比较的用户密文是否加密了相同的明文消息。

Figure 201811009670

The present invention proposes a method for supporting synchronous ciphertext comparison of a backup server, including: a trusted authority TA selects a security parameter and an anti-collision hash function to generate public parameters; Data decryptor; the primary server and the backup server generate their own public and private keys; the data encryptor uses the public keys of the two data decryptors to perform the encryption algorithm, and the generated ciphertext is sent to the two servers; the data decryptor from Either server downloads the corresponding ciphertext, and then uses its own private key to decrypt the ciphertext; the data decryptor generates the authorization token ctk, and authorizes the primary server and the backup server to perform an equivalent comparison of the ciphertext; The received authorization token ctk is decrypted to obtain the authorization token tk; the two servers use the authorization token tk to compare the stored user ciphertext data to determine whether the compared user ciphertext is encrypted with the same plaintext information.

Figure 201811009670

Description

一种支持备份服务器同步密文比较的方法A Method for Supporting Synchronous Ciphertext Comparison of Backup Servers

技术领域technical field

本发明涉及信息安全密码领域,具体涉及一种支持备份服务器同步密文比较的方法。The invention relates to the field of information security ciphers, in particular to a method for supporting synchronizing ciphertext comparison of a backup server.

背景技术Background technique

随着信息技术的快速发展,人们日常工作及生活中产生的数据量日益庞大,为减少本地存储大规模数据的负担,越来越多的用户采用云存储等远程数据存放方式。借助于云服务器提供的服务,用户可以随时随地访问其数据,并易于实现多用户之间的数据共享。然而,用户在享用云存储服务提供便利的同时,用户数据完全由云服务器控制,难免对其数据的隐私及安全产生担忧。With the rapid development of information technology, the amount of data generated in people's daily work and life is increasing. In order to reduce the burden of local storage of large-scale data, more and more users use remote data storage methods such as cloud storage. With the services provided by cloud servers, users can access their data anytime and anywhere, and it is easy to realize data sharing among multiple users. However, while users enjoy the convenience provided by cloud storage services, user data is completely controlled by cloud servers, which inevitably leads to concerns about the privacy and security of their data.

考虑到云服务器的软硬件配置以及复杂的网络环境,如若软硬件出现故障,则无法实时为用户提供服务;如若遭到网络攻击,则不但可能使云服务器在一定时间内无法向用户提供服务,而且很可能造成用户数据的泄露。近年来,云存储用户数据泄露和丢失的案例不断被报导,因此,急需设计和部署相应的云数据安全保护措施,以确保用户数据的隐私性、安全性和可用性。Considering the software and hardware configuration of the cloud server and the complex network environment, if the software and hardware fails, it cannot provide services to users in real time; if it is attacked by a network, it may not only make the cloud server unable to provide services to users for a certain period of time, And it is likely to cause leakage of user data. In recent years, cases of cloud storage user data leakage and loss have been continuously reported. Therefore, it is urgent to design and deploy corresponding cloud data security protection measures to ensure the privacy, security and availability of user data.

为保障用户数据在云服务器的安全性和可用性,引入适用于双服务器的加密技术,将用户的密文数据同时存放在主服务器和备份服务器之上,当主服务器出现故障或遭到攻击时,立即使用备份服务器向用户提供服务,完成无缝的服务器切换,不影响用户的使用体验。这要求在任一时刻,主服务器和备份服务器必须存放相同的用户数据、可获得相同的授权,且任一服务器的工作不需要另一服务器配合完成。In order to ensure the security and availability of user data in the cloud server, the encryption technology suitable for dual servers is introduced, and the user's ciphertext data is stored on the main server and the backup server at the same time. When the main server fails or is attacked, it will be immediately Use the backup server to provide services to users and complete seamless server switching without affecting the user experience. This requires that at any time, the primary server and the backup server must store the same user data and obtain the same authorization, and the work of either server does not require the cooperation of the other server to complete.

考虑到多用户环境下,用户数据往往有不止一个接收者和使用者,如用户的一份密文数据不但自己可以解密和使用,其所在的领导机构也应具有访问和使用权限。在此情形下,双接收者加密技术(Dual-receiver encryption,DRE)可以用来解决该问题。利用DRE技术,发送者在加密数据时,可以指定两个预期的密文数据接收者,使得他们均可解密该密文,且在解密过程中无需交互。Considering the multi-user environment, user data often has more than one receiver and user. For example, a user's ciphertext data can not only be decrypted and used by himself, but the leading agency where he is located should also have access and use rights. In this case, Dual-receiver encryption (DRE) can be used to solve this problem. Using DRE technology, the sender can specify two intended recipients of ciphertext data when encrypting data, so that they can both decrypt the ciphertext without interaction during the decryption process.

由于云服务器不但具有强大的存储能力,而且具有较强的计算能力,因此用户可能希望在不影响用户数据隐私的前提下,可将部分计算任务授权给云服务器执行。考虑云服务器受托对用户密文数据进行等值比较操作(Equality test on ciphertexts,ETC),以判断用户的密文是否加密了相同的明文数据。密文等值比较技术具有广泛的应用场景,如密文数据表连接和密文数据去重等。Since cloud servers not only have powerful storage capacity, but also have strong computing capabilities, users may wish to authorize some computing tasks to cloud servers for execution without affecting user data privacy. Consider that the cloud server is entrusted to perform an Equality test on ciphertexts (ETC) on the user's ciphertext data to determine whether the user's ciphertext encrypts the same plaintext data. The ciphertext equivalent comparison technology has a wide range of application scenarios, such as ciphertext data table connection and ciphertext data deduplication.

由于用户的授权在传输过程中可能会被窃听,因此需要对授权信息进行加密,使得只有合法的云服务器可以解密获得授权。结合前述的双服务器模型及双接收者应用场景,显然要求任一密文数据接收者在授权服务器时,必须能够同时授权两台服务器执行密文比较,以确保主服务器和备份服务器同时具备为用户提供相同服务的能力。因此,授权的加密过程也需要使用DRE技术加以解决。Since the user's authorization may be eavesdropped during the transmission process, the authorization information needs to be encrypted so that only the legitimate cloud server can decrypt and obtain authorization. Combined with the above-mentioned dual-server model and dual-receiver application scenario, it is obviously required that any ciphertext data receiver must be able to authorize the two servers to perform ciphertext comparison at the same time when authorizing the server, so as to ensure that the primary server and the backup server have the ability to serve the user at the same time. The ability to provide the same service. Therefore, the authorized encryption process also needs to be solved using DRE technology.

目前已提出了部分DRE技术和ETC技术,取得了很成功的研究成果:设计在适应性选择密文攻击条件下的可证明安全(IND-CCA2)密码学方案;构造在标准模型下可证明安全的密码学方案;构造基于身份环境下的可证明安全的密码学方案;设计通用和半通用的密码学方案构造技术等。尽管上述研究成果在某一方面具有良好性能或性质,但现有DRE技术和ETC技术之间无法有效的融合以满足前述需求。At present, some DRE technologies and ETC technologies have been proposed, and very successful research results have been achieved: design a provably secure (IND-CCA2) cryptographic scheme under the condition of adaptive chosen ciphertext attack; construct provable security under the standard model cryptographic scheme; construct provably secure cryptographic scheme based on identity environment; design general and semi-universal cryptographic scheme construction technology, etc. Although the above research results have good performance or properties in one aspect, the existing DRE technology and ETC technology cannot be effectively integrated to meet the aforementioned needs.

发明内容SUMMARY OF THE INVENTION

鉴于以上所述现有技术的缺点,本发明的目的在于提供一种支持备份服务器同步密文比较的方法。In view of the above-mentioned shortcomings of the prior art, the purpose of the present invention is to provide a method for supporting the synchronization of ciphertext comparison of a backup server.

为实现上述目的及其他相关目的,本发明提供一种支持备份服务器同步密文比较的方法,该方法包括以下步骤:In order to achieve the above-mentioned purpose and other related purposes, the present invention provides a method for supporting the synchronization of backup server ciphertext comparison, and the method comprises the following steps:

可信任权威机构TA选取安全参数和抗碰撞哈希函数,生成公开参数;The trusted authority TA selects security parameters and anti-collision hash functions to generate public parameters;

每个用户根据所述公开参数生成各自的公钥及私钥,所述用户包括数据解密者;Each user generates its own public key and private key according to the public parameters, and the user includes a data decryptor;

主服务器和备份服务器分别根据所述公开参数生成各自的公钥及私钥;The primary server and the backup server respectively generate their own public key and private key according to the public parameters;

数据加密者根据两个数据解密者的公钥执行加密算法并生成对应的密文,所述对应的密文被发送到主服务器和备份服务器;The data encryptor executes the encryption algorithm according to the public keys of the two data decryptors and generates corresponding ciphertext, and the corresponding ciphertext is sent to the primary server and the backup server;

数据解密者从主服务器或备份服务器下载所述对应的密文,然后利用各自的私钥对密文进行解密;The data decryptor downloads the corresponding ciphertext from the main server or the backup server, and then decrypts the ciphertext using the respective private key;

数据解密者通过一次授权过程,生成授权令牌ctk,同时授权主服务器和备份服务器对其密文进行等值比较;The data decryptor generates an authorization token ctk through an authorization process, and at the same time authorizes the primary server and the backup server to perform an equivalent comparison of its ciphertext;

主服务器或备份服务器对收到的授权令牌ctk进行解密,以得到授权令牌tk;The primary server or the backup server decrypts the received authorization token ctk to obtain the authorization token tk;

主服务器或备份服务器利用授权令牌tk,对存储的用户密文数据进行比较,以判断被比较的用户密文是否加密了相同的明文消息。The primary server or the backup server uses the authorization token tk to compare the stored user ciphertext data to determine whether the compared user ciphertext encrypts the same plaintext message.

可选地,所述公开参数para具体为:para=(G,GT,g,e,q,H1(·),H2(·)),其中,G和GT为两个阶数为素数q的群,e表示双线性映射运算e:G×G→GT,H1(·)和H2(·)分别表示抗碰撞哈希函数。Optionally, the public parameter para is specifically: para=(G, G T , g, e, q, H 1 ( ), H 2 ( )), where G and G T are two orders is a group of prime numbers q, e represents a bilinear mapping operation e: G×G→G T , and H 1 (·) and H 2 (·) represent collision-resistant hash functions, respectively.

可选地,所述每个用户根据所述公开参数生成各自的公钥及私钥具体包括:Optionally, the generation of the respective public key and private key by each user according to the public parameter specifically includes:

用户Ui随机选择Zq域中的两个非0元素xi,1,xi,2,并计算群G上的两个幂运算Xi,1和Xi,2,其中

Figure BDA0001784763960000031
Figure BDA0001784763960000032
表示域Zq的非零元素子集{1,2,..,q-1},i=1,2,
Figure BDA0001784763960000033
User U i randomly selects two non-zero elements x i,1 , xi,2 in the field of Z q , and computes two exponentiation operations X i,1 and X i,2 on the group G, where
Figure BDA0001784763960000031
Figure BDA0001784763960000032
represents the non-zero element subset {1,2,..,q-1} of the field Z q , i=1,2,
Figure BDA0001784763960000033

用户Ui得到公钥rpki=(Xi,1,Xi,2)以及私钥rski=(xi,1,xi,2)。User U i obtains public key rpk i =(X i,1 ,X i,2 ) and private key rsk i =( xi,1 , xi,2 ).

可选地,所述主服务器和备份服务器分别根据所述公开参数生成各自的公钥及私钥具体包括:Optionally, the main server and the backup server generate their respective public keys and private keys according to the public parameters, which specifically includes:

服务器Si随机选择域Zq中的两个非0元素yi,1,yi,2,并计算群G上的两个幂运算Yi,1和Yi,2,其中

Figure BDA0001784763960000034
The server S i randomly selects two non-zero elements y i,1 ,y i,2 in the field Z q and computes the two exponentiation operations Y i,1 and Y i,2 on the group G, where
Figure BDA0001784763960000034

服务器Si得到公钥tpki=(Yi,1,Yi,2)以及私钥tski=(yi,1,yi,2)。The server S i obtains the public key tpk i =(Y i,1 ,Y i,2 ) and the private key tsk i =(y i,1 , yi,2 ).

可选地,所述数据加密者根据两个数据解密者的公钥执行加密算法并生成对应的密文具体包括:Optionally, the data encryptor executes the encryption algorithm according to the public keys of the two data decryptors and generates the corresponding ciphertext specifically including:

数据加密者随机选择域Zq中的两个非0元素α12,并计算数据m的密文C,其中C=(c1,c2,c3,c4),

Figure BDA0001784763960000035
||表示字符串连接,
Figure BDA0001784763960000036
表示二进制异或运算,
Figure BDA0001784763960000037
t1和t2分别表示群GT上的两个幂运算,
Figure BDA0001784763960000038
The data encryptor randomly selects two non-zero elements α 1 , α 2 in the field Z q , and calculates the ciphertext C of the data m, where C=(c 1 ,c 2 ,c 3 ,c 4 ),
Figure BDA0001784763960000035
|| means string concatenation,
Figure BDA0001784763960000036
represents the binary XOR operation,
Figure BDA0001784763960000037
t 1 and t 2 represent the two exponentiation operations on the group GT, respectively,
Figure BDA0001784763960000038

可选地,所述数据解密者从主服务器或备份服务器下载所述对应的密文,然后利用各自的私钥对密文进行解密具体包括:Optionally, the data decryptor downloads the corresponding ciphertext from the main server or the backup server, and then decrypts the ciphertext by using the respective private keys, which specifically includes:

数据解密者Ui计算群GT上的幂运算t'2和m||α1

Figure BDA0001784763960000039
Figure BDA00017847639600000310
The data decryptor U i computes the exponentiation t ' 2 and m||α 1 on the group GT,
Figure BDA0001784763960000039
Figure BDA00017847639600000310

数据解密者Ui计算群GT上的幂运算t1',

Figure BDA00017847639600000311
并验证
Figure BDA00017847639600000312
Figure BDA00017847639600000313
是否成立;如果成立,解密者Ui得到明文消息m,否则解密失败。The data decryptor U i computes the exponentiation t 1 ' on the group GT,
Figure BDA00017847639600000311
and verify
Figure BDA00017847639600000312
and
Figure BDA00017847639600000313
Whether it is established; if so, the decryptor U i gets the plaintext message m, otherwise the decryption fails.

可选地,所述数据解密者通过一次授权过程,生成授权令牌ctk,同时授权主服务器和备份服务器对其密文进行等值比较具体包括:Optionally, the data decryptor generates an authorization token ctk through an authorization process, and at the same time authorizes the main server and the backup server to perform an equivalent comparison on its ciphertext, specifically including:

数据解密者Ui随机选择域Zq中的一个非0元素β,计算v1,v2和v3;其中,

Figure BDA00017847639600000314
r1,r2分别表示群GT上的两个幂运算,r1=e(Y1,1,Y2,1)β,r2=e(Y1,2,Y2,2)β,v1=gβ
Figure BDA00017847639600000315
The data decryptor U i randomly selects a non-zero element β in the field Z q and calculates v 1 , v 2 and v 3 ; where,
Figure BDA00017847639600000314
r 1 , r 2 respectively represent two exponentiation operations on the group GT , r 1 =e(Y 1,1 ,Y 2,1 ) β , r 2 =e(Y 1,2 ,Y 2,2 ) β , v 1 =g β ,
Figure BDA00017847639600000315

数据解密者Ui将加密的授权令牌ctk=(v1,v2,v3)发送给主服务器S1和备份服务器S2The data decryptor U i sends the encrypted authorization token ctk=(v 1 , v 2 , v 3 ) to the primary server S 1 and the backup server S 2 .

可选地,所述主服务器或备份服务器对收到的授权令牌ctk进行解密,以得到授权令牌tk具体包括:Optionally, the primary server or the backup server decrypts the received authorization token ctk to obtain the authorization token tk specifically including:

服务器Si计算群GT上的幂运算r'1、r'2以及授权令牌tk,其中

Figure BDA0001784763960000041
Figure BDA0001784763960000042
tk=v2/H1(r'1);Server Si computes exponentiation r' 1 , r' 2 and authorization token tk on group GT , where
Figure BDA0001784763960000041
Figure BDA0001784763960000042
tk=v 2 /H 1 (r' 1 );

验证H2(v1||v2||tk||r'2)=v3是否成立;如果成立,服务器Si得到正确的授权令牌tk,否则失败。Verify whether H 2 (v 1 ||v 2 ||tk||r' 2 )=v3 is established; if so, the server Si obtains the correct authorization token tk, otherwise it fails.

可选地,所述主服务器或备份服务器利用授权令牌tk,对存储的用户密文数据进行比较,以判断被比较的用户密文是否加密了相同的明文消息具体包括:Optionally, the main server or the backup server uses the authorization token tk to compare the stored user ciphertext data to determine whether the compared user ciphertext is encrypted with the same plaintext message, which specifically includes:

服务器Si验证

Figure BDA0001784763960000043
是否成立;如果成立,则密文C和密文C'加密了相同的明文消息,否则密文C和密文C'加密了不同的明文消息。Server Si authentication
Figure BDA0001784763960000043
Is it true; if true, then ciphertext C and ciphertext C' encrypt the same plaintext message, otherwise ciphertext C and ciphertext C' encrypt different plaintext messages.

为实现上述目的及其他相关目的,一种支持备份服务器同步密文比较的装置,该装置包括:In order to achieve the above purpose and other related purposes, a device for supporting the synchronization of ciphertext comparison of a backup server, the device includes:

初始化模块,适用于根据可信任权威机构TA选取安全参数和抗碰撞哈希函数,生成公开参数;The initialization module is suitable for selecting security parameters and anti-collision hash function according to the trusted authority TA, and generating public parameters;

用户密钥生成模块,适用于每个用户根据所述公开参数生成各自的公钥及私钥,所述用户包括数据加密者和数据解密者;A user key generation module, suitable for each user to generate their own public key and private key according to the public parameters, and the user includes a data encryptor and a data decryptor;

服务器密钥生成模块,适用于主服务器和备份服务器分别根据所述公开参数生成各自的公钥及私钥;The server key generation module is suitable for the main server and the backup server to generate their own public key and private key according to the public parameters;

数据加密模块,适用于数据加密者根据两个数据解密者的公钥执行加密算法并生成对应的密文,所述对应的密文被发送到主服务器和备份服务器;A data encryption module, which is suitable for a data encryptor to perform an encryption algorithm according to the public keys of the two data decryptors and generate corresponding ciphertexts, and the corresponding ciphertexts are sent to the primary server and the backup server;

数据解密模块,适用于数据解密者从主服务器或备份服务器下载所述对应的密文,然后利用各自的私钥对密文进行解密;The data decryption module is suitable for the data decryptor to download the corresponding ciphertext from the main server or the backup server, and then use the respective private key to decrypt the ciphertext;

授权生成模块,适用于数据解密者通过一次授权过程,生成授权令牌ctk,同时授权主服务器和备份服务器对其密文进行等值比较;The authorization generation module is suitable for the data decryptor to generate the authorization token ctk through an authorization process, and at the same time authorize the main server and the backup server to perform an equivalent comparison of its ciphertext;

授权解密模块,适用于主服务器或备份服务器对收到的授权令牌ctk进行解密,以得到授权令牌tk;The authorization decryption module is suitable for the primary server or the backup server to decrypt the received authorization token ctk to obtain the authorization token tk;

密文比较模块,适用于主服务器或备份服务器利用授权令牌tk,对存储的用户密文数据进行比较,以判断被比较的用户密文是否加密了相同的明文消息。The ciphertext comparison module is suitable for the main server or the backup server to use the authorization token tk to compare the stored user ciphertext data to judge whether the compared user ciphertext encrypts the same plaintext message.

如上所述,本发明的一种支持备份服务器同步密文比较的方法,具有以下有益效果:As described above, a method for supporting the comparison of ciphertext synchronization of a backup server of the present invention has the following beneficial effects:

本发明提供一种支持备份服务器同步密文比较的方法,在云存储环境下使用该方法对数据加密、解密、同步存储于双服务器、并对用户授权加密和解密,能保障用户数据在不完全可信的双服务器模型下的隐私和可用性。通过使用主服务器和备份服务器同时存放用户数据,以及同时获得用户的授权,当主服务器功能失效时,备份服务器可以无缝的实现功能替代;通过密文的双解密者技术,数据加密者可以指定两个预期的数据接收者或使用者,加密者只需对数据加密一次,从而降低了加密的计算开销。The present invention provides a method for supporting synchronous ciphertext comparison of backup servers. Using this method in a cloud storage environment encrypts, decrypts, synchronously stores data in dual servers, and authorizes encryption and decryption for users, which can ensure that user data is not completely encrypted. Privacy and availability under a trusted two-server model. By using the main server and the backup server to store user data at the same time, and to obtain the authorization of the user at the same time, when the function of the main server fails, the backup server can seamlessly realize the function replacement; through the double decryptor technology of ciphertext, the data encryptor can specify two For each intended recipient or user of the data, the encryptor only needs to encrypt the data once, thereby reducing the computational overhead of encryption.

附图说明Description of drawings

为了进一步阐述本发明所描述的内容,下面结合附图对本发明的具体实施方式作进一步详细的说明。应当理解,这些附图仅作为典型示例,而不应看作是对本发明的范围的限定。In order to further illustrate the content described in the present invention, the specific embodiments of the present invention will be described in further detail below with reference to the accompanying drawings. It should be understood that these drawings are presented by way of example only and should not be considered as limiting the scope of the present invention.

图1为本发明所述方法的系统架构图。FIG. 1 is a system architecture diagram of the method according to the present invention.

图2为本发明所述方法的流程框图。FIG. 2 is a block flow diagram of the method of the present invention.

具体实施方式Detailed ways

以下通过特定的具体实例说明本发明的实施方式,本领域技术人员可由本说明书所揭露的内容轻易地了解本发明的其他优点与功效。本发明还可以通过另外不同的具体实施方式加以实施或应用,本说明书中的各项细节也可以基于不同观点与应用,在没有背离本发明的精神下进行各种修饰或改变。需说明的是,在不冲突的情况下,以下实施例及实施例中的特征可以相互组合。The embodiments of the present invention are described below through specific specific examples, and those skilled in the art can easily understand other advantages and effects of the present invention from the contents disclosed in this specification. The present invention can also be implemented or applied through other different specific embodiments, and various details in this specification can also be modified or changed based on different viewpoints and applications without departing from the spirit of the present invention. It should be noted that the following embodiments and features in the embodiments may be combined with each other under the condition of no conflict.

需要说明的是,以下实施例中所提供的图示仅以示意方式说明本发明的基本构想,遂图式中仅显示与本发明中有关的组件而非按照实际实施时的组件数目、形状及尺寸绘制,其实际实施时各组件的型态、数量及比例可为一种随意的改变,且其组件布局型态也可能更为复杂。It should be noted that the drawings provided in the following embodiments are only used to illustrate the basic concept of the present invention in a schematic way, so the drawings only show the components related to the present invention rather than the number, shape and number of components in actual implementation. For dimension drawing, the type, quantity and proportion of each component can be changed at will in actual implementation, and the component layout may also be more complicated.

为了使本领域技术人员对本发明的技术方案更加清晰的理解,先对本发明中的一些技术术语进行说明。In order to make the technical solutions of the present invention more clearly understood by those skilled in the art, some technical terms in the present invention are described first.

(1)可信任权威机构(Trusted Authority,TA):受各实体信任,负责系统公开参数的生成并维护所有用户的公钥信息。(1) Trusted Authority (TA): Trusted by various entities, responsible for generating public parameters of the system and maintaining public key information of all users.

(2)数据加密者(Data encryptor,DE):也称数据发送者,根据系统公开参数计算自己的一对公私钥,将公钥发送给TA维护,在执行数据加密算法时可选择两个预期的数据接收者,并将加密所得的密文数据上传到主服务器和备份服务器。(2) Data encryptor (DE): also known as data sender, calculates its own pair of public and private keys according to the public parameters of the system, sends the public key to TA for maintenance, and can choose two expectations when executing the data encryption algorithm and upload the encrypted ciphertext data to the primary server and backup server.

(3)数据解密者(Data decryptor,DD):也称数据接收者,共两个,根据系统公开参数计算自己的一对公私钥,将公钥发送给TA维护,能够从主服务器和备份服务器上读取相应的密文数据执行解密算法,生成密文形式的授权发送给主服务器和备份服务器。(3) Data decryptor (DD): also known as data receivers, there are two in total. They calculate their own pair of public and private keys according to the public parameters of the system, and send the public keys to TA for maintenance. The corresponding ciphertext data is read and the decryption algorithm is executed, and the authorization in the form of ciphertext is generated and sent to the primary server and the backup server.

(4)主服务器(Master server,MS):根据系统公开参数计算自己的一对公私钥,将公钥发送给TA维护,能为用户提供数据存储服务,可解密用户的密文授权进而执行密文等值比较。(4) Master server (MS): Calculates its own pair of public and private keys according to the public parameters of the system, sends the public key to TA for maintenance, can provide data storage services for users, and can decrypt the user's ciphertext authorization and then execute the encryption. Text equivalence comparison.

(5)备份服务器(Backup server,BS):根据系统公开参数计算自己的一对公私钥,将公钥发送给TA维护,能为用户提供数据存储服务,可解密用户的密文授权进而执行密文等值比较,当主服务器功能失效时可立即为用户提供服务。(5) Backup server (BS): Calculate its own pair of public and private keys according to the public parameters of the system, and send the public key to the TA for maintenance, which can provide users with data storage services, decrypt the user's ciphertext authorization, and then execute the encryption. When the main server function fails, it can provide services to users immediately.

本发明所设计的密码体制使用了双线性映射相关的数学知识,特在此作相关定义说明。The cryptosystem designed in the present invention uses the mathematical knowledge related to bilinear mapping, and the relevant definitions are explained here.

定义一个函数映射e:G×G→GT将循环群G中的元素映射到循环群GT中,其中G和GT均是两个阶为素数q的循环群。双线性映射e需满足如下特性:Define a function map e:G×G→G T to map the elements in the cyclic group G to the cyclic group G T , where both G and G T are two cyclic groups whose order is prime q. The bilinear map e needs to satisfy the following properties:

(1)双线性特性:对于任意u,v∈G,任意a,b∈Zq,均有e(ua,vb)=e(u,v)ab成立,其中Zq={0,1,2,...,q-1};(1) Bilinear characteristic: for any u, v∈G, any a, b∈Z q , e(u a ,v b )=e(u,v) ab holds, where Z q ={0 ,1,2,...,q-1};

(2)非退化特性:群G中至少存在一个元素g,使得e(g,g)为群GT的生成元;(2) Non-degenerate characteristics: there is at least one element g in the group G, so that e(g, g) is the generator of the group G T ;

(3)高效性:存在有效的算法,使得对于任意u,v∈G,可以有效计算出e(u,v)的值。(3) Efficiency: There are efficient algorithms such that for any u, v ∈ G, the value of e(u, v) can be efficiently calculated.

本发明中使用的哈希函数具备两个基本特性:单向性和抗碰撞性;单向性是指从哈希函数的输入推导出输出是高效的,而无法从哈希函数的输出计算出其输入;抗碰撞性是指无法找到两个不同的输入使其具有相同的哈希函数值。The hash function used in the present invention has two basic characteristics: one-way and anti-collision; one-way means that it is efficient to deduce the output from the input of the hash function, but cannot be calculated from the output of the hash function. Its input; collision resistance is the inability to find two different inputs that have the same hash function value.

如图1所示,本发明提供一种支持备份服务器同步密文比较的方法,该方法包括以下步骤:As shown in FIG. 1 , the present invention provides a method for supporting the comparison of ciphertext synchronization of a backup server, and the method includes the following steps:

步骤1.可信任权威机构TA选取安全参数和抗碰撞哈希函数,生成公开参数。Step 1. The trusted authority TA selects the security parameters and the anti-collision hash function to generate public parameters.

具体地,该步骤1具体包括以下子步骤:Specifically, this step 1 specifically includes the following sub-steps:

步骤11:可信任权威机构TA输入系统安全参数λ,运行初始化算法Γ(1λ),输出两个阶为素数q的群G和GT以及一个双线性映射运算e:G×G→GTStep 11: The trusted authority TA inputs the system security parameter λ, runs the initialization algorithm Γ(1 λ ), and outputs two groups G and G T with prime q order and a bilinear mapping operation e: G×G→G T ;

其中,所述的初始化算法Γ(1λ),其运行方法如下:可信任权威机构TA输入系统安全参数λ,系统根据λ的大小,选择相应的椭圆曲线:Y2=X3+aX+b(a和b为系数),用椭圆曲线上的点构成两个素数q阶的群G、GT,选择一种映射函数e,将群G中的元素映射到群GT中;一般,安全参数λ数值越大,所选取的椭圆曲线上的点也越多,群也越大。Among them, the initialization algorithm Γ(1 λ ), the operation method is as follows: the trusted authority TA inputs the system security parameter λ, and the system selects the corresponding elliptic curve according to the size of λ: Y 2 =X 3 +aX+b (a and b are coefficients), use the points on the elliptic curve to form two prime q-order groups G and G T , select a mapping function e, and map the elements in the group G to the group G T ; generally, safe The larger the value of parameter λ, the more points on the selected elliptic curve and the larger the group.

步骤12:可信任权威机构TA运行随机数生成算法,随机选择群G中的一个生成元g;Step 12: The trusted authority TA runs the random number generation algorithm, and randomly selects a generator g in the group G;

其中,所述的随机数生成算法,其方法如下:根据步骤11所选取的椭圆曲线Y2=X3+aX+b,随机选择自变量X的一个值x1,计算对应因变量Y的值y1;若点(x1,y1)在所要映射的群中,则成功生成了随机元素;若点(x1,y1)不在群中,则继续重新选择X的值,直到找到出现在群中的点。The method of the random number generation algorithm is as follows: according to the elliptic curve Y 2 =X 3 +aX+b selected in step 11, randomly select a value x 1 of the independent variable X, and calculate the value corresponding to the dependent variable Y y 1 ; if the point (x 1 , y 1 ) is in the group to be mapped, the random element is successfully generated; if the point (x 1 , y 1 ) is not in the group, continue to re-select the value of X until the occurrence of point in the cluster.

步骤13:可信任权威机构TA选择两种抗碰撞哈希函数H1(·)和H2(·),抗碰撞哈希函数H1(·)和H2(·)均满足抗碰撞哈希函数的所有特性。其中所述的抗碰撞哈希函数H1(·)和H2(·)能从Pairing-Based Cryptosystems库函数中调用运行。抗碰撞哈希函数H1(·)的输入为群GT中的元素,输出为群G中的元素,H2(·)的输入包含群G中的三个元素以及群GT中的一个元素,输出为长度为log2(q)+log2|G|,|G|表示群G中元素的长度。Step 13: The trusted authority TA selects two collision-resistant hash functions H 1 (·) and H 2 (·), both of which satisfy the collision-resistant hash function H 1 (·) and H 2 (·) All properties of the function. The anti-collision hash functions H 1 (·) and H 2 (·) described therein can be called and run from the Pairing-Based Cryptosystems library functions. The input of the collision-resistant hash function H 1 (·) is an element in the group G T , and the output is an element in the group G, and the input of H 2 (·) contains three elements in the group G and one in the group G T element, the output is log 2 (q)+log 2 |G|, and |G| represents the length of the element in the group G.

最后,系统公开参数表示为para=(G,GT,g,e,q,H1(·),H2(·))。Finally, the system public parameters are expressed as para=(G, GT , g, e, q, H 1 (·), H 2 (·)).

步骤2.每个用户根据所述公开参数生成各自的公钥及私钥,所述用户包括数据解密者。Step 2. Each user generates his own public key and private key according to the public parameters, and the user includes a data decryptor.

具体地,数据解密者Ui随机选择Zq域中的两个非0元素

Figure BDA0001784763960000071
并计算
Figure BDA0001784763960000072
Figure BDA0001784763960000073
数据解密者Ui得到公钥rpki=(Xi,1,Xi,2)以及私钥rski=(xi,1,xi,2);Xi,1和Xi,2分别表示群G上的两个幂运算。Specifically, the data decryptor U i randomly selects two non-zero elements in the Z q field
Figure BDA0001784763960000071
and calculate
Figure BDA0001784763960000072
and
Figure BDA0001784763960000073
The data decryptor U i obtains the public key rpk i =(X i,1 ,X i,2 ) and the private key rsk i =( xi,1 , xi,2 ); Xi ,1 and Xi ,2 respectively represents an exponentiation of two on the group G.

其中,

Figure BDA0001784763960000074
表示域Zq的非零元素子集{1,2,..,q-1},随机选择
Figure BDA0001784763960000075
中元素的函数能从Pairing-Based Cryptosystems库函数中调用运行。in,
Figure BDA0001784763960000074
represents a subset {1,2,..,q-1} of nonzero elements of the field Z q , chosen at random
Figure BDA0001784763960000075
The functions of the elements can be called and run from the Pairing-Based Cryptosystems library functions.

步骤3.主服务器S1和备份服务器S2分别根据所述公开参数生成各自的公钥及私钥。Step 3. The primary server S1 and the backup server S2 respectively generate their own public key and private key according to the public parameters.

具体地,服务器Si(i=1,2)随机选择域Zq中的两个非0元素

Figure BDA0001784763960000076
并计算
Figure BDA0001784763960000077
Figure BDA0001784763960000078
服务器Si得到公钥tpki=(Yi,1,Yi,2)以及私钥tski=(yi,1,yi,2);Yi,1和Yi,2分别表示群G上的两个幂运算。Specifically, the server S i (i=1,2) randomly selects two non-zero elements in the field Z q
Figure BDA0001784763960000076
and calculate
Figure BDA0001784763960000077
and
Figure BDA0001784763960000078
The server S i obtains the public key tpk i =(Y i,1 ,Y i,2 ) and the private key tsk i =(y i,1 ,y i,2 ); Yi ,1 and Yi ,2 respectively represent the group Two exponentiation operations on G.

步骤4.数据加密者根据两个数据解密者的公钥执行加密算法并生成对应的密文,所述对应的密文被发送到主服务器和备份服务器。Step 4. The data encryptor executes the encryption algorithm according to the public keys of the two data decryptors and generates corresponding ciphertexts, which are sent to the primary server and the backup server.

具体地,数据加密者随机选择域Zq中的两个非0元素

Figure BDA0001784763960000079
并计算
Figure BDA00017847639600000710
Figure BDA00017847639600000711
Figure BDA00017847639600000712
其中||表示字符串连接,
Figure BDA00017847639600000713
表示二进制异或运算,t1和t2分别表示群GT上的两个幂运算。Specifically, the data encryptor randomly selects two non-zero elements in the field Z q
Figure BDA0001784763960000079
and calculate
Figure BDA00017847639600000710
Figure BDA00017847639600000711
and
Figure BDA00017847639600000712
where || represents string concatenation,
Figure BDA00017847639600000713
Represents the binary XOR operation, and t 1 and t 2 represent the two exponentiation operations on the group GT, respectively.

数据加密者得到数据m的密文C=(c1,c2,c3,c4),存储在主服务器S1和备份服务器S2之上。The data encryptor obtains the ciphertext C=(c 1 , c 2 , c 3 , c 4 ) of the data m, which is stored on the primary server S 1 and the backup server S 2 .

其中,生成的密文C,可同时被数据解密者U1和U2解密,且数据解密者U1和U2之间无需交互;密文C被同时存在主服务器S1和备份服务器S2之上,确保两台服务器存放相同的数据,当主服务器S1发生故障、无法向用户提供服务时,可实时切换到同步的备份服务器S2Among them, the generated ciphertext C can be decrypted by the data decryptors U1 and U2 at the same time, and there is no need for interaction between the data decryptors U1 and U2 ; the ciphertext C is stored on both the primary server S1 and the backup server S2 Above, it is ensured that the two servers store the same data. When the main server S1 fails and cannot provide services to users, it can be switched to the synchronized backup server S2 in real time.

步骤5.数据解密者Ui(i=1,2)从主服务器S1或备份服务器S2下载所述对应的密文C,然后利用各自的私钥对密文C进行解密。Step 5. The data decryptor U i (i= 1 , 2 ) downloads the corresponding ciphertext C from the primary server S1 or the backup server S2, and then decrypts the ciphertext C with the respective private keys.

具体地,步骤5具体包括以下子步骤:Specifically, step 5 specifically includes the following sub-steps:

步骤51:数据解密者Ui(i=1,2)计算

Figure BDA0001784763960000081
Figure BDA0001784763960000082
Step 51: Data decryptor U i (i=1,2) calculation
Figure BDA0001784763960000081
and
Figure BDA0001784763960000082

步骤52:数据解密者Ui(i=1,2)计算

Figure BDA0001784763960000083
验证
Figure BDA0001784763960000084
Figure BDA0001784763960000085
是否成立;如果验证通过,解密者Ui(i=1,2)得到明文消息m,否则解密失败;Step 52: Calculate the data decryptor U i (i=1,2)
Figure BDA0001784763960000083
verify
Figure BDA0001784763960000084
and
Figure BDA0001784763960000085
Whether it is established; if the verification is passed, the decryptor U i (i=1, 2) obtains the plaintext message m, otherwise the decryption fails;

步骤6.数据解密者Ui(i=1,2)通过一次授权过程,生成授权令牌ctk,同时授权主服务器S1和备份服务器S2对其密文进行等值比较。Step 6. The data decryptor U i (i=1, 2) generates an authorization token ctk through an authorization process, and at the same time authorizes the primary server S 1 and the backup server S 2 to perform an equivalent comparison on its ciphertext.

具体地,所述步骤6具体包括以下子步骤:Specifically, the step 6 specifically includes the following sub-steps:

步骤61.数据解密者Ui(i=1,2)随机选择域Zq中的一个非0元素

Figure BDA0001784763960000086
计算v1=gβ,r1=e(Y1,1,Y2,1)β,r2=e(Y1,2,Y2,2)β
Figure BDA0001784763960000087
Figure BDA0001784763960000088
Step 61. The data decryptor U i (i=1,2) randomly selects a non-zero element in the field Z q
Figure BDA0001784763960000086
Calculate v 1 =g β , r 1 =e(Y 1,1 ,Y 2,1 ) β ,r 2 =e(Y 1,2 ,Y 2,2 ) β ,
Figure BDA0001784763960000087
and
Figure BDA0001784763960000088

步骤62.数据解密者Ui(i=1,2)将加密的授权令牌ctk=(v1,v2,v3)发送给主服务器S1和备份服务器S2Step 62. The data decryptor U i (i=1, 2) sends the encrypted authorization token ctk=(v 1 , v 2 , v 3 ) to the primary server S 1 and the backup server S 2 .

其中,数据解密者U1和U2均可执行步骤6,以生成密文形式的授权令牌ctk,且ctk可同时被主服务器S1和备份服务器S2解密恢复授权令牌tk,只要ctk未被破坏,主服务器S1和备份服务器S2必定可解密获得tk,在解密过程中主服务器S1和备份服务器S2无需交互,这样可确保主服务器S1和备份服务器S2能向用户提供相同的服务。Wherein, both the data decryptors U 1 and U 2 can perform step 6 to generate an authorization token ctk in the form of cipher text, and ctk can be decrypted by the primary server S 1 and the backup server S 2 to restore the authorization token tk at the same time, as long as ctk If it is not damaged, the primary server S1 and the backup server S2 must be decrypted to obtain tk. During the decryption process, the primary server S1 and the backup server S2 do not need to interact, which ensures that the primary server S1 and the backup server S2 can communicate with the user. provide the same service.

步骤7.主服务器或/和备份服务器对收到的授权令牌ctk进行解密,以得到授权令牌tk。Step 7. The primary server or/and the backup server decrypt the received authorization token ctk to obtain the authorization token tk.

服务器Si(i=1为主服务器S1,i=2为备份服务器S2)均可对收到的密文授权令牌ctk进行解密,以得到授权令牌tk。Each of the servers S i (i=1 is the primary server S 1 , i=2 is the backup server S 2 ) can decrypt the received ciphertext authorization token ctk to obtain the authorization token tk.

具体地,所述步骤7具体包括以下子步骤:Specifically, the step 7 specifically includes the following sub-steps:

步骤71.服务器Si计算

Figure BDA0001784763960000089
以及tk=v2/H1(r'1);Step 71. Server Si calculation
Figure BDA0001784763960000089
and tk=v 2 /H 1 (r' 1 );

步骤72.服务器Si计算

Figure BDA00017847639600000810
验证H2(v1||v2||tk||r'2)=v3是否成立;如果验证通过,服务器Si(i=1,2)得到正确的授权令牌tk,否则失败。Step 72. Server Si calculation
Figure BDA00017847639600000810
Verify whether H 2 (v 1 ||v 2 ||tk||r' 2 )=v3 is established; if the verification passes, the server S i (i=1,2) obtains the correct authorization token tk, otherwise it fails.

步骤8.主服务器或备份服务器利用授权令牌tk,对存储的用户密文数据进行比较,以判断被比较的用户密文是否加密了相同的明文消息。Step 8. The primary server or the backup server uses the authorization token tk to compare the stored user ciphertext data to determine whether the compared user ciphertext encrypts the same plaintext message.

服务器Si(i=1为主服务器S1,i=2为备份服务器S2)均可利用授权令牌tk,对存储的用户密文数据(如C和C’)进行比较,以判断密文C和C’是否加密了相同的明文消息;其中,密文C’和C的计算方式一致。The server S i (i=1 is the main server S 1 , i=2 is the backup server S 2 ) can use the authorization token tk to compare the stored user ciphertext data (such as C and C') to determine the password Whether the texts C and C' encrypt the same plaintext message; among them, the calculation methods of the ciphertexts C' and C are the same.

具体地,所述步骤8具体包括:Specifically, the step 8 specifically includes:

服务器Si(i=1,2)验证

Figure BDA0001784763960000091
是否成立;如果成立,输出“1”,表明密文C和C’加密了相同的明文消息,否则输出“0”,表示C和C’加密了不同的明文消息;Server S i (i=1,2) authentication
Figure BDA0001784763960000091
Whether it is established; if so, output "1", indicating that the ciphertext C and C' encrypt the same plaintext message, otherwise output "0", indicating that C and C' encrypt different plaintext messages;

其中,主服务器S1和备份服务器S2均可利用所获得的授权令牌tk,对向其颁发授权的用户的密文数据进行比较,意味着主服务器S1和备份服务器S2能向该用户提供相同的服务;此外,步骤8也支持主服务器S1和备份服务器S2对不同来源的密文数据进行等值比较,只要获得这些用户颁发的合法授权即可,如,若密文C和C’对应的授权令牌分别为tk1和tk2,服务器Si(i=1,2)验证

Figure BDA0001784763960000092
如果成立,则密文C和C’加密了相同的明文消息,否则C和C’加密了不同的明文消息。Wherein, both the primary server S1 and the backup server S2 can use the obtained authorization token tk to compare the ciphertext data of the user who issued the authorization to them, which means that the primary server S1 and the backup server S2 can issue the authorization token tk to the user. Users provide the same service; in addition, step 8 also supports the primary server S1 and the backup server S2 to perform equivalent comparison of ciphertext data from different sources, as long as the legal authorization issued by these users can be obtained, for example, if the ciphertext C The authorization tokens corresponding to C' are tk 1 and tk 2 respectively, and the server S i (i=1, 2) verifies
Figure BDA0001784763960000092
If true, then the ciphertexts C and C' encrypted the same plaintext message, otherwise C and C' encrypted different plaintext messages.

综上所述,本发明提出的一种支持备份服务器同步密文比较的方法。首先,在云存储环境下,数据发送者可以针对待加密的数据指定两个接收者,然后将密文数据存储到云端,只有指定的接收者可以获得数据的明文内容,充分确保了用户数据的隐私;其次,用户在将密文数据发送到云端时,需同时存放到主服务器和备份服务器,使得当主服务器出现故障或遭到攻击而无法为用户提供服务时,可立即切换到备份服务器,从而提升用户数据的可用性;再次,数据的两个接收者均可同时授权主服务器和备份服务器对其密文数据在不解密的前提下进行比较,不但最大限度的保障了用户数据的隐私,而且保证了主服务器和备份服务器的状态一致性;最后,数据接收者的授权以密文形式发送给主服务器和备份服务器,保证了授权在传输过程中的隐私。To sum up, the present invention proposes a method for supporting the synchronization of ciphertext comparison of the backup server. First of all, in the cloud storage environment, the data sender can specify two receivers for the data to be encrypted, and then store the ciphertext data in the cloud. Only the specified receivers can obtain the plaintext content of the data, which fully ensures the integrity of user data. Privacy; secondly, when the user sends the ciphertext data to the cloud, it needs to be stored on the main server and the backup server at the same time, so that when the main server fails or is attacked and cannot provide services for the user, it can immediately switch to the backup server. Improve the availability of user data; thirdly, the two recipients of the data can simultaneously authorize the main server and the backup server to compare their ciphertext data without decrypting it, which not only maximizes the privacy of user data, but also ensures The state consistency of the primary server and the backup server is ensured; finally, the authorization of the data receiver is sent to the primary server and the backup server in the form of cipher text, which ensures the privacy of the authorization during the transmission process.

于另一实施例中,本发明还提供一种支持备份服务器同步密文比较的装置,该装置包括:In another embodiment, the present invention also provides a device for supporting the synchronization of ciphertext comparison of a backup server, the device comprising:

初始化模块,适用于根据可信任权威机构TA选取安全参数和抗碰撞哈希函数,生成公开参数;The initialization module is suitable for selecting security parameters and anti-collision hash function according to the trusted authority TA, and generating public parameters;

用户密钥生成模块,适用于每个用户根据所述公开参数生成各自的公钥及私钥,所述用户包括数据加密者和数据解密者;A user key generation module, suitable for each user to generate their own public key and private key according to the public parameters, and the user includes a data encryptor and a data decryptor;

服务器密钥生成模块,适用于主服务器和备份服务器分别根据所述公开参数生成各自的公钥及私钥;The server key generation module is suitable for the main server and the backup server to generate their own public key and private key according to the public parameters;

数据加密模块,适用于数据加密者根据两个数据解密者的公钥执行加密算法并生成对应的密文,所述对应的密文被发送到主服务器和备份服务器;A data encryption module, which is suitable for a data encryptor to perform an encryption algorithm according to the public keys of the two data decryptors and generate corresponding ciphertexts, and the corresponding ciphertexts are sent to the primary server and the backup server;

数据解密模块,适用于数据解密者从主服务器或备份服务器下载所述对应的密文,然后利用各自的私钥对密文进行解密;The data decryption module is suitable for the data decryptor to download the corresponding ciphertext from the main server or the backup server, and then use the respective private key to decrypt the ciphertext;

授权生成模块,适用于数据解密者通过一次授权过程,生成授权令牌ctk,同时授权主服务器和备份服务器对其密文进行等值比较;The authorization generation module is suitable for the data decryptor to generate the authorization token ctk through an authorization process, and at the same time authorize the main server and the backup server to perform an equivalent comparison of its ciphertext;

授权解密模块,适用于主服务器或备份服务器对收到的授权令牌ctk进行解密,以得到授权令牌tk;The authorization decryption module is suitable for the primary server or the backup server to decrypt the received authorization token ctk to obtain the authorization token tk;

密文比较模块,适用于主服务器或备份服务器利用授权令牌tk,对存储的用户密文数据进行比较,以判断被比较的用户密文是否加密了相同的明文消息。The ciphertext comparison module is suitable for the main server or the backup server to use the authorization token tk to compare the stored user ciphertext data to judge whether the compared user ciphertext encrypts the same plaintext message.

在本实施例中,所述的初始化模块、用户密钥生成模块、服务器密钥生成模块、数据加密模块、数据解密模块、授权生成模块、授权解密模块、密文比较模块的构成或作用或实现方法都可以在另一实施例中实现,本实施例就不再赘述。In this embodiment, the initialization module, the user key generation module, the server key generation module, the data encryption module, the data decryption module, the authorization generation module, the authorization decryption module, and the ciphertext comparison module are constituted or implemented. All the methods can be implemented in another embodiment, which is not repeated in this embodiment.

本发明所述的一种支持备份服务器同步密文比较的装置保障了云存储用户数据的隐私性和可用性,降低了发送者加密数据的计算开销,实现了多用户之间的安全数据分享,利用云服务器的计算资源降低了用户的计算成本。The device for supporting the comparison of synchronous ciphertext of the backup server described in the present invention ensures the privacy and availability of user data stored in the cloud, reduces the computational overhead of the sender's encrypted data, and realizes secure data sharing among multiple users. The computing resources of the cloud server reduce the computing cost of users.

综上所述本发明在云存储环境下使用该方法对数据加密、解密、同步存储于双服务器、并对用户授权加密和解密,能保障用户数据在不完全可信的双服务器模型下的隐私和可用性。通过使用主服务器和备份服务器同时存放用户数据,以及同时获得用户的授权,当主服务器功能失效时,备份服务器可以无缝的实现功能替代;通过密文的双解密者技术,数据加密者可以指定两个预期的数据接收者或使用者,加密者只需对数据加密一次,从而降低了加密的计算开销。该方法的优点和功效是:To sum up, the present invention uses this method to encrypt, decrypt, and store data synchronously in dual servers in a cloud storage environment, and authorize encryption and decryption for users, which can ensure the privacy of user data in an incompletely trusted dual server model. and availability. By using the main server and the backup server to store user data at the same time, and to obtain the authorization of the user at the same time, when the function of the main server fails, the backup server can seamlessly realize the function replacement; through the double decryptor technology of ciphertext, the data encryptor can specify two For each intended recipient or user of the data, the encryptor only needs to encrypt the data once, thereby reducing the computational overhead of encryption. The advantages and efficacy of this method are:

1)本发明方法使用主服务器和备份服务器同时存放用户数据并同时获得用户授权,实现了两台服务器状态的同步,当主服务器由于软硬件配置故障或遭到网络攻击而无法提供服务时,系统可立即切换到备份服务器,从而不影响用户使用云存储服务的体验。主服务器和备份服务器不但存放用户的密文数据,而且在获得用户的合法授权之后,可以针对用户的密文数据执行等值比较操作,在不解密的前提下实现对密文数据集合的划分,从而减轻了用户的计算负担。1) The method of the present invention uses the main server and the backup server to store user data and obtain user authorization at the same time, which realizes the synchronization of the states of the two servers. When the main server cannot provide services due to software and hardware configuration failures or network attacks, the system can Immediately switch to a backup server without affecting the user experience of using cloud storage services. The primary server and the backup server not only store the user's ciphertext data, but also can perform an equivalent comparison operation on the user's ciphertext data after obtaining the legal authorization of the user, and realize the division of the ciphertext data set without decryption. Thus, the computational burden of the user is reduced.

2)本发明方法允许数据发送者指定两个数据接收者,通过一次加密过程生成的密文数据可以同时由这两个接收者解密,而无需重复执行两次加密过程并分别发送给两个接收者,减轻了数据加密者的计算负担。由于密文数据被存储在云服务器之上,因此实现了数据在发送者和两个接收者之间的安全分享。任一接收者从云服务器获得密文数据之后,仅需利用严密保管的解密私钥执行解密算法,即可得到对应的明文数据。2) The method of the present invention allows the data sender to designate two data receivers, and the ciphertext data generated by one encryption process can be decrypted by the two receivers at the same time, without the need to repeat the encryption process twice and send it to the two receivers respectively. It reduces the computational burden of the data encryptor. Since the ciphertext data is stored on the cloud server, the data is securely shared between the sender and the two receivers. After any recipient obtains the ciphertext data from the cloud server, it only needs to execute the decryption algorithm with the secretly kept decryption private key to obtain the corresponding plaintext data.

3)本发明方法考虑了用户密文数据比较授权的安全性,用户在向主服务器和备份服务器颁发授权时,先对其加密,然后将密文形式的授权发送给两台服务器,使得在传输过程中不会泄露授权内容。当主服务器和备份服务器分别获得密文形式的授权后,仅需利用严密保管的解密私钥执行授权解密算法,即可得到合法的用户授权。在获得用户的合法授权之前,主服务器和备份服务器均无法针对用户的密文数据进行等值比较,进一步保障了用户数据在云端存储的安全性。3) The method of the present invention considers the security of the user ciphertext data comparison authorization, when the user issues authorization to the main server and the backup server, first encrypts it, and then sends the authorization in the ciphertext form to the two servers, so that in the transmission The authorized content will not be disclosed during the process. After the primary server and the backup server respectively obtain the authorization in the form of ciphertext, they only need to execute the authorization decryption algorithm with the decryption private key which is kept strictly to obtain the legal user authorization. Before obtaining the legal authorization of the user, neither the main server nor the backup server can perform an equivalent comparison of the user's ciphertext data, which further ensures the security of the user's data stored in the cloud.

上述实施例仅例示性说明本发明的原理及其功效,而非用于限制本发明。任何熟悉此技术的人士皆可在不违背本发明的精神及范畴下,对上述实施例进行修饰或改变。因此,举凡所属技术领域中具有通常知识者在未脱离本发明所揭示的精神与技术思想下所完成的一切等效修饰或改变,仍应由本发明的权利要求所涵盖。The above-mentioned embodiments merely illustrate the principles and effects of the present invention, but are not intended to limit the present invention. Anyone skilled in the art can modify or change the above embodiments without departing from the spirit and scope of the present invention. Therefore, all equivalent modifications or changes made by those with ordinary knowledge in the technical field without departing from the spirit and technical idea disclosed in the present invention should still be covered by the claims of the present invention.

Claims (10)

1. A method for supporting synchronous ciphertext comparison of a backup server is characterized by comprising the following steps:
a trusted authority TA selects a safety parameter and a collision-resistant hash function to generate a public parameter; the method specifically comprises the following steps: the trusted authority TA inputs the system security parameter lambda and runs the initialization algorithm gamma (1)λ) Outputs two groups G and G of prime qTAnd a bilinear mapping operation e: GXG → GTWherein, the initialization algorithm gamma (1)λ) The operation method comprises the following steps: the trusted authority TA inputs a system security parameter lambda, and the system selects a corresponding elliptic curve according to the size of lambda: y is2=X3+ aX + b, a and b are coefficients, with points on the elliptic curve forming two prime q-th order clusters G, GTSelecting a mapping function e to map the elements in the group G to the group GTPerforming the following steps;
each user generates a respective public key and a private key according to the public parameters, and the users comprise data decryptors;
the main server and the backup server respectively generate respective public keys and private keys according to the public parameters;
the data encryptor executes an encryption algorithm according to the public keys of the two data decryptors and generates corresponding ciphertexts, and the corresponding ciphertexts are sent to the main server and the backup server;
the data decryptor downloads the corresponding ciphertext from the main server or the backup server, and then decrypts the ciphertext by using respective private key;
a data decryptor generates an authorization token ctk through a one-time authorization process, and meanwhile, the main authorization server and the backup authorization server perform equivalence comparison on ciphertexts of the main authorization server and the backup authorization server;
the main server or the backup server decrypts the received authorization token ctk to obtain an authorization token tk;
the main server or the backup server compares the stored user ciphertext data by using the authorization token tk to judge whether the compared user ciphertext encrypts the same plaintext message.
2. The method for supporting comparison of synchronous ciphertexts of a backup server according to claim 1, wherein the public parameters specifically include: para ═ GT,g,e,q,H1(·),H2(. DEG)), wherein G and GTFor two groups with prime number q, e represents bilinear mapping operation e, G × G → GT,H1(. and H)2(. cndot.) denotes the collision-resistant hash function, respectively, and G is an element in the group G.
3. The method of claim 2, wherein the step of generating a public key and a private key for each user according to the public parameters specifically comprises:
user UiRandom selection of ZqTwo non-0 elements x in a domaini,1,xi,2And calculating two exponentiations X on the group Gi,1And Xi,2Wherein x isi,1,
Figure FDA0002809743170000011
Figure FDA0002809743170000012
Representation field ZqIs given as a non-zero subset of elements {1,2, ·, q-1}},i=1,2,
Figure FDA0002809743170000013
User UiGet the public key rpki=(Xi,1,Xi,2) And private key rski=(xi,1,xi,2) And G is an element in group G.
4. The method of claim 3, wherein the step of generating the public key and the private key of the primary server and the backup server according to the public parameter respectively comprises:
server SiRandomly selecting field ZqTwo non-0 elements y in (1)i,1,yi,2And calculating two exponentiations Y on the group Gi,1And Yi,2Wherein y isi,1,
Figure FDA0002809743170000021
Server SiGet the public key tpki=(Yi,1,Yi,2) And private key tski=(yi,1,yi,2)。
5. The method for supporting comparison of synchronous ciphertexts of a backup server according to claim 4, wherein the data encryptor executes an encryption algorithm according to the public keys of the two data decryptors and generates corresponding ciphertexts specifically comprises:
random selection of domain Z by data encryptorqTwo non-0 elements of (1)12And calculating a ciphertext C of the data m, where C ═ (C)1,c2,c3,c4),
Figure FDA0002809743170000022
The | | represents the character string concatenation,
Figure FDA0002809743170000023
representing a binary exclusive-OR operation, alpha1,
Figure FDA0002809743170000024
t1And t2Respectively represent group GTThe two power operations of the above are performed,
Figure FDA0002809743170000025
6. the method of claim 5, wherein the data decryptor downloads the corresponding ciphertext from the primary server or the backup server, and then decrypts the ciphertext with a respective private key specifically comprises:
data decryptor UiComputing group GTOf power over t'2And m | | | α1
Figure FDA0002809743170000026
Data decryptor UiComputing group GTOf power over t'1
Figure FDA0002809743170000027
And verify
Figure FDA0002809743170000028
And
Figure FDA0002809743170000029
whether the result is true or not; if true, the decryptor UiAnd obtaining a plaintext message m, otherwise, failing to decrypt.
7. The method for supporting comparison of synchronous ciphertexts of a backup server according to claim 6, wherein the data decryptor generates an authorization token ctk through an authorization process, and the authorization of the main server and the backup server to perform equivalence comparison on the ciphertexts thereof specifically comprises:
data decryptor UiRandomly selecting field ZqIs not a 0 element beta, calculates v1,v2And v3(ii) a Wherein,
Figure FDA00028097431700000210
r1,r2respectively represent group GTTwo power operations of r1=e(Y1,1,Y2,1)β,r2=e(Y1,2,Y2,2)β,v1=gβ
Figure FDA00028097431700000211
Figure FDA00028097431700000212
Data decryptor UiThe encrypted authorization token ctk is given by (v)1,v2,v3) Is sent to the main server S1And a backup server S2
8. The method of claim 7, wherein the decrypting, by the primary server or the backup server, the received authorization token ctk to obtain the authorization token tk specifically comprises:
server SiComputing group GTOf power-over operation r'1、r'2And an authorization token tk, wherein
Figure FDA00028097431700000213
tk=v2/H1(r'1);
Verification H2(v1||v2||tk||r'2)=v3Whether the result is true or not; if so, the server SiGet the correct authorization token tk, otherwise fail.
9. The method of claim 8, wherein the step of comparing the stored user ciphertext data with the authorization token tk by the primary server or the backup server to determine whether the compared user ciphertext encrypts the same plaintext message specifically comprises:
server SiAuthentication
Figure FDA0002809743170000031
Whether the result is true or not; if so, the ciphertext C and the ciphertext C 'encrypt the same plaintext message, otherwise, the ciphertext C and the ciphertext C' encrypt different plaintext messages.
10. An apparatus based on the method for supporting comparison of synchronization ciphertexts of the backup server as claimed in any one of claims 1 to 9, wherein the apparatus comprises:
the initialization module is suitable for selecting safety parameters and a collision-resistant hash function according to a trusted authority TA to generate public parameters; the user key generation module is suitable for each user to generate a respective public key and a private key according to the public parameters, and the users comprise a data encryptor and a data decryptor;
the server key generation module is suitable for the main server and the backup server to generate respective public keys and private keys according to the public parameters respectively;
the data encryption module is suitable for a data encryptor to execute an encryption algorithm according to public keys of two data decryptors and generate corresponding ciphertexts, and the corresponding ciphertexts are sent to the main server and the backup server;
the data decryption module is suitable for a data decryptor to download the corresponding ciphertext from the main server or the backup server and then decrypt the ciphertext by utilizing respective private keys;
the authorization generation module is suitable for generating an authorization token ctk by a data decryptor through an authorization process, and simultaneously authorizing the main server and the backup server to perform equivalence comparison on ciphertexts of the main server and the backup server;
the authorization decryption module is suitable for the main server or the backup server to decrypt the received authorization token ctk so as to obtain an authorization token tk;
and the ciphertext comparison module is suitable for the main server or the backup server to compare the stored user ciphertext data by using the authorization token tk so as to judge whether the compared user ciphertext encrypts the same plaintext message.
CN201811009670.4A 2018-08-31 2018-08-31 A Method for Supporting Synchronous Ciphertext Comparison of Backup Servers Active CN109246098B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811009670.4A CN109246098B (en) 2018-08-31 2018-08-31 A Method for Supporting Synchronous Ciphertext Comparison of Backup Servers

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811009670.4A CN109246098B (en) 2018-08-31 2018-08-31 A Method for Supporting Synchronous Ciphertext Comparison of Backup Servers

Publications (2)

Publication Number Publication Date
CN109246098A CN109246098A (en) 2019-01-18
CN109246098B true CN109246098B (en) 2021-02-19

Family

ID=65069107

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811009670.4A Active CN109246098B (en) 2018-08-31 2018-08-31 A Method for Supporting Synchronous Ciphertext Comparison of Backup Servers

Country Status (1)

Country Link
CN (1) CN109246098B (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109784094B (en) * 2019-01-21 2023-05-30 桂林电子科技大学 A batch outsourcing data integrity audit method and system supporting preprocessing
CN110474764B (en) * 2019-07-17 2021-03-26 华南农业大学 Ciphertext data set intersection calculation method, device, system, client, server and medium
CN111064770B (en) * 2019-11-12 2021-11-05 国网辽宁省电力有限公司信息通信分公司 A method and system for data bypass capture and synchronization of power grid system
CN113972984B (en) * 2020-07-24 2024-03-19 中国移动通信集团浙江有限公司 ElGamal ciphertext equivalent judgment method and device
WO2022094829A1 (en) * 2020-11-05 2022-05-12 深圳技术大学 Data security comparison protocol implementation method and system, electronic apparatus, and storage medium
CN113411305A (en) * 2021-05-14 2021-09-17 桂林电子科技大学 Ciphertext equivalence comparison method based on double-server model
CN113779593A (en) * 2021-08-13 2021-12-10 桂林电子科技大学 An identity-based dual-server authorization ciphertext equivalent determination method
CN115378666A (en) * 2022-08-04 2022-11-22 山东大学 Public key encryption method and system supporting outsourced ciphertext data equality testing
CN115499229B (en) * 2022-09-22 2024-05-17 淮阴工学院 Identity-based cloud storage encrypted data conversion method and system
CN115632764B (en) * 2022-09-26 2024-10-11 海南大学 Industrial Internet of Things Cloud Ciphertext Data Comparison Method
CN116737704B (en) * 2023-06-02 2024-04-12 广州芳禾数据有限公司 System and method for reducing redundancy and redundancy of consumption data in ciphertext state

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103440463A (en) * 2013-09-17 2013-12-11 上海颐东网络信息有限公司 Electronic file protection method based on label
CN105610793A (en) * 2015-12-18 2016-05-25 江苏大学 Outsourced data encrypted storage and cryptograph query system and application method therefor
CN106250453A (en) * 2016-07-27 2016-12-21 北京电子科技学院 The cipher text retrieval method of numeric type data based on cloud storage and device
CN107122449A (en) * 2017-04-25 2017-09-01 安徽大学 File classification method and system based on public key encryption in multi-user environment
CN108132977A (en) * 2017-12-12 2018-06-08 华南农业大学 Ciphertext database querying method and system based on vertical division

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7346160B2 (en) * 2003-04-23 2008-03-18 Michaelsen David L Randomization-based encryption apparatus and method

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103440463A (en) * 2013-09-17 2013-12-11 上海颐东网络信息有限公司 Electronic file protection method based on label
CN105610793A (en) * 2015-12-18 2016-05-25 江苏大学 Outsourced data encrypted storage and cryptograph query system and application method therefor
CN106250453A (en) * 2016-07-27 2016-12-21 北京电子科技学院 The cipher text retrieval method of numeric type data based on cloud storage and device
CN107122449A (en) * 2017-04-25 2017-09-01 安徽大学 File classification method and system based on public key encryption in multi-user environment
CN108132977A (en) * 2017-12-12 2018-06-08 华南农业大学 Ciphertext database querying method and system based on vertical division

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
云计算中基于身份的双服务器密文等值判定协议;吴黎兵 等;《计算机研究与发展》;20171015;第54卷(第10期);正文第2节第一段至第5节最后一段 *

Also Published As

Publication number Publication date
CN109246098A (en) 2019-01-18

Similar Documents

Publication Publication Date Title
CN109246098B (en) A Method for Supporting Synchronous Ciphertext Comparison of Backup Servers
CN111740828B (en) Key generation method, device and equipment and encryption and decryption method
Hohenberger et al. Online/offline attribute-based encryption
US9246674B2 (en) Generation of cryptographic keys
CN104270249B (en) It is a kind of from the label decryption method without certificate environment to identity-based environment
CN109831430B (en) A safe, controllable and efficient data sharing method and system in a cloud computing environment
US20240356730A1 (en) Computer-implemented system and method for highly secure, high speed encryption and transmission of data
CN104301108B (en) It is a kind of from identity-based environment to the label decryption method without certificate environment
CN104320393B (en) The controllable efficient attribute base proxy re-encryption method of re-encryption
CN107947913A (en) The anonymous authentication method and system of a kind of identity-based
CN105933345B (en) A Verifiable Outsourcing Attribute-Based Encryption Method Based on Linear Secret Sharing
US20150043735A1 (en) Re-encrypted data verification program, re-encryption apparatus and re-encryption system
KR101516114B1 (en) Certificate-based proxy re-encryption method and its system
CN111342976A (en) A verifiable ideal lattice threshold proxy re-encryption method and system
CN106161428A (en) A kind of ciphertext can the encryption attribute scheme of comparison of equalization
Singh et al. Secured user's authentication and private data storage-access scheme in cloud computing using Elliptic curve cryptography
CN113271209A (en) Trustable public key encryption system and method based on non-interactive zero-knowledge proof
CN106713349B (en) Inter-group proxy re-encryption method capable of resisting attack of selecting cipher text
US20200235915A1 (en) Computer-implemented system and method for highly secure, high speed encryption and transmission of data
Chatterjee et al. Cryptography in cloud computing: a basic approach to ensure security in cloud
CN106790259A (en) A kind of asymmetric across cryptographic system re-encryption, decryption method and system
WO2025043917A1 (en) Method for implementing threshold signature, computer device, and storage medium
CN117240467A (en) A method, system and node for implementing threshold signature
CN107682158B (en) A Managed Authenticated Encryption Method
Peng et al. Efficient distributed decryption scheme for IoT gateway-based applications

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20190118

Assignee: Guilin Weisichuang Technology Co.,Ltd.

Assignor: GUILIN University OF ELECTRONIC TECHNOLOGY

Contract record no.: X2023980046257

Denomination of invention: A method for supporting synchronous ciphertext comparison between backup servers

Granted publication date: 20210219

License type: Common License

Record date: 20231108