CN109508552B - Privacy protection method of distributed cloud storage system - Google Patents

Privacy protection method of distributed cloud storage system Download PDF

Info

Publication number
CN109508552B
CN109508552B CN201811330536.4A CN201811330536A CN109508552B CN 109508552 B CN109508552 B CN 109508552B CN 201811330536 A CN201811330536 A CN 201811330536A CN 109508552 B CN109508552 B CN 109508552B
Authority
CN
China
Prior art keywords
transaction
file
hash
data owner
ownership
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811330536.4A
Other languages
Chinese (zh)
Other versions
CN109508552A (en
Inventor
王良民
孙世璞
姜顺荣
余春堂
段梦杰
谢晴晴
邢玉萍
朱会娟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Bozhi Safety Technology Co ltd
Original Assignee
Jiangsu University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangsu University filed Critical Jiangsu University
Priority to CN201811330536.4A priority Critical patent/CN109508552B/en
Publication of CN109508552A publication Critical patent/CN109508552A/en
Application granted granted Critical
Publication of CN109508552B publication Critical patent/CN109508552B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • G06Q20/06Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme
    • G06Q20/065Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme using e-cash
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3823Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions
    • G06Q30/0645Rental transactions; Leasing transactions
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Theoretical Computer Science (AREA)
  • Finance (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Technology Law (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a privacy protection method of a distributed cloud storage system, which comprises a user, a miner and a storage provider, and realizes the operations of system initialization, file uploading, file sharing, file downloading, file deletion and the like. The invention combines the distributed cloud storage system with the block chain technology, takes the file ownership processing process as transaction processing, and realizes the privacy protection of the file ownership processing process in the distributed cloud storage system, including the hiding of a sender, a receiver and transaction contents. In addition, the invention can effectively resist replay attack and data forgery attack while ensuring the privacy of the user.

Description

分布式云存储系统的隐私保护方法Privacy Protection Method of Distributed Cloud Storage System

技术领域technical field

本发明涉及一种分布式存储技术,具体涉及一种分布式云存储系统的隐私保护方法。The invention relates to a distributed storage technology, in particular to a privacy protection method of a distributed cloud storage system.

背景技术Background technique

随着云存储技术的发展,用户可以很方便的将数据外包到云中,并在云中对数据进行分享、下载、修改等操作。然而传统的云存储模型几乎唯一的依赖于中心化的云服务器来提供服务,这种基于客户端-服务端信任的模式具有一些固有弱点,很容易受到攻击,比如中间人攻击、恶意软件攻击、中心化的服务器也可能因技术故障导致数据不可用以及用户隐私的泄露。分布式云存储可以较好的解决这些问题。常见的分布式云存储系统有HDFS、Ceph、Pangu等。分布式云存储系统去除了中心化的服务器,保证了数据的可靠性,同时,还具有存储容量大、高吞吐量、服务高可用、高效运维、低成本等优点。With the development of cloud storage technology, users can easily outsource data to the cloud, and share, download, and modify data in the cloud. However, the traditional cloud storage model almost exclusively relies on centralized cloud servers to provide services. This client-server trust-based model has some inherent weaknesses and is vulnerable to attacks, such as man-in-the-middle attacks, malware attacks, central Servers that are decentralised may also cause data unavailability and leakage of user privacy due to technical failures. Distributed cloud storage can better solve these problems. Common distributed cloud storage systems include HDFS, Ceph, Pangu, etc. The distributed cloud storage system removes the centralized server and ensures the reliability of data. At the same time, it also has the advantages of large storage capacity, high throughput, high service availability, efficient operation and maintenance, and low cost.

另外,区块链技术的快速发展,使得越来越多的应用将区块链使用到分布式云存储中。区块链的引入,为系统提供了奖励机制,使得更多的用户参与到系统中。进一步的,可以使用区块链的防篡改功能,为云存储系统提供便利,增加安全性,这一改进使得基于区块链的分布式云存储系统越来越流行,常见的基于区块链的分布式云存储系统有Storj,IPFS等。In addition, the rapid development of blockchain technology makes more and more applications use blockchain in distributed cloud storage. The introduction of blockchain provides a reward mechanism for the system, allowing more users to participate in the system. Further, the tamper-proof function of blockchain can be used to provide convenience for cloud storage systems and increase security. This improvement makes blockchain-based distributed cloud storage systems more and more popular. Distributed cloud storage systems include Storj, IPFS, etc.

基于区块链的分布式云存储系统没有中心化的服务器。因此,具有中心化的云存储模型所不具备的一些优点:首先,没有了中心化的服务器,因服务器故障以及服务器安全漏洞造成的数据不可用问题大大降低;其次,采用用户侧加密保证了数据安全性,采用可恢复性证明保证了数据的完整性;另外,开放的存储市场可以降低存储成本,并且在抵制审查制度、外部干预、非授权访问等方面具有一定的优势。Blockchain-based distributed cloud storage systems do not have centralized servers. Therefore, it has some advantages that the centralized cloud storage model does not have: first, without a centralized server, the problem of data unavailability caused by server failure and server security loopholes is greatly reduced; second, the use of user-side encryption ensures data Security, the use of recoverability proofs to ensure data integrity; in addition, an open storage market can reduce storage costs, and has certain advantages in resisting censorship, external intervention, and unauthorized access.

以Storj为例,分布式云存储的存储过程:Storj鼓励用户将自己空闲的硬盘空间出租给网络,组成分布式的的存储空间,这样的用户被称为农户,相当于比特币网络中的矿工。当用户要上传文件时,首先,由用户在客户端对文件进行分块、加密,然后分散地存储到网络,并使用分布式哈希表(DHT)来存储文件碎片的位置信息。文件碎片存取能更好的保护数据安全性,因为没有一个农户拥有完整的副本。其次,为保证文件可用性,Storj提供了可恢复性证明以及冗余策略。另外,Storj采用区块链来记录信息,而不是采用中心化的数据库。区块链上并不存储文件内容,而是存储文件的元数据,包括文件的哈希、merkle根以及其他必要信息。最后,Storj提供了一种奖励机制,为区块链矿工和提供存储空间的农户提供代币奖励。然而,Storj采用中本聪式的区块链,账本是开放的,每个人都可以看到里面的每一笔交易以及交易的踪迹,因此存在隐私泄露问题。Taking Storj as an example, the storage process of distributed cloud storage: Storj encourages users to rent their free hard disk space to the network to form a distributed storage space. Such users are called farmers, which are equivalent to miners in the Bitcoin network. . When a user wants to upload a file, first, the user blocks and encrypts the file on the client side, and then stores it in a decentralized manner on the network, and uses a distributed hash table (DHT) to store the location information of the file fragments. Fragmented file access can better protect data security because no farmer has a complete copy. Second, to ensure file availability, Storj provides recoverability proofs and redundancy strategies. In addition, Storj uses the blockchain to record information, rather than a centralized database. The file content is not stored on the blockchain, but the metadata of the file, including the hash of the file, the merkle root, and other necessary information. Finally, Storj provides a reward mechanism that provides token rewards to blockchain miners and farmers who provide storage space. However, Storj uses a Nakamoto-style blockchain, and the ledger is open, and everyone can see every transaction in it and the trace of the transaction, so there is a privacy leak problem.

关于区块链数据隐私保护问题,已有一些工作。DASH使用混币技术来提供支付的保密性,通过将不同的交易混合然后分发给接收者,以此实现交易的匿名。ZCASH使用零知识证明技术,保证了只有那些拥有查看密钥的人才能看到交易的内容。用户拥有完全的控制权,他们可自行选择向其他人提供查看密钥。Monero对交易进行完全的隐藏,可以对交易发送方、接收方、交易内容进行隐匿。对于分布式云存储的隐私保护方案,目前已有一些工作,主要是对分布式云存储的奖励机制进行隐藏,实现分布式云存储过程中代币交易过程的隐私保护,分别对交易发送方、接收方、交易内容进行隐藏。对于交易发送方,采用环签名进行隐藏;对于交易接收方,采用隐匿地址技术;对于交易内容,采用混币方法。但是,该方案只对分布式云存储的代币交易过程进行隐私保护,对于文件存储过程,隐私泄露问题依旧存在。There has been some work on the issue of blockchain data privacy protection. DASH uses mixing technology to provide payment confidentiality by mixing different transactions and then distributing them to recipients, thereby achieving transaction anonymity. ZCASH uses zero-knowledge proof technology, which guarantees that only those with the viewing key can see the contents of the transaction. Users have full control, and they can choose to provide viewing keys to others. Monero completely hides the transaction, and can hide the transaction sender, receiver, and transaction content. For the privacy protection scheme of distributed cloud storage, there are some works, mainly to hide the reward mechanism of distributed cloud storage, to realize the privacy protection of the token transaction process in the process of distributed cloud storage, and to protect the transaction sender, The recipient and transaction content are hidden. For the transaction sender, the ring signature is used for hiding; for the transaction receiver, the hidden address technology is used; for the transaction content, the currency mixing method is used. However, this solution only protects the privacy of the token transaction process of distributed cloud storage. For the file storage process, the problem of privacy leakage still exists.

发明内容SUMMARY OF THE INVENTION

发明目的:本发明的目的在于解决现有技术中存在的不足,提供一种分布式云存储系统的隐私保护方法,本发明实现分布式云存储过程中的隐私保护,不仅实现交易过程的隐私保护,而且实现存储过程中用户相关、文件相关的隐私保护。Purpose of the invention: The purpose of the present invention is to solve the deficiencies in the prior art, and to provide a privacy protection method for a distributed cloud storage system. The present invention realizes the privacy protection in the distributed cloud storage process, and not only realizes the privacy protection in the transaction process. , and realize user-related and file-related privacy protection in the storage process.

技术方案:本发明的一种分布式云存储系统的隐私保护方法,所述分布式云存储系统包括用户、矿工和存储提供方;用户包括数据所有者μi和数据使用者μj,数据所有者μi使用系统服务将数据外包给存储提供方,进行下载和删除操作,同时数据所有者μi将文件分享给数据使用者μj;矿工和存储提供方为用户提供分布式云存储服务,其中,矿工负责打包区块和维护区块,存储提供方将自己空闲的硬盘空间出租给网络组成分布式的存储空间;另外,矿工和存储提供方通过提供服务获得代币奖励;Technical solution: a privacy protection method for a distributed cloud storage system of the present invention, the distributed cloud storage system includes users, miners and storage providers; users include data owners μ i and data users μ j , and data owners The user μ i uses system services to outsource the data to the storage provider for download and deletion operations, while the data owner μ i shares the file with the data user μ j ; miners and storage providers provide users with distributed cloud storage services, Among them, miners are responsible for packaging blocks and maintaining blocks, and storage providers rent their free hard disk space to the network to form distributed storage space; in addition, miners and storage providers obtain token rewards for providing services;

隐私保护方法具体包括以下步骤:The privacy protection method specifically includes the following steps:

(1)系统初始化:输入公共参数(l,G),l为基点的素数阶,G为椭圆曲线的基点;用户选取随机数a∈[1,l-1],b∈[1,l-1]组成私钥对(a,b),a≠b;同时,用户计算A=aG,B=bG,作为公钥对(A,B);另外,用户计算ripemd160(sha256(A,B))作为其标准地址,同时也作为其ID;(1) System initialization: input common parameters (l, G), l is the prime order of the base point, G is the base point of the elliptic curve; the user selects random numbers a∈[1,l-1], b∈[1,l- 1] Form a private key pair (a, b), a≠b; at the same time, the user calculates A=aG, B=bG as the public key pair (A, B); in addition, the user calculates the ripemd160(sha256(A,B) ) as its standard address and also as its ID;

l=2252+27742317777372353535851937790883648493;l=2 252 +27742317777372353535851937790883648493;

(2)文件上传,即数据所有者μi要将文件Fi上传到分布式存储系统;(2) file upload, that is, the data owner μ i will upload the file F i to the distributed storage system;

(3)文件删除,即数据所有者μi要删除其对于文件Fi的所有权;(3) File deletion, that is, the data owner μ i wants to delete his ownership of the file F i ;

(4)文件分享,即文件Fi的所有者μi授予数据使用者μj文件Fi的所有权;(4) File sharing, that is, the owner μ i of the file F i grants the data user μ j the ownership of the file F i ;

(5)文件下载。(5) File download.

进一步的,所述步骤(2)的详细过程如下:Further, the detailed process of the step (2) is as follows:

(2.1)数据所有者μi选取哈希函数

Figure BDA0001859851590000031
例如SHA-256,并计算文件Fi的哈希值hashi=H(Fi),然后数据所有者μi向系统广播上传请求:(2.1) The data owner μ i selects the hash function
Figure BDA0001859851590000031
For example, SHA-256, and calculate the hash value of file F i , hash i =H(F i ), and then the data owner μ i broadcasts the upload request to the system:

Figure BDA0001859851590000032
Figure BDA0001859851590000032

其中,hashi为文件Fi的哈希值,

Figure BDA0001859851590000033
为数据所有者μi的标准地址;Among them, hash i is the hash value of file F i ,
Figure BDA0001859851590000033
is the standard address of the data owner μ i ;

(2.2)当系统接收到数据所有者μi的上传请求,系统中的矿工开始执行工作量证明算法POW来争取记账权(即交易打包权);执行完POW算法后,假定矿工Nodej获取到记账权;然后矿工Nodej通知数据所有者μi开始上传文件:(2.2) When the system receives the upload request from the data owner μ i , the miners in the system begin to execute the proof-of-work algorithm POW to strive for the right of bookkeeping (that is, the right to package the transaction); after executing the POW algorithm, it is assumed that the miner Node j obtains the to the accounting right; then the miner Node j notifies the data owner μ i to start uploading files:

Nodej→μi:upload,hashi Node j →μ i :upload,hash i

(2.3)当数据所有者μi接收到上传指令,μi在客户端侧使用同态加密算法AES256-CTR加密文件Fi:Fi′=Enc(Fi),其中加密密钥为文件哈希hashi;然后,μi在客户端侧对加密后的文件Fi′进行分块得到文件碎片{shard1,shard2,...,shardn},其中每个碎片大小为8M,不足8M的空间用0填充;接着数据所有者μi求取各碎片哈希{hashsh1,hashsh2,...,hashshn}并建立Merkle Tree,用于文件审计;最后,μi将文件碎片分散地存储在系统中,并在分布式哈希表(DHT)中生成文件索引;同时,矿工Nodej将文件元数据(Merkle根、文件哈希值等)打包进区块,其中metadata={hashi,MerkleRooti};矿工Nodej通知数据所有者μi开始打包交易:(2.3) When the data owner μ i receives the upload instruction, μ i uses the homomorphic encryption algorithm AES256-CTR to encrypt the file F i on the client side: F i ′=Enc(F i ), where the encryption key is the file hash Then, μ i divides the encrypted file F i into blocks on the client side to obtain file fragments {shard 1 , shard 2 ,..., shard n }, wherein the size of each fragment is 8M, which is not enough The 8M space is filled with 0; then the data owner μ i obtains each fragment hash {hash sh1 , hash sh2 ,..., hash shn } and establishes a Merkle Tree for file auditing; finally, μ i fragments the file Distributed storage in the system, and generate file index in distributed hash table (DHT); at the same time, miner Node j packs file metadata (Merkle root, file hash value, etc.) into blocks, where metadata={ hash i , MerkleRoot i }; the miner Node j notifies the data owner μ i to start packaging transactions:

Nodej→μi:transaction,hashi Node j → μ i : transaction, hash i

(2.4)当数据所有者μi接收到交易打包指令,μi开始生成文件上传交易Txk,上传交易中交易发送方和接收方都是数据所有者μi(2.4) When the data owner μ i receives the transaction packaging instruction, μ i starts to generate the file upload transaction Tx k , and the transaction sender and receiver in the upload transaction are both the data owner μ i .

进一步的,所述步骤(2.4)中文件上传交易生成的具体过程如下:Further, the specific process of generating the file upload transaction in the step (2.4) is as follows:

(2.4.1)μi选取随机数rk∈[1,l-1];然后μi计算隐匿地址

Figure BDA0001859851590000041
交易公钥Rk=rkG,其中
Figure BDA0001859851590000042
为数据所有者μi的公钥对,
Figure BDA0001859851590000043
为密码散列函数;(2.4.1) μ i selects a random number r k ∈[1,l-1]; then μ i calculates the hidden address
Figure BDA0001859851590000041
The transaction public key R k =r k G, where
Figure BDA0001859851590000042
is the public key pair of the data owner μ i ,
Figure BDA0001859851590000043
is a cryptographic hash function;

(2.4.2)μi选取随机数xk∈[1,l-1]作为私钥,并计算对应的公钥PKk=xkG,密钥镜像

Figure BDA0001859851590000044
其中,
Figure BDA0001859851590000045
为确定性哈希函数;(2.4.2) μ i selects a random number x k ∈ [1,l-1] as the private key, and calculates the corresponding public key PK k = x k G, the key mirror image
Figure BDA0001859851590000044
in,
Figure BDA0001859851590000045
is a deterministic hash function;

(2.4.3)μi使用对称加密算法计算

Figure BDA0001859851590000046
作为交易内容Proofk,用于授予交易接收方文件所有权,并可用于文件所有权验证,其中
Figure BDA0001859851590000047
R为随机数,
Figure BDA0001859851590000048
为μi的标准地址,同时作为对称加密密钥;(2.4.3) μ i is calculated using symmetric encryption algorithm
Figure BDA0001859851590000046
As the transaction content Proof k , it is used to grant the transaction recipient file ownership and can be used for file ownership verification, where
Figure BDA0001859851590000047
R is a random number,
Figure BDA0001859851590000048
is the standard address of μ i , and is also used as a symmetric encryption key;

(2.4.4)μi将Rk,Pk,Ik以及Proofk打包进交易Txk,然后μi计算环签名σk,对交易Txk进行签名并发送到网络;网络中任何一方都可以验证交易签名,并且不会泄露交易发送方;(2.4.4) μ i packs R k , P k , I k and Proof k into the transaction Tx k , then μ i calculates the ring signature σ k , signs the transaction Tx k and sends it to the network; any party in the network can Transaction signatures can be verified without revealing the sender of the transaction;

(2.4.5)矿工节点Nodej验证交易并将交易打包进区块;(2.4.5) The miner node Node j verifies the transaction and packs the transaction into the block;

其中,数据所有者μi作为交易接收方向矿工节点Nodej发送交易Txk信息Pk,Ik,Proofk来验证μi对于文件Fi的所有权,并用于消费(分享、删除、下载操作)。Among them, the data owner μ i as the transaction receiver sends the transaction Tx k information P k , I k , Proof k to the miner node Node j to verify μ i 's ownership of the file F i and use it for consumption (share, delete, download operations) .

进一步的,所述步骤(3)中数据所有者删除文件所有权的详细过程如下:Further, in described step (3), the detailed process that data owner deletes file ownership is as follows:

(3.1)首先,数据所有者μi向系统广播删除请求:(3.1) First, the data owner μ i broadcasts a deletion request to the system:

Figure BDA0001859851590000051
Figure BDA0001859851590000051

其中,hashi为文件Fi哈希;Pk是能够证明μi对文件Fi的所有权的交易的隐匿地址,

Figure BDA0001859851590000052
为数据所有者μi标准地址;Among them, hash i is the hash of the file F i ; P k is the hidden address of the transaction that can prove the ownership of μ i to the file F i ,
Figure BDA0001859851590000052
is the standard address of the data owner μi ;

(3.2)当系统接收到μi的删除请求,系统中的矿工开始执行工作量证明算法POW来争取记账权;执行完POW算法后,假定矿工节点Nodej获取到记账权;(3.2) When the system receives the deletion request of μ i , the miners in the system start to execute the proof-of-work algorithm POW to strive for the accounting right; after executing the POW algorithm, it is assumed that the miner node Node j obtains the accounting right;

(3.3)矿工节点Nodej验证μi对文件Fi的所有权;(3.3) The miner node Node j verifies the ownership of the file F i by μ i ;

(3.4)当数据所有者μi通过所有权验证以后,矿工节点Nodej从地址为Pk的交易获取其密钥镜像Ik,并将Ik添加到交易失效名单Blacklist,并向全网广播;网络中的矿工节点接收到广播以后更新交易失效名单Blacklist;(3.4) After the data owner μ i passes the ownership verification, the miner node Node j obtains its key image I k from the transaction whose address is P k , adds I k to the transaction invalidation list Blacklist, and broadcasts it to the entire network; After receiving the broadcast, the miner nodes in the network update the transaction invalidation list Blacklist;

上述所有权验证方法为:The above ownership verification methods are:

Figure BDA0001859851590000053
Figure BDA0001859851590000053

Figure BDA0001859851590000061
Figure BDA0001859851590000061

进一步的,所述步骤(4)中数据所有者μi要分享文件Fi给数据使用者μj的详细过程如下:Further, in the step (4), the detailed process of the data owner μ i to share the file F i to the data user μ j is as follows:

(4.1)首先,μi向系统广播分享请求:(4.1) First, μ i broadcasts a sharing request to the system:

Figure BDA0001859851590000062
Figure BDA0001859851590000062

其中,hashi为文件Fi哈希;Pk是能够证明μi对文件Fi的所有权的交易的隐匿地址;

Figure BDA0001859851590000063
分别为数据所有者μi和数据使用者μj的标准地址;Among them, hash i is the hash of the file F i ; P k is the hidden address of the transaction that can prove the ownership of the file F i by μ i ;
Figure BDA0001859851590000063
are the standard addresses of data owner μ i and data user μ j , respectively;

(4.2)当系统接收到μi的分享请求,系统中的矿工开始执行工作量证明算法POW来争取记账权;执行完POW算法后,假定矿工节点Nodej获取到记账权;(4.2) When the system receives the sharing request of μ i , the miners in the system start to execute the proof-of-work algorithm POW to strive for the accounting right; after the POW algorithm is executed, it is assumed that the miner node Node j obtains the accounting right;

(4.3)矿工节点Nodej验证μi对文件Fi的所有权;(4.3) The miner node Node j verifies the ownership of the file F i by μ i ;

(4.4)μi通过所有权验证以后,Nodej向μi发送分享指令:(4.4) After μ i passes the ownership verification, Node j sends a sharing instruction to μ i :

Figure BDA0001859851590000064
Figure BDA0001859851590000064

(4.5)当μi接收到指令,开始生成文件分享交易Txτ,其中,μi作为交易发送方,μj作为交易接收方;(4.5) When μ i receives the instruction, it starts to generate the file sharing transaction Tx τ , where μ i is the transaction sender and μ j is the transaction receiver;

(4.6)μj作为交易接收方,检查每一个新生成的区块中的交易,提取交易中的隐匿地址P和交易公钥R′,使用自己的私钥对

Figure BDA0001859851590000065
计算
Figure BDA0001859851590000066
判断
Figure BDA0001859851590000067
其中,
Figure BDA0001859851590000068
为密码散列函数;由于
Figure BDA0001859851590000069
如果μj为该交易的接收方,则等式成立;反之,不成立;(4.6) μ j , as the transaction receiver, checks the transaction in each newly generated block, extracts the hidden address P and the transaction public key R′ in the transaction, and uses its own private key pair
Figure BDA0001859851590000065
calculate
Figure BDA0001859851590000066
judge
Figure BDA0001859851590000067
in,
Figure BDA0001859851590000068
is a cryptographic hash function; since
Figure BDA0001859851590000069
If μ j is the receiver of the transaction, the equation holds; otherwise, it does not hold;

(4.7)当μj找到交易Txτ之后,μj计算

Figure BDA00018598515900000610
μj使用xτ恢复交易Txτ,并在消费交易(分享、下载、删除)Txτ时使用xτ作为交易私钥。(4.7) After μ j finds the transaction Tx τ , μ j calculates
Figure BDA00018598515900000610
μ j restores the transaction Tx τ using x τ , and uses x τ as the transaction private key when consuming the transaction (sharing, downloading, deleting) Tx τ .

进一步的,所述步骤(4.5)中文件分享交易生成的方法为:Further, the method for file sharing transaction generation in the step (4.5) is:

(4.5.1)交易发送方μi选取随机数rτ∈[1,l-1],并获取交易接收方μj的公钥对

Figure BDA0001859851590000071
然后μi计算隐匿地址
Figure BDA0001859851590000072
交易公钥Rτ=rτG,其中,
Figure BDA0001859851590000073
为密码散列函数;(4.5.1) The transaction sender μ i selects a random number r τ ∈[1,l-1], and obtains the public key pair of the transaction receiver μ j
Figure BDA0001859851590000071
Then μi computes the stealth address
Figure BDA0001859851590000072
The transaction public key R τ =r τ G, where,
Figure BDA0001859851590000073
is a cryptographic hash function;

(4.5.2)交易发送方μi使用对称加密算法计算

Figure BDA0001859851590000074
作为交易内容Proofτ,用于授予交易接收方文件所有权,并可用于文件所有权验证,其中
Figure BDA0001859851590000075
R为随机数,加密密钥为μj的标准地址
Figure BDA0001859851590000076
(4.5.2) The transaction sender μ i uses the symmetric encryption algorithm to calculate
Figure BDA0001859851590000074
As the transaction content Proof τ , it is used to grant the transaction recipient file ownership and can be used for file ownership verification, where
Figure BDA0001859851590000075
R is a random number, and the encryption key is the standard address of μ j
Figure BDA0001859851590000076

(4.5.3)交易发送方μi选取随机数xτ∈[1,l-1],同时也作为签名私钥,并计算对应的公钥PKτ=xτG,密钥镜像

Figure BDA0001859851590000077
其中,
Figure BDA0001859851590000078
为确定性哈希函数;(4.5.3) The transaction sender μ i selects the random number x τ ∈[1,l-1], which is also used as the signature private key, and calculates the corresponding public key PK τ = x τ G, the key mirror image
Figure BDA0001859851590000077
in,
Figure BDA0001859851590000078
is a deterministic hash function;

(4.5.4)交易发送方μi将Rτ,Pτ,Iτ以及Proofτ打包进交易Txτ,进一步的,μi计算环签名στ,对交易Txτ进行签名并发送到网络,网络中任何一方都可以验证交易签名,并且不会泄露交易发送方;(4.5.4) The transaction sender μ i packs R τ , P τ , I τ and Proof τ into the transaction Tx τ , further, μ i calculates the ring signature σ τ , signs the transaction Tx τ and sends it to the network, Any party in the network can verify the transaction signature without revealing the transaction sender;

(4.5.5)矿工节点Nodej验证交易并将交易打包进区块。(4.5.5) The miner node Node j verifies the transaction and packs the transaction into the block.

本发明中,Txk为文件上传交易,Txτ为文件分享交易,Txk的交易发送方和接收方都是数据所有者μi,Txτ的交易发送方是μi,交易接收方是μjIn the present invention, Tx k is a file upload transaction, Tx τ is a file sharing transaction, the transaction sender and receiver of Tx k are both data owners μ i , the transaction sender of Tx τ is μ i , and the transaction receiver is μ j .

进一步的,所述(5)的详细过程如下:Further, the detailed process of (5) is as follows:

(5.1)数据所有者μi向系统广播下载请求:(5.1) The data owner μ i broadcasts the download request to the system:

Figure BDA0001859851590000079
Figure BDA0001859851590000079

其中,hashi为文件Fi的哈希;Pk为能够证明μi对文件Fi的所有权的交易的隐匿地址,

Figure BDA00018598515900000710
为数据所有者μi标准地址;Among them, hash i is the hash of the file F i ; P k is the hidden address of the transaction that can prove the ownership of μ i to the file F i ,
Figure BDA00018598515900000710
is the standard address of the data owner μi ;

(5.2)当系统接收到μi的下载请求,系统中的矿工开始执行工作量证明算法(POW)来争取记账权;执行完POW算法后,假定矿工节点Nodej获取到记账权;(5.2) When the system receives the download request of μ i , the miners in the system start to execute the proof-of-work algorithm (POW) to strive for the accounting right; after executing the POW algorithm, it is assumed that the miner node Node j obtains the accounting right;

(5.3)矿工节点Nodej验证μi对文件Fi的所有权;(5.3) The miner node Node j verifies the ownership of μ i to the file F i ;

(5.4)μi通过所有权验证以后,Nodej在DHT网络中查询文件实际存储地址addri,并将下载地址addri返回给μi(5.4) After μ i passes the ownership verification, Node j queries the actual file storage address addr i in the DHT network, and returns the download address addr i to μ i :

Nodej→μi:hashi,addriNode j →μ i :hash i ,addr i ;

(5.5)μi使用下载工具将文件从地址addri恢复到本地。(5.5) μ i uses the download tool to restore the file from the address addr i to the local.

本发明中环签名生成方法如下:The ring signature generation method in the present invention is as follows:

Figure BDA0001859851590000081
Figure BDA0001859851590000081

Figure BDA0001859851590000091
Figure BDA0001859851590000091

本发明中环签名验证方法为:The ring signature verification method of the present invention is:

Figure BDA0001859851590000092
Figure BDA0001859851590000092

有益效果:与现有技术相比,本发明具有以下优点:Beneficial effect: Compared with the prior art, the present invention has the following advantages:

1、本发明将分布式存储技术与区块链技术相结合,在实现安全有效的分布式云存储的同时,将文件所有权处理过程作为区块链交易过程的处理,并进一步实现分布式存储中的隐私保护,包括交易发送方、接收方以及交易内容的隐私保护,保证了只有真正的接收者才能精确定位到该笔交易,进而获取文件所有权,并进一步的进行文件处理过程(文件分享、下载、删除等操作)。1. The present invention combines the distributed storage technology with the blockchain technology. While realizing safe and effective distributed cloud storage, the process of file ownership is regarded as the processing of the blockchain transaction process, and the distributed storage process is further realized. The privacy protection of the transaction, including the privacy protection of the transaction sender, receiver and transaction content, ensures that only the real receiver can accurately locate the transaction, obtain the ownership of the file, and further perform the file processing process (file sharing, downloading , delete, etc.).

2、本发明所述方案可有效抵制数据伪造攻击:在本发明的系统模型中,恶意用户可能对系统发起数据伪造攻击,即没有文件所有权的用户试图通过向系统发送不属于他的交易,来骗取文件所有权。为应对数据伪造攻击,本发明设计一种所有权验证方案,保证了只有拥有正确标准地址的授权用户,才能完成所有权认证。由于用户的标准地址只对矿工和交易双方公开,因而可以抵制数据伪造攻击。2. The solution of the present invention can effectively resist data forgery attacks: in the system model of the present invention, a malicious user may initiate a data forgery attack on the system, that is, a user without file ownership attempts to send transactions that do not belong to him to the system. Defrauding file ownership. In order to deal with data forgery attacks, the present invention designs an ownership verification scheme, which ensures that only authorized users with correct standard addresses can complete ownership verification. Since the user's standard address is only disclosed to miners and transaction parties, it can resist data forgery attacks.

3、本发明所述方案可有效抵制重放攻击:在本发明的系统模型中,恶意用户可能对系统发起重放攻击,即被取消文件所有权的用户,可能使用其原有的交易来向系统证明其所有权。为应对重放攻击,本发明的方案中使用交易失效列表Blacklist来记录失效交易。当用户被取消文件所有权时,对应的交易会被添加到交易失效列表中。进一步的,在进行所有权验证之前,系统首先检查该交易是否在交易失效列表中,如果交易存在于失效列表中,则无法通过所有权验证。因而可以抵制重放攻击。3. The solution of the present invention can effectively resist replay attacks: in the system model of the present invention, a malicious user may launch a replay attack on the system, that is, a user whose file ownership has been cancelled may use his original transaction to attack the system. Prove its ownership. To deal with replay attacks, the solution of the present invention uses the transaction invalidation list Blacklist to record invalid transactions. When the user is revoked the ownership of the file, the corresponding transaction will be added to the transaction invalidation list. Further, before performing ownership verification, the system first checks whether the transaction is in the transaction invalidation list. If the transaction exists in the invalidation list, the ownership verification cannot be passed. Thus, replay attacks can be resisted.

附图说明Description of drawings

图1是本发明实施例中的系统结构图;1 is a system structure diagram in an embodiment of the present invention;

图2是本发明实施例中的区块结构图;Fig. 2 is the block structure diagram in the embodiment of the present invention;

图3是本发明实施例中的交易结构图;3 is a transaction structure diagram in an embodiment of the present invention;

图4是本发明实施例中的交易生成示意图;4 is a schematic diagram of transaction generation in an embodiment of the present invention;

图5是本发明实施例中的交易查找示意图;5 is a schematic diagram of a transaction search in an embodiment of the present invention;

图6是实施例中不同环大小情况下,环签名生成和环签名验证的时间开销关系图。FIG. 6 is a time-cost relationship diagram of ring signature generation and ring signature verification under different ring sizes in the embodiment.

具体实施方式Detailed ways

下面对本发明技术方案进行详细说明,但是本发明的保护范围不局限于所述实施例。The technical solutions of the present invention are described in detail below, but the protection scope of the present invention is not limited to the embodiments.

如图1所示,本发明的一种分布式云存储系统的隐私保护方法,所述分布式云存储系统包括用户、矿工和存储提供方;用户包括数据所有者μi和数据使用者μj,数据所有者μi将数据外包给存储提供方,进行下载和删除操作,同时数据所有者μi可以将文件分享给数据使用者μj;矿工和存储提供方为用户提供分布式云存储服务,其中,矿工负责打包区块和维护区块,存储提供方将自己空闲的硬盘空间出租给网络组成分布式的的存储空间;另外,矿工和存储提供方通过提供服务获得代币奖励;As shown in FIG. 1, a privacy protection method for a distributed cloud storage system of the present invention, the distributed cloud storage system includes users, miners and storage providers; users include data owner μ i and data user μ j , the data owner μ i outsources the data to the storage provider for download and deletion operations, and the data owner μ i can share the file with the data user μ j ; miners and storage providers provide users with distributed cloud storage services , among which, miners are responsible for packing blocks and maintaining blocks, and storage providers rent their free hard disk space to the network to form distributed storage space; in addition, miners and storage providers obtain token rewards for providing services;

隐私保护方法具体包括以下步骤:The privacy protection method specifically includes the following steps:

步骤一、系统初始化:输入公共参数(l,G),l为基点的素数阶,G为椭圆曲线的基点;用户选取随机数a∈[1,l-1],b∈[1,l-1]组成私钥对(a,b),a≠b;同时,用户计算A=aG,B=bG,作为公钥对(A,B);另外,用户计算ripemd160(sha256(A,B))作为其标准地址,同时也作为其ID;Step 1. System initialization: input the public parameters (l, G), where l is the prime order of the base point, and G is the base point of the elliptic curve; the user selects random numbers a∈[1,l-1], b∈[1,l- 1] Form a private key pair (a, b), a≠b; at the same time, the user calculates A=aG, B=bG as the public key pair (A, B); in addition, the user calculates the ripemd160(sha256(A,B) ) as its standard address and also as its ID;

l=2252+27742317777372353535851937790883648493;l=2 252 +27742317777372353535851937790883648493;

步骤二、文件上传,即数据所有者μi要将文件Fi上传到分布式存储系统;步骤(2)的详细过程如图4所示:Step 2, file upload, that is, the data owner μ i will upload the file F i to the distributed storage system; the detailed process of step (2) is shown in Figure 4:

(2.1)数据所有者μi选取哈希函数

Figure BDA0001859851590000111
例如SHA-256,并计算文件Fi的哈希值hashi=H(Fi),然后数据所有者μi向系统广播上传请求:(2.1) The data owner μ i selects the hash function
Figure BDA0001859851590000111
For example, SHA-256, and calculate the hash value of file F i , hash i =H(F i ), and then the data owner μ i broadcasts the upload request to the system:

Figure BDA0001859851590000112
Figure BDA0001859851590000112

其中,hashi为文件Fi的哈希值,

Figure BDA0001859851590000113
为数据所有者μi的标准地址;Among them, hash i is the hash value of file F i ,
Figure BDA0001859851590000113
is the standard address of the data owner μ i ;

(2.2)当系统接收到数据所有者μi的上传请求,系统中的矿工开始执行工作量证明算法POW来争取记账权(即交易打包权);执行完POW算法后,假定矿工Nodej获取到记账权;然后矿工Nodej通知μi开始上传文件:(2.2) When the system receives the upload request from the data owner μ i , the miners in the system begin to execute the proof-of-work algorithm POW to strive for the right of bookkeeping (that is, the right to package the transaction); after executing the POW algorithm, it is assumed that the miner Node j obtains the to the accounting right; then the miner Node j notifies μ i to start uploading files:

Nodej→μi:upload,hashi Node j →μ i :upload,hash i

(2.3)当数据所有者μi接收到上传指令,μi在客户端侧使用同态加密算法AES256-CTR加密文件Fi:Fi′=Enc(Fi),其中加密密钥为文件哈希hashi;然后,μi在客户端侧对加密后的文件Fi′进行分块得到文件碎片{shard1,shard2,...,shardn},其中每个碎片大小为8M,不足8M的空间用0填充,如图2所示;接着数据所有者μi求取各碎片哈希{hashsh1,hashsh2,...,hashshn}并建立Merkle Tree,用于文件审计;最后,μi将文件碎片分散地存储在系统中,并在分布式哈希表(DHT)中生成文件索引;同时,矿工Nodej将文件元数据(Merkle根、文件哈希值等)打包进区块,其中metadata={hashi,MerkleRooti};矿工Nodej通知数据所有者μi开始打包交易:(2.3) When the data owner μ i receives the upload instruction, μ i uses the homomorphic encryption algorithm AES256-CTR to encrypt the file F i on the client side: F i ′=Enc(F i ), where the encryption key is the file hash Then, μ i divides the encrypted file F i into blocks on the client side to obtain file fragments {shard 1 , shard 2 ,..., shard n }, wherein the size of each fragment is 8M, which is not enough The 8M space is filled with 0, as shown in Figure 2; then the data owner μ i obtains each fragment hash {hash sh1 , hash sh2 ,..., hash shn } and establishes a Merkle Tree for file auditing; finally , μ i stores the file fragments scattered in the system, and generates the file index in the distributed hash table (DHT); at the same time, the miner Node j packs the file metadata (Merkle root, file hash value, etc.) into the zone block, where metadata={hash i , MerkleRoot i }; the miner Node j notifies the data owner μ i to start packaging transactions:

Nodej→μi:transaction,hashi Node j → μ i : transaction, hash i

(2.4)当数据所有者μi接收到交易打包指令,开始生成上传交易Txk,上传交易中交易发送方和接收方都是数据所有者μi(2.4) When the data owner μ i receives the transaction packaging instruction, it starts to generate the upload transaction Tx k , and the transaction sender and receiver in the upload transaction are both the data owner μ i .

如图3所示,步骤(2.4)中交易生成的具体过程如下:As shown in Figure 3, the specific process of transaction generation in step (2.4) is as follows:

(2.4.1)μi选取随机数rk∈[1,l-1];然后μi计算隐匿地址

Figure BDA0001859851590000121
交易公钥Rk=rkG,其中
Figure BDA0001859851590000122
为μi的公钥对,
Figure BDA0001859851590000123
为密码散列函数;(2.4.1) μ i selects a random number r k ∈[1,l-1]; then μ i calculates the hidden address
Figure BDA0001859851590000121
The transaction public key R k =r k G, where
Figure BDA0001859851590000122
is the public key pair of μ i ,
Figure BDA0001859851590000123
is a cryptographic hash function;

(2.4.2)μi选取随机数xk∈[1,l-1]作为私钥,并计算对应的公钥PKk=xkG,密钥镜像

Figure BDA0001859851590000124
其中,
Figure BDA0001859851590000125
为确定性哈希函数;(2.4.2) μ i selects a random number x k ∈ [1,l-1] as the private key, and calculates the corresponding public key PK k = x k G, the key mirror image
Figure BDA0001859851590000124
in,
Figure BDA0001859851590000125
is a deterministic hash function;

(2.4.3)μi使用对称加密算法计算

Figure BDA0001859851590000126
作为交易内容Proofk,用于授予交易接收方文件所有权,并可用于文件所有权验证,其中
Figure BDA0001859851590000127
R为随机数,
Figure BDA0001859851590000128
为μi的标准地址,同时作为对称加密密钥;(2.4.3) μ i is calculated using symmetric encryption algorithm
Figure BDA0001859851590000126
As the transaction content Proof k , it is used to grant the transaction recipient file ownership and can be used for file ownership verification, where
Figure BDA0001859851590000127
R is a random number,
Figure BDA0001859851590000128
is the standard address of μ i , and is also used as a symmetric encryption key;

(2.4.4)μi将Rk,Pk,Ik以及Proofk打包进交易Txk,然后μi计算环签名σk,对交易Txk进行签名并发送到网络;网络中任何一方都可以验证交易签名,并且不会泄露交易发送方;(2.4.4) μ i packs R k , P k , I k and Proof k into the transaction Tx k , then μ i calculates the ring signature σ k , signs the transaction Tx k and sends it to the network; any party in the network can Transaction signatures can be verified without revealing the sender of the transaction;

(2.4.5)矿工节点Nodej验证交易并将交易打包进区块;(2.4.5) The miner node Node j verifies the transaction and packs the transaction into the block;

其中,数据所有者μi作为交易接收方向矿工节点Nodej发送交易Txk信息Pk,Ik,Proofk来验证μi对于文件Fi的所有权,并用于消费(分享、删除、下载操作)。Among them, the data owner μ i as the transaction receiver sends the transaction Tx k information P k , I k , Proof k to the miner node Node j to verify μ i 's ownership of the file F i and use it for consumption (share, delete, download operations) .

步骤三、文件删除,即数据所有者μi要删除其对于文件Fi的所有权,详细过程如下:Step 3, file deletion, that is, if the data owner μi wants to delete his ownership of the file F i , the detailed process is as follows:

(3.1)首先,数据所有者μi向系统广播删除请求:(3.1) First, the data owner μ i broadcasts a deletion request to the system:

Figure BDA0001859851590000131
Figure BDA0001859851590000131

其中,hashi为文件Fi哈希;Pk是能够证明μi对文件Fi的所有权的交易的隐匿地址,

Figure BDA0001859851590000132
为数据所有者μi标准地址;Among them, hash i is the hash of the file F i ; P k is the hidden address of the transaction that can prove the ownership of μ i to the file F i ,
Figure BDA0001859851590000132
is the standard address of the data owner μi ;

(3.2)当系统接收到μi的删除请求,系统中的矿工开始执行工作量证明算法POW来争取记账权;执行完POW算法后,假定矿工节点Nodej获取到记账权;(3.2) When the system receives the deletion request of μ i , the miners in the system start to execute the proof-of-work algorithm POW to strive for the accounting right; after executing the POW algorithm, it is assumed that the miner node Node j obtains the accounting right;

(3.3)矿工节点Nodej验证μi对文件Fi的所有权;(3.3) The miner node Node j verifies the ownership of the file F i by μ i ;

(3.4)当数据所有者μi通过所有权验证以后,矿工节点Nodej从地址为Pk的交易获取其密钥镜像Ik,并将Ik添加到交易失效名单Blacklist,并向全网广播;网络中的矿工节点接收到广播以后更新交易失效名单Blacklist;(3.4) After the data owner μ i passes the ownership verification, the miner node Node j obtains its key image I k from the transaction whose address is P k , adds I k to the transaction invalidation list Blacklist, and broadcasts it to the entire network; After receiving the broadcast, the miner nodes in the network update the transaction invalidation list Blacklist;

上述所有权验证方法为:The above ownership verification methods are:

Figure BDA0001859851590000133
Figure BDA0001859851590000133

Figure BDA0001859851590000141
Figure BDA0001859851590000141

步骤四、文件分享,即文件Fi的所有者μi授予数据使用者μj文件Fi的所有权,详细过程如下:Step 4: File sharing, that is, the owner μ i of the file F i grants the data user μ j the ownership of the file F i . The detailed process is as follows:

(4.1)首先,数据所有者μi向系统广播分享请求:(4.1) First, the data owner μ i broadcasts a sharing request to the system:

Figure BDA0001859851590000142
Figure BDA0001859851590000142

其中,hashi为文件Fi哈希;Pk是能够证明μi对文件Fi的所有权的交易的隐匿地址;

Figure BDA0001859851590000143
分别为数据所有者μi和数据使用者μj的标准地址;Among them, hash i is the hash of the file F i ; P k is the hidden address of the transaction that can prove the ownership of the file F i by μ i ;
Figure BDA0001859851590000143
are the standard addresses of data owner μ i and data user μ j , respectively;

(4.2)当系统接收到μi的分享请求,系统中的矿工开始执行工作量证明算法POW来争取记账权;执行完POW算法后,假定矿工节点Nodej获取到记账权;(4.2) When the system receives the sharing request of μ i , the miners in the system start to execute the proof-of-work algorithm POW to strive for the accounting right; after the POW algorithm is executed, it is assumed that the miner node Node j obtains the accounting right;

(4.3)矿工节点Nodej验证μi对文件Fi的所有权;(4.3) The miner node Node j verifies the ownership of the file F i by μ i ;

(4.4)μi通过所有权验证以后,Nodej向μi发送分享指令:(4.4) After μ i passes the ownership verification, Node j sends a sharing instruction to μ i :

Figure BDA0001859851590000144
Figure BDA0001859851590000144

(4.5)当μi接收到指令,开始生成交易Txτ,其中,μi作为交易发送方,μj作为交易接收方;(4.5) When μ i receives the instruction, it starts to generate transaction Tx τ , where μ i is the transaction sender and μ j is the transaction receiver;

(4.6)如图5所示,μj作为交易接收方,检查每一个区块中的交易,提取交易中的隐匿地址P和交易公钥R′,使用自己的私钥对

Figure BDA0001859851590000145
计算
Figure BDA0001859851590000151
判断
Figure BDA0001859851590000152
其中,
Figure BDA0001859851590000153
为密码散列函数;由于
Figure BDA0001859851590000154
如果μj为该交易的接收方,则等式成立;反之,不成立;(4.6) As shown in Figure 5, μ j , as the transaction receiver, checks the transaction in each block, extracts the hidden address P and the transaction public key R' in the transaction, and uses its own private key pair
Figure BDA0001859851590000145
calculate
Figure BDA0001859851590000151
judge
Figure BDA0001859851590000152
in,
Figure BDA0001859851590000153
is a cryptographic hash function; since
Figure BDA0001859851590000154
If μ j is the receiver of the transaction, the equation holds; otherwise, it does not hold;

(4.7)当μj找到交易Txτ之后,μj计算

Figure BDA0001859851590000155
μj使用xτ恢复交易Txτ,并在消费交易(分享、下载、删除)Txτ时使用xτ作为交易私钥。(4.7) After μ j finds the transaction Tx τ , μ j calculates
Figure BDA0001859851590000155
μ j restores the transaction Tx τ using x τ , and uses x τ as the transaction private key when consuming the transaction (sharing, downloading, deleting) Tx τ .

上述步骤(4.5)中交易生成的方法为:The transaction generation method in the above step (4.5) is:

(4.5.1)交易发送方μi选取随机数rτ∈[1,l-1],并获取交易接收方μj的公钥对

Figure BDA0001859851590000156
然后μi计算隐匿地址
Figure BDA0001859851590000157
交易公钥Rτ=rτG,其中,
Figure BDA0001859851590000158
为密码散列函数;(4.5.1) The transaction sender μ i selects a random number r τ ∈[1,l-1], and obtains the public key pair of the transaction receiver μ j
Figure BDA0001859851590000156
Then μi computes the stealth address
Figure BDA0001859851590000157
The transaction public key R τ =r τ G, where,
Figure BDA0001859851590000158
is a cryptographic hash function;

(4.5.2)交易发送方μi使用对称加密算法计算

Figure BDA0001859851590000159
作为交易内容Proofτ,用于授予交易接收方文件所有权,并可用于文件所有权验证,其中
Figure BDA00018598515900001510
R为随机数,加密密钥为μj的标准地址
Figure BDA00018598515900001511
(4.5.2) The transaction sender μ i uses the symmetric encryption algorithm to calculate
Figure BDA0001859851590000159
As the transaction content Proof τ , it is used to grant the transaction recipient file ownership and can be used for file ownership verification, where
Figure BDA00018598515900001510
R is a random number, and the encryption key is the standard address of μ j
Figure BDA00018598515900001511

(4.5.3)交易发送方μi选取随机数xτ∈[1,l-1],同时也作为签名私钥,并计算对应的公钥PKτ=xτG,密钥镜像

Figure BDA00018598515900001512
其中,
Figure BDA00018598515900001513
为确定性哈希函数;(4.5.3) The transaction sender μ i selects the random number x τ ∈[1,l-1], which is also used as the signature private key, and calculates the corresponding public key PK τ = x τ G, the key mirror image
Figure BDA00018598515900001512
in,
Figure BDA00018598515900001513
is a deterministic hash function;

(4.5.4)交易发送方μi将Rτ,Pτ,Iτ以及Proofτ打包进交易Txτ,且μi计算环签名στ,对交易Txτ进行签名并发送到网络,网络中任何一方都可以验证交易签名,并且不会泄露交易发送方;(4.5.4) The transaction sender μ i packs R τ , P τ , I τ and Proof τ into the transaction Tx τ , and μ i calculates the ring signature σ τ , signs the transaction Tx τ and sends it to the network. Either party can verify the transaction signature without revealing the sender of the transaction;

(4.5.5)矿工节点Nodej验证交易并将交易打包进区块。(4.5.5) The miner node Node j verifies the transaction and packs the transaction into the block.

步骤五、文件下载的详细过程如下:Step 5. The detailed process of file download is as follows:

(5.1)数据所有者μi向系统广播下载请求:(5.1) The data owner μ i broadcasts the download request to the system:

Figure BDA00018598515900001514
Figure BDA00018598515900001514

其中,hashi为文件Fi的哈希;Pk为能够证明μi对文件Fi的所有权的交易的隐匿地址,

Figure BDA0001859851590000161
为数据所有者μi标准地址;Among them, hash i is the hash of the file F i ; P k is the hidden address of the transaction that can prove the ownership of μ i to the file F i ,
Figure BDA0001859851590000161
is the standard address of the data owner μi ;

(5.2)当系统接收到μi的下载请求,系统中的矿工开始执行工作量证明算法(POW)来争取记账权;执行完POW算法后,假定矿工节点Nodej获取到记账权;(5.2) When the system receives the download request of μ i , the miners in the system start to execute the proof-of-work algorithm (POW) to strive for the accounting right; after executing the POW algorithm, it is assumed that the miner node Node j obtains the accounting right;

(5.3)矿工节点Nodej验证μi对文件Fi的所有权;(5.3) The miner node Node j verifies the ownership of μ i to the file F i ;

(5.4)μi通过所有权验证以后,Nodej在DHT网络中查询文件实际存储地址addri,并将下载地址addri返回给μi(5.4) After μ i passes the ownership verification, Node j queries the actual file storage address addr i in the DHT network, and returns the download address addr i to μ i :

Nodej→μi:hashi,addriNode j →μ i :hash i ,addr i ;

(5.5)μi使用下载工具将文件从地址addri恢复到本地。(5.5) μ i uses the download tool to restore the file from the address addr i to the local.

实施例Example

为评估本发明的性能表现,以如下实施例测量部分算法的时间开销。In order to evaluate the performance of the present invention, the time overhead of some algorithms is measured in the following embodiment.

为评估系统开销,实施过程采用基于CryptoNote协议的开源DigitalNote平台,并且根据系统需求,完成相关算法实现。为了评估系统开销,在实施过程中在本地部署测试链实验环境,其中,本地部署了三个矿工节点以及三个钱包终端进行实验,并对系统主要步骤的主要算法的时间开销进行分析,并进行时间开销的测量。其中,TFile为客户端文件处理的时间开销,包括文件哈希操作时间、文件分块操作时间、文件分块上传时间;TTx为用户侧生成交易操作的时间,包括计算目的地址操作的时间、计算环签名操作的时间、发送交易操作的时间;另外,Tdel,Tchk,TPOW,TDHT分别为删除交易操作的时间、交易验证操作的时间、文件所有权验证操作的时间以及DHT查询时间。对各阶段时间开销分析总结见表1。In order to evaluate the system overhead, the implementation process adopts the open source DigitalNote platform based on the CryptoNote protocol, and completes the implementation of the relevant algorithms according to the system requirements. In order to evaluate the system overhead, the test chain experimental environment was deployed locally during the implementation process, in which three miner nodes and three wallet terminals were deployed locally for experiments, and the time overhead of the main algorithm of the main steps of the system was analyzed and carried out. Measurement of time overhead. Among them, T File is the time overhead of file processing on the client side, including file hash operation time, file block operation time, and file block upload time; T Tx is the time for generating transaction operations on the user side, including the time for calculating the destination address. , calculation time of ring signature operation, time of sending transaction operation; in addition, T del , T chk , T POW , T DHT are the time of delete transaction operation, the time of transaction verification operation, the time of file ownership verification operation and the time of DHT query respectively time. See Table 1 for a summary of the time cost analysis of each stage.

表1系统时间开销分析表Table 1 System time overhead analysis table

Figure BDA0001859851590000162
Figure BDA0001859851590000162

Figure BDA0001859851590000171
Figure BDA0001859851590000171

另外,本实施例的算法时间开销如表2所示。In addition, the time overhead of the algorithm in this embodiment is shown in Table 2.

表2主要算法时间开销Table 2 Time cost of main algorithms

算法algorithm 时间开销time overhead 生成目标地址generate destination address 36ms36ms 发送交易send transaction 31ms31ms 创建交易Create transaction 0.0093ms0.0093ms 查找交易Find deals 22ms22ms 生成密钥镜像Generate key image 0.164ms0.164ms

另外,如图6所示,为不同环大小情况下,环签名生成时间和环签名验证时间。In addition, as shown in Fig. 6, it is the ring signature generation time and the ring signature verification time in the case of different ring sizes.

Claims (5)

1. A privacy protection method of a distributed cloud storage system is characterized in that: the distributed cloud storage system comprises users, miners and storage providers; the user is the entity using the system service, including the data owner muiAnd data user mujData owner μiOutsourcing the data to a storage provider and using system services for download and deletion operations, while the data owner muiFile FiSharing to data user muj(ii) a The method comprises the steps that a miner and a storage provider provide cloud storage service for a user, wherein the miner is responsible for packing blocks and maintaining the blocks, and the storage provider rents free hard disk space to a distributed storage space formed by a network; in addition, miners and storage providers receive rewards for tokens by providing services;
the privacy protection method specifically comprises the following steps:
(1) initializing a system: inputting common parameters (l, G), wherein l is a prime order of a base point, and G is the base point of an elliptic curve; a user selects a random number a belonging to [1, l-1], b belonging to [1, l-1] to form a private key pair (a, b), wherein a is not equal to b; meanwhile, the user calculates a ═ aG and B ═ bG as a public key pair (a, B); in addition, the user calculates ripemd160(sha256(a, B)) as its standard address and also as its ID;
l=2252+27742317777372353535851937790883648493;
(2) file upload, i.e. data owner muiTo be matched with file FiUploading to a distributed storage system; the detailed process of the step (2) is as follows:
(2.1) data owner μiSelecting a Hash function H:
Figure FDA0002985886120000011
and calculates the file FiHash value hash ofi=H(Fi) Then data owner μiBroadcasting an upload request to the system:
Figure FDA0002985886120000012
wherein, the hashiAs a file FiThe hash value of (a) of (b),
Figure FDA0002985886120000013
for data owner muiThe standard address of (2);
(2.2) when the system receives the data owner muiThe miners in the system begin to execute the workload certification algorithm POW to strive for the billing right; after the POW algorithm is executed, the miners Node is assumedjAcquiring the billing right; then the miner NodejNotifying data owner muiStarting to upload the file:
Nodej→μi:upload,hashi
(2.3) when data owner is muiReceiving an upload instruction, data owner muiEncrypting file F at client side using a homomorphic encryption algorithm AES256-CTRi:Fi′=Enc(Fi) Wherein the encryption key is a file hashi(ii) a Then, muiOn the client side, the encrypted file Fi' obtaining file fragment by blocking1,shard2,...,shardn-wherein each fragment has a size of 8M, and less than 8M of space is filled with 0; then data owner μiSolving each fragment hash { hashsh1,hashsh2,...,hashshnEstablishing a Merkle Tree for file auditing; last muiStoring the file fragments in the system in a scattered manner, and generating a file index in a DHT (distributed hash table); meanwhile, the miner NodejPacking file metadata into a block, wherein metadata is { hash } ═ hashi,MerkleRooti}; miner NodejNotifying data owner muiStarting a packaging transaction:
Nodej→μi:transaction,hashi
(2.4) when data owner is muiReceiving a transaction packaging instruction, muiInitiating a File upload transaction TxkIn the uploading transaction, the transaction sender and the transaction receiver are both the data owner mui
The specific process of file upload transaction generation in (2.4) above is as follows:
(2.4.1)μiselecting a random number rk∈[1,l-1](ii) a Then muiComputing a hidden address
Figure FDA0002985886120000021
Transaction public key Rk=rkG, wherein
Figure FDA0002985886120000022
Is muiThe public key pair of (a) is,
Figure FDA0002985886120000023
Figure FDA0002985886120000024
is a passwordA hash function;
(2.4.2)μiselecting a random number xk∈[1,l-1]As a private key and calculates the corresponding public key PKk=xkG, key mirroring
Figure FDA0002985886120000025
Wherein,
Figure FDA0002985886120000026
Figure FDA0002985886120000027
is a deterministic hash function;
(2.4.3)μicomputing using symmetric cryptographic algorithms
Figure FDA0002985886120000028
As a transaction content ProofkFor granting ownership of the file to the transaction recipient and for verification of the ownership of the file, wherein
Figure FDA0002985886120000029
R is a random number, and R is a random number,
Figure FDA00029858861200000210
is muiThe standard address of (2) and simultaneously used as a symmetric encryption key;
(2.4.4)μir is to bek,Pk,IkAnd Proof ofkPacked in transaction TxkThen muiCalculating the Ring signature σkTo transaction TxkSigning and sending to a network; any party in the network can verify the transaction signature and can not reveal the information of the transaction sender;
(2.4.5) Miner NodejVerifying the transaction and packaging the transaction into a block; here, data owner μiSending a transaction Tx to a system as a transaction receiverkInformation Pk,Ik,ProofkTo verify muiFor filesFiAnd for consumption;
(3) file deletion, i.e. data owner muiTo delete its file FiOwnership of (1);
(4) file sharing, i.e. file FiData owner mu ofiGranting data to user mujFile FiOwnership of (1);
(5) and (5) downloading the file.
2. The privacy protection method of the distributed cloud storage system according to claim 1, wherein: the detailed process of deleting the ownership of the file by the data owner in the step (3) is as follows:
(3.1) first, data owner μiBroadcasting a delete request to the system:
Figure FDA0002985886120000031
wherein, the hashiAs a file FiHashing; pkIs capable of proving muiFor file FiThe covert address of the transaction for ownership of,
Figure FDA0002985886120000032
for data owner muiA standard address;
(3.2) when the system receives the data owner muiThe miners in the system begin to execute the workload certification algorithm POW to gain the accounting right; after the POW algorithm is executed, a miner Node is assumedjAcquiring the billing right;
(3.3) Miner NodejVerification of muiFor file FiOwnership of (1);
(3.4) when the owner of data is muiAfter passing ownership verification, the miner NodejThe slave address is PkTo obtain its key image IkAnd is combined withkAdding the transaction invalidation list into the transaction invalidation list and broadcasting the transaction invalidation list to the whole network miner nodes; in a networkThe miner node updates the transaction invalidation list Blacklist after receiving the broadcast;
the ownership verification method comprises the following steps:
Figure FDA0002985886120000033
Figure FDA0002985886120000041
wherein R isk′,hashi′,MACk' is decryption Proofk' the meanings of the contents acquired later correspond to the ProofkR in (1)k、hashi、MACk
3. The privacy protection method of the distributed cloud storage system according to claim 1, wherein: data owner mu in the step (4)iSharing file FiTo data user mujThe detailed process is as follows:
(4.1) first, μiBroadcasting a sharing request to a system:
Figure FDA0002985886120000042
wherein, the hashiAs a file FiHashing; pkIs capable of proving muiFor file FiA private address of the transaction of ownership;
Figure FDA0002985886120000043
are respectively data owners muiAnd data user mujThe standard address of (2);
(4.2) when the system receives muiThe miners in the system begin to execute the workload certification algorithm POW to strive for the billing right; after the POW algorithm is executed, a miner Node is assumedjAcquiring the billing right;
(4.3) Miner NodejVerifying data owner muiFor file FiOwnership of (1);
(4.4)μiafter passing ownership verification, NodejTo muiSending a sharing instruction:
Figure FDA0002985886120000051
(4.5) when μiReceiving an instruction, μiInitiating a File sharing transaction TxτWherein, muiAs sender of the transaction, mujAs a transaction recipient;
(4.6)μjas the transaction receiver, the transaction in each newly generated block is checked, the secret address P and the transaction public key R' in the transaction are extracted, and the own private key pair is used
Figure FDA0002985886120000052
Computing
Figure FDA0002985886120000053
Judgment of
Figure FDA0002985886120000054
Wherein,
Figure FDA0002985886120000055
Figure FDA0002985886120000056
is a cryptographic hash function; due to the fact that
Figure FDA0002985886120000057
If μjThe equation is established for the recipient of the transaction; otherwise, it is not true;
(4.7) when μjFinding transaction TxτAfter that, mujComputing
Figure FDA0002985886120000058
μjUsing xτResume transaction TxτAnd in a consumption transaction TxτUsing xτAs a transaction private key.
4. The privacy protection method of the distributed cloud storage system according to claim 3, wherein: the method for generating the file sharing transaction in the step (4.5) comprises the following steps:
(4.5.1) sender of transaction μiSelecting a random number rτ∈[1,l-1]And obtaining the transaction receiver mujIs a public key pair
Figure FDA0002985886120000059
Then muiComputing a hidden address
Figure FDA00029858861200000510
Transaction public key Rτ=rτG, wherein,
Figure FDA00029858861200000511
Figure FDA00029858861200000512
is a cryptographic hash function;
(4.5.2) sender of transaction μiComputing using symmetric cryptographic algorithms
Figure FDA00029858861200000513
As a transaction content ProofτFor granting ownership of the file to the transaction recipient and for verification of the ownership of the file, wherein
Figure FDA00029858861200000514
R is random number, and the encryption key is mujStandard address of
Figure FDA00029858861200000515
(4.5.3) sender of transaction muiSelecting a random number xτ∈[1,l-1]And simultaneously also used as a signature private key and a corresponding public key PK is calculatedτ=xτG, key mirroring
Figure FDA00029858861200000516
Wherein,
Figure FDA00029858861200000517
Figure FDA00029858861200000518
is a deterministic hash function;
(4.5.4) sender of transaction muiR is to beτ,Pτ,IτAnd Proof ofτPacked in transaction TxτAnd μiCalculating the Ring signature στTo transaction TxτThe signature is carried out and sent to the network, any party in the network can verify the transaction signature, and the information of a transaction sender cannot be leaked;
(4.5.5) Miner NodejThe transaction is verified and packaged into blocks.
5. The privacy protection method of the distributed cloud storage system according to claim 1, wherein: the detailed process of the step (5) is as follows:
(5.1) data owner μiBroadcasting a download request to the system:
Figure FDA0002985886120000061
wherein, the hashiAs a file FiHash of (2); pkTo prove muiFor file FiThe covert address of the transaction for ownership of,
Figure FDA0002985886120000062
is muiA standard address;
(5.2) when the system receives muiThe miners in the system begin to execute a workload attestation algorithm (POW) to contend for billing rights; after the POW algorithm is executed, a miner Node is assumedjAcquiring the billing right;
(5.3) Miner NodejVerification of muiFor file FiOwnership of (1);
(5.4)μiafter passing ownership verification, NodejInquiring the actual storage address addr of the file in the DHTiAnd will download the address addriIs returned to mui
Nodej→μi:hashi,addri
(5.5)μiUsing a download tool to slave a file from address addriAnd reverting to the local.
CN201811330536.4A 2018-11-09 2018-11-09 Privacy protection method of distributed cloud storage system Active CN109508552B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811330536.4A CN109508552B (en) 2018-11-09 2018-11-09 Privacy protection method of distributed cloud storage system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811330536.4A CN109508552B (en) 2018-11-09 2018-11-09 Privacy protection method of distributed cloud storage system

Publications (2)

Publication Number Publication Date
CN109508552A CN109508552A (en) 2019-03-22
CN109508552B true CN109508552B (en) 2021-04-30

Family

ID=65747975

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811330536.4A Active CN109508552B (en) 2018-11-09 2018-11-09 Privacy protection method of distributed cloud storage system

Country Status (1)

Country Link
CN (1) CN109508552B (en)

Families Citing this family (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110048851B (en) * 2019-03-26 2020-03-24 阿里巴巴集团控股有限公司 Method and device for generating and verifying multilayer linkable ring signature in block chain
CN110009499B (en) * 2019-04-17 2021-05-11 北京八分量信息科技有限公司 Transaction method and system based on block chain and hidden address
US11009859B2 (en) * 2019-05-06 2021-05-18 Fisher-Rosemount Systems, Inc. Framework for privacy-preserving big-data sharing using distributed ledger
CN110197081B (en) * 2019-05-30 2021-01-15 北京理工大学 A blockchain-based cloud data sharing privacy protection method
CN110633578A (en) * 2019-08-26 2019-12-31 苏州全时空信息技术有限公司 Intelligent shared cloud storage method and system
CN110519059B (en) * 2019-09-29 2023-05-05 四川师范大学 A method for processing hidden addresses of blockchain dual-keys based on bilinear mapping
CN111079171A (en) * 2019-11-11 2020-04-28 重庆邮电大学 A blockchain-based medical data privacy protection method and storage medium
CN111046398B (en) * 2019-11-12 2022-06-24 杭州师范大学 Safe PDF signature document interconnection and intercommunication method and system
CN111008836B (en) * 2019-11-15 2023-09-05 哈尔滨工业大学(深圳) A method, device, system, and storage medium for private and secure transfer payment
CN111079157A (en) * 2019-11-21 2020-04-28 山东爱城市网信息技术有限公司 A blockchain-based secret fragmentation hosting platform, equipment and media
CN111343150B (en) * 2020-02-06 2022-11-29 深圳市网心科技有限公司 A blockchain-based transaction data transmission method, system and related components
CN111368318B (en) * 2020-03-04 2022-08-09 江苏大学 Object tracking method for multi-mode blockchain transaction
CN111371553A (en) * 2020-03-16 2020-07-03 南京工业大学 An Outsourced Encryption and Decryption CP-ABE Method for Revocable Users
CN111917720A (en) * 2020-06-28 2020-11-10 中科物缘科技(杭州)有限公司 File fragmentization encryption storage method, file fragmentization encryption acquisition method and file fragmentization encryption storage system based on block chain
CN113656806B (en) * 2020-07-08 2024-05-03 支付宝(杭州)信息技术有限公司 Trusted starting method and device of block chain all-in-one machine
CN112364370B (en) * 2020-10-14 2023-04-07 天津大学 Privacy protection cloud auditing method based on block chain
CN113079162B (en) * 2021-04-02 2022-08-30 浙江永旗区块链科技有限公司 Block chain-based distributed storage network and implementation method thereof
CN115712915B (en) * 2021-08-19 2025-09-30 中国科学院信息工程研究所 Efficient file sharing interactive verification method and file sharing method based thereon
CN114363068B (en) * 2022-01-05 2024-06-25 北京智云芯科技有限公司 Picture and text issuing method and device, electronic equipment and storage medium
CN114465710A (en) * 2022-01-21 2022-05-10 安徽华云安科技有限公司 Vulnerability detection method, device, equipment and storage medium based on flow
CN115618412B (en) * 2022-10-11 2023-05-16 郑州大学 Medical privacy data protection method based on blockchain
CN117834164A (en) * 2022-12-07 2024-04-05 魏利 Blockchain secure storage system based on distributed storage system
CN117201170B (en) * 2023-10-07 2024-02-09 广州市城域信息科技有限公司 A method to enhance the security of asymmetric encryption algorithms

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106982205A (en) * 2017-03-01 2017-07-25 中钞信用卡产业发展有限公司北京智能卡技术研究院 Digital asset treating method and apparatus based on block chain
CN108462568A (en) * 2018-02-11 2018-08-28 西安电子科技大学 A kind of secure file storage and sharing method based on block chain

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11238543B2 (en) * 2017-05-06 2022-02-01 Adp, Llc Payroll based blockchain identity

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106982205A (en) * 2017-03-01 2017-07-25 中钞信用卡产业发展有限公司北京智能卡技术研究院 Digital asset treating method and apparatus based on block chain
CN108462568A (en) * 2018-02-11 2018-08-28 西安电子科技大学 A kind of secure file storage and sharing method based on block chain

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
A Blockchain-Based Framework for Data Sharing With Fine-Grained Access Control in Decentralized Storage Systems;SHANGPING WANG 等;《IEEE Access》;20180629;正文第38439-38442、38445页及图4 *
Storj:区块链在云存储上的应用;simmel_;《CSDN》;20170720;博文第1-4页 *
门罗币基础技术介绍;yuanchaoknightt;《CSDN》;20170314;博文第1页 *

Also Published As

Publication number Publication date
CN109508552A (en) 2019-03-22

Similar Documents

Publication Publication Date Title
CN109508552B (en) Privacy protection method of distributed cloud storage system
US10673626B2 (en) Threshold secret share authentication proof and secure blockchain voting with hardware security modules
JP6547079B1 (en) Registration / authorization method, device and system
Rady et al. Integrity and confidentiality in cloud outsourced data
CN102685148B (en) Method for realizing secure network backup system under cloud storage environment
Yang et al. Provable data possession of resource-constrained mobile devices in cloud computing
WO2022007889A1 (en) Searchable encrypted data sharing method and system based on blockchain and homomorphic encryption
CN108923932B (en) A decentralized collaborative verification system and verification method
CN111355705A (en) Data auditing and safety duplicate removal cloud storage system and method based on block chain
CN109286490A (en) Method and system for deduplication and integrity verification of encrypted data
CN112037870B (en) Double-server light-weight searchable encryption method and system supporting data partitioning
Wen et al. BDO-SD: An efficient scheme for big data outsourcing with secure deduplication
CN103780607A (en) Repeating-data deleting method based on different permissions and system thereof
Wen et al. Big data storage security
Ha et al. Scalable and popularity-based secure deduplication schemes with fully random tags
Tian et al. An efficient scheme of cloud data assured deletion
Jin et al. A blockchain-based auditable deduplication scheme for multi-cloud storage
CN110851848B (en) Privacy protection method for symmetric searchable encryption
Thazhath et al. Harpocrates: Privacy-Preserving and Immutable Audit Log for Sensitive Data Operations
Li et al. Collusion-resistant multi-replica data auditing with optimized metadata generation
Yan et al. Secure and efficient big data deduplication in fog computing: J. Yan et al.
Navajothi et al. An efficient, dynamic, privacy preserving public auditing method on untrusted cloud storage
Ma et al. Secure and Efficient Cloud Data Deduplication Supporting Dynamic Data Public Auditing.
Hua et al. Enabling secure auditing and deduplication in multi-replica cloud storage
Patil et al. Efficient privacy preserving and dynamic public auditing for storage cloud

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20220330

Address after: No. 168, software Avenue, Yuhuatai District, Nanjing, Jiangsu 210042

Patentee after: Bozhi Safety Technology Co.,Ltd.

Address before: No. 302, Xuefu Road, Jingkou District, Zhenjiang City, Jiangsu Province, 212000

Patentee before: JIANGSU University