Summary of the invention
In order to realize the lightweight operation of mobile terminal, operation efficiency and the communication of mobile cloud computing data-sharing systems are improved
Efficiency, while ensureing the safety in data sharing process and privacy, the present invention proposes a kind of suitable for mobile cloud computing system
The safely and efficiently data-sharing systems and method, this method of system can not only safely be realized based on attribute during realization
Fine-granularity access control and integrity verification based on algebra signature, and ensure that the lightweight operation of mobile terminal, move
Dynamic terminal only operates shared data on a small quantity, and most of operation is realized by cloud calculation server, it is ensured that mobile cloud computing
The safety and high efficiency of data sharing in system.
The present invention proposes safe and efficient data sharing method in a kind of mobile cloud computing system comprising:
The first step, system initialization, trust center generate common parameter, master key and other entity keys;
Second step, the encryption of shared information, data owner and cloud calculation server jointly carry out at encryption shared information
Reason;
Key is generated for user in third step, the generation of user key, trust center;
4th step, the integrity verification of shared information, cloud calculation server calculate the integrality of shared information;
5th step, the decryption of shared information, if cloud calculation server verifying shared information is completely that user deposits from cloud
Storage server downloading ciphertext is simultaneously decrypted.
Wherein, the first step is further specifically by trust center using security parameter and attribute space as input,
Export the private key of common parameter, master key and data owner, cloud storage service device and cloud calculation server.
Wherein, the second step is further specially the communication and computation burden in order to reduce mobile terminal, and data owner is only
Lightweight operation is carried out, is encrypted and defined access control structure including the plaintext to shared data, and ciphertext block, utilization
The operation such as algebra signature calculation block label is realized by cloud calculation server.
Wherein, the third step is further specially that each user for accessing shared information can be close to trust center sending
Key generates request, and corresponding user identifier, public key and solution can be generated for user according to the attribute and master key of user in trust center
Key.
Wherein, the 4th step is further specially that user Xiang Yun calculation server sends integrality verification request, Yun Yun
After calculation server receives checking request, whether the identity for verifying user is legal, if identity is illegal, returns to ⊥, otherwise, cloud
Calculation server randomly chooses c data block and corresponding random number, and sends integrality challenge to cloud storage service device.Yun Cun
After storage server receives challenge, calculating data proves to prove with label, and will demonstrate that and be sent to cloud calculation server.Finally
Cloud calculation server carries out integrality to shared information according to the information for proving and being locally stored and verifies, and by verification result
User is returned to, which is completed by cloud calculation server and the interaction of cloud storage service device.
Beneficial technical effect
The present invention realizes the lightweight operation of mobile terminal, and the operation effect of mobile cloud computing data-sharing systems can be improved
Rate and communication efficiency, while ensureing the safety in data sharing process and privacy.
Specific embodiment
The present invention proposes safe and efficient data sharing method in a kind of mobile cloud computing system comprising:
The first step, system initialization export public ginseng by trust center using security parameter and attribute space as input
The private key of number, master key and data owner, cloud storage service device and cloud calculation server;
Second step, the encryption of shared information, the step are realized jointly by data owner and cloud calculation server, are moved to reduce
The communication and computation burden of moved end, data owner only carry out lightweight operation, are encrypted simultaneously including the plaintext to shared data
It defines access control structure, and ciphertext block, is operated using algebra signature calculation block label etc. and realized by cloud calculation server;
Third step, the generation of user key, it is raw that the user of each access shared information can issue key to trust center
At request, it is close that corresponding user identifier, public key and decryption can be generated for user in trust center according to the attribute and master key of user
Key;
4th step, the integrity verification of shared information, the step are completed by cloud calculation server and the interaction of cloud storage service device,
User's Xiang Yun calculation server sends integrality verification request and verifies user's after cloud calculation server receives checking request
Whether identity legal, if identity is illegal, return ⊥, otherwise, cloud calculation server randomly choose c data block and accordingly
Random number, and integrality challenge is sent to cloud storage service device.After cloud storage service device receives challenge, calculate data prove and
Label proves, and will demonstrate that and be sent to cloud calculation server.Last cloud calculation server is according to the letter for proving and being locally stored
Breath carries out integrality to shared information and verifies, and verification result is returned to user;
5th step, the decryption of shared information, if cloud calculation server verifying shared information is completely that user deposits from cloud
Storage server downloading ciphertext is simultaneously decrypted.
Trust center is served as by believable third party, is responsible for being that system generates master key, common parameter by security parameter,
It is responsible for the generation, update and revocation of other entity keys simultaneously.
Data owner be responsible for generate and acquire shared information, specially have sensor device, wireless network and mobile phone,
The intelligent terminals such as pad, data owner are responsible for defining access structure and carry out lightweight operation to shared information.
Only tested in the integrality that the user that trust center registered could entrust cloud calculation server to carry out shared information
Card, and download shared information from cloud storage service device and decrypt use.
Cloud storage service device is responsible for providing safe and reliable, large capacity storage environment to be tested with storing shared data and integrality
Demonstrate,prove label.
Prevent mobile client from consuming excessive calculating and the communication resource, cloud calculation server is mainly responsible in carry out system
Complex calculation, including by the encrypted ciphertext block of data owner, utilize algebra signature calculation block.
The first step is further specially to export public ginseng using security parameter para and attribute space U as input
The private key k of number PK, master key MK and data owner, cloud storage service device and cloud calculation server1、k2And k3。
Trust center completes following steps:
1-a step, selects the cyclic group G with identical Prime Orders q1And G2, and g is G1Generation member;Random number α is chosen,
β∈Zq, f1, f2..., fU∈G1, and calculate σ=gβAnd θ=e (g, g)α;Select the cryptographic Hash function h of safety:
With bilinear map e:G1×G1→G2, define the exclusive or homorphic function d with key:With algebra signature sigγ,
Wherein γ is the primitive element in Galois Field;Random selectionRespectively as data owner, cloud calculation server and
The private key union of cloud storage service device
1-b step, trust center is by common parameter PK=(e, g, θ, σ, f1, f2..., fU, h, d) publication, by MK=(α,
It β) is used as master key, and by k1It securely transmits and gives data owner, k2Cloud calculation server, k are sent to k3Send cloud storage clothes to
Business device.
Specific step is as follows in the second step:
2-a step, in order to make user's ability accessing shared data with access authority, data owner passes through PK and access
Structure A encrypts shared information, and owner defines access control structure A=(M, ρ) first, and wherein M is the matrix of l row n column,
ρ: [1, l] → [1, U] is the function that each row of matrix M is mapped to attribute, then randomly chooses s ∈ ZqAnd column vectorAnd it calculatesIf shared information is F, length r1, data owner calculating ciphertext C=
F·θs, C '=gs, finally C and C ' is sent to cloud storage service device, by info=(C, A, λi) send cloud calculation server to;
2-b step, cloud calculation server randomly choose ri∈Zq, i ∈ [1, l], and calculate
2-c step, in order to verify the integrality of shared information, cloud calculation server need by the ciphertext C of shared information into
Row piecemeal simultaneously passes through algebra signature calculation block label, and ciphertext C is divided into N number of data block m by cloud calculation server firsti∈Zq, and with
Machine selects Ri, i ∈ [1, N], calculating bi=h (i),AndWherein i is block number, and then cloud is transported
Server is calculated by tiIt is sent to data owner, data owner calculatesAnd by v 'iCloud calculation server is returned to, finally
Cloud calculation server calculation block label Ti=sigγ(vi||bi);
2-d step, cloud calculation server is by pf1=(mi, Ti, i ∈ [1, N]) and pf2=(Ci, Di, i ∈ [1, l]) and it sends
To cloud storage service device.
The third step is further specially that the user of each access shared information can issue key life to trust center
At request requestKeyGen(S).Corresponding key can be generated for user according to the attribute S and master key MK of user in trust center
SK.The specific implementation process is as follows:
User's collection is combined into U, generates request request when the user u ∈ U that attribute is S sends key to trust centerKeyGen(S)
When, trust center random selectionAs the identity of user, and calculate Upk=gUidAs the public key of relative users,
Meanwhile trust center randomly chooses t ∈ Zq, calculate the key of user uAnd
By (Uid, SK, gt, Ut=Uidt) and secret is sent to user.
4th step, user request cloud calculation server to test shared information progress integrality before downloading shared information
Card.Integrity verifying step is specific as follows:
4-a step, user's Xiang Yun calculation server send integrality verification request requestInteVer(Upk, S, gt, Ut);
4-b step, cloud calculation server pass through formula e (Upk, gt)=e (g, g)UtWhether the identity for verifying user is legal.
If identity is legal, cloud calculation server randomly chooses c data block and corresponding random numberAnd to cloud storage service
Device sends integrality and challenges ch=(i, li), i ∈ [1, c];
4-c step, after cloud storage service device receives challenge ch, calculating data is provedIt is demonstrate,proved with label
It is brightAnd by proof=(μi, η) and it is sent to cloud calculation server;
4-d step, receives after proving proof, and cloud calculation server calculates
And verify equationIt is whether true.If equation is set up, indicate shared information F be it is complete, it is no
Then return to ⊥.
5th step enjoys the decryption of information, if privacy information is that completely, user downloads ciphertext from cloud storage service device and solves
It is close, specifically:
5-a step, definitionS is the attribute of user.If { ωi∈Zq, i ∈ I is constant,
If effective share λ of siIn the presence of then equation ∑i∈Iωiλi=s is set up, and cloud calculation server first verifies equation ∑i∈IωiMi=
(1,0 ..., 0) whether true, if equation is invalid, returns to ⊥ and otherwise ciphertext is decrypted into next step;
5-b step, user calculateAnd calculate F
=C/CK ' obtains the corresponding plaintext of shared information.
Below using embodiment and attached drawing come the embodiment that the present invention will be described in detail, how skill is applied to the present invention whereby
Art means solve technical problem, and the realization process for reaching technical effect can fully understand and implement.
As depicted in figs. 1 and 2, specific steps of the invention are implemented as follows:
The first step, system initialization, the step are run by trust center.Using security parameter para and attribute space U as
The private key k of input, output common parameter PK, master key MK and data owner, cloud storage service device and cloud calculation server1、k2
And k3。
(1) trust center executes following operation: selecting the cyclic group G with identical Prime Orders q1And G2, and g is G1Life
Cheng Yuan;Choose random number α, β ∈ Zq, f1, f2..., fU∈G1, and calculate σ=gβAnd θ=e (g, g)α;Select the password of safety
Hash function h:With bilinear map e:G1×G1→G2, define the exclusive or homorphic function d with key:With algebra signature sigγ, wherein γ is the primitive element in Galois Field;Random selectionRespectively
Private key union as data owner, cloud calculation server and cloud storage service device
(2) trust center is by common parameter PK=(e, g, θ, σ, f1, f2..., fU, h, d) and publication, MK=(α, β) is made
For master key, and by k1It securely transmits and gives data owner, k2Cloud calculation server, k are sent to k3Send cloud storage service to
Device.
Second step, the encryption of shared information, in order to reduce the communications burden and computation burden of mobile terminal, data owner only into
Row lightweight operation.By ciphertext block, is operated according to algebra signature calculation block label etc. and realized by cloud calculation server.
(1) in order to make user's ability accessing shared data with access authority, data owner passes through PK and access structure A
Shared information is encrypted, owner defines access control structure A=(M, ρ) first, wherein matrix of the M for l row n column, ρ: [1,
L] → [1, U] be the function that each row of matrix M is mapped to attribute, then randomly choose s ∈ ZqAnd column vectorAnd it calculatesIf shared information is F, length r1, data owner calculating ciphertext C=
F·θs, C '=gs, finally C and C ' is sent to cloud storage service device, by info=(C, A, λi) send cloud calculation server to.
(2) cloud calculation server randomly chooses ri∈Zq, i ∈ [1, l], and calculate
(3) in order to verify the integrality of shared information, cloud calculation server needs the ciphertext C of shared information carrying out piecemeal
And by algebra signature calculation block label, ciphertext C is divided into N number of data block m by cloud calculation server firsti∈Zq, and randomly choose
Ri, i ∈ [1, N], calculating bi=h (i),AndWherein i is block number, then cloud computational service
Device is by tiIt is sent to data owner, data owner calculatesAnd by v 'iReturn to cloud calculation server, last cloud operation
Server calculation block label Ti=sigγ(vi||bi)。
(4) cloud calculation server is by pf1=(mi, Ti, i ∈ [1, N]) and pf2=(Ci, Di, i ∈ [1, l]) and it is sent to cloud and deposits
Store up server.
Third step, the user of each access shared information can issue key to trust center and generate request
requestKeyGen(S).Corresponding key SK can be generated for user according to the attribute S and master key MK of user in trust center.Specifically
Realization process is as follows:
User's collection is combined into U, generates request request when the user u ∈ U that attribute is S sends key to trust centerKeyGen(S)
When, trust center random selectionAs the identity of user, and calculate Upk=gUidAs the public key of relative users,
Meanwhile trust center randomly chooses t ∈ Zq, calculate the key of user uAnd
By (Uid, SK, gt, Ut=Uidt) and secret is sent to user.
4th step, user request cloud calculation server to carry out integrity verification to shared information before downloading shared information.
Integrity verifying step is specific as follows:
(1) user Xiang Yun calculation server sends integrality verification request requestInteVer(Upk, S, gt, Ut);
(2) cloud calculation server passes through formula e (Upk, gt)=e (g, g)UtWhether the identity for verifying user is legal.If
Identity is legal, and cloud calculation server randomly chooses c data block and corresponding random numberAnd it is sent out to cloud storage service device
Integrality is sent to challenge ch=(i, li), i ∈ [1, c];
(3) after cloud storage service device receives challenge ch, calculating data is provedIt is proved with labelAnd by proof=(μi, η) and it is sent to cloud calculation server;
(4) it receives after proving proof, cloud calculation server calculatesAnd
Verify equationIt is whether true.If equation is set up, indicate completely, otherwise shared information F is
In return.
5th step enjoys the decryption of information, if privacy information is that completely, user downloads ciphertext from cloud storage service device and solves
It is close, specifically:
(1) it definesS is the attribute of user.If { ωi∈Zq, i ∈ I is constant, if s
Effective share λiIn the presence of then equation ∑i∈Iωiλi=s is set up, and cloud calculation server first verifies equation ∑i∈IωiMi=(1,
0 ..., 0) whether true, if equation is invalid, returns to ⊥ and otherwise ciphertext is decrypted into next step;
(2) user calculatesAnd calculate F=C/
CK ' obtains the corresponding plaintext of shared information.
All above-mentioned this intellectual properties of primarily implementation, there is no this new products of implementation of setting limitation other forms
And/or new method.Those skilled in the art will utilize this important information, above content modification, to realize similar execution feelings
Condition.But all modifications or transformation belong to the right of reservation based on new product of the present invention.
The above described is only a preferred embodiment of the present invention, being not that the invention has other forms of limitations, appoint
What those skilled in the art changed or be modified as possibly also with the technology contents of the disclosure above equivalent variations etc.
Imitate embodiment.But without departing from the technical solutions of the present invention, according to the technical essence of the invention to above embodiments institute
Any simple modification, equivalent variations and the remodeling made, still fall within the protection scope of technical solution of the present invention.