CN110505052B - Cloud data public verification method for protecting data privacy - Google Patents

Cloud data public verification method for protecting data privacy Download PDF

Info

Publication number
CN110505052B
CN110505052B CN201910800821.6A CN201910800821A CN110505052B CN 110505052 B CN110505052 B CN 110505052B CN 201910800821 A CN201910800821 A CN 201910800821A CN 110505052 B CN110505052 B CN 110505052B
Authority
CN
China
Prior art keywords
label
evidence
file
verifier
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910800821.6A
Other languages
Chinese (zh)
Other versions
CN110505052A (en
Inventor
田苗苗
潘智超
仲红
崔杰
柳世祥
吴伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Anhui Guotong Yichuang Technology Co ltd
Anhui University
Original Assignee
Anhui Guotong Yichuang Technology Co ltd
Anhui University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Anhui Guotong Yichuang Technology Co ltd, Anhui University filed Critical Anhui Guotong Yichuang Technology Co ltd
Priority to CN201910800821.6A priority Critical patent/CN110505052B/en
Publication of CN110505052A publication Critical patent/CN110505052A/en
Application granted granted Critical
Publication of CN110505052B publication Critical patent/CN110505052B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Storage Device Security (AREA)

Abstract

The invention belongs to the information security technology and discloses a cloud data public verification method for protecting data privacy. The method is suitable for any scene that a third party verifier with a public key verifies the integrity of the data, under the circumstance, the method does not leak the cloud data to the third party verifier, and meanwhile, the verifier can verify the integrity of the cloud data only with less calculation and communication expenses, so that the performance of a verification system is improved.

Description

Cloud data public verification method for protecting data privacy
Technical Field
The invention relates to an information security technology, in particular to a cloud data public verification method for protecting data privacy.
Background
With the rapid increase of data volume, the cloud storage service is more and more popular, and the problem of checking the integrity of cloud outsourced data is more prominent in the situation. Integrity verification of cloud data is one of important technologies of cloud storage applications, and data can be guaranteed not to be damaged. The storage certification is an effective solution for verifying outsourcing data integrity, and comprises a system establishment algorithm Setup, a label generation algorithm TagGen, an auditing algorithm Audit, an evidence generation algorithm Prove and a verification algorithm Verify. The storage certification is that the complete data file is divided into a plurality of blocks, corresponding labels are calculated for each block of data, and finally, the data and the labels are outsourced to the cloud server. Because the tags have homomorphic linear properties and can be aggregated into one authentication tag on any linear combination of data blocks, the cloud server can prove the integrity of the outsourced data with less cost. Specifically, to verify the integrity of the outsourced data, the verifier may issue a random verification challenge to the cloud server, which then returns the linear combination of data blocks and the corresponding authentication tag as a corresponding proof. If the proof is valid, then the outsourced data is interpreted as complete. Otherwise, the outsourced data is corrupted.
At present, all existing methods for detecting the integrity of public verification cloud data need relatively complex operation, so that the calculation amount is large. The invention designs a detection method for computing and effectively and publicly verifying the integrity of cloud data by utilizing a Hash tree technology, and meanwhile, the method can ensure that a verifier cannot obtain the content of the cloud data, thereby realizing the privacy protection of the data.
Before presenting the summary of the invention, some technical background and cryptographic knowledge to which the invention relates are introduced:
1. the hash tree used in the present invention refers to a tree storing hash values. Without loss of generality, it is assumed that the hash tree is a binary tree, each node of the hash tree is a hash value of a child node, and the leaf nodes are hash values of corresponding messages. The hash tree is essentially a recursive definition, and specifically, all leaf nodes in the tree are hash values of data blocks, and the values of non-leaf nodes are combined by the hash values of all child nodes, and then a method of combining first and then hashing is continuously adopted to generate new values of non-leaf nodes. And iterating until the hash value of the root node is obtained.
2. The security of the present invention is based on the Discrete Logarithm Problem (Discrete LogalithProblem). Briefly, discrete pairsThe number problem refers to that given prime number p, cyclic group G with order p and one generator G and random element u on it, output
Figure BDA0002182254770000021
So that u = g x . In general, the discrete logarithm problem is very difficult.
Disclosure of Invention
The invention aims to: the invention aims to provide an effective cloud data public verification method for protecting data privacy, which ensures the integrity of data stored on a cloud server and does not reveal the content of cloud data to a verifier.
The technical scheme is as follows: the invention discloses a cloud data public verification method for protecting data privacy, which comprises the following steps:
(1) The system establishes an algorithm (Setup), inputs a security parameter lambda, generates a public and private key pair (pk, sk) of the user, and discloses a system public parameter pp.
(2) And (3) a label generation algorithm (TagGen) inputs a system public parameter pp, a user private key sk and a file F, and a user outputs a file label T and a label evidence E.
(3) And (4) an Audit algorithm (Audit) inputs a system public parameter pp and a label evidence E, and the verifier outputs an Audit request Lambda for the file.
(4) And an evidence generation algorithm (Prove), inputting a system public parameter pp, an audit request Λ, a file F and a file label T, and outputting an evidence P by the cloud server.
(5) And (4) a verification algorithm (Verify), inputting a system public parameter pp, an audit request Λ, evidence P and a file F, verifying the validity of the evidence by a verifier, and returning to 1 if the evidence is valid, or returning to 0 if the evidence is not valid.
Has the beneficial effects that: compared with the prior art, the invention has the advantages that:
the invention provides a privacy-protecting cloud data public verification method based on the discrete logarithm problem, which only relates to simple algebraic operation and a common hash function in a finite field, does not need bilinear pairwise operation, has high operation efficiency, and does not reveal cloud data contents to a third-party verifier.
Drawings
FIG. 1 is a flow chart of the main steps of the present invention;
Detailed Description
The present invention is further illustrated by the following examples and the accompanying drawings.
As shown in fig. 1, the cloud data public verification method for protecting data privacy according to the present invention includes the following steps:
(1) The system establishes an algorithm (Setup), inputs a security parameter lambda, generates a private key SK of a user by the system, and discloses a system public parameter PP.
(2) And (3) a label generation algorithm (TagGen), inputting a system public parameter PP, a user private key SK and a file F, and outputting a file label T and a label evidence E by a user.
(3) And an auditing algorithm (Audit) inputs a system common parameter PP and a label evidence E, and the verifier outputs an auditing request Lambda for the file.
(4) And an evidence generation algorithm (Prove), inputting a system public parameter PP, an audit request Lambda, a file F and a file label T, and outputting an evidence P by the cloud server.
(5) Verification algorithm (Verify). Inputting a system public parameter PP, an audit request Λ, an evidence P and a file F, and verifying the validity of the evidence by a verifier. If the evidence is valid, 1 is output, otherwise 0 is output.
The specific implementation process of the step (1) is as follows:
1. the security parameter λ is entered and the prime number p = Θ (2) is selected λ ) Cyclic group G of order p and its generator G, function
Figure BDA0002182254770000041
A secure signature scheme (Sig, ver), which may employ SM2 signature or DSS standard signature algorithms, a random signed public-private key pair (spk, ssk) and a random number x,
Figure BDA0002182254770000042
2. computing public key X = g x And
Figure BDA0002182254770000043
output System public parameters PP = (p, g, f, spk, X, Y) j ) And the user private key SK = (ssk, x, y) j ) Where j is equal to [1, s ]]The same applies below.
The specific implementation process of the step (2) is as follows:
1. inputting system common parameters PP = (p, g, f, spk, X, Y) j ) User private key SK = (ssk, x, y) j ) And file F, first the user randomly selects the file identifier
Figure BDA0002182254770000044
2. Dividing the file F into n blocks, and equally dividing each block into s fans, namely F = { m = { (m) ij } i∈[1,n],j∈[1,s]
3. Calculating the label of each block, wherein the label sigma of the ith data i . Specifically, calculate
Figure BDA0002182254770000045
(mod p) and
Figure BDA0002182254770000046
4. and calculating the hash value of each label as a leaf node of the hash tree. The leaf nodes generate father node hash values of the leaf nodes in a mode of first combination and then hash, and the root node R of the hash tree is generated by analogy.
5. Signature (id, R) using the private key ssk, i.e. S = Sig ssk (id, R). Output tag T = (id, σ) 1 ,…,σ n ) And according to E = (id, S).
6. And (F, T, S) and E are respectively sent to the cloud server and the verifier, and the local copy is deleted.
The specific implementation process of the step (3) is as follows:
1. inputting the common parameters PP and label evidence E of the system, and firstly verifying the system by a verifier [1, n ]]Randomly selecting a plurality of integers as the sequence numbers of the challenge data blocks, without loss of generality, and marking as I = { (I, v) i ) Selecting random weight for each serial number
Figure BDA0002182254770000051
2. Sending an audit request Λ = (id, I).
The specific implementation process of the step (4) is as follows:
1. after receiving an audit request Λ = (id, I) of a verifier, the cloud server finds a corresponding file F and a corresponding tag T, and randomly selects the file F and the tag T
Figure BDA0002182254770000052
2. Computing
Figure BDA0002182254770000053
And (i, σ) i ) Auxiliary path Ω of i Wherein the auxiliary path omega i Is satisfied that the data can be represented by (i, σ) i ) And Ω i A minimum set of nodes for the root node is constructed.
3. Let the evidence P = (ω) jj ,{(i,σ i ),Ω i } i∈I ) And returning to the verifier.
The specific implementation process of the step (5) is as follows:
1. inputting system public parameter PP, audit request Λ, proof P and according to E, verifier first utilizes { (i, σ) } i ),Ω i } i∈I The root node R' of the hash tree is computed.
2. Verification Ver spk (S, (id, R')) =1 holds. If yes, calculating v = ∑ Σ i∈I i·v i And then verify
Figure BDA0002182254770000061
If yes, returning to 1; otherwise, 0 is returned.
Protocol analysis
1. Accuracy of measurement
First, if all participants in the present invention are honest, then the algorithm Ver spk (S, (id, R)) =1 is necessarily true. In addition, the following is also true:
Figure BDA0002182254770000062
therefore, the verification equation in the algorithm Verify holds.
2. Safety feature
The present invention solves the problem of data leakage, assuming that the verifier is malicious, since μ = r · f (ω) + Σ i∈ I v i ·m i And r is randomly selected, so that a malicious verifier cannot calculate the data block, and the method cannot reveal cloud data contents to a third-party verifier, thereby protecting the privacy of the cloud data.
3. Efficiency analysis
The scheme only relates to simple algebraic operation and a common hash function in a finite field, so the method has high operation efficiency and good application value, and meanwhile, the signature of the root node can use standard signature algorithms such as an SM2 signature algorithm, a DSS (direct sequence) and the like, and the safety and the efficiency are good.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.

Claims (1)

1. A cloud data public verification method for protecting data privacy comprises the following steps:
1) A system establishment algorithm (Setup), a security parameter lambda is input, a system generates a private key SK of a user, and a system public parameter PP is disclosed, and the specific implementation process is as follows:
A. the security parameter λ is entered and the prime number p = Θ (2) is selected λ ) Cyclic group G of order p and its generator G, function
Figure FDA0003900179620000011
A secure signature scheme (Sig, ver) using SM2 or DSS standard signature algorithms, randomly signing public and private key pairs (spk, ssk) and random numbers
Figure FDA0003900179620000012
B. Computing public key X = g x And
Figure FDA0003900179620000013
output System public parameters PP = (p, g, f, spk, X, Y) j ) And the user private key SK = (ssk, x, y) j ) Wherein j ∈ [1,s ]]The same applies below;
2) The label generation algorithm inputs system public parameters PP, a user private key SK and a file F, a user outputs a file label T and a label evidence E, and the specific implementation process is as follows:
A. inputting system common parameters PP = (p, g, f, spk, X, Y) j ) User private key SK = (ssk, x, y) j ) And file F, first the user randomly selects the file identifier
Figure FDA0003900179620000014
B. Dividing the file F into n blocks, and equally dividing each block into s fans, namely F = { m = { (m) ij } i∈[1,n],j∈[1,s]
C. Calculating the label of each block, wherein the label sigma of the ith data i In particular, calculating
Figure FDA0003900179620000015
Figure FDA0003900179620000016
And
Figure FDA0003900179620000017
D. calculating the hash value of each label as a leaf node of the hash tree, generating the parent node hash value of the leaf node by combining the leaf nodes firstly and then hashing the leaf nodes, and generating the root node R of the hash tree by analogy;
E. signature (id, R) using the private key ssk, i.e. S = Sig ssk (id, R), output tag T = (id, σ) 1 ,…,σ n ) HebiaoA proof of sign E = (id, S);
F. respectively sending the (F, T, S) and the (E) to a cloud server and a verifier, and deleting the local copy;
3) The method comprises the following steps that an Audit algorithm (Audit) is input into a system public parameter PP and a tag evidence E, and a verifier outputs an Audit request Lambda for a file, and specifically comprises the following steps:
A. inputting system common parameters PP and label evidence E, and verifying the system common parameters PP and label evidence E by a verifier [1, n ]]Randomly selecting a plurality of integers as challenge data block sequence numbers, and marking the integers as I = { (I, v) i ) And selecting random weight for each challenge data block sequence number
Figure FDA0003900179620000021
B. Sending an audit request Λ = (id, I);
4) An evidence generating algorithm (cave), inputting a system public parameter PP, an audit request Lambda, a file F and a file label T, outputting an evidence P by a cloud server, and specifically implementing the following processes:
A. after receiving an audit request Λ = (id, I) of a verifier, the cloud server finds the corresponding file F and the corresponding label T, and randomly selects the file F and the label T
Figure FDA0003900179620000022
B. Computing
Figure FDA0003900179620000023
μ j =r j ·f(ω j )+∑ i∈I v i ·m ij And (i, σ) i ) Auxiliary path Ω of i Wherein the auxiliary path omega i Is satisfied that the data can be represented by (i, σ) i ) And Ω i Constructing a minimum node set of root nodes;
C. let the evidence P = (ω) jj ,{(i,σ i ),Ω i } i∈I ) Returning to the verifier;
5) A verification algorithm (Verify), inputting a system public parameter PP, an audit request Lambda, an evidence P and a file F, verifying the validity of the evidence by a verifier, if the evidence is valid, outputting 1, otherwise, outputting 0, and the specific implementation process is as follows:
A. inputting system public parameters PP, an audit request lambda, a proof P and a label evidence E, and firstly utilizing { (i, sigma) } by a verifier i ),Ω i } i∈I Calculating a root node R' of the hash tree;
B. verification Ver spk (S, (id, R')) =1, if true, calculate v = ∑ Σ i∈I i·v i And then verify
Figure FDA0003900179620000031
If yes, returning to 1; otherwise, 0 is returned.
CN201910800821.6A 2019-08-28 2019-08-28 Cloud data public verification method for protecting data privacy Active CN110505052B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910800821.6A CN110505052B (en) 2019-08-28 2019-08-28 Cloud data public verification method for protecting data privacy

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910800821.6A CN110505052B (en) 2019-08-28 2019-08-28 Cloud data public verification method for protecting data privacy

Publications (2)

Publication Number Publication Date
CN110505052A CN110505052A (en) 2019-11-26
CN110505052B true CN110505052B (en) 2022-11-25

Family

ID=68588566

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910800821.6A Active CN110505052B (en) 2019-08-28 2019-08-28 Cloud data public verification method for protecting data privacy

Country Status (1)

Country Link
CN (1) CN110505052B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111539031B (en) * 2020-05-09 2023-04-18 桂林电子科技大学 Data integrity detection method and system for privacy protection of cloud storage tag

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106254374A (en) * 2016-09-05 2016-12-21 电子科技大学 A kind of cloud data public audit method possessing duplicate removal function
KR20170026765A (en) * 2015-08-27 2017-03-09 고려대학교 산학협력단 Method of secure public auditing using self-certified signature in cloud storage and system of the same
CN106845280A (en) * 2017-03-14 2017-06-13 广东工业大学 A kind of Merkle Hash trees cloud data integrity auditing method and system
CN109145650A (en) * 2018-08-07 2019-01-04 暨南大学 The outsourcing big data auditing method of highly effective and safe under a kind of cloud environment

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20170026765A (en) * 2015-08-27 2017-03-09 고려대학교 산학협력단 Method of secure public auditing using self-certified signature in cloud storage and system of the same
CN106254374A (en) * 2016-09-05 2016-12-21 电子科技大学 A kind of cloud data public audit method possessing duplicate removal function
CN106845280A (en) * 2017-03-14 2017-06-13 广东工业大学 A kind of Merkle Hash trees cloud data integrity auditing method and system
CN109145650A (en) * 2018-08-07 2019-01-04 暨南大学 The outsourcing big data auditing method of highly effective and safe under a kind of cloud environment

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
Privacy-Preserving Public Auditing;Cong Wang;《IEEE Transactions on Computers》;20111220;全文 *
云计算中数据存储的完整性校验模型研究;陈春霖;《中国优秀硕士论文全文数据库》;20130630;第8-16页 *
基于同态标签的云存储数据完整性验证技术研究;陈玉;《中国优秀硕士论文全文数据库》;20160331;第32-38页 *
格上基于身份的云存储完整性检测方案;田苗苗等;《通信学报》;20190425;第128-138页 *

Also Published As

Publication number Publication date
CN110505052A (en) 2019-11-26

Similar Documents

Publication Publication Date Title
Guo et al. Outsourced dynamic provable data possession with batch update for secure cloud storage
Schröder et al. Verifiable data streaming
Zhu et al. Zero-knowledge proofs of retrievability
Luo et al. Ensuring the data integrity in cloud data storage
CN106487786B (en) Cloud data integrity verification method and system based on biological characteristics
CN105515778B (en) Cloud storage data integrity services signatures method
CN103986732A (en) Cloud storage data auditing method for preventing secret key from being revealed
CN103220146B (en) Zero Knowledge digital signature method based on multivariate public key cryptosystem
CN103095697A (en) Multiple signature generation and verification system and method thereof
Cui et al. Proof of retrievability with public verifiability resilient against related‐key attacks
Lee et al. Security analysis and modification of ID-based encryption with equality test from ACISP 2017
CN115529141A (en) Traceable ring signature generation method and system for logarithmic signature size
CN109274504B (en) Multi-user big data storage sharing method and system based on cloud platform
CN110505052B (en) Cloud data public verification method for protecting data privacy
Liu et al. Identity-based remote data integrity checking of cloud storage from lattices
CN112491560A (en) SM2 digital signature method and medium supporting batch verification
JP5227816B2 (en) Anonymous signature generation device, anonymous signature verification device, anonymous signature tracking determination device, anonymous signature system with tracking function, method and program thereof
Zhang et al. Efficient Cloud-Based Private Set Intersection Protocol with Hidden Access Attribute and Integrity Verification.
CN112217629A (en) Cloud storage public auditing method
CN113326527A (en) Credible digital signature system and method based on block chain
CN111711524A (en) Certificate-based lightweight outsourcing data auditing method
Yang et al. An effective revocable and traceable public auditing scheme for sensor-based urban cities
Mao et al. Co‐Check: Collaborative Outsourced Data Auditing in Multicloud Environment
Zhang et al. OGPADSM2: oriented-group public auditing for data sharing with multi-user modification
Wang Signer‐admissible strong designated verifier signature from bilinear pairings

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant