CN111259454A - Non-interactive data integrity auditing method, fair payment method and system - Google Patents

Non-interactive data integrity auditing method, fair payment method and system Download PDF

Info

Publication number
CN111259454A
CN111259454A CN202010028100.0A CN202010028100A CN111259454A CN 111259454 A CN111259454 A CN 111259454A CN 202010028100 A CN202010028100 A CN 202010028100A CN 111259454 A CN111259454 A CN 111259454A
Authority
CN
China
Prior art keywords
contract
data
terminal
cloud storage
storage service
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010028100.0A
Other languages
Chinese (zh)
Other versions
CN111259454B (en
Inventor
王皓
秦红
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shandong Normal University
Original Assignee
Shandong Normal University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shandong Normal University filed Critical Shandong Normal University
Priority to CN202010028100.0A priority Critical patent/CN111259454B/en
Publication of CN111259454A publication Critical patent/CN111259454A/en
Application granted granted Critical
Publication of CN111259454B publication Critical patent/CN111259454B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/22Payment schemes or models
    • G06Q20/24Credit schemes, i.e. "pay after"
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Accounting & Taxation (AREA)
  • Computer Hardware Design (AREA)
  • Strategic Management (AREA)
  • Software Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Finance (AREA)
  • General Business, Economics & Management (AREA)
  • General Engineering & Computer Science (AREA)
  • Marketing (AREA)
  • Economics (AREA)
  • Technology Law (AREA)
  • Development Economics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The disclosure provides a non-interactive data integrity auditing method, a fair payment method and a system, wherein a first terminal sends a data file, a key and a data tag to a cloud storage service terminal; the cloud storage service terminal outputs a data integrity certificate to the data verification terminal, and the data verification terminal verifies the data integrity; the method comprises the steps that a first terminal submits a first contract to an intelligent contract platform; the cloud storage service terminal checks the integrity of the data file and submits a second contract to the intelligent contract platform; the cloud storage service terminal submits a third contract according to a time period; the common identification node of the intelligent contract platform is used as a data verification end to verify the correctness of the data integrity certification; this is disclosed and is cooperated through first contract, second contract, third contract and data integrality, can effectually realize fair payment, has reduced the claim problem that data loss brought, and this kind of automatic mode of accomplishing, very big reduction the human cost.

Description

Non-interactive data integrity auditing method, fair payment method and system
Technical Field
The disclosure relates to the technical field of block chains, in particular to a non-interactive data integrity auditing method, a fair payment method and a system.
Background
The statements in this section merely provide background information related to the present disclosure and may not necessarily constitute prior art.
At present, various public cloud storage services, such as Baidu cloud, nut cloud, dropbox, Onedrive, iCloud, etc., have been widely accepted and used by the public. By means of the cloud storage service, a data owner can use data on any equipment capable of accessing the network, and can share the data with other people more conveniently and more quickly. However, since the data is no longer stored locally in the user, how to ensure the integrity of the data (ensure that the data is not lost) becomes a big problem for users of cloud storage.
The inventor of the present disclosure found that the existing solution is to periodically check the integrity of data by using a data integrity auditing scheme. If the cloud storage server loses a portion of the data, then a (third party) reviewer will detect "data loss" with a high probability. However, the current public cloud storage service mostly adopts a prepaid mode, so that even if a user detects 'data loss' through the above method, it is very difficult to maintain rights and recover economic losses (higher proof and arbitration costs are required).
The current data integrity auditing scheme adopts a 'challenge-response' mode. The verifier initiates a challenge to the cloud storage server, and the server responds. If the "answer" of the server is able to be verified, the verifier can confirm that the server stores the complete data with a high probability; if the verification fails, the verifier can confirm that the server has lost part of the data. This type of data integrity auditing scheme is also referred to as an interactive data integrity auditing scheme, since the verification process requires interaction between the verifier and the server.
However, when such interactive schemes are deployed on intelligent contracts based on blockchains, a problem is faced: when the consensus nodes of the blockchain execute the code of the intelligent contract, the consensus nodes play the role of verifiers, which means that the consensus nodes need to interact with the cloud storage server. However, the number of consensus nodes is huge, and it is difficult to realize that such number of consensus nodes all need to interact with the cloud server in a short time.
Disclosure of Invention
In order to solve the defects of the prior art, the non-interactive data integrity auditing method, the fair payment method and the non-interactive data integrity auditing system have the advantages that the integrity of stored data is hooked with the payment cloud storage service fee, the service fee can be obtained only after the cloud storage server completely stores the data for one period, the claim problem caused by data loss is prevented, meanwhile, the payment process can be automatically completed without the support of a third party, and the labor cost is greatly reduced.
In order to achieve the purpose, the following technical scheme is adopted in the disclosure:
a first aspect of the present disclosure provides a non-interactive data integrity auditing method.
A non-interactive data integrity auditing method comprises the steps that a first terminal executes a key generation algorithm and a label generation algorithm to generate a key and a data label corresponding to a data file, and the data file, the key and the data label are sent to a cloud storage service terminal;
the cloud storage service terminal executes a certification generation algorithm and outputs a data integrity certification to the data verification terminal, and the data verification terminal executes a verification algorithm and verifies the data integrity.
As some possible implementations, the key generation algorithm specifically includes:
(a-1) let G and GTFor a bilinear group of order p, p being the prime number and G being the generator of the group G, there is a bilinear map e G → GT
(a-2) selecting two hash functions H (·): 0,1}*→G、h(·):GT→Zp
(a-3) selecting a pseudo-random function F (·): 0,1}*→[1,n];
(a-4) calling a standard digital signature scheme to generate a public and private key pair (spk, ssk);
(a-5) randomly selecting a random number x in the set {1, 2.., p-1}, randomly selecting an element u in the group G, calculating v ← Gx
(a-6) the public key pk is (spk, g, u, v, e, H (-), H (-), F (-),) and the private key sk is (ssk, x).
As some possible implementation manners, the tag generation algorithm specifically includes:
(b-1) encoding the data file f as f ═ mi}1≤i≤nWherein m isi∈Zp
(b-2) the first terminal randomly selecting name ← ZpAs the number of file f;
(b-3) for i e {1,2
Figure BDA0002363202480000031
Wherein WiName | | i, let ψ ═ σ |)i}1≤i≤n
(b-4) calling a standard digital signature algorithm Sig to sign the name to obtain Sigssk(name);
(b-5) let t be name Sigssk(name) as an identifier for file f;
and (b-6) uploading the data file f and the corresponding data tag phi ═ t to the cloud storage service terminal.
As some possible implementations, the proof generation algorithm specifically includes:
(c-1) determining a constant c according to the preset proving difficulty and the block number n of the data file;
(c-2) acquiring current state information tau of the system;
(c-3) calculating s for i ∈ {1,2i←F(τ||i);
(c-4) let I ═ s1,s2,…,scIs a multiple set of c elements, i.e. I allows for repeated elements;
(c-5) for all j ∈ I, calculate vj←h(τ||j);
(c-6) calculation
Figure BDA0002363202480000041
Computing
Figure BDA0002363202480000042
(c-7) randomly selecting a random number s from {1,2, …, p-1}, and calculating T ═ e (u, v)sCalculating μ ═ s + γ μ', where γ ═ h (t) e Zp
(c-8) sending the output ∑ ═ μ, σ, T, τ, c } to the verifier as a proof of data integrity.
As a further limitation, the verification algorithm specifically includes:
(d-1) verifying the authenticity of the state information tau, if the verification fails, terminating the algorithm, otherwise, calculating I ═ F (tau | | |1), F (tau | |2),. -, F (tau | | | c) };
(d-2) for all j ∈ I, { v ∈ I, is calculatedj=h(τ||j)}j∈I,{h(Nj)}j∈IAnd calculating γ ═ { h (t) };
(d-3) judgment of equation
Figure BDA0002363202480000043
And if the result is true, outputting 1, otherwise, outputting 0.
The second aspect of the present disclosure provides a non-interactive data integrity auditing system, including at least one first terminal, at least one data verification terminal, and a cloud storage service terminal; the first terminal executes a key generation algorithm and a tag generation algorithm, generates a key and a data tag corresponding to the data file, and sends the data file, the key and the data tag to the cloud storage service terminal;
the cloud storage service terminal executes a certification generation algorithm and outputs a data integrity certification to the data verification terminal, and the data verification terminal executes a verification algorithm and verifies the data integrity.
A third aspect of the present disclosure provides a fair payment method for a public cloud storage service.
The first terminal calls a tag generation algorithm to obtain a data tag corresponding to the data file, the data file and the data tag are uploaded to the cloud storage service terminal together, and a first contract is submitted to the intelligent contract platform;
the cloud storage service terminal checks the integrity of the data file, submits a second contract to the intelligent contract platform, and submits a third contract according to a time period;
the common identification node of the intelligent contract platform is used as a data verification end to verify the correctness of the data integrity certification;
if the integrity verification passes, activating a first contract, and the first terminal pays the cloud storage service terminal; otherwise, activating the second contract, and compensating the loss of the first terminal by the cloud storage service terminal.
As some possible implementations, the first contract includes a first contract description portion and a first code portion;
the first contract description part comprises a file name, a file size, a file hash value, uploading time, a storage period, a service fee, a first terminal account, a cloud storage service terminal account, a first terminal public key and a first terminal signature;
the first code portion defines a payment behavior of the service fee, and if the verification algorithm outputs 1, the first contract transfers the service fee amount from the account address of the first terminal to the account of the cloud storage service terminal.
As some possible implementations, the second contract includes a second contract description portion and a second code portion;
the second contract description part comprises a file name, a file size, a file hash value, receiving time, a storage period, an indemnity, a first terminal account, a cloud storage service terminal public key and a cloud storage service terminal signature;
the second code portion defines an action of paying the penalty, and if the verification algorithm outputs 0, the second contract transfers the penalty from the account of the cloud storage service terminal to the account address of the first terminal.
As some possible implementations, the third contract includes a third contract description portion and a third code portion;
(e-1) the third contract description includes a payment contract, a payment indemnity contract, and a data integrity certification, wherein the payment contract employs the first contract and the payment indemnity contract employs the second contract;
(e-2) the third code portion defines how to pay fairly, and decides to activate the first contract or activate the second contract according to a result of the verification of the data integrity certification.
A fourth aspect of the present disclosure provides a fair payment system for public cloud storage services, including at least one first terminal and a cloud storage service terminal, wherein the cloud storage service terminal submits a third contract according to a time period; the common identification node of the intelligent contract platform is used as a data verification end to verify the correctness of the data integrity certification;
if the integrity verification passes, activating a first contract, and the first terminal pays the cloud storage service terminal; otherwise, activating the second contract, and compensating the loss of the first terminal by the cloud storage service terminal.
Compared with the prior art, the beneficial effect of this disclosure is:
1. the content disclosed by the disclosure can be used for fair payment of public cloud storage service, and by using the scheme, the integrity of the stored data can be hooked with the payment cloud storage service fee, the service fee can be obtained only after the cloud storage server completely stores the data for one period, and if the data is lost, a data owner does not pay the fee, and can obtain the payment; due to the fact that the intelligent contract based on the block chain is used, the process can be automatically completed without support of a third party.
2. According to the content disclosed by the disclosure, the key generation algorithm and the label generation algorithm are adopted, so that the data security is greatly improved, and the accuracy of data integrity audit is improved by proving that the generation algorithm is matched with the verification algorithm.
3. According to the content disclosed by the disclosure, the first contract, the second contract and the third contract are matched with the data integrity, fair payment can be effectively realized, the claim problem caused by data loss is reduced, and the labor cost is greatly reduced by the automatic completion mode.
Drawings
Fig. 1 is a schematic flowchart of a non-interactive data integrity auditing method provided in embodiment 1 of the present disclosure.
Fig. 2 is a schematic flow chart of the contract signing phase provided in embodiment 3 of the present disclosure.
Fig. 3 is a schematic diagram of a first contract provided in embodiment 3 of the present disclosure.
Fig. 4 is a schematic diagram of a second contract provided in embodiment 3 of the present disclosure.
Fig. 5 is a schematic flow chart of the fair payment phase provided in embodiment 3 of the present disclosure.
Fig. 6 is a third contract schematic provided in embodiment 3 of the present disclosure.
Detailed Description
It should be noted that the following detailed description is exemplary and is intended to provide further explanation of the disclosure. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this disclosure belongs.
It is noted that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of example embodiments according to the present disclosure. As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, and it should be understood that when the terms "comprises" and/or "comprising" are used in this specification, they specify the presence of stated features, steps, operations, devices, components, and/or combinations thereof, unless the context clearly indicates otherwise.
The embodiments and features of the embodiments in the present disclosure may be combined with each other without conflict.
Example 1:
as shown in fig. 1, embodiment 1 of the present disclosure provides a non-interactive data integrity auditing method, where there are three types of entities, namely, a data owner U, a public cloud storage server C, and a verifier V. During the verification of data integrity, C and V do not need to interact. The scheme is divided into 2 stages, and the 4 stages comprise 4 algorithms, specifically as follows:
system establishing stage
At this stage, the data owner U generates a data tag Φ corresponding to the data file f and sends f to the cloud storage server C along with Φ. This phase contains the key generation algorithm KeyGen and the tag generation algorithm TagGen, both performed by the data owner U.
(1) Key generation algorithm KeyGen:
(1-1) let G and GTFor a bilinear group of order p, p being the prime number and G being the generator of the group G, there is a bilinear map e G → GT
(1-2) selecting two hash functions H (·): 0,1}*→G、h(·):GT→Zp
(1-3) selecting a pseudo-random function F (·): 0,1}*→[1,n]The function maps binary strings of arbitrary length uniformly and randomly as integers between 1 and n;
(1-4) calling a standard digital signature scheme to generate a public and private key pair (spk, ssk);
(1-5) randomly selecting a random number x from the set {1, 2.., p-1}, within the group
Figure BDA0002363202480000082
In Chinese, randomly selecting element u, and calculating v ← gx
(1-6) the public key pk is (spk, g, u, v, e, H (-), H (-), F (-),) and the private key sk is (ssk, x);
(2) the tag generation algorithm TagGen:
(2-1) encoding the data file f as f ═ mi}1≤i≤nWherein m isi∈Zp
(2-2) data owner randomly selecting name ← ZpAs the number of file f;
(2-3) for i e {1,2
Figure BDA0002363202480000081
Wherein WiName | | | i. Let psi ═ sigmai}1≤i≤n
(2-4) calling a standard digital signature algorithm Sig to sign the name to obtain Sigssk(name);
(2-5) let t be name Sigssk(name) As an identifier of file f;
and (2-6) uploading the data file f and the corresponding data tag phi ═ t (Ψ, t) to the cloud storage server C.
(II) data auditing stage
This phase contains the proof generation algorithm profofgen, which is executed by the cloud storage server C, and the verification algorithm Verify, which can be executed by any entity (acting as a verifier). The authentication process is non-interactive.
(3) Proof generation algorithm ProofGen:
(3-1) determining a constant c according to the predetermined proving difficulty and the block number n of the data file;
(3-2) acquiring current state information tau of the system, wherein the system state information cannot be controlled by a cloud storage server, and if the system time can be used as the state information;
(3-3) for i ∈ {1,2iAnd ← F (τ | | i). From the definition of the pseudorandom function F (-), si∈[1,n];
(3-4) let I ═ s1,s2,...,scIs a multiple set of c elements, i.e. I allows for repeated elements;
(3-5) for all j ∈ I, calculate vj←h(τ||j);
(3-6) calculation of
Figure BDA0002363202480000091
Computing
Figure BDA0002363202480000092
(3-7) randomly selecting a random number s from {1,2, …, p-1}, and calculating T ═ e (u, v)sCalculating μ ═ s + γ μ', where γ ═ h (t) e Zp
(3-8) sending the output ∑ ═ μ, σ, T, τ, c } to the verifier as a proof of data integrity;
(4) verification algorithm Verify:
(4-1) verifying the authenticity of the state information tau, if the verification fails, terminating the algorithm, otherwise, calculating I ═ F (tau | | |1), F (tau | |2),. -, F (tau | | c) };
(4-2) for all j ∈ I, { v ∈ I, is calculatedj=h(τ||j)}j∈I,{h(Nj)}j∈IAnd calculating γ ═ { h (t) };
(4-3) judgment of equation
Figure BDA0002363202480000093
And if the result is true, outputting 1, otherwise, outputting 0.
Example 2:
the embodiment 2 of the present disclosure provides a non-interactive data integrity auditing system, which includes at least one first terminal, at least one data verification terminal, and a cloud storage service terminal; the first terminal executes a key generation algorithm and a tag generation algorithm, generates a key and a data tag corresponding to the data file, and sends the data file, the key and the data tag to the cloud storage service terminal;
the cloud storage service terminal executes a certification generation algorithm and outputs a data integrity certification to the data verification terminal, and the data verification terminal executes a verification algorithm and verifies the data integrity.
The specific key generation algorithm, tag generation algorithm, certificate generation algorithm, and verification algorithm are the same as those in embodiment 1, and are not described herein again.
Example 3:
the embodiment 3 of the present disclosure provides a fair payment method for public cloud storage service, and by using the non-interactive data integrity auditing method described in the embodiment 1 of the present disclosure, first contract signing is performed, as shown in fig. 2, specifically as follows:
(1) a data owner U calls a tag generation algorithm TagGen by using a non-interactive data integrity auditing scheme to obtain a data tag phi corresponding to a data file f;
(2) the data owner U uploads the data file f and the data label phi to the cloud storage server C;
(3) data owner submitting contract T0(as shown in fig. 3) to the intelligent contract platform P;
intelligent contract T0Is divided into a contract description part and a code part.
(3-1) the contract description section contains the following fields
File Name (File Name): recording the name FN of the uploaded file;
file Size (File Size): recording the size FS of the uploaded file;
file hash value (FileHash): recording the hash value FH of the uploaded files;
upload Time (Upload Time): recording the time UT of uploading files;
storage period (StoragePeriod): recording the period SP of the stored file;
service charge (ServiceCharges): recording the service fee amount SC;
data owner account (DataOwnerAccount): recording the account address DOA of the data owner;
cloud storage service provider account (CloudStorageAccount): recording an account address CSA of a cloud storage service provider;
data owner public key (pk)D): record the public key pk of the data ownerD
Data owner signature (sig)D): the signature sig of the data owner on the contract is recordedD
(3-2) the code portion defines the act of paying the service fee
If the verification algorithm Verify outputs 1, the contract transfers the service charge amount SC from the account address DOA of the data owner to the account CSA of the cloud storage service provider.
(4) The cloud storage server C checks the integrity of the data file f;
(5) cloud storage server C submits contract T1(as shown in fig. 4) to the intelligent contract platform P.
Intelligent contract T1The contract is divided into a contract description part and a code part;
(5-1) the contract description section contains the following fields
File Name (File Name): recording the name FN of the uploaded file;
file Size (File Size): recording the size FS of the uploaded file;
file hash value (FileHash): recording the hash value FH of the uploaded files;
reception Time (reception Time): recording the time RT for receiving the file;
storage period (StoragePeriod): recording the period SP of the stored file;
claims (Penalty): recording the repayment amount Pen;
data owner account (DataOwnerAccount): recording the account address DOA of the data owner;
cloud storage service provider account (CloudStorageAccount): recording CSA (cloud storage service provider) account address
Cloud storage service provider public key (pk)C): record the public key pkC of the cloud storage service provider;
cloud storage service provider signature (sigC): recording a signature sigC of the cloud storage service provider on the contract;
(5-2) the code section defines the action of paying the penalty
If the verification algorithm Verify outputs 0, the contract transfers the indemnity Pen from the account CSA of the cloud storage service provider to the account address DOA of the data owner.
The embodiment constructs a fair payment scheme for the public cloud storage service by using an intelligent contract system based on a block chain; the fair payment means that after the confirmation data is completely stored for a time period (the time period may be time units such as hours, days, weeks, months, years, and the like), the smart contract automatically transfers the cloud storage service fee of the time period from the account of the user to the account of the cloud storage service provider. If data loss is detected, service fee is not allocated any more, and simultaneously, compensation can be allocated reversely according to the prior agreement for compensating the loss of the user.
The method specifically comprises the following steps:
(A) to charge a service fee, the cloud storage server C submits a contract T on a time cycle2(as shown in FIG. 6), smart contract T2Is divided into a contract description part and a code part.
(A-1) the contract description section contains the following fields
Payment of a payment contract: t is0
Paying the indemnity contract: t is1
And (3) data integrity certification: e, sigma;
the (A-2) code part defines how to pay fairly, i.e. decides to activate T according to the result of the verification of sigma0Or activating T1
(B) The common identification node of the intelligent contract platform is used as a verifier to verify the correctness of the data integrity certification sigma;
(C) activating T if integrity verification passes0A contract, wherein the data owner pays a cloud storage service provider; otherwise T is activated1Contracts, cloud storage service providers compensate for the loss of data owners.
Example 4:
the embodiment 4 of the present disclosure provides a fair payment system for public cloud storage service, including at least one first terminal and a cloud storage service terminal, where the cloud storage service terminal submits a third contract according to a time period; the common identification node of the intelligent contract platform is used as a data verification end to verify the correctness of the data integrity certification;
if the integrity verification passes, activating a first contract, and the first terminal pays the cloud storage service terminal; otherwise, activating the second contract, and compensating the loss of the first terminal by the cloud storage service terminal.
The specific payment method is the same as that in embodiment 3, and is not described herein again.
The above description is only a preferred embodiment of the present disclosure and is not intended to limit the present disclosure, and various modifications and changes may be made to the present disclosure by those skilled in the art. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present disclosure should be included in the protection scope of the present disclosure.
Although the present disclosure has been described with reference to specific embodiments, it should be understood that the scope of the present disclosure is not limited thereto, and those skilled in the art will appreciate that various modifications and changes can be made without departing from the spirit and scope of the present disclosure.

Claims (10)

1. A non-interactive data integrity auditing method is characterized in that a first terminal executes a key generation algorithm and a label generation algorithm to generate a key and a data label corresponding to a data file, and sends the data file, the key and the data label to a cloud storage service terminal;
the cloud storage service terminal executes a certification generation algorithm and outputs a data integrity certification to the data verification terminal, and the data verification terminal executes a verification algorithm and verifies the data integrity.
2. The non-interactive data integrity auditing method of claim 1 where the key generation algorithm is specifically:
(a-1) let G and GTFor a bilinear group of order p, p being the prime number and G being the generator of the group G, there is a bilinear map e G → GT
(a-2) selecting two hash functions H (·): 0,1}*→G、h(·):GT→Zp
(a-3) selecting a pseudo-random function F (·): 0,1}*→[1,n];
(a-4) calling a standard digital signature scheme to generate a public and private key pair (spk, ssk);
(a-5) randomly selecting a random number x in the set {1, 2.., p-1}, randomly selecting an element u in the group G, calculating v ← Gx
(a-6) the public key pk is (spk, g, u, v, e, H (-), H (-), F (-),) and the private key sk is (ssk, x);
or, the tag generation algorithm specifically includes:
(b-1) encoding the data file f as f ═ mi}1≤i≤nWherein m isi∈Zp
(b-2) the first terminal randomly selecting name ← ZpAs number of file f;
(b-3) for i e {1,2
Figure FDA0002363202470000011
Wherein WiName | | i, let ψ ═ σ |)i}1≤i≤n
(b-4) calling a standard digital signature algorithm Sig to sign the name to obtain Sigssk(name);
(b-5) let t be name Sigssk(name) as an identifier for file f;
and (b-6) uploading the data file f and the corresponding data tag phi ═ t to the cloud storage service terminal.
3. The non-interactive data integrity auditing method of claim 1 where the proof generation algorithm is specifically:
(c-1) determining a constant c according to the preset proving difficulty and the block number n of the data file;
(c-2) acquiring current state information tau of the system;
(c-3) calculating s for i ∈ {1,2i←F(τ||i);
(c-4) let I ═ s1,s2,...,scIs a multiple set of c elements, i.e. I allows for repeated elements;
(c-5) for all j ∈ I, calculate vj←h(τ||j);
(c-6) calculation
Figure FDA0002363202470000021
Computing
Figure FDA0002363202470000022
(c-7) randomly selecting a random number s from {1,2, …, p-1}, and calculating T ═ e (u, v)sCalculating μ ═ s + γ μ', where γ ═ h (t) e Zp
(c-8) sending the output ∑ ═ μ, σ, T, τ, c } to the verifier as a proof of data integrity.
4. The non-interactive data integrity auditing method of claim 3 where the verification algorithm is specifically:
(d-1) verifying the authenticity of the state information tau, if the verification fails, terminating the algorithm, otherwise, calculating I ═ F (tau | | |1), F (tau | |2),. -, F (tau | | | c) };
(d-2) for all j ∈ I, { v ∈ I, is calculatedj=h(τ||j)}j∈I,{h(Nj)}j∈IAnd calculating γ ═ { h (t) };
(d-3) judgment of equation
Figure FDA0002363202470000023
And if the result is true, outputting 1, otherwise, outputting 0.
5. A non-interactive data integrity auditing system is characterized by comprising at least one first terminal, at least one data verification terminal and a cloud storage service terminal; the first terminal executes a key generation algorithm and a tag generation algorithm, generates a key and a data tag corresponding to the data file, and sends the data file, the key and the data tag to the cloud storage service terminal;
the cloud storage service terminal executes a certification generation algorithm and outputs a data integrity certification to the data verification terminal, and the data verification terminal executes a verification algorithm and verifies the data integrity.
6. A fair payment method for public cloud storage service, wherein the non-interactive data integrity auditing method of any one of claims 1-4 is used, and the method comprises the following steps:
the first terminal calls a tag generation algorithm to obtain a data tag corresponding to the data file, the data file and the data tag are uploaded to the cloud storage service terminal together, and a first contract is submitted to the intelligent contract platform;
the cloud storage service terminal checks the integrity of the data file, submits a second contract to the intelligent contract platform, and submits a third contract according to a time period;
the common identification node of the intelligent contract platform is used as a data verification end to verify the correctness of the data integrity certification;
if the integrity verification passes, activating a first contract, and the first terminal pays the cloud storage service terminal; otherwise, activating the second contract, and compensating the loss of the first terminal by the cloud storage service terminal.
7. A fair payment method for a public cloud storage service as defined in claim 6, wherein the first contract comprises a first contract description portion and a first code portion;
the first contract description part comprises a file name, a file size, a file hash value, uploading time, a storage period, a service fee, a first terminal account, a cloud storage service terminal account, a first terminal public key and a first terminal signature;
the first code portion defines a payment behavior of the service fee, and if the verification algorithm outputs 1, the first contract transfers the service fee amount from the account address of the first terminal to the account of the cloud storage service terminal.
8. A fair payment method for a public cloud storage service as defined in claim 6, wherein the second contract comprises a second contract description portion and a second code portion;
the second contract description part comprises a file name, a file size, a file hash value, receiving time, a storage period, an indemnity, a first terminal account, a cloud storage service terminal public key and a cloud storage service terminal signature;
the second code portion defines an action of paying the penalty, and if the verification algorithm outputs 0, the second contract transfers the penalty from the account of the cloud storage service terminal to the account address of the first terminal.
9. The fair payment method for a public cloud storage service of claim 6, wherein the third contract comprises a third contract description portion and a third code portion;
(e-1) the third contract description includes a payment contract, a payment indemnity contract, and a data integrity certification, wherein the payment contract employs the first contract and the payment indemnity contract employs the second contract;
(e-2) the third code portion defines how to pay fairly, and decides to activate the first contract or activate the second contract according to a result of the verification of the data integrity certification.
10. A fair payment system for public cloud storage service is characterized by comprising at least one first terminal and a cloud storage service terminal, wherein the cloud storage service terminal submits a third contract according to a time period; the common identification node of the intelligent contract platform is used as a data verification end to verify the correctness of the data integrity certification;
if the integrity verification passes, activating a first contract, and the first terminal pays the cloud storage service terminal; otherwise, activating the second contract, and compensating the loss of the first terminal by the cloud storage service terminal.
CN202010028100.0A 2020-01-10 2020-01-10 Non-interactive data integrity auditing method, fair payment method and system Active CN111259454B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010028100.0A CN111259454B (en) 2020-01-10 2020-01-10 Non-interactive data integrity auditing method, fair payment method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010028100.0A CN111259454B (en) 2020-01-10 2020-01-10 Non-interactive data integrity auditing method, fair payment method and system

Publications (2)

Publication Number Publication Date
CN111259454A true CN111259454A (en) 2020-06-09
CN111259454B CN111259454B (en) 2022-07-05

Family

ID=70953100

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010028100.0A Active CN111259454B (en) 2020-01-10 2020-01-10 Non-interactive data integrity auditing method, fair payment method and system

Country Status (1)

Country Link
CN (1) CN111259454B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114745120A (en) * 2022-03-17 2022-07-12 郑州大学 Anti-key exposure cloud data integrity checking method supporting fair payment

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103425941A (en) * 2013-07-31 2013-12-04 广东数字证书认证中心有限公司 Cloud storage data integrity verification method, equipment and server
CN103699851A (en) * 2013-11-22 2014-04-02 杭州师范大学 Remote data completeness verification method facing cloud storage
CN109245894A (en) * 2018-07-18 2019-01-18 电子科技大学 A kind of distributed cloud storage system based on intelligent contract
US20190156429A1 (en) * 2017-11-21 2019-05-23 General Electric Company Hierarchical meta-ledger transaction recording
CN109829326A (en) * 2018-11-20 2019-05-31 西安电子科技大学 Cross-domain certification and fair audit duplicate removal cloud storage system based on block chain
CN109889497A (en) * 2019-01-15 2019-06-14 南京邮电大学 A kind of data integrity verification method for going to trust

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103425941A (en) * 2013-07-31 2013-12-04 广东数字证书认证中心有限公司 Cloud storage data integrity verification method, equipment and server
CN103699851A (en) * 2013-11-22 2014-04-02 杭州师范大学 Remote data completeness verification method facing cloud storage
US20190156429A1 (en) * 2017-11-21 2019-05-23 General Electric Company Hierarchical meta-ledger transaction recording
CN109245894A (en) * 2018-07-18 2019-01-18 电子科技大学 A kind of distributed cloud storage system based on intelligent contract
CN109829326A (en) * 2018-11-20 2019-05-31 西安电子科技大学 Cross-domain certification and fair audit duplicate removal cloud storage system based on block chain
CN109889497A (en) * 2019-01-15 2019-06-14 南京邮电大学 A kind of data integrity verification method for going to trust

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114745120A (en) * 2022-03-17 2022-07-12 郑州大学 Anti-key exposure cloud data integrity checking method supporting fair payment
CN114745120B (en) * 2022-03-17 2023-08-22 郑州大学 Anti-key exposure cloud data integrity verification method supporting fair payment

Also Published As

Publication number Publication date
CN111259454B (en) 2022-07-05

Similar Documents

Publication Publication Date Title
CN106254374B (en) A kind of cloud data public audit method having duplicate removal function
CN110473105B (en) Block chain transaction settlement method, system and related equipment
CN105871545B (en) Credible electronic certificate trustship method and system
CN114143080A (en) Block chain data privacy protection and sharing method based on zero knowledge proof
RU2018142270A (en) DISTRIBUTION AND VERIFICATION SYSTEM OF DISTRIBUTED TRANSACTIONS
CN109787987A (en) Electric power internet-of-things terminal identity identifying method based on block chain
CN112054897B (en) Outsourcing Internet of things data for protecting privacy based on block chain and integrity verification method for backup of outsourcing Internet of things data
CN108764872B (en) Authorized payment method, system, equipment and storage medium
CN111726226B (en) Signature system, signature method, first server and storage medium
CN109146483B (en) Credit recording method and system based on block chain network
CN104993937A (en) Method for testing integrity of cloud storage data
WO2016134039A1 (en) Verifying electronic transactions
CN110930153B (en) Block chain privacy data management method and system based on hidden third party account
CN111694895B (en) Block chain remote data auditing method and system
CN110868300A (en) Block chain evidence storage method and system
CN105227317A (en) A kind of cloud data integrity detection method and system supporting authenticator privacy
CN114003925A (en) Signature combined online declaration method and system based on block chain
CN111259454B (en) Non-interactive data integrity auditing method, fair payment method and system
CN111260348A (en) Fair payment system based on intelligent contract in Internet of vehicles and working method thereof
CN108234504A (en) Identity-based proxy data integrity detection method in cloud storage
CN108664814A (en) A kind of group data integrity verification method based on agency
CN110990808B (en) Notarization number shaking method based on block chain
CN108848096B (en) Method, device, equipment and computer readable storage medium for processing service contract
CN111353780A (en) Authorization verification method, device and storage medium
CN110324149A (en) A kind of multi-party fixed verification method of the evidence after signing of knowing together

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant