CN111565234A - Cloud security storage method, medium and equipment for duplicate files - Google Patents

Cloud security storage method, medium and equipment for duplicate files Download PDF

Info

Publication number
CN111565234A
CN111565234A CN202010585583.4A CN202010585583A CN111565234A CN 111565234 A CN111565234 A CN 111565234A CN 202010585583 A CN202010585583 A CN 202010585583A CN 111565234 A CN111565234 A CN 111565234A
Authority
CN
China
Prior art keywords
copy
file
user
copies
party auditor
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010585583.4A
Other languages
Chinese (zh)
Inventor
杨晨
袁浩然
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Zhongke Zhizi Data Technology Co ltd
Original Assignee
Beijing Zhongke Zhizi Data Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Zhongke Zhizi Data Technology Co ltd filed Critical Beijing Zhongke Zhizi Data Technology Co ltd
Priority to CN202010585583.4A priority Critical patent/CN111565234A/en
Publication of CN111565234A publication Critical patent/CN111565234A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/14Error detection or correction of the data by redundancy in operation
    • G06F11/1402Saving, restoring, recovering or retrying
    • G06F11/1446Point-in-time backing up or restoration of persistent data
    • G06F11/1458Management of the backup or restore process
    • G06F11/1464Management of the backup or restore process for networked environments
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Quality & Reliability (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a cloud security storage method and equipment for a duplicate file, which comprises the following steps: file copy and audit tag generation, copy storage evidence generation, storage evidence batch audit and file copy recovery. Before outsourcing of the file, a user generates a plurality of copies of the file by adopting incompressible coding and generates a corresponding audit tag of the file; the server generates evidence of safe storage of the copy by adopting a probabilistic auditing method; an auditor uses quick binary search and index test to realize efficient verification of copy storage; the original file is obtained after the user downloads the data and decodes the file copy. The invention solves the problem that the storage of the copy can not realize batch audit and quick error positioning, so that a third party auditor can carry out batch audit on the file copy which is outsourced and stored on the cloud service provider, and quickly position the error copy under the condition that the batch audit is error.

Description

Cloud security storage method, medium and equipment for duplicate files
Technical Field
The invention belongs to the technical field of cloud computing security, and particularly relates to a cloud security storage method, medium and equipment for a duplicate file.
Background
With the rapid development of outsourced storage, more and more users and enterprises outsource storage of their data on cloud service providers. While outsourcing storage faces many security challenges. First, since the user stores the outsourced data on the server, which separates the ownership and administrative rights of the user, it is difficult for the user to verify the integrity of the outsourced data. Second, to ensure the recoverability of data, a user may store data on multiple cloud service providers. However, this approach is vulnerable to a witch attack, i.e., a malicious cloud service provider owns multiple witch identities and uses these identities to commit to the user to store the user's data separately while actually storing only one copy of the file.
To verify the integrity of outsourced data, data auditing techniques are proposed. The data auditing technology can verify the integrity of the data of a user on the premise that the user does not download the data. Meanwhile, by using a probabilistic verification method, a user can verify a small part of data and simultaneously ensure the integrity of all data with a higher probability, and the integrity of the user data can be ensured. However, the data auditing scheme cannot resist Sybil attack, and a malicious server can cheat users through Sybil identities to obtain additional economic benefits. To address this problem, a provable copy storage technique is proposed. The provable replica storage technique generates multiple replicas of a file using incompressible coding and stores the multiple replicas on multiple cloud service providers, and then uses a data auditing technique to audit the multiple replicas of its file for ensuring the integrity of each data replica. However, most of the existing methods for storing the provable copy are based on the time assumption that the prover is required to return the proof stored by the file copy within the specified time, otherwise, the audit fails. However, an adversary with powerful computing power can always construct a correct proof and pass the auditor's verification before a timeout. In addition, the existing certifiable copy storage technology cannot support batch audit of audit results and quick positioning of error copies.
Through the above analysis, the problems and defects of the prior art are as follows:
most existing provable copy storage methods are based on a time assumption that requires the user to select a security parameter for the verifier as a timeout parameter and the prover to return a stored proof of the copy of the file within a specified time. However, an adversary with powerful computing power can always construct a correct proof before a timeout. In order to ensure the safety of the method, a user must set a large safety parameter. Therefore, the problem of batch verification and error location of the provable copy storage cannot be accomplished.
The difficulty in solving the above problems and defects is: the provable copy storage method supporting efficient verification and rapid error positioning is provided, a provable copy storage method not based on time hypothesis is provided, an efficient batch verification method needs to be designed, an error copy can be rapidly positioned under the condition of batch audit error, and rapid verification of a correct copy is achieved.
The significance of solving the problems and the defects is as follows: a provable copy storage method which is not based on any time hypothesis is designed, batch verification of audit results is achieved, and meanwhile, in the case of batch audit failure, an error data copy is located quickly. The method has important significance for improving the quality of outsourcing storage service of the cloud server.
Disclosure of Invention
In order to solve the problems, the invention provides a cloud security storage method, medium and equipment for a duplicate file.
The invention is realized in such a way, and the cloud security storage method of the duplicate file is characterized by comprising the following steps:
firstly, a user generates a plurality of copies of a file by using an incompressible coding technology and generates a corresponding integrity audit tag of the file;
secondly, the server generates evidence stored in the copy by adopting a probabilistic auditing scheme;
thirdly, using fast binary search and index test to realize efficient verification of the copy storage;
and fourthly, restoring the file by decoding the copy.
Further, the user generating multiple copies of the file and generating their corresponding integrity audit tags using non-compressible encoding techniques further comprises: by using non-compressible codingThe technique generates the file
Figure 841442DEST_PATH_IMAGE001
Is/are as follows
Figure 289741DEST_PATH_IMAGE002
One file copy
Figure 866216DEST_PATH_IMAGE003
The user performs the following operations:
order to
Figure 995846DEST_PATH_IMAGE004
For three different groups of multiplication cycles, the order of the groups being
Figure 341377DEST_PATH_IMAGE005
Figure 960577DEST_PATH_IMAGE006
Is composed of
Figure 758769DEST_PATH_IMAGE007
Is generated from
Figure 692090DEST_PATH_IMAGE008
Is a bilinear map;
Figure 157706DEST_PATH_IMAGE009
is a secure hash function
Figure 885491DEST_PATH_IMAGE010
Figure 938022DEST_PATH_IMAGE011
Is a secure hash function
Figure 206193DEST_PATH_IMAGE012
Figure 463999DEST_PATH_IMAGE013
A secure signature scheme is represented that is,
Figure 690581DEST_PATH_IMAGE014
is an RSA trapdoor permutation function whose field is
Figure 463365DEST_PATH_IMAGE015
Figure 472909DEST_PATH_IMAGE016
Is the inverse of the RSA trapdoor permutation function,
Figure 913118DEST_PATH_IMAGE017
is a security parameter of the signature algorithm and
Figure 779442DEST_PATH_IMAGE018
is a security parameter for the RSA trapdoor replacement;
Figure 242785DEST_PATH_IMAGE019
is a reversible random speaker in the field of
Figure 118337DEST_PATH_IMAGE015
(ii) a If the user wants to generate the file
Figure 350735DEST_PATH_IMAGE020
Is/are as follows
Figure 653540DEST_PATH_IMAGE021
A copy of the document, the user first entering security parameters
Figure 890663DEST_PATH_IMAGE017
And randomly selects a key pair
Figure 507589DEST_PATH_IMAGE022
Inputting security parameters as public and private keys of a signature algorithm
Figure 391231DEST_PATH_IMAGE023
Generating the public key of the RSA trapdoor permutation function
Figure 130517DEST_PATH_IMAGE024
And a private key
Figure 302872DEST_PATH_IMAGE025
(ii) a Random selection
Figure 520227DEST_PATH_IMAGE026
And calculate
Figure 523955DEST_PATH_IMAGE027
(ii) a Simultaneous random selection
Figure 371826DEST_PATH_IMAGE028
The privacy parameter and the private key of the system are
Figure 93794DEST_PATH_IMAGE029
And
Figure 52523DEST_PATH_IMAGE025
the public parameter and the public key are
Figure 645178DEST_PATH_IMAGE030
And
Figure 726267DEST_PATH_IMAGE024
user uniform slave
Figure 873214DEST_PATH_IMAGE031
In selecting a random string
Figure 199415DEST_PATH_IMAGE032
And calculate
Figure 115419DEST_PATH_IMAGE033
Wherein
Figure 101829DEST_PATH_IMAGE034
Is a reversible random prediction machine and
Figure 532811DEST_PATH_IMAGE035
Figure 833342DEST_PATH_IMAGE036
8-round Feistel network can be adopted for instantiation;
will be provided with
Figure 931748DEST_PATH_IMAGE037
Is uniformly divided into
Figure 26743DEST_PATH_IMAGE038
Data blocks and each data block has a size of
Figure 945020DEST_PATH_IMAGE015
Wherein
Figure 111560DEST_PATH_IMAGE015
Is the domain of the RSA trapdoor permutation;
iteration
Figure 736576DEST_PATH_IMAGE039
And trapdoor replacement
Figure 330368DEST_PATH_IMAGE040
Count the times
Figure 673625DEST_PATH_IMAGE041
For number of rounds
Figure 643855DEST_PATH_IMAGE042
To
Figure 687160DEST_PATH_IMAGE043
And block
Figure 389536DEST_PATH_IMAGE044
User computing
Figure 282406DEST_PATH_IMAGE045
And
Figure 728431DEST_PATH_IMAGE046
the user gets the copy
Figure 390356DEST_PATH_IMAGE047
Further, the user generating multiple copies of the file and generating their corresponding integrity audit tags using non-compressible encoding techniques further comprises: the user generates a verification label for integrity audit;
for each duplicate block
Figure 60372DEST_PATH_IMAGE048
Generating a validation tag
Figure 378221DEST_PATH_IMAGE049
Wherein
Figure 424675DEST_PATH_IMAGE050
And is
Figure 144369DEST_PATH_IMAGE051
Is randomly and uniformly selected by the user and is used as the file copy
Figure 250865DEST_PATH_IMAGE052
Is identified by the identification of (a) a,
Figure 852748DEST_PATH_IMAGE053
is a set of authentication tags;
generating a file label
Figure 640575DEST_PATH_IMAGE054
Wherein
Figure 277093DEST_PATH_IMAGE055
Is a copy of the file
Figure 492174DEST_PATH_IMAGE052
In the generation of
Figure 82817DEST_PATH_IMAGE056
After each copy of the document and its corresponding authentication tag and signature, the user will proceed
Figure 471073DEST_PATH_IMAGE056
A copy of the file
Figure 696518DEST_PATH_IMAGE057
Authentication tag set
Figure 82500DEST_PATH_IMAGE058
And
Figure 658975DEST_PATH_IMAGE059
are respectively sent to
Figure 850922DEST_PATH_IMAGE056
A cloud service provider, each of which stores a copy of the file
Figure 134136DEST_PATH_IMAGE052
To correspond to
Figure 18915DEST_PATH_IMAGE060
And
Figure 20369DEST_PATH_IMAGE061
further, the server generating the evidence stored in the copy by using a probabilistic auditing scheme further comprises:
third party auditor retrieves labels from the cloud service provider
Figure 750428DEST_PATH_IMAGE062
(ii) a The third party auditor passes
Figure 950465DEST_PATH_IMAGE063
Verifying each document label
Figure 943829DEST_PATH_IMAGE064
From
Figure 730781DEST_PATH_IMAGE065
To
Figure 264531DEST_PATH_IMAGE066
For all verified tags
Figure 522337DEST_PATH_IMAGE067
The third party auditor from
Figure 748919DEST_PATH_IMAGE068
Randomly generating a contained
Figure 459386DEST_PATH_IMAGE069
Subset of individual elements
Figure 531247DEST_PATH_IMAGE070
(ii) a For each element
Figure 971456DEST_PATH_IMAGE071
Random selection by third party auditor
Figure 41043DEST_PATH_IMAGE072
Figure 566702DEST_PATH_IMAGE073
Indicating the location of the challenge block, the third party auditor sending
Figure 176675DEST_PATH_IMAGE074
Providing the corresponding cloud service provider;
receiving challenge information
Figure 409073DEST_PATH_IMAGE075
After that, the first
Figure 711879DEST_PATH_IMAGE076
The cloud service provider computing
Figure 662517DEST_PATH_IMAGE077
Generating a linear combination of random verification blocks
Figure 577646DEST_PATH_IMAGE078
Wherein
Figure 726867DEST_PATH_IMAGE079
The cloud service provider generates an aggregated signature
Figure 403836DEST_PATH_IMAGE080
And transmit it
Figure 638509DEST_PATH_IMAGE081
And giving the third party auditor.
Further, the implementation of efficient verification of the copy storage using fast binary search and exponent testing further includes:
from
Figure 793546DEST_PATH_IMAGE082
The cloud service provider receives the certification
Figure 62854DEST_PATH_IMAGE083
Thereafter, the third party auditor settings
Figure 441882DEST_PATH_IMAGE084
Indicating the number of copies that have been verified to date, setting
Figure 101534DEST_PATH_IMAGE082
Number of
Figure 122580DEST_PATH_IMAGE085
To represent
Figure 184076DEST_PATH_IMAGE082
Verifying the copy;
the third party auditor calculating
Figure 265165DEST_PATH_IMAGE086
And is
Figure 412113DEST_PATH_IMAGE087
Wherein
Figure 971270DEST_PATH_IMAGE088
Indicating bit negation; when the result is true, the third party auditor does not use binary inquiry and carries out independent verification on the rest copies; when the result is false, calculating
Figure 185476DEST_PATH_IMAGE089
From
Figure 375149DEST_PATH_IMAGE065
To
Figure 71709DEST_PATH_IMAGE066
Calculating
Figure 372241DEST_PATH_IMAGE090
When is coming into contact with
Figure 205067DEST_PATH_IMAGE091
Let us order
Figure 362379DEST_PATH_IMAGE092
Otherwise, calculating
Figure 483919DEST_PATH_IMAGE093
(ii) a After the calculation is completed, if
Figure 384879DEST_PATH_IMAGE094
The third party auditor order that all the copies are correctly stored on the cloud service provider
Figure 275474DEST_PATH_IMAGE095
From
Figure 603688DEST_PATH_IMAGE065
To
Figure 9261DEST_PATH_IMAGE082
Figure 917174DEST_PATH_IMAGE096
And performs all the checks of the copySyndrome/current
Figure 724593DEST_PATH_IMAGE097
Detecting the presence or absence of
Figure 426970DEST_PATH_IMAGE076
So that
Figure 821305DEST_PATH_IMAGE098
Wherein
Figure 798488DEST_PATH_IMAGE099
(ii) a When in use
Figure 663676DEST_PATH_IMAGE076
Presence, the third party auditor setting
Figure 599271DEST_PATH_IMAGE100
The number of the carbon atoms is 1,
Figure 917120DEST_PATH_IMAGE101
and the verification is completed, wherein
Figure 697994DEST_PATH_IMAGE076
The copy is erroneous when
Figure 480005DEST_PATH_IMAGE076
Absent, the third party auditor will
Figure 524184DEST_PATH_IMAGE082
Dividing the proof average of the duplicate storage
Figure 391646DEST_PATH_IMAGE102
And
Figure 179474DEST_PATH_IMAGE103
further, the implementing efficient verification of the copy storage using the fast binary search and exponent test further includes:
from
Figure 815991DEST_PATH_IMAGE082
The cloud service provider receives the certification
Figure 31072DEST_PATH_IMAGE083
Thereafter, the third party auditor settings
Figure 854672DEST_PATH_IMAGE084
Indicating the number of copies that have been verified at present, setting
Figure 21690DEST_PATH_IMAGE082
Number of
Figure 450398DEST_PATH_IMAGE085
To represent
Figure 898697DEST_PATH_IMAGE082
Verifying the copy;
the third party auditor calculating
Figure 678434DEST_PATH_IMAGE086
And is
Figure 870381DEST_PATH_IMAGE087
(ii) a When the result is true, the third party auditor does not use binary inquiry and carries out independent verification on the rest copies; when the result is false, the third party auditor calculates
Figure 950332DEST_PATH_IMAGE089
From
Figure 772795DEST_PATH_IMAGE065
To, meter
Figure 836566DEST_PATH_IMAGE104
Calculating out
Figure 504307DEST_PATH_IMAGE105
When is coming into contact with
Figure 969924DEST_PATH_IMAGE106
Let us order
Figure 760025DEST_PATH_IMAGE107
Otherwise, calculating
Figure 983196DEST_PATH_IMAGE108
After the calculation is completed, if
Figure 782525DEST_PATH_IMAGE106
The third party auditor order
Figure 40331DEST_PATH_IMAGE109
From
Figure 502798DEST_PATH_IMAGE065
To
Figure 478845DEST_PATH_IMAGE110
Figure 550706DEST_PATH_IMAGE111
And completes the copy 1 to
Figure 725335DEST_PATH_IMAGE110
Verifying; if it is not
Figure 60502DEST_PATH_IMAGE112
That copy indicating all errors are present
Figure 320582DEST_PATH_IMAGE113
The third party auditor order
Figure 196134DEST_PATH_IMAGE109
From
Figure 428532DEST_PATH_IMAGE114
To
Figure 731337DEST_PATH_IMAGE082
Figure 681976DEST_PATH_IMAGE111
(ii) a Otherwise, detecting whether the current state exists
Figure 361219DEST_PATH_IMAGE076
So that
Figure 448124DEST_PATH_IMAGE115
Wherein
Figure 656251DEST_PATH_IMAGE116
(ii) a If it is not
Figure 392388DEST_PATH_IMAGE076
Presence, third party auditor settings
Figure 813005DEST_PATH_IMAGE117
The number of the carbon atoms is 1,
Figure 816733DEST_PATH_IMAGE111
and completing the copy from 1 to
Figure 664604DEST_PATH_IMAGE110
Verifying; otherwise, the third party auditor will
Figure 120993DEST_PATH_IMAGE118
The certificates stored in the copy are divided into
Figure 142038DEST_PATH_IMAGE119
And
Figure 203535DEST_PATH_IMAGE120
and continuing to iterate the method until all the evidences are verified.
Further, the restoring the file by decoding the copy further comprises:
downloading the copy from the cloud service provider
Figure 284624DEST_PATH_IMAGE121
Thereafter, the user will
Figure 165992DEST_PATH_IMAGE121
Is divided into
Figure 725149DEST_PATH_IMAGE122
Then iterate RSA trapdoor replacement
Figure 703470DEST_PATH_IMAGE123
And
Figure 893143DEST_PATH_IMAGE124
in total
Figure 589703DEST_PATH_IMAGE041
Number of wheels, of wheels
Figure 890234DEST_PATH_IMAGE125
To 1 and block
Figure 224526DEST_PATH_IMAGE044
User computing
Figure 381838DEST_PATH_IMAGE126
And
Figure 237799DEST_PATH_IMAGE127
the user obtains
Figure 404338DEST_PATH_IMAGE128
User computing
Figure 294933DEST_PATH_IMAGE129
And divide
Figure 623146DEST_PATH_IMAGE130
Original document
Figure 28720DEST_PATH_IMAGE001
Is that
Figure 671054DEST_PATH_IMAGE131
Foremost of (2)
Figure 478473DEST_PATH_IMAGE132
A bit.
Another object of the present invention is to provide a receiving input program storage medium storing a computer program for an electronic device to execute the steps of:
firstly, a user generates a plurality of copies of a file by using an incompressible coding technology and generates a corresponding integrity audit tag of the file;
secondly, the server generates evidence stored in the copy by adopting a probabilistic auditing scheme;
thirdly, using fast binary search and index test to realize efficient verification of the copy storage;
and fourthly, restoring the file by decoding the copy.
It is another object of the present invention to provide a computer-readable storage medium, which stores a computer program, and when the computer program is executed by an electronic device, the computer program provides an input interface to implement a method for cloud-secure storage of a replica file as described in any one of the above.
The invention also aims to provide a client and a cloud server carrying the cloud security storage method of the duplicate file.
By combining all the technical methods, the invention has the advantages and positive effects that: the invention designs a cloud security storage method and equipment for a duplicate file, aiming at the problems of batch audit, quick positioning and the like faced by provable duplicate storage in a cloud environment. The method is not based on any time assumptions and supports batch audits that demonstrate results. Under the condition that batch audit is wrong, the wrong copy can be quickly positioned, and efficient verification of the correct copy is realized.
The cloud security storage method and the device for the duplicate files have the participation of three entities, namely a user, a cloud service provider and a third-party auditor. The system comprises four processes of file copy and audit tag generation, copy storage evidence generation, storage evidence batch audit and file copy recovery. The file copy and audit tag generation is that before the file is outsourced, a user adopts an incompressible code to generate a plurality of copies of the file and generate corresponding audit tags; the copy storage evidence generation is that the server generates the copy storage evidence by adopting a probabilistic auditing scheme; the storage certification batch audit is the efficient verification that an auditor uses quick binary search and index test to realize copy storage; file copy recovery is the acquisition of the original file after the user downloads the data and decodes the file copy.
Drawings
Fig. 1 is a flowchart of a cloud secure storage method for a replica file according to an embodiment of the present invention;
fig. 2 is a flowchart of a cloud secure storage method for a replica file according to an embodiment of the present invention;
FIG. 3 is a schematic diagram of file copy generation time provided by an embodiment of the present invention;
FIG. 4 is a schematic diagram of a file copy recovery time provided by an embodiment of the present invention;
FIG. 5 is a schematic diagram of an audit time of a document copy storage attestation provided by an embodiment of the present invention;
FIG. 6 is a timing diagram illustrating the location of a copy of a provable copy storage error provided by an embodiment of the invention;
fig. 7 is a schematic diagram of file copy uploading and downloading time provided by the embodiment of the present invention.
Detailed Description
In order to make the objects, technical means and advantages of the present invention more apparent, the present invention will be described in further detail with reference to the following examples. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
In view of the problems in the prior art, the present invention provides a method for cloud secure storage of a replica file, which is described in detail below with reference to the accompanying drawings.
Referring to fig. 1, a cloud security storage method for a duplicate file provided by an embodiment of the present invention includes the following steps:
s101: a user generates a plurality of copies of a file by using an incompressible coding technology and generates a corresponding integrity audit tag of the file;
s102: the server generates evidence stored by the copy by adopting a probabilistic auditing scheme;
s103: efficient verification of the copy storage is achieved by using fast binary search and index test;
s104: the file is restored by decoding the copy.
The technical method of the present invention will be further described with reference to the accompanying drawings.
Due to the excellent characteristics of flexibility, expandability, convenience and the like, more and more users and enterprises tend to outsource data storage on a cloud server. However, since the ownership and management of user data are separated, it is difficult for a user to verify the integrity of data stored on a remote cloud server. Although the data auditing scheme may effectively verify integrity without requiring the user to download all outsourced data. But the existing data auditing method cannot resist Sybil attack. Although provable copy storage techniques may address this issue, existing provable copy storage may not support batch auditing of audit results and fast location of erroneous copies. Therefore, how to design a provable copy storage method supporting efficient verification and fast error location is an urgent problem to be solved.
The invention designs a cloud security storage method and equipment for a duplicate file, aiming at the problems of batch audit, quick positioning and the like in the provable duplicate storage in a cloud environment. The method realizes the high-efficiency verification of the testable copy storage result and the quick positioning of the error copy, and effectively improves the service quality of outsourced storage.
1. System model
The cloud security storage method and the device for the duplicate files provided by the embodiment of the invention have the participation of three entities, namely a user, a cloud service provider and a third-party auditor. The method comprises four processes of file copy and audit tag generation, copy storage evidence generation, storage evidence batch audit and file copy recovery. The file copy and audit tag generation is that before the file is outsourced, a user adopts an incompressible code to generate a plurality of copies of the file and generate corresponding audit tags; the copy storage evidence generation is that the server generates the copy storage evidence by adopting a probabilistic auditing scheme; the storage certification batch audit is the efficient verification that an auditor uses quick binary search and index test to realize copy storage; file copy recovery is the acquisition of the original file after the user downloads the data and decodes the file copy.
2. Preliminary knowledge
2.1 integrity Audit schema as disclosed
The disclosed integrity audit scheme defines: one disclosed integrity auditing scheme consists of four algorithms, Gen, SigGen, Genproof, verifyprofo.
1)
Figure 180850DEST_PATH_IMAGE133
: scheme initialization algorithm, inputting public parameters
Figure 73719DEST_PATH_IMAGE134
Generating public parameters
Figure 519744DEST_PATH_IMAGE135
And privacy parameters
Figure 181670DEST_PATH_IMAGE136
2)
Figure 618729DEST_PATH_IMAGE137
: signature Generation Algorithm, input document
Figure 670999DEST_PATH_IMAGE001
Output file label
Figure 717453DEST_PATH_IMAGE138
And verifier
Figure 499464DEST_PATH_IMAGE139
3)
Figure 543643DEST_PATH_IMAGE140
: evidence generation algorithm, input challenge
Figure 145526DEST_PATH_IMAGE073
And documents
Figure 933353DEST_PATH_IMAGE001
Output aggregation authenticator
Figure 569871DEST_PATH_IMAGE141
And auxiliary information
Figure 581689DEST_PATH_IMAGE142
Figure 874130DEST_PATH_IMAGE143
4)
Figure 262386DEST_PATH_IMAGE144
: verification algorithm, input evidence
Figure 956673DEST_PATH_IMAGE145
And common parameters
Figure 404972DEST_PATH_IMAGE135
And outputting a verification result 1 or 0.
2.2 bilinear pairings
Definition of
Figure 217332DEST_PATH_IMAGE146
Figure 346962DEST_PATH_IMAGE007
And
Figure 958072DEST_PATH_IMAGE147
are groups of three different multiplication cycles of order
Figure 514955DEST_PATH_IMAGE148
Figure 578726DEST_PATH_IMAGE149
And
Figure 308785DEST_PATH_IMAGE150
respectively represent
Figure 712084DEST_PATH_IMAGE146
And
Figure 502186DEST_PATH_IMAGE007
the generator of (1).
Figure 990936DEST_PATH_IMAGE151
Is a bilinear map with the following properties:
(1) calculability: there is an efficient algorithm to compute the mapping
Figure 790265DEST_PATH_IMAGE152
(2) Bilinear: for all
Figure 48071DEST_PATH_IMAGE153
And
Figure 743494DEST_PATH_IMAGE154
Figure 781858DEST_PATH_IMAGE155
(3) non-degradability:
Figure 56981DEST_PATH_IMAGE156
2.3 RSA trapdoor replacement
Definition of RSA trapdoor permutation: an RSA trapdoor replacement consists of the following three algorithms
(1)
Figure 733075DEST_PATH_IMAGE157
: key generation algorithm, input parameters
Figure 68242DEST_PATH_IMAGE158
Selecting
Figure 328322DEST_PATH_IMAGE159
Prime number of bits
Figure 203874DEST_PATH_IMAGE134
And
Figure 170693DEST_PATH_IMAGE160
calculating
Figure 739077DEST_PATH_IMAGE161
And select
Figure 424137DEST_PATH_IMAGE152
So that
Figure 837801DEST_PATH_IMAGE162
. Then order
Figure 987022DEST_PATH_IMAGE163
Satisfy the requirement of
Figure 663991DEST_PATH_IMAGE164
. Finally, the algorithm exports the public key
Figure 898663DEST_PATH_IMAGE165
And a private key
Figure 116018DEST_PATH_IMAGE166
(2)
Figure 57429DEST_PATH_IMAGE167
: permutation algorithm, input message
Figure 469081DEST_PATH_IMAGE168
And public key
Figure 925470DEST_PATH_IMAGE169
Output of
Figure 884199DEST_PATH_IMAGE170
(3)
Figure 8013DEST_PATH_IMAGE171
: inverse operation of permutation algorithm, input message
Figure 557943DEST_PATH_IMAGE172
And a private key
Figure 704891DEST_PATH_IMAGE166
Output of
Figure 264048DEST_PATH_IMAGE173
2.4 reversible random prophetic machine
The reversible random speaker is accessible
Figure 242368DEST_PATH_IMAGE174
In the reverse direction
Figure 432041DEST_PATH_IMAGE175
Random prediction machine of two directions. In this patent, we use
Figure 863022DEST_PATH_IMAGE176
Random prediction machine showing reversibility identical to RSA trap door permuted field, using
Figure 960291DEST_PATH_IMAGE177
Representing a reversible random oracle of arbitrary length.
Figure 996381DEST_PATH_IMAGE036
The instantiation can be performed using 8 rounds of Feistel networks. In the instantiation of
Figure 909018DEST_PATH_IMAGE178
Before, we first define
Figure 764978DEST_PATH_IMAGE179
Is a trapdoor replacement
Figure 665938DEST_PATH_IMAGE180
Wherein
Figure 618851DEST_PATH_IMAGE181
Is an RSA trapdoor replacement and
Figure 150326DEST_PATH_IMAGE182
is its public key.
Figure 555900DEST_PATH_IMAGE183
Both the input and the output of
Figure 994971DEST_PATH_IMAGE184
Of (2) is used. By using modular multiplication instead of exclusive-or operations, we build the same fesiel Network as the RSA trapdoor permuted domain. Giving a random prediction machine
Figure 740073DEST_PATH_IMAGE185
Input of
Figure 239188DEST_PATH_IMAGE186
The output string is twice as long as its input. We define
Figure 132057DEST_PATH_IMAGE187
Satisfy the requirement of
Figure 578082DEST_PATH_IMAGE188
Wherein
Figure 974429DEST_PATH_IMAGE189
Figure 411488DEST_PATH_IMAGE190
And represents a modular multiplication. It is worth emphasizing that
Figure 729337DEST_PATH_IMAGE191
In the domain
Figure 41370DEST_PATH_IMAGE186
Is nearly random in. In addition to the negligible probability that,
Figure 495485DEST_PATH_IMAGE001
is irreversible.
Referring to fig. 2, a cloud security storage method and device for a duplicate file provided in an embodiment of the present invention include:
s201, the user generates a plurality of copies of the file by using the incompressible encoding technology and generates a corresponding integrity audit tag, and the method further comprises the following steps: the user generates the file by using an incompressible encoding technique
Figure 601981DEST_PATH_IMAGE001
Is/are as follows
Figure 203864DEST_PATH_IMAGE082
One file copy
Figure 991691DEST_PATH_IMAGE192
The user performs the following operations:
(1) order to
Figure 628209DEST_PATH_IMAGE193
For three different groups of multiplication cycles, the order of the groups being
Figure 843290DEST_PATH_IMAGE005
Figure 198048DEST_PATH_IMAGE006
Is composed of
Figure 523987DEST_PATH_IMAGE007
Is generated from
Figure 749432DEST_PATH_IMAGE008
Is a bilinear map;
Figure 463310DEST_PATH_IMAGE009
is a secure hash function
Figure 977468DEST_PATH_IMAGE010
Figure 202038DEST_PATH_IMAGE011
Is a secure hash function
Figure 750831DEST_PATH_IMAGE012
Figure 901190DEST_PATH_IMAGE013
Representing a secure signature scheme.
Figure 902644DEST_PATH_IMAGE040
Is an RSA trapdoor permutation function whose field is
Figure 632702DEST_PATH_IMAGE015
Figure 98319DEST_PATH_IMAGE016
Is the inverse operation of the RSA trapdoor permutation function;
Figure 622841DEST_PATH_IMAGE017
is a security parameter of the signature algorithm and
Figure 111591DEST_PATH_IMAGE018
is a safety parameter for trapdoor replacement;
Figure 645341DEST_PATH_IMAGE019
is a reversible random speaker in the field of
Figure 201349DEST_PATH_IMAGE015
. If the user wants to generate a file
Figure 365614DEST_PATH_IMAGE020
Is/are as follows
Figure 403977DEST_PATH_IMAGE082
A copy of the document, the user first entering security parameters
Figure 413522DEST_PATH_IMAGE017
And randomly selects a key pair
Figure 853730DEST_PATH_IMAGE022
As the public and private keys of the signature algorithm. Entering security parameters
Figure 720055DEST_PATH_IMAGE018
Generating a public key of a trapdoor permutation function
Figure 183398DEST_PATH_IMAGE024
And a private key
Figure 58950DEST_PATH_IMAGE025
. Random selection
Figure 291348DEST_PATH_IMAGE026
And calculate
Figure 859733DEST_PATH_IMAGE027
(ii) a Simultaneous random selection
Figure 544792DEST_PATH_IMAGE028
The privacy parameter and the private key of the system are
Figure 958456DEST_PATH_IMAGE029
And
Figure 107677DEST_PATH_IMAGE025
the public parameter and the public key are
Figure 784646DEST_PATH_IMAGE030
And
Figure 520783DEST_PATH_IMAGE024
(2) to ensure the recoverability of a file, a user generates the file by using an incompressible encoding technique
Figure 472559DEST_PATH_IMAGE001
Is/are as follows
Figure 679549DEST_PATH_IMAGE056
One file copy
Figure 589736DEST_PATH_IMAGE192
. The user then generates a validation tag for integrity audit. For file copy
Figure 249388DEST_PATH_IMAGE052
User uniform slave
Figure 270433DEST_PATH_IMAGE194
In selecting a random string
Figure 863089DEST_PATH_IMAGE032
And calculate
Figure 881860DEST_PATH_IMAGE033
Wherein
Figure 91125DEST_PATH_IMAGE195
Is a reversible random prediction machine and
Figure 853544DEST_PATH_IMAGE196
Figure 831865DEST_PATH_IMAGE197
it can be instantiated with 8 rounds of Feistel network.
(3) Will be provided with
Figure 755958DEST_PATH_IMAGE198
Is uniformly divided into
Figure 186940DEST_PATH_IMAGE038
Each data block having a size of
Figure 51253DEST_PATH_IMAGE015
Wherein
Figure 87342DEST_PATH_IMAGE015
Is the domain of RSA trapdoor permutation. Iteration
Figure 244654DEST_PATH_IMAGE199
And RSA trapdoor replacement
Figure 366194DEST_PATH_IMAGE040
In total
Figure 532733DEST_PATH_IMAGE200
Next, the process is carried out. For number of wheels
Figure 954487DEST_PATH_IMAGE042
To
Figure 485962DEST_PATH_IMAGE043
And block
Figure 891536DEST_PATH_IMAGE044
User computing
Figure 799449DEST_PATH_IMAGE201
And
Figure 606868DEST_PATH_IMAGE202
. Finally, the user gets a copy
Figure 105982DEST_PATH_IMAGE047
(4) For each copy
Figure 936535DEST_PATH_IMAGE203
Generating a validation tag
Figure 444877DEST_PATH_IMAGE204
Wherein
Figure 44486DEST_PATH_IMAGE050
And is
Figure 481545DEST_PATH_IMAGE205
Is randomly and uniformly selected by a user and is used as a file copy
Figure 799394DEST_PATH_IMAGE052
Is detected.
Figure 845848DEST_PATH_IMAGE053
Is a set of authentication tags.
(5) Generating a file label
Figure 362280DEST_PATH_IMAGE206
Wherein
Figure 406459DEST_PATH_IMAGE055
Is a copy of a file
Figure 273921DEST_PATH_IMAGE052
The signature of (2). In generating
Figure 61748DEST_PATH_IMAGE056
After the copy of the document and its corresponding verification tag and signature, the user will
Figure 698266DEST_PATH_IMAGE056
One file copy
Figure 913347DEST_PATH_IMAGE057
Authentication tag set
Figure 2525DEST_PATH_IMAGE058
And
Figure 390781DEST_PATH_IMAGE059
are respectively sent to
Figure 819489DEST_PATH_IMAGE056
A cloud service provider. Each cloud service provider stores one copy of a file
Figure 267788DEST_PATH_IMAGE052
To correspond to
Figure 47525DEST_PATH_IMAGE060
And
Figure 740937DEST_PATH_IMAGE061
s202, the server generates evidence stored in the copy by adopting a probabilistic auditing scheme, and the method comprises the following steps:
(1) to prove data integrity of a copy of a file stored on a cloud service provider, a third party auditor first retrieves a tag from the cloud service provider
Figure 24150DEST_PATH_IMAGE207
. The third party auditor then passes
Figure 643350DEST_PATH_IMAGE063
Verifying each document label
Figure 707121DEST_PATH_IMAGE208
From
Figure 640442DEST_PATH_IMAGE065
To
Figure 840480DEST_PATH_IMAGE066
. For all verified tags
Figure 833843DEST_PATH_IMAGE067
Third party auditors from
Figure 384910DEST_PATH_IMAGE068
Randomly generate one
Figure 653081DEST_PATH_IMAGE069
Subset of individual elements
Figure 910887DEST_PATH_IMAGE209
. For each element
Figure 137469DEST_PATH_IMAGE071
Random selection by third party auditor
Figure 847936DEST_PATH_IMAGE210
Figure 185376DEST_PATH_IMAGE073
Representing the location of the challenge block. Third party auditor delivery
Figure 563268DEST_PATH_IMAGE075
To the corresponding cloud service provider.
(2) Upon receipt of the challenge message
Figure 942776DEST_PATH_IMAGE075
Thereafter, the first cloud service provider calculates
Figure 468436DEST_PATH_IMAGE077
Generating a linear combination of random verification blocks
Figure 281671DEST_PATH_IMAGE078
Wherein
Figure 576386DEST_PATH_IMAGE079
(3) Cloud service provider generation of aggregated signatures
Figure 816874DEST_PATH_IMAGE080
And transmit
Figure 829830DEST_PATH_IMAGE081
And (5) giving the third party auditor.
S203, the efficient verification of the copy storage is realized by using the fast binary search and the index test, and the method comprises the following steps:
(1) from
Figure 243494DEST_PATH_IMAGE082
Receipt of proof by individual cloud service provider
Figure 330398DEST_PATH_IMAGE083
Thereafter, third party auditor settings
Figure 69684DEST_PATH_IMAGE084
Indicating the number of copies that have been validated so far. Is provided with
Figure 242040DEST_PATH_IMAGE082
Number of
Figure 459394DEST_PATH_IMAGE085
To represent
Figure 666385DEST_PATH_IMAGE082
The verification results of the individual copies.
(2) The third party auditor judges whether to judge
Figure 45413DEST_PATH_IMAGE211
And is
Figure 268847DEST_PATH_IMAGE087
Where it represents the bit inversion. If the result is true, the third party auditor no longer uses the binary query and separately verifies the remaining copies. Otherwise, calculating
Figure 227575DEST_PATH_IMAGE089
From
Figure 351389DEST_PATH_IMAGE065
To
Figure 370161DEST_PATH_IMAGE066
Calculating
Figure 579425DEST_PATH_IMAGE090
. If it is not
Figure 873003DEST_PATH_IMAGE094
Let us order
Figure 789007DEST_PATH_IMAGE092
Otherwise, calculating
Figure 40996DEST_PATH_IMAGE212
. After the calculation is completed, if
Figure 675240DEST_PATH_IMAGE094
It is stated that all copies are correctly stored on the cloud service provider. At this time, the third party auditor order
Figure 38088DEST_PATH_IMAGE109
From
Figure 808598DEST_PATH_IMAGE065
To
Figure 965910DEST_PATH_IMAGE082
Figure 149767DEST_PATH_IMAGE096
And completes the verification of all copies. If it is not
Figure 988410DEST_PATH_IMAGE097
Detecting whether or not there is such that
Figure 442787DEST_PATH_IMAGE098
Wherein
Figure 974263DEST_PATH_IMAGE099
. If it is not
Figure 379836DEST_PATH_IMAGE076
Presence, third party auditor settings
Figure 287749DEST_PATH_IMAGE100
The number of the carbon atoms is 1,
Figure 829589DEST_PATH_IMAGE101
and the verification is completed, wherein
Figure 594283DEST_PATH_IMAGE076
The individual copies are the wrong copies. Otherwise, the third party auditor will
Figure 424836DEST_PATH_IMAGE082
Partitioning of a proof average of a copy store
Figure 667598DEST_PATH_IMAGE102
And
Figure 532786DEST_PATH_IMAGE213
(3) the third party auditor judges whether to judge
Figure 468381DEST_PATH_IMAGE211
And is
Figure 582967DEST_PATH_IMAGE087
. If the result is true, the third party auditor no longer uses the binary query and separately verifies the remaining copies. Otherwise, the third party auditor calculates
Figure 567104DEST_PATH_IMAGE089
From
Figure 349115DEST_PATH_IMAGE065
To
Figure 393294DEST_PATH_IMAGE104
Calculating
Figure 762221DEST_PATH_IMAGE214
. If it is not
Figure 550049DEST_PATH_IMAGE106
Let us order
Figure 920987DEST_PATH_IMAGE107
Otherwise, calculating
Figure 198385DEST_PATH_IMAGE108
. After the calculation is completed, if
Figure 225246DEST_PATH_IMAGE106
Third party auditor order
Figure 879082DEST_PATH_IMAGE109
From
Figure 307789DEST_PATH_IMAGE065
To
Figure 756088DEST_PATH_IMAGE110
Figure 332563DEST_PATH_IMAGE111
And complete copies 1 through
Figure 462193DEST_PATH_IMAGE110
And (4) verifying. If it is not
Figure 807723DEST_PATH_IMAGE112
All incorrect copies are said to be present
Figure 630186DEST_PATH_IMAGE113
In, third party auditor order
Figure 693957DEST_PATH_IMAGE215
From
Figure 361699DEST_PATH_IMAGE114
To
Figure 63201DEST_PATH_IMAGE082
Figure 118881DEST_PATH_IMAGE111
. Otherwise, detecting whether the current state exists
Figure 342052DEST_PATH_IMAGE076
So that
Figure 141381DEST_PATH_IMAGE115
Wherein
Figure 399187DEST_PATH_IMAGE116
. If it is not
Figure 360190DEST_PATH_IMAGE076
Presence, third party auditor settings
Figure 132974DEST_PATH_IMAGE117
The number of the carbon atoms is 1,
Figure 408097DEST_PATH_IMAGE111
and complete copies 1 through
Figure 582727DEST_PATH_IMAGE110
And (4) verifying. Otherwise, the third party auditor will
Figure 917893DEST_PATH_IMAGE118
Mean division of certificates into duplicate stores
Figure 177973DEST_PATH_IMAGE119
And
Figure 256788DEST_PATH_IMAGE120
and continuing to iterate the method until all the evidences are verified.
S204, restoring the file by decoding the copy, comprising the following steps:
(1) downloading copies from cloud service providers
Figure 285923DEST_PATH_IMAGE121
Thereafter, the user will
Figure 90194DEST_PATH_IMAGE121
Is divided into
Figure 40832DEST_PATH_IMAGE122
Then iterating trapdoor replacement
Figure 720075DEST_PATH_IMAGE123
And
Figure 806980DEST_PATH_IMAGE124
in total
Figure 280686DEST_PATH_IMAGE041
And (4) wheels. For number of wheels
Figure 249780DEST_PATH_IMAGE216
To 1 and block
Figure 670397DEST_PATH_IMAGE044
User computing
Figure 674125DEST_PATH_IMAGE126
And
Figure 521995DEST_PATH_IMAGE217
. Finally, the user gets
Figure 243963DEST_PATH_IMAGE128
(2) User computing
Figure 202692DEST_PATH_IMAGE129
And divide
Figure 60927DEST_PATH_IMAGE130
. Original document
Figure 142015DEST_PATH_IMAGE001
Is that
Figure 23383DEST_PATH_IMAGE131
Foremost of (2)
Figure 349585DEST_PATH_IMAGE132
A bit.
The technical effects of the present invention will be described in detail with reference to experiments.
In order to test the method, programming simulation realizes the cloud security storage method of the duplicate file provided by the invention. Meanwhile, the provable copy storage method of the invention is compared with the existing provable copy storage method. The method is realized by using JAVA programming language and JPBC library v2.0.0. The test environment was Intel (R) core (TM) i7-7820HK CPU 2.90GHz 16.0GB RAM, Windows 10. In the experiment, the invention set the data size to be 1MB, 1024, 128. The test results are the average of 10 independent tests.
Scheme 1 by contrast is iterative AES with 100 times the round number of iterations being RTT and proof generation time, where RTT is the round trip time from the verifier to the provider and back to the verifier. After the copies are generated, a label is generated using the PDP schema and an integrity audit is performed independently for each data copy. Scheme 1 details can be found in the literature, Fileoil oil: a localized storage network [ EB/OL ] [2020-04-15].
Scheme 2 is to use incompressible encoding when generating the evidence of the copy, generate the label using the PoR scheme after generating the evidence, and perform independent integrity audit on each data copy. Scheme 2 details can be found in DAMG ARD I, GANESH C, ORLANDI C, Proofs of Replicated Storage Without timing assignment [ C ]// Advances in cryptography-CRYPTO 2019: 355-.
First, the present invention tests the time for file copy generation and file copy recovery for scheme 1 and scheme 2 and the method of the present application. Existing scheme 1 is vulnerable to recalc attacks. Servers with a large amount of computing power can always generate correct evidence before a timeout to fool an auditor into passing verification. Because small decoding parameters are adopted in the file copy recovery process, the decoding speed of the method is higher than that of the existing scheme 1. Details of the file copy generation and file copy recovery time are shown in fig. 3 and 4.
Secondly, the invention tests the auditing time of the scheme for the file copy storage certification. Unlike existing scenario 1 and existing scenario 2, the present invention uses a batch audit method to verify the proof of its copy store. From experimental results, the method can greatly reduce the calculation cost during the copy storage certification. Details of the audit time of a copy of a file are shown in FIG. 5.
Finally, the present invention tests the time of error copy location. Since neither the existing solution 1 nor the existing solution 2 solves the fast location of the erroneous copy, the existing solution 1 and the existing solution 2 will consume a large amount of computational overhead to find the erroneous copy of the file. The invention realizes the quick positioning of the error copy by combining the quick binary search and the index search. Meanwhile, in order to prevent the binary search from being not suitable for the situation that a large number of wrong copies exist, the method also takes the currently found error rate as the estimation of the error rate of the residual copies. When the error rate is greater than the security parameter, the patent terminates the binary search and verifies the remaining copies one by one. Therefore, the verification strategy can be dynamically adjusted to deal with different situations. Details of the error copy location time are shown in fig. 6. In addition, the patent also tests the time of copy uploading and downloading. The uploading time comprises file copy generation and audit tag generation, and the downloading time comprises file copy audit and copy recovery. Details of the upload time and download time of the file copy are shown in fig. 7.
It should be noted that the embodiments of the present invention can be realized by hardware, software, or a combination of software and hardware. The hardware portion may be implemented using dedicated logic; the software portions may be stored in a memory and executed by a suitable instruction execution system, such as a microprocessor or specially designed hardware. Those skilled in the art will appreciate that the apparatus and methods described above may be implemented using computer executable instructions and/or embodied in processor control code, such code being provided on a carrier medium such as a disk, CD-or DVD-ROM, programmable memory such as read only memory (firmware), or a data carrier such as an optical or electronic signal carrier, for example. The apparatus and its modules of the present invention may be implemented by hardware circuits such as very large scale integrated circuits or gate arrays, semiconductors such as logic chips, transistors, or programmable hardware devices such as field programmable gate arrays, programmable logic devices, etc., or by software executed by various types of processors, or by a combination of hardware circuits and software, e.g., firmware.
The above description is only for the purpose of illustrating the present invention and the appended claims are not to be construed as limiting the scope of the invention, which is intended to cover all modifications, equivalents and improvements that are within the spirit and scope of the invention as defined by the appended claims.

Claims (10)

1. A cloud security storage method for duplicate files is characterized by comprising the following steps:
firstly, a user generates a plurality of copies of a file by using an incompressible coding technology and generates a corresponding integrity audit tag of the file;
secondly, the server generates evidence stored in the copy by adopting a probabilistic auditing scheme;
thirdly, using fast binary search and index test to realize efficient verification of the copy storage;
and fourthly, restoring the file by decoding the copy.
2. The method of claim 1, wherein the user generating multiple copies of a file using non-compressible encoding techniques and generating their respective integrity audit tags further comprises: user generation of files by using non-compressible encoding techniques
Figure 299753DEST_PATH_IMAGE001
Is/are as follows
Figure 286163DEST_PATH_IMAGE002
One file copy
Figure 920407DEST_PATH_IMAGE003
The user performs the following operations:
order to
Figure 17676DEST_PATH_IMAGE004
For three different groups of multiplication cycles, the order of the groups being
Figure 351968DEST_PATH_IMAGE005
Figure 712542DEST_PATH_IMAGE006
Is composed of
Figure 630819DEST_PATH_IMAGE007
Is generated from
Figure 735041DEST_PATH_IMAGE008
Is a bilinear map;
Figure 687954DEST_PATH_IMAGE009
is a secure hash function
Figure 16167DEST_PATH_IMAGE010
Figure 359424DEST_PATH_IMAGE011
Is a secure hash function
Figure 64075DEST_PATH_IMAGE012
Figure 809177DEST_PATH_IMAGE013
A secure signature scheme is represented that is,
Figure 573870DEST_PATH_IMAGE014
is an RSA trapdoor permutation function whose field is
Figure 201161DEST_PATH_IMAGE015
Figure 647186DEST_PATH_IMAGE016
Is the inverse of the RSA trapdoor permutation function,
Figure 574690DEST_PATH_IMAGE017
is a security parameter of the signature algorithm and
Figure 447968DEST_PATH_IMAGE018
is a security parameter of the RSA trapdoor replacement;
Figure 64020DEST_PATH_IMAGE019
is a reversible random speaker in the field of
Figure 110473DEST_PATH_IMAGE015
(ii) a If the user wants to generate the file
Figure 830167DEST_PATH_IMAGE020
Is/are as follows
Figure 936664DEST_PATH_IMAGE021
A copy of the file is stored in a memory of the file,
Figure 476229DEST_PATH_IMAGE022
is the length of said file F, the user first enters the security parameters
Figure 326374DEST_PATH_IMAGE023
And randomly selects a key pair
Figure 900575DEST_PATH_IMAGE024
Inputting security parameters as public and private keys of a signature algorithm
Figure 177972DEST_PATH_IMAGE025
Generating a public key of the RSA trapdoor permutation function
Figure 267151DEST_PATH_IMAGE026
And a private key
Figure 593090DEST_PATH_IMAGE027
(ii) a Random selection
Figure 349693DEST_PATH_IMAGE028
And calculate
Figure 735675DEST_PATH_IMAGE029
(ii) a Simultaneous random selection
Figure 312150DEST_PATH_IMAGE030
The privacy parameter and the private key of the system are
Figure 441780DEST_PATH_IMAGE031
And
Figure 288776DEST_PATH_IMAGE027
the public parameter and the public key are
Figure 907976DEST_PATH_IMAGE032
And
Figure 909430DEST_PATH_IMAGE026
user uniform slave
Figure 905068DEST_PATH_IMAGE033
In selecting a random string
Figure 105105DEST_PATH_IMAGE034
And calculate
Figure 832890DEST_PATH_IMAGE035
Wherein
Figure 383957DEST_PATH_IMAGE036
Is a reversible random prediction machine and
Figure 120969DEST_PATH_IMAGE037
Figure 441091DEST_PATH_IMAGE038
8-wheel Feistel netwo can be adoptedrk is instantiated;
will be provided with
Figure 136515DEST_PATH_IMAGE039
Is uniformly divided into
Figure 112561DEST_PATH_IMAGE040
Each data block having a size of
Figure 450002DEST_PATH_IMAGE015
Wherein
Figure 562314DEST_PATH_IMAGE015
Is the domain of the RSA trapdoor permutation;
iteration
Figure 195683DEST_PATH_IMAGE041
And trapdoor replacement
Figure 455763DEST_PATH_IMAGE042
In total
Figure 534578DEST_PATH_IMAGE043
For number of rounds
Figure 298134DEST_PATH_IMAGE044
To
Figure 866519DEST_PATH_IMAGE045
And block
Figure 551578DEST_PATH_IMAGE046
User computing
Figure 230821DEST_PATH_IMAGE047
And
Figure 317726DEST_PATH_IMAGE048
the user obtains the copy
Figure 791432DEST_PATH_IMAGE049
3. The method of claim 2, wherein the user generating multiple copies of the file using the incompressible encoding technique and generating their respective integrity audit tags further comprises: the user generates a verification label for integrity audit;
for each duplicate block
Figure 26105DEST_PATH_IMAGE050
Generating a validation tag
Figure 446722DEST_PATH_IMAGE051
Wherein
Figure 184871DEST_PATH_IMAGE052
And is
Figure 596523DEST_PATH_IMAGE053
Is randomly and uniformly selected by a user and used as the file copy
Figure 256174DEST_PATH_IMAGE054
Is identified by the identification of (a) a,
Figure 277220DEST_PATH_IMAGE055
is a set of authentication tags;
generating a file label
Figure 135454DEST_PATH_IMAGE056
Wherein
Figure 888647DEST_PATH_IMAGE057
Is a copy of the file
Figure 97911DEST_PATH_IMAGE054
Is signed in lifeBecome into
Figure 860331DEST_PATH_IMAGE058
After each copy of the document and its corresponding verification tag and signature, the user will proceed
Figure 573072DEST_PATH_IMAGE058
Copy of the file
Figure 825062DEST_PATH_IMAGE059
Authentication tag set
Figure 193726DEST_PATH_IMAGE060
And
Figure 556574DEST_PATH_IMAGE061
are respectively sent to
Figure 592663DEST_PATH_IMAGE058
A plurality of cloud service providers, each of the cloud service providers storing a copy of the file
Figure 749975DEST_PATH_IMAGE054
To correspond to
Figure 169718DEST_PATH_IMAGE062
And
Figure 273940DEST_PATH_IMAGE063
4. the method of claim 3, wherein the server employing a probabilistic auditing scheme to generate the replica stored evidence further comprises:
third party auditor retrieves labels from the cloud service provider
Figure 226852DEST_PATH_IMAGE064
(ii) a The third party auditor passes
Figure 758328DEST_PATH_IMAGE065
Verifying each document label
Figure 163901DEST_PATH_IMAGE066
From
Figure 602973DEST_PATH_IMAGE067
To
Figure 348075DEST_PATH_IMAGE068
For all verified tags
Figure 112769DEST_PATH_IMAGE069
Said third party auditor from
Figure 943322DEST_PATH_IMAGE070
Randomly generating a contained
Figure 451663DEST_PATH_IMAGE071
Subset of individual elements
Figure 848010DEST_PATH_IMAGE072
(ii) a For each element
Figure 721288DEST_PATH_IMAGE073
Random selection by third party auditor
Figure 101453DEST_PATH_IMAGE074
Figure 351169DEST_PATH_IMAGE075
Representing the location of the challenge block, the third party auditor sending
Figure 369066DEST_PATH_IMAGE076
Providing the corresponding cloud service provider;
receiving challenge information
Figure 413245DEST_PATH_IMAGE076
Thereafter, a first one of the cloud service provider computing
Figure 280707DEST_PATH_IMAGE077
Generating a linear combination of random verification blocks
Figure 865272DEST_PATH_IMAGE078
Wherein
Figure 439473DEST_PATH_IMAGE079
The cloud service provider generates an aggregated signature
Figure 716871DEST_PATH_IMAGE080
And transmit it
Figure 9312DEST_PATH_IMAGE081
And giving the third party auditor.
5. The method of claim 4, wherein the using fast binary search and exponent testing to enable efficient verification of the replica storage further comprises:
from
Figure 131989DEST_PATH_IMAGE058
Receiving certification by the cloud service provider
Figure 623013DEST_PATH_IMAGE082
Thereafter, the third party auditor settings
Figure 274574DEST_PATH_IMAGE083
Indicating the number of copies that have been verified to date, setting
Figure 851049DEST_PATH_IMAGE058
Number of
Figure 980679DEST_PATH_IMAGE084
To represent
Figure 591789DEST_PATH_IMAGE058
A verification result of each of the copies;
the third party auditor calculation
Figure 435156DEST_PATH_IMAGE085
And is
Figure 436610DEST_PATH_IMAGE086
Wherein
Figure 432248DEST_PATH_IMAGE087
Indicating bit negation; when the result is true, the third party auditor does not use binary query any more and carries out individual verification on the remaining copies; when the result is false, calculating
Figure 835547DEST_PATH_IMAGE088
From
Figure 625649DEST_PATH_IMAGE067
To
Figure 114399DEST_PATH_IMAGE068
Calculating
Figure 382569DEST_PATH_IMAGE089
When is coming into contact with
Figure 702692DEST_PATH_IMAGE090
Let us order
Figure 866957DEST_PATH_IMAGE091
Otherwise, calculating
Figure 905320DEST_PATH_IMAGE092
(ii) a After the calculation is completed, if
Figure 914865DEST_PATH_IMAGE093
The third party auditor orders all the copies to be stored correctly on the cloud service provider
Figure 89494DEST_PATH_IMAGE094
From
Figure 221398DEST_PATH_IMAGE067
To
Figure 684740DEST_PATH_IMAGE095
Figure 61757DEST_PATH_IMAGE096
And completing the verification of all the copies when
Figure 294156DEST_PATH_IMAGE097
Detecting the presence or absence of
Figure 862540DEST_PATH_IMAGE098
So that
Figure 547599DEST_PATH_IMAGE099
Wherein
Figure 226842DEST_PATH_IMAGE100
(ii) a When in use
Figure 110485DEST_PATH_IMAGE098
Presence, said third party auditor setting
Figure 787454DEST_PATH_IMAGE101
The number of the carbon atoms is 1,
Figure 22126DEST_PATH_IMAGE102
and the verification is completed, wherein
Figure 177164DEST_PATH_IMAGE098
Each of the copies is erroneous when
Figure 180892DEST_PATH_IMAGE098
Absent, the third party auditor will
Figure 91079DEST_PATH_IMAGE095
Division of the proof average of the duplicate stores
Figure 750731DEST_PATH_IMAGE103
And
Figure 771776DEST_PATH_IMAGE104
6. the method of claim 5, wherein the using fast binary search and exponent testing to enable efficient verification of the replica storage further comprises:
from
Figure 567694DEST_PATH_IMAGE095
Receiving certification by the cloud service provider
Figure 150247DEST_PATH_IMAGE105
Thereafter, the third party auditor settings
Figure 93932DEST_PATH_IMAGE083
Representing the number of copies that have been verified so far, setting
Figure 856352DEST_PATH_IMAGE058
Number of
Figure 834672DEST_PATH_IMAGE084
To represent
Figure 758766DEST_PATH_IMAGE058
A verification result of each of the copies;
the third party auditor calculation
Figure 455327DEST_PATH_IMAGE085
And is
Figure 552596DEST_PATH_IMAGE086
(ii) a When the result is true, the third party auditor does not use binary inquiry and carries out independent verification on the rest copies; when the result is false, the third party auditor calculates
Figure 588685DEST_PATH_IMAGE106
From
Figure 745997DEST_PATH_IMAGE067
To, meter
Figure 867536DEST_PATH_IMAGE107
Calculating out
Figure 34075DEST_PATH_IMAGE108
When is coming into contact with
Figure 659092DEST_PATH_IMAGE109
Let us order
Figure 987305DEST_PATH_IMAGE110
Otherwise, calculating
Figure 894343DEST_PATH_IMAGE111
After the calculation is completed, if
Figure 802257DEST_PATH_IMAGE109
The third party auditor order
Figure 609676DEST_PATH_IMAGE112
From
Figure 312052DEST_PATH_IMAGE067
To
Figure 939343DEST_PATH_IMAGE113
Figure 447685DEST_PATH_IMAGE114
And completes the copies 1 to
Figure 47293DEST_PATH_IMAGE113
Verifying; if it is not
Figure 717309DEST_PATH_IMAGE115
The copy indicating all errors is present
Figure 97475DEST_PATH_IMAGE116
The third party auditor order
Figure 81611DEST_PATH_IMAGE117
From
Figure 863622DEST_PATH_IMAGE118
To
Figure 704539DEST_PATH_IMAGE058
Figure 509684DEST_PATH_IMAGE114
(ii) a Otherwise, detecting whether the current state exists
Figure 861294DEST_PATH_IMAGE098
So that
Figure 435494DEST_PATH_IMAGE119
Wherein
Figure 712892DEST_PATH_IMAGE120
(ii) a If it is not
Figure 536491DEST_PATH_IMAGE098
Presence, third party auditor settings
Figure 128010DEST_PATH_IMAGE121
The number of the carbon atoms is 1,
Figure 619034DEST_PATH_IMAGE114
and completing the copy from 1 to
Figure 5016DEST_PATH_IMAGE113
Verifying; otherwise, the third party auditor will
Figure 847070DEST_PATH_IMAGE122
An average division of proofs stored per said copy
Figure 976700DEST_PATH_IMAGE123
And
Figure 56652DEST_PATH_IMAGE124
and continuing to iterate the method until all the evidences are verified.
7. The method of claim 6, wherein the restoring the file by decoding the copy further comprises:
downloading the copy from the cloud service provider
Figure 941431DEST_PATH_IMAGE125
Thereafter, the user will
Figure 942885DEST_PATH_IMAGE125
Is divided into
Figure 938523DEST_PATH_IMAGE126
Then iterate RSA trapdoor replacement
Figure 76243DEST_PATH_IMAGE127
And
Figure 367809DEST_PATH_IMAGE128
in total
Figure 918876DEST_PATH_IMAGE043
Number of wheels, of wheels
Figure 390309DEST_PATH_IMAGE129
To 1 and block
Figure 710432DEST_PATH_IMAGE046
User computing
Figure 671435DEST_PATH_IMAGE130
And
Figure 381902DEST_PATH_IMAGE131
the user obtains
Figure 719342DEST_PATH_IMAGE132
User computing
Figure 97234DEST_PATH_IMAGE133
And divide
Figure 229138DEST_PATH_IMAGE134
Original document
Figure 692480DEST_PATH_IMAGE001
Is that
Figure 568033DEST_PATH_IMAGE135
Foremost of (2)
Figure 597168DEST_PATH_IMAGE136
A bit.
8. A program storage medium storing an input program for an electronic device to perform any of claims 1-7, comprising at least the steps of:
firstly, a user generates a plurality of copies of a file by using an incompressible coding technology and generates a corresponding integrity audit tag of the file;
secondly, the server generates evidence stored in the copy by adopting a probabilistic auditing scheme;
thirdly, using fast binary search and index test to realize efficient verification of the copy storage;
and fourthly, restoring the file by decoding the copy.
9. A computer-readable storage medium storing a computer program, wherein the computer program, when executed by an electronic device, provides an input interface to implement a method of cloud-safe storage of replica files as claimed in any one of claims 1 to 7.
10. A cloud server carrying the cloud secure storage method of a replica file according to any one of claims 1 to 7.
CN202010585583.4A 2020-06-24 2020-06-24 Cloud security storage method, medium and equipment for duplicate files Pending CN111565234A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010585583.4A CN111565234A (en) 2020-06-24 2020-06-24 Cloud security storage method, medium and equipment for duplicate files

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010585583.4A CN111565234A (en) 2020-06-24 2020-06-24 Cloud security storage method, medium and equipment for duplicate files

Publications (1)

Publication Number Publication Date
CN111565234A true CN111565234A (en) 2020-08-21

Family

ID=72070310

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010585583.4A Pending CN111565234A (en) 2020-06-24 2020-06-24 Cloud security storage method, medium and equipment for duplicate files

Country Status (1)

Country Link
CN (1) CN111565234A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112769842A (en) * 2021-01-16 2021-05-07 西安电子科技大学 Efficient cloud storage copy proving method and system supporting public verification and application
CN114415978A (en) * 2022-03-29 2022-04-29 维塔科技(北京)有限公司 Multi-cloud cluster data reading and writing method and device, storage medium and electronic equipment

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112769842A (en) * 2021-01-16 2021-05-07 西安电子科技大学 Efficient cloud storage copy proving method and system supporting public verification and application
CN112769842B (en) * 2021-01-16 2021-11-16 西安电子科技大学 Efficient cloud storage copy proving method and system supporting public verification and application
CN114415978A (en) * 2022-03-29 2022-04-29 维塔科技(北京)有限公司 Multi-cloud cluster data reading and writing method and device, storage medium and electronic equipment
CN114415978B (en) * 2022-03-29 2022-06-21 维塔科技(北京)有限公司 Multi-cloud cluster data reading and writing method and device, storage medium and electronic equipment

Similar Documents

Publication Publication Date Title
Breitner et al. Biased nonce sense: Lattice attacks against weak ECDSA signatures in cryptocurrencies
Chen Using algebraic signatures to check data possession in cloud storage
Tan et al. A survey on proof of retrievability for cloud data integrity and availability: Cloud storage state-of-the-art, issues, solutions and future trends
Wang et al. Privacy-preserving public auditing for data storage security in cloud computing
CN111355705A (en) Data auditing and safety duplicate removal cloud storage system and method based on block chain
CA2792267C (en) Verifying implicit certificates and digital signatures
CN111222176B (en) Block chain-based cloud storage possession proving method, system and medium
CN109525403B (en) Anti-leakage public cloud auditing method supporting full-dynamic parallel operation of user
JP5254497B2 (en) Validating work performed by untrusted compute nodes
Chen et al. Data dynamics for remote data possession checking in cloud storage
Yuchuan et al. Enable data dynamics for algebraic signatures based remote data possession checking in the cloud storage
Luo et al. An effective integrity verification scheme of cloud data based on BLS signature
US11722322B2 (en) Method for providing information to be stored and method for providing a proof of retrievability
Kuang et al. A new quantum-safe multivariate polynomial public key digital signature algorithm
US20090313171A1 (en) Electronic transaction verification
Hu et al. Enabling cloud storage auditing with key-exposure resilience under continual key-leakage
US20220166614A1 (en) System and method to optimize generation of coprime numbers in cryptographic applications
CN111565234A (en) Cloud security storage method, medium and equipment for duplicate files
Preston Applying Grover's algorithm to hash functions: a software perspective
Xu et al. Data tag replacement algorithm for data integrity verification in cloud storage
Mishra et al. Dynamic large branching hash tree based secure and efficient dynamic auditing protocol for cloud environment
Hartung Attacks on secure logging schemes
Tu et al. Privacy‐Preserving Outsourced Auditing Scheme for Dynamic Data Storage in Cloud
Cao et al. Lattice-based fault attacks on deterministic signature schemes of ECDSA and EdDSA
Li et al. IPOR: An efficient IDA-based proof of retrievability scheme for cloud storage systems

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20200821