CN111966638B - Dynamic updating method suitable for IDA data recovery on industrial cloud - Google Patents

Dynamic updating method suitable for IDA data recovery on industrial cloud Download PDF

Info

Publication number
CN111966638B
CN111966638B CN202010874257.5A CN202010874257A CN111966638B CN 111966638 B CN111966638 B CN 111966638B CN 202010874257 A CN202010874257 A CN 202010874257A CN 111966638 B CN111966638 B CN 111966638B
Authority
CN
China
Prior art keywords
ilt
user
csp
data
new
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010874257.5A
Other languages
Chinese (zh)
Other versions
CN111966638A (en
Inventor
刘增智
于海阳
杨震
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing University of Technology
Original Assignee
Beijing University of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing University of Technology filed Critical Beijing University of Technology
Priority to CN202010874257.5A priority Critical patent/CN111966638B/en
Publication of CN111966638A publication Critical patent/CN111966638A/en
Application granted granted Critical
Publication of CN111966638B publication Critical patent/CN111966638B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/16File or folder operations, e.g. details of user interfaces specifically adapted to file systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/11File system administration, e.g. details of archiving or snapshots
    • G06F16/113Details of archiving
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/02Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]

Abstract

The invention belongs to the field of data recovery and dynamic update, and particularly relates to a dynamic update method suitable for IDA data recovery on an industrial cloud, which is used for solving the problem that a user stores a large amount of data on a CSP (compact strip service provider), and how to improve the dynamic update speed of the CSP when the user wants to perform dynamic operation on the data on the CSP. Firstly, a system model is provided, and a third party arbitration trusted mechanism (TPA) is introduced; secondly, a large amount of data can be uploaded to the CSP by a user by combining a multi-branch path tree (MBT) and a logic index table (ILT), wherein each leaf node of the MBT comprises an ILT, a file is stored by using one ILT, and finally, when the user wants to dynamically update the data on the CSP, the data on the CSP is dynamically updated, so that the efficiency of the CSP is improved.

Description

Dynamic updating method suitable for IDA data recovery on industrial cloud
The technical field is as follows:
the invention belongs to the field of data recovery and dynamic update, and particularly relates to a dynamic update method for supporting data on an industrial cloud.
Background art:
in recent years, with the rapid development of information technology and network technology, global data has been growing explosively. In industrial systems, statistics show that the growth of industrial image data is a large proportion of the data of the whole industrial field. In the face of rapidly growing mass data, the traditional local storage technology cannot meet the storage requirement. Therefore, cloud storage technology has come to bear. As a new storage technology, cloud storage has the characteristics of large storage capacity, flexible storage mode, convenient access and the like, gradually replaces a local storage technology, and is favored by more and more customers.
A Cloud Service Provider (CSP) for Cloud storage is a platform of uniform storage resources constructed based on a Cloud computing technology, and can provide a large amount of storage space for clients. Compared with local storage, cloud storage has the following advantages: (1) saving cost: the client uploads the data to the cloud, so that a user does not need to purchase a local storage facility or build and maintain a local storage system, and investment in hardware, software and operation and maintenance is reduced. (2) Stabilizing: compared with the common users and small and medium-sized enterprises, the CSP has professional technology and strong strength and can provide stable storage service. (3) Elastic expansion: the user may purchase the required storage space on demand, and so on. Because of the many advantages of cloud platforms, more and more individuals and enterprise-class users store local data on the cloud.
However, while the cloud stores many advantages, it also faces a number of security issues.
In terms of data integrity and recoverability: (1) malicious attacks from hackers and the like attack the device, which can cause tampering and damage to the data stored in the server. (2) Data on the cloud may be lost due to factors such as natural disasters and software and hardware failures. (3) Data on the cloud storage server is incomplete due to an inadvertent operation error by the administrator of the CSP, or due to intentional deletion of data information on the cloud by the CSP administrator.
In the aspect of data dynamic update: (1) in the past, a large amount of literature only proposed static operations, and few dynamic operations. (2) Although some articles propose dynamic operations, all based on dynamic updating of the Merkle hash tree, as the amount of data increases, the depth of the Merkle hash tree becomes larger and less efficient.
The invention content is as follows:
the invention is used for solving the following problems: the problem how to improve the dynamic update speed of the data stored on the CSP when the user wants to dynamically operate (add, delete, search and modify) the data on the CSP is solved.
The present invention is directed to the storage of big data onto an industrial cloud. First, a system model is proposed, which introduces a third party mediation trusted mechanism (TPA). The primary role of this mechanism is to verify the integrity of the data uploaded by the user onto the CSP in place of the user. Second, the combination of the multi-branch path tree (MBT) and the logical index table (ILT) allows the user to upload a large amount of data to the CSP, where each leaf node of the MBT contains an ILT, and we use an ILT to store a file, here exemplified by file F. Finally, when the user wants to dynamically update (add, delete, change) the data on the CSP, the data on the CSP is dynamically updated, so that the efficiency is improved.
The innovation points of the invention are as follows:
(1) and storing the data of the user in the multi-branch path tree, so that the speed of the user in dynamic operation is improved.
(2) The method of combining the multi-branch path tree and the logical index table allows a user to store large amounts of data on the CSP.
Has the advantages that:
first, the present invention uses a multi-branch path tree (MBT) method to store data on the MBT at a depth lower than the depth at which data is stored on the Merkle, as compared with the Merkle tree in the conventional scheme, thereby improving the retrieval speed of the client and the update efficiency.
Secondly, the invention uses the mode of combining the logic index table (ILT) and the multi-branch path tree (MBT) to lead each leaf node in the MBT to store one logic index table, and each ILT stores one file.
Drawings
FIG. 1 is a flow chart of a complete working process of a system model;
FIG. 2, system model;
FIG. 3 is a schematic diagram of a modified operation of the MBT;
FIG. 4, schematic diagram of MBT insertion operation;
FIG. 5 is a schematic diagram of the deletion operation of MBT;
Detailed Description
The system model related to the invention is a system which can enable a user to store big data on the cloud, can verify the integrity of the data on the cloud, and can recover the data when the data on the cloud is damaged and dynamically update the data on the cloud. In this embodiment, a description is developed from a complete working process of a system model, an upload file is encoded first, and when a client sends a request to the CSP to download data stored in the CSP, the TPA performs integrity verification on the data in the CSP. When the TPA detects that the data on the CSP is incomplete and the damaged data is within a certain threshold, the user recovers the data on the CSP. When the user dynamically updates the data stored on the CSP, the data on the CSP is downloaded and updated. The implementation process is specifically described as follows:
step (1), establishing a system model and introducing a mechanism.
A system model, comprising three entities: client, Cloud Service Provider (CSP), third party mediation (TPA). Where the client is an entity that has a large amount of data available to outsource. The CSP is an entity that manages a plurality of cloud storage servers and can provide a large amount of storage resources for clients. The data of both the client and CSP are provided to the outsource for encryption. TPAR is a third party dispute arbitration expert specified by the client and CSP.
Step (2) initialization operation
Step (2.1) bilinear mapping
G1, G2 and GT are multiplication loop groups with prime order p, and G1 and G2 are selected to form bilinear mapping e G1 XG 2->GT (G1 XG 2 maps to GT). Where G is the generator of G2. Randomly selecting a random number Z' epsilon ZqThen, v' ═ g is calculatedz’
H (.) is a secure graph-to-point hash function: {0,1}*->G1, representing that {0, 1}*Mapping to G1, this hash function maps the string in the graph to each element of G1.
Step (2.2) Key Generation
Generating a key tuple (pk, sk) by using a KeyGen algorithm, generating a coefficient matrix by using a CoefficientGen algorithm, and generating an encoded upload file, wherein the upload file in the embodiment is a file F subjected to encoding*
KeyGen algorithm
The user first generates a random signature pair (spk, ssk), and then from the set of positive integers ZpTwo numbers v, k are randomly selectedencAnd from ZpIn selecting x1,x2,...,xnThen calculating z ═ gv. Finally we set the public key pk ═ (spk, z, { x)i}1≤i≤n) The private key sk (ssk, k)enc,v)。
CoefficientGen algorithm
The user selects n coefficient vectors:
Figure BDA0002650170230000041
these vectors are then combined into a coefficient matrix M ═ ai,j](1≤i≤n,1≤j≤m)
Generating metadata, wherein the metadata refer to a client side to upload a file F and a corresponding label to the CSP; after the file is uploaded, deleting local data of the client;
the corresponding label is
Figure BDA0002650170230000042
Wherein: f*Directing the client to upload the encoded file, ε, to the CSPiRefers to the result, omega, of the encryption of the coefficient matrixiThe integrity audit tag after the encryption of the coefficient matrix,
Figure BDA0002650170230000043
means ith in xi ILT]The marking of the individual data blocks is performed,
Figure BDA0002650170230000044
tag for indicating the ξ -th ILT, τ for file F*Of the label, ILTξRefers to the ξ ILT, sig (H (R)) refers to the signature of the root node R;
giving a file F, the user divides F, and puts F ═ b1,b2,...,bnDivide it into n blocks, where each block contains s sectors. Using IDA algorithm, multiplying matrix formed by coefficient matrix M and F to obtain coded data block matrix F*={f* [i],j}∈Zq(1≤i≤n,1≤j≤s),F*Each encoded data block in (a) will be stored in a corresponding ILT.They are then stored in the alpha position of the corresponding ILT. An ILT includes a file F*All of the data blocks of (1).
F*={f*,ξ [i],j}∈Zq(1≤ξ≤α,1≤i≤n,1≤j≤s)
Generation of the corresponding label:
(1) and generating an integrity audit tag of the coefficient vector, wherein the integrity audit tag is used for integrity verification:
in order to protect the privacy of data, the coefficient matrix is encrypted once by adopting a symmetric encryption technology, and the formula is as follows:
Figure BDA0002650170230000047
calculating a corresponding integrity audit tag for the encrypted coefficient vector:
Figure BDA0002650170230000045
(2) document F*The method of calculating the label τ of (a) is as follows
User is at ZqSelecting N as the name of the file, s random numbers x1,x2,...,xs∈G1. Suppose that
Figure BDA0002650170230000046
The label τ of this file is then equal to
Figure BDA0002650170230000051
And
Figure BDA0002650170230000052
is signed
Figure BDA0002650170230000053
sig () is a function to obtain the tag;
(3) marking of
Figure BDA0002650170230000054
The calculation method of (2) is as follows:
for data block [ i ] in any ξ -th ILT](i is more than or equal to 1 and less than or equal to n), and the user selects two random numbers sk∈Zq(k∈ω),rk∈Zq(k ∈ ω) and enters the private key sk, then the user generates the label of the ith data block in the ξ -th ILT:
Figure BDA0002650170230000055
Figure BDA0002650170230000056
Figure BDA0002650170230000057
for (k ∈ ω), and get the flag to get the [ i ] th chunk in the ξ -th ILT:
Figure BDA0002650170230000058
(4) xi number of ILT tags
Figure BDA0002650170230000059
The generation method comprises the following steps:
for each ILT, we represent the entire ILT with [0] th data block, and the client generates tags for the ξ -th ILT:
Figure BDA00026501702300000510
and is
Figure BDA00026501702300000511
And
Figure BDA00026501702300000512
value of and
Figure BDA00026501702300000513
and
Figure BDA00026501702300000514
are the same and all equal to
Figure BDA00026501702300000515
And
Figure BDA00026501702300000516
the tag for the ξ -th ILT is:
Figure BDA00026501702300000517
(5) the signature generation method of the root node R:
then, the client calculates H (ILT)ξ) And each ILT is stored on a leaf node of the MBT, after which the root node R on the MBT tree is computed, while the signature sig (h (R)) of the root node R is generated.
And finally, the client uploads the coded file and the corresponding label to the CSP:
Figure BDA00026501702300000518
and delete data local to the client.
Step (3) integrity audit
The user initiates an audit request, and the TPA replaces the user to audit the data on the CSP, which is the interaction between the TPA and the CSP. The TPA generates a Challenge set Q by using the Challenge algorithm, a Challenge is sent to the CSP, and the CSP responds to the evidence set E by using the Response algorithm after the CSP receives the Challenge setiAnd returned to the TPA. After receiving the response evidence, the TPA verifies whether the data is complete by using an algorithm Verify. (taking a file as an example herein, as can be seen from the above, an ILT stores a file)
Step (3.1) Challenge algorithm
TPA in an ILT, randomly selects c data blocks from the set [1, n ] to form a challenge set I.
TPA randomly selects a number vk←Zq(k ∈ I), and get the challenge set Q { (k, v)k)}k∈IAnd k denotes the index number of the data chunk in this ILT. The TPA sends the challenge set Q to the CSP.
Step (3.2). Response algorithm
After the CSP receives the challenge set Q, the CSP performs the following equation:
Figure BDA0002650170230000061
Figure BDA0002650170230000062
set E is theniIs returned to TPA, wherein Ei
Ei={τ,μiiii}(1≤i≤n)
Step (3.3). Verify algorithm
TPA receives the response set E from CSPiThen, the TPA firstly verifies the file label by using the public key pk to ensure that the file returned by the cloud server is the correct file. If the signature is valid, TPA recovers { x from the document label1,x2,...,xnAnd else, stopping auditing.
After passing the verification, the TPA calculates the value of the user audit according to the following formula:
Figure BDA0002650170230000063
Figure BDA0002650170230000064
then TPA uses z in public key pk to calculate the following formula, and completes integrity verification to data. If the equations are all true, outputting 1 to show that the data is complete; otherwise, the data is corrupted and 0 is output.
e(σi,g)=e(δi·ηi,z)
e(ωi,g)=e(H(i)·εi,z)
And after receiving the TPA audit result, the user initiates a data recovery request for the damaged data.
Step (4) data recovery
According to the algorithm (1) (see below for details), in this stage, data recovery is mainly performed by using an IDA (information dispersal algorithm) algorithm, and when a request is initiated by a client, the TPA will first find m blocks in a corresponding ILT that can be used for recovering data, and then return the healthy data to the client, so that the data is recovered by the client itself.
After receiving the data returned by the TPA, the client decrypts the coefficient vector by using the Dec algorithm to obtain a coefficient matrix, and then restores the original data block by using the IDA algorithm.
The decryption process of the Dec algorithm is as follows:
after receiving the data returned by the TPA, the user firstly decrypts the coefficient vector by using a private key, and executes the following formula:
Figure BDA0002650170230000071
combining the decrypted vectors to obtain a m x m submatrix A ═ of the coefficient matrix (a)ij)1≤i,j≤m
Step (5) dynamic update of data
The dynamic update of data is specifically divided into two cases:
in the first case: the updated object is a data block in the ILT, namely a data block in a certain leaf node in the logical index table MBT is modified, inserted and deleted;
in the second case: the updated object is a leaf node, and the file is modified, inserted and deleted by the CSP, namely the dynamic update of the whole logic index table MBT.
The first case dynamic operation method in the step (5) is specifically as follows:
and (3) modifying operation:
the data block modification operation refers to the replacement of one data block with another new data block. Suppose the user wants to modify the theta in the ξ -th ILT1A data block of modified value
Figure BDA0002650170230000072
The client first addresses this new data block
Figure BDA0002650170230000073
Split into s sectors, namely:
Figure BDA0002650170230000074
and generate new tags
Figure BDA0002650170230000075
The label is generated as follows:
Figure BDA0002650170230000076
Figure BDA0002650170230000077
Figure BDA0002650170230000081
obtaining a corresponding label:
Figure BDA0002650170230000082
finally, the whole data block and the data block are labeled
Figure BDA0002650170230000083
The update is performed.
The insertion operation is specifically as follows: inserted according to a specific position
The insertion of a data block means that a new data block is inserted after a specific position. We assume the (θ) th in the ξ -th ILT2-1) inserting a new data block behind a block
Figure BDA0002650170230000084
First, this new data block is partitioned into s sectors:
Figure BDA0002650170230000085
and the client generates a new tag:
Figure BDA0002650170230000086
Figure BDA0002650170230000087
Figure BDA0002650170230000088
obtaining a corresponding label:
Figure BDA0002650170230000089
the final client updates the new data block and tag
Figure BDA00026501702300000810
And (3) deleting operation: deletion according to specific position
A delete operation is the opposite of an insert operation, which refers to deleting a data block at a particular location of any ILT. We have found thatSuppose that the theta in deleting the ξ -th ILT3Blocks, directly deleting the theta-th3And finally, the client updates the whole data block and the data block label.
The second case dynamic operation method in the step (3) is specifically as follows:
updating the leaf nodes of the MBT, wherein the corresponding letters M, I and D are modified, inserted and deleted, and the following steps are executed:
MBT modification operations
We assume that the ξ -th ILT is named ILTξWe want to modify it to ILT'ξSince block 0 of the ILT represents the entire ILT, the ILT is considered block 0. User first segments the 0 th block into s sectors and then generates ILT'ξNew label of
Figure BDA0002650170230000091
Figure BDA0002650170230000092
Figure BDA0002650170230000093
Obtaining a corresponding label:
Figure BDA0002650170230000094
the user then sends an update request to the CSP:
Figure BDA0002650170230000095
after the CSP receives the update request, the following steps are executed:
Figure BDA0002650170230000096
the specific operation is as follows:
(1) will ILTξReplacement by ILTξ' and outputs a new file F*
(2) Will turn over
Figure BDA0002650170230000097
By replacement with
Figure BDA0002650170230000098
(3) On the basis of MBT, H (ILT)ξ) Replacement by H (ILT)ξ') and a new root R' is calculated.
(4) The CSP provides a response, Resp, to the userupdate=(ΘξSig (H (R)), R'), where Θ proves that the update operation has been completedξIs ILTξAuthenticated Auxiliary Information (AAI).
(5) When the user receives Resp from CSPupdateFirst, H (ILT) is calculated on the basis of the new ILT and the old ILTξ) And H (ILT)ξ'). Then, the user passes the { Θξ,H(ILTξ) Compute the root node R and determine if the AAI and R values are true by verifying the signature sig (H (R)) (verify with R if the R' value is the same as in AAI). And outputting WRONG if the verification fails. Otherwise, the user continues to verify whether the modification operation is executed as required, and the specific verification mode is as follows: the user first uses { Θξ,H(ILTξ') } calculate the new root and compare it with R'. If the output is TRUE, the user is signed (H (R')) to the new root RSigned and sent to the CSP for updating. If False, prompt the user to update again. Finally, the user executes an audit protocol, and if the output is TRUE, the user deletes the local storage of the response. As shown in FIG. 3, a pair node h is shownx2A modification is made.
MBT insertion operation
The MBT insertion operation means inserting a new ILT after a specific location, here we assume thatUser ILT in the ξ thξPost-insertion of a new ILTξ *
First, in the new ILTξ *On the basis of which the user first divides it into s sectors and generates new tags:
Figure BDA0002650170230000101
Figure BDA0002650170230000102
Figure BDA0002650170230000103
obtaining a corresponding label:
Figure BDA0002650170230000104
the user then sends an update request to the CSP:
Figure BDA0002650170230000105
when the CSP receives the update request, the following steps are executed:
Figure BDA0002650170230000106
the specific operation is as follows:
(1) store the ILTξ *And at leaf node H (H (ILT) of MBTξ) After that, a leaf node H (ILT) is addedξ *) And update F)*
(2) Increase of
Figure BDA0002650170230000107
Into a set of tokens and output
Figure BDA0002650170230000108
(3) Generating a new root node R from the MBT tree*
(4) CSP provides a response Resp to the userupdate=(Θξ,sig(H(R)),R*) Prove that the update has been completed, where ΘξIs ILTξAuthenticated Auxiliary Information (AAI).
(5) When the user receives Resp from CSPupdateFirst, H (ILT) is calculated from the new and old ILTξ) And H (ILT)ξ *). Then, the user passes the { Θξ,H(ILTξ) Compute the root node R and determine if the values of AAI and R are true by verifying the signature sig (H (R)). And if the verification fails, outputting WRONG, otherwise, continuously verifying whether the insertion operation is executed according to the requirement by the user. The user first uses { Θξ,H(ILTξ),H(ILTξ *) Calculate the new root, and with R*And (6) comparing. If the output is TRUE, the user passes sig (H (R)*) To new root R*Signed and sent to the CSP for updating. Finally, the user executes an audit protocol, and if the output is TRUE, the user deletes the local storage of the response. As shown in FIG. 4, a node hx is insertedn^n-n+1And under the condition that all the nodes are full, a subtree is newly opened up.
MBT delete operation
A delete operation of an MBT means deleting the ILT at a particular location, where we assume that the user deletes the ILT at the ξ -th ILTξPosterior ILTξ *
Sending a request to the CSP:
Figure BDA0002650170230000111
when the CSP receives the update request, the following steps are executed:
ExecUpdate=(F*,Update)
generating a new root node R from the MBT tree*
Finally, the CSP provides a response to the user to verify that the update is complete, whereξIs ILTξAuthenticated Auxiliary Information (AAI).
Respupdate=(Θξ,sig(H(R)),R*)
When the user receives Respupdate from the CSP, H (ILT ξ) and H (ILT) are first calculated from the new and old ILTξ *). Then, the user passes the { Θξ,H(ILTξ) Compute the root node R and determine if the values of AAI and R are true by verifying the signature sig (H (R)). And outputting WRONG if the verification fails, otherwise, the user continuously verifies whether the insertion operation is executed as required. The user first uses { Θξ,H(ILTξ),H(ILTξ *) Calculate the new root, and with R*And (6) comparing. If the output is TRUE, the user passes sig (H (R)*) To new root R*Signed and sent to the CSP for updating. Finally, the user executes an audit protocol, and if the output is TRUE, the user deletes the local storage of the response. As shown in FIG. 5, the deletion node h is shownx2
The following is an introduction to the algorithm involved in the present embodiment
Algorithm (1) block coding of data and data recovery method
Algorithm (2.1) initialization operation
2.1.1. Information Dispersal Algorithm (IDA), an algorithm for reconstructing a partitioned data block. It randomly selects a matrix of n x m coefficients for encoding the original data. Any m-code block can retrieve the original data using the following matrix properties.
In the matrix multiplication operation, if one equation A × B ═ C; where A, B, C represents a matrix (matrix a is invertible), matrix B may be:
Figure BDA0002650170230000121
in IDA, a is a coefficient matrix, B is an original data block matrix, and C is an encoded data block matrix.
2.1.2. Solving of coefficient matrix
The user selects n coefficient vectors ai=(ai1,ai2,...,aim) E Z (1 ≦ i ≦ n) and then combine these vectors into a coefficient matrix M ≦ ai,j](1≤i≤n,1≤j≤m),
Algorithm (2.2) storage operation of image file F ═ b1,b2,…,bNDivide into N/m blocks with m sectors in each block. Then divide file F { (b)1,...,bm),(bm+1,...,b2m),...,(...,bN) The k block is SkIs expressed as Sk=(b(k-1)m+1,b(k-1)m+2,...,bkm)(1≤k≤bN)
After partitioning the file, the user uses the BlockGen algorithm to compute the encoded data blocks, i.e., the computation of the encoded data for each sector in each block. The user then encrypts the coefficient vectors into ciphertext through the Enc algorithm, and then combines them into a tag.
To this end, the block encoding is completed, as well as the storage of the encoded blocks.
Algorithm (2.3) when a data block is lost, its recovery operation is achieved by encoding
When a damage warning is received, the user asks the TPAR to look for m well-functioning servers on the CSP for retrieval. The TPAR then returns the encoded data blocks and corresponding coefficient vectors stored in the m health servers to the user. And the user decrypts the coefficient vector by using the Dec algorithm to obtain a coefficient matrix A, and then calculates an Inverse matrix of the A by using an Inverse algorithm. And then reconstructing the original data block by using a Retrieval algorithm, thereby completing the whole data recovery.
BlockGen Algorithm: the data block and coefficient matrix are subjected to matrix multiplication as follows.
Figure BDA0002650170230000131
cik=ai*Sk=ai1*b(k-1)m+1+…+aim*bkm
Where 1. ltoreq. i.ltoreq.n, 1. ltoreq. k.ltoreq.N/m, such that after this operation a file F is obtainedi *={ci1,ci2,...,ciN/mAn ith row of data blocks in the coded data block matrix is stored in an ith storage server;
the Enc algorithm: the user encrypts the coefficient vector by using the key in the following way:
Figure BDA0002650170230000132
wherein i is more than or equal to 1 and less than or equal to n.
The Dec algorithm: after receiving the coefficient vector from the TPAR, the client uses the system key KencThe vector is decrypted as follows:
Figure BDA0002650170230000133
where 1 ≦ i ≦ m, then the vectors are combined into a coefficient matrix, such that an m × m matrix a ═ aij)1≤i,j≤mThen the product is obtained;
inverse algorithm: the client calculates the invertible matrix A of A through A-1=(aij)1≤i,j≤mHere, face A-1Row i of (a)i1,ai2,...,aim);
Retrieval algorithm: the client puts the encoded data block into a matrix, and by using the attributes of the matrix, the following is calculated:
Figure BDA0002650170230000134
bj=αi1·c1k+…+αim·cmk
wherein j is more than or equal to 1 and less than or equal to N, k is more than or equal to 1 and less than or equal to N/m, and i is more than or equal to 1 and less than or equal to m. From the above, i ═ j mod m,
Figure BDA0002650170230000135

Claims (4)

1. the dynamic updating method for supporting the data on the industrial cloud is characterized by comprising the following steps:
step (1) establishing a system model
Initializing operation to generate metadata, wherein the metadata refers to files and corresponding tags uploaded to a Cloud Service Provider (CSP) by a client; the upload file F is as follows:
given a file F, a user divides F into n blocks, { b1, b 2., bn }, and stores the n blocks in an α -th logical index table ILT, where an ILT stores all data blocks of a file F, each data block having s sectors, as follows:
F={fξ [i],j}∈Zq(1≤ξ≤α,1≤i≤n,1≤j≤s)
all files are recorded by a multi-branch path tree (MBT), the MBT comprises a plurality of leaf nodes, each leaf node stores an ILT, and each ILT comprises a plurality of data blocks;
the step (2) specifically comprises the following steps:
step (2.1) bilinear mapping
G1, G2 and GT are multiplication loop groups with prime order p, and G1 and G2 are selected to form bilinear mapping e G1 XG 2->GT, G1 XG 2, maps to GT where G is the generator of G2; randomly selecting a random number Z' epsilon ZqThen, v' ═ g is calculatedz′
H (.) is a secure graph-to-point hash function: {0,1}*->G1, representing will {0, 1}*Mapping to G1, this hash function maps the string in the graph to each element of G1;
step (2.2) Key Generation
Generating a key tuple (pk, sk) by using a KeyGen algorithm;
generating metadata, wherein the metadata refer to a client side to upload a file F and a corresponding label to the CSP; after the file is uploaded, deleting local data of the client;
the corresponding label is
Figure FDA0003490334070000011
Wherein: f refers to the upload file of the client to the CSP,
Figure FDA0003490334070000012
means ith in xi ILT]The marking of the individual data blocks is performed,
Figure FDA0003490334070000013
label referring to xi ILT, τ to File F, ILTξRefers to the ξ ILT, sig (H (R)) refers to the signature of the root node R;
(1) the calculation method of the tag τ is as follows:
first, the user is at ZqSelecting N as the name of file F, s random numbers x1,x2,...,xs∈G1Suppose that:
Figure FDA0003490334070000014
then, the label τ of this file F is equal to
Figure FDA0003490334070000021
And
Figure FDA0003490334070000022
is signed by
Figure FDA0003490334070000023
sig () is a function to obtain the tag;
(2) marking of
Figure FDA0003490334070000024
The calculation method of (2) is as follows:
for data block [ i ] in any ξ -th ILT]I is more than or equal to 1 and less than or equal to n, and the user selects two random numbers sk∈Zq(k∈ω),rk∈Zq(k ∈ ω), and inputs the private key sk, generating the label of the ith data block in the ξ -th ILT:
Figure FDA0003490334070000025
xjto G as defined hereinbefore1The random number of (a) is set,
v'=gz′
Figure FDA0003490334070000026
Figure FDA0003490334070000027
for (k e ω), we get the flag for the [ i ] th block in the ξ -th ILT:
Figure FDA0003490334070000028
(3) xi number of ILT tags
Figure FDA0003490334070000029
The generation method comprises the following steps:
for each ILT, the entire ILT is represented by [0] th data block, and the client generates a flag for the ξ -th ILT:
Figure FDA00034903340700000210
and is
Figure FDA00034903340700000211
And
Figure FDA00034903340700000212
value of and
Figure FDA00034903340700000213
and
Figure FDA00034903340700000214
are the same and all equal to
Figure FDA00034903340700000215
And
Figure FDA00034903340700000216
the tag for the ξ -th ILT is:
Figure FDA00034903340700000217
(4) the signature generation method of the root node R:
first, the client calculates H (ILT)ξ) And storing each ILT on a leaf node of the MBT;
then, calculating a root node R on the MBT tree, and simultaneously generating a signature sig (H (R)) of the root node R; step (3), dynamically updating data, which is specifically divided into two conditions:
in the first case: the updated object is a data block in the ILT, namely a data block in a certain leaf node in the logical index table is modified, inserted and deleted;
in the second case: the updated object is a leaf node, and the CSP is used for modifying, inserting and deleting files, namely the dynamic update of the whole logic index table.
2. The method of claim 1 for supporting dynamic update of data on an industrial cloud, comprising: the system model in step (1) comprises three entities: the client side, the cloud service provider CSP and the third party arbitrate the TPA, wherein the client side is an entity which can outsource a large amount of data, and the CSP is an entity which manages a plurality of cloud storage servers and provides a large amount of storage resources for the client side; the data of the client and the CSP are provided for outsourcing to be encrypted; the TPA is a third party dispute arbitration expert specified by the client and CSP.
3. The method of claim 1 for supporting dynamic update of data on an industrial cloud, comprising:
the first case dynamic operation method in the step (3) is specifically as follows:
and (3) modifying operation:
the data block modification operation refers to replacing one data block with another new data block; suppose the user wants to modify the theta in the ξ -th ILT1A data block of modified value
Figure FDA0003490334070000031
The client first addresses this new data block
Figure FDA0003490334070000032
Split into s sectors, namely:
Figure FDA0003490334070000033
and generate new tags
Figure FDA0003490334070000034
The label is generated as follows:
Figure FDA0003490334070000035
Figure FDA0003490334070000036
Figure FDA0003490334070000037
obtaining a corresponding label:
Figure FDA0003490334070000038
finally, the whole data block and the data block are labeled
Figure FDA0003490334070000039
All the data are updated;
the insertion operation is specifically as follows: inserted according to a specific position
Insertion of a data block means that a new data block is inserted after a specific position, assuming the (θ) th in the ξ -th ILT2-1) inserting a new data block behind a block
Figure FDA0003490334070000041
First, this new data block is partitioned into s sectors:
Figure FDA0003490334070000042
and the client generates a new tag:
Figure FDA0003490334070000043
Figure FDA0003490334070000044
Figure FDA0003490334070000045
obtaining a corresponding label:
Figure FDA0003490334070000046
the final client updates the new data block and tag
Figure FDA0003490334070000047
And (3) deleting operation: deletion according to specific position
Delete operation is the opposite of insert operation, which refers to deleting a data block at a particular location of any ILT; suppose that the theta in the ξ -th ILT is deleted3Blocks, directly deleting the theta-th3And finally, the client updates the whole data block and the data block label.
4. The method of claim 1 for supporting dynamic update of data on an industrial cloud, comprising:
the second case dynamic operation method in the step (3) is specifically as follows:
updating the leaf nodes of the MBT, wherein the corresponding letters M, I and D are modified, inserted and deleted, and the following steps are executed:
MBT modification operations
Suppose that the ξ -th ILT is named ILTξModified to ILT'ξSince block 0 of the ILT represents the entire ILT, considering the ILT as block 0, the user first divides block 0 into s sectors and then generates ILT'ξNew label of
Figure FDA0003490334070000048
Figure FDA0003490334070000049
Figure FDA00034903340700000410
Obtaining a corresponding label:
Figure FDA0003490334070000051
the user then sends an update request to the CSP:
Figure FDA0003490334070000052
when the CSP receives the update request, the following steps are executed:
Figure FDA0003490334070000053
f refers to the file as it appears in the preceding paragraph,
the specific operation is as follows:
(1) will ILTξReplacement by ILTξ'and outputs a new file F'
(2) Will turn over
Figure FDA0003490334070000054
By replacement with
Figure FDA0003490334070000055
(3) On the basis of MBT, H (ILT)ξ) Replacement by H (ILT)ξ'), and calculate the new root R';
(4) the CSP provides a response, Resp, to the userupdate=(ΘξSig (H (R)), R'), where Θ is such that the update operation has been completedξIs ILTξAuthenticated auxiliary information AAI;
(5) when the user receives Resp from CSPupdateFirst in the new ILT and the old ILTCalculating H (ILT) on the basis of ILTξ) And H (ILT)ξ') to a host; then, the user passes the { Θξ,H(ILTξ) Compute the root node R and determine if the AAI and R values are true by verifying the signature sig (H (R)), (I) with R to verify if the R' value is the same as in AAI; if the verification fails, outputting WRONG; otherwise, the user continues to verify whether the modification operation is executed as required, and the specific verification mode is as follows: the user first uses { Θξ,H(ILTξ') } calculating a new root and comparing with R'; if the output is TRUE, the user signs the new root R 'by sig (H (R')), and sends to CSP for updating; if the answer is False, prompting the user to update again; finally, the user executes an audit protocol, and if the output is TRUE, the user deletes the local storage of the response;
MBT insertion operation
The MBT insert operation means to insert a new ILT after a specific location, assuming the user is in the ξ ILTξPost-insertion of a new ILTξ *
First, in the new ILTξ *On the basis of which the user first divides it into s sectors and generates new tags:
Figure FDA0003490334070000056
wherein ξ*Refers to the position of the insertion point,
Figure FDA0003490334070000061
Figure FDA0003490334070000062
obtaining a corresponding label:
Figure FDA0003490334070000063
the user then sends an update request to the CSP:
Figure FDA0003490334070000064
when the CSP receives the update request, the following steps are executed:
Figure FDA0003490334070000065
the specific operation is as follows:
(1) store ILTξ *And at leaf node H (H (ILT) of MBTξ) After that, a leaf node H (ILT) is addedξ *) And updating F;
(2) increase of
Figure FDA0003490334070000066
Into a set of tokens and output
Figure FDA0003490334070000067
(3) Generating a new root node R from the MBT tree*
(4) CSP provides a response Resp to the userupdate=(Θξ,sig(H(R)),R*) Prove that the update has been completed, where ΘξIs ILTξAuthenticated auxiliary information AAI;
(5) when the user receives Resp from CSPupdateFirst, H (ILT ξ) and H (ILT) are calculated from the new and old ILTξ *) (ii) a Then, the user passes the { Θξ,H(ILTξ) Compute the root node R and determine if the values of AAI and R are true by verifying the signature sig (H (R)); if the verification fails, outputting WRONG, otherwise, the user continues to verify whether the insert operation is executed as required, and the user firstly uses { theta }ξ,H(ILTξ),H(ILTξ *) Calculate the new root, and with R*In contrast, if the output is TRUE, the user passes sig (H (R)*) To new root R*Signing and sending to the CSP for updating, finally, executing an audit protocol by the user, and deleting the local storage of the response by the user if the output is TRUE;
MBT delete operation
A delete operation of an MBT means deleting the ILT at a specific location, assuming the user deletes the ILT at the ξ -th locationξPosterior ILTξ *
Sending a request to the CSP:
Figure FDA0003490334070000071
when the CSP receives the update request, the following steps are executed:
ExecUpdate=(F,Update)
f refers to the file appearing in the preamble
Generating a new root node R from the MBT tree*
Finally, the CSP provides a response to the user to verify that the update is complete, whereξIs ILTξAuthenticated auxiliary information AAI;
Respupdate=(Θξ,sig(H(R)),R*)
when the user receives Respupdate from the CSP, H (ILT) is first calculated based on the new and old ILTξ) And H (ILT)ξ *) (ii) a Then, the user passes the { Θξ,H(ILTξ) Calculating a root node R, determining whether the values of AAI and R are true by verifying a signature sig (H (R)), outputting WRONG if verification fails, otherwise, continuously verifying whether the insertion operation is executed as required by the user by using { theta }ξ,H(ILTξ),H(ILTξ *) Calculate the new root, and with R*In contrast, if the output is TRUE, the user passes sig (H (R)*) To new root R*Signing, sending to CSP for updating, executing audit protocol by user, if output is TRUE, the user deletes the local store of responses.
CN202010874257.5A 2020-08-26 2020-08-26 Dynamic updating method suitable for IDA data recovery on industrial cloud Active CN111966638B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010874257.5A CN111966638B (en) 2020-08-26 2020-08-26 Dynamic updating method suitable for IDA data recovery on industrial cloud

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010874257.5A CN111966638B (en) 2020-08-26 2020-08-26 Dynamic updating method suitable for IDA data recovery on industrial cloud

Publications (2)

Publication Number Publication Date
CN111966638A CN111966638A (en) 2020-11-20
CN111966638B true CN111966638B (en) 2022-06-07

Family

ID=73391325

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010874257.5A Active CN111966638B (en) 2020-08-26 2020-08-26 Dynamic updating method suitable for IDA data recovery on industrial cloud

Country Status (1)

Country Link
CN (1) CN111966638B (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105320899A (en) * 2014-07-22 2016-02-10 北京大学 User-oriented cloud storage data integrity protection method
CN110781524A (en) * 2019-10-29 2020-02-11 陕西师范大学 Integrity verification method for data in hybrid cloud storage
CN111210378A (en) * 2019-12-30 2020-05-29 北京工业大学 Recoverability method based on image data on industrial cloud

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11442902B2 (en) * 2018-06-21 2022-09-13 Nasuni Corporation Shard-level synchronization of cloud-based data store and local file system with dynamic sharding
CN109635593B (en) * 2018-12-04 2023-07-25 国网重庆市电力公司客户服务中心 Data integrity storage protection method based on electric power payment terminal in electric power system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105320899A (en) * 2014-07-22 2016-02-10 北京大学 User-oriented cloud storage data integrity protection method
CN110781524A (en) * 2019-10-29 2020-02-11 陕西师范大学 Integrity verification method for data in hybrid cloud storage
CN111210378A (en) * 2019-12-30 2020-05-29 北京工业大学 Recoverability method based on image data on industrial cloud

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于多分支路径树的云存储数据完整性验证机制;李勇;《清华大学学报(自然科学版)》;20160531;第56卷(第5期);第1-2节 *

Also Published As

Publication number Publication date
CN111966638A (en) 2020-11-20

Similar Documents

Publication Publication Date Title
Jin et al. Dynamic and public auditing with fair arbitration for cloud data
Barsoum et al. On verifying dynamic multiple data copies over cloud servers
CN110213042B (en) Cloud data deduplication method based on certificate-free proxy re-encryption
Wang et al. Enabling public verifiability and data dynamics for storage security in cloud computing
CN108229208B (en) Public auditing method for multi-copy data in cloud storage service
Fu et al. DIPOR: An IDA-based dynamic proof of retrievability scheme for cloud storage systems
Mo et al. A dynamic Proof of Retrievability (PoR) scheme with O (logn) complexity
CN113364576A (en) Data encryption evidence storing and sharing method based on block chain
Yi et al. Efficient integrity verification of replicated data in cloud computing system
CN104978239A (en) Method, device and system for realizing multi-backup-data dynamic updating
CN110008755B (en) Cloud storage revocable dynamic data integrity verification system and method
CN111898164B (en) Data integrity auditing method supporting label block chain storage and query
Peng et al. Efficient, dynamic and identity-based remote data integrity checking for multiple replicas
Sengupta et al. Efficient proofs of retrievability with public verifiability for dynamic cloud storage
Bakas et al. Power range: Forward private multi-client symmetric searchable encryption with range queries support
CN114239025A (en) Data processing method and device based on block chain
Peng et al. Comments on “identity-based distributed provable data possession in multicloud storage”
Gudeme et al. Review of remote data integrity auditing schemes in cloud computing: taxonomy, analysis, and open issues
Zhang et al. Secdedup: Secure encrypted data deduplication with dynamic ownership updating
Zhou et al. An efficient and secure data integrity auditing scheme with traceability for cloud-based EMR
Ando et al. Hash-based TPM signatures for the quantum world
Li et al. IPOR: An efficient IDA-based proof of retrievability scheme for cloud storage systems
Balmany et al. Dynamic proof of retrievability based on public auditing for coded secure cloud storage
Liu et al. A blockchain-based compact audit-enabled deduplication in decentralized storage
CN117235342A (en) Dynamic cloud auditing method based on homomorphic hash function and virtual index

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant