CN112532380A - Cloud storage data deterministic deletion method based on SGX technology - Google Patents
Cloud storage data deterministic deletion method based on SGX technology Download PDFInfo
- Publication number
- CN112532380A CN112532380A CN202011263176.8A CN202011263176A CN112532380A CN 112532380 A CN112532380 A CN 112532380A CN 202011263176 A CN202011263176 A CN 202011263176A CN 112532380 A CN112532380 A CN 112532380A
- Authority
- CN
- China
- Prior art keywords
- key
- data
- trusted
- management center
- party
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0891—Revocation or update of secret information, e.g. encryption key update or rekeying
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0877—Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
Abstract
A cloud storage data deterministic deletion method based on an SGX technology belongs to the field of cloud storage data deterministic deletion. The invention utilizes Intel SGX technology to create a trusted isolation space-enclave based on hardware for a third party key management center, wherein a memory protection mechanism ensures the confidentiality and integrity of key codes and data, a remote authentication mechanism ensures the credibility of the third party key management center, and a sealing mechanism safely stores keys. The method ensures the credibility of a third party key management center and the safety management of the key by utilizing the Intel SGX technology, and the data encryption key used in the storage stage is safely stored by using a sealing mechanism of the Intel SGX without secondary encryption. And in the deleting stage, the deleting key is regenerated to re-encrypt the data and cover the original data, and the data encrypting key and the data deleting key are deleted, so that the deterministic deletion of the cloud storage data can be completed, and the problems of complex and unsafe encrypting scheme in the deterministic deletion scheme of the cloud storage data based on cryptography are solved.
Description
Technical Field
The invention belongs to the field of deterministic deletion of cloud storage data, and particularly relates to a cloud storage data deterministic deletion method based on an SGX technology.
Background
The Intel SGX is a set of instruction set extensions, can guarantee the credibility of the operating environment during operation, and can obtain services only after remote authentication between a service provider and a user is passed. The Intel SGX technology provides users with a trusted execution environment-enclave that is guaranteed to be 64MB or 128MB in size at runtime, and malicious code cannot access, steal, and tamper with the content protected by the enclave. The Intel SGX technology provides two authentication mechanisms: 1. and local authentication, namely creating an identity authentication session between two enclaves running on the same platform. 2. Remote authentication, which is an extension to local authentication mechanisms, provides a session channel to third parties outside the platform. When an enclave is instantiated, it provides confidentiality and integrity protection for the data by keeping the data within the bounds of the enclave. When the enclave is closed, secrets within the enclave may be lost. The enclave generates a unique key that encrypts or decrypts data already on the platform to preserve and protect the data. The encryption and decryption operations are referred to as encapsulation and decapsulation operations, respectively.
The method is mainly characterized in that data are encrypted before being uploaded to a cloud storage system, an encryption key is destroyed when the data are deleted, the encrypted data in the cloud cannot be recovered after the data are deleted, and namely the problem of data deletion is equivalent to the problem of key management. The method for introducing the third-party key management center stores the key in the third-party key management center for independent management, but the existing scheme does not realize the credibility of the third-party key management center at present, so that the problem that the credibility of the third-party key management center is ensured to safely ensure the deterministic deletion of the cloud storage data is urgently needed to be solved.
Disclosure of Invention
The invention aims to provide a cloud storage data deterministic deletion method of a third-party key management center with credibility guarantee, so that data outsourced to a cloud storage system by a user can be safely and effectively deleted.
In order to provide better key management service, a trusted third party key management center based on SGX technology is introduced to manage keys. The scheme is that a required key is derived in the enclave of a trusted third party key management center through an SGX technology, the key is sent to a data owner through a secure session channel, and the key can only be used in the enclave of the data owner. The trusted third party key management center additionally stores the data encryption key and the encrypted file identifier in its database using an encapsulation mechanism. Only the user who passes through the remote authentication can acquire the key, so that the key safety of the cloud storage service provider in data storage and deletion is ensured, and the purpose of data deterministic deletion is also achieved.
The invention consists of three entities: the system comprises a data owner, a trusted third party key management center and a cloud storage service provider.
In the cloud data storage stage, a data owner and a trusted third party key management center both initialize an enclave locally, and the data owner and the trusted third party key management center perform platform trusted authentication by using a remote authentication mechanism of an Intel SGX technology.
The trusted third party key management center provides the data owner with encrypted data after generating the key in the enclave, and saves the key to a local database using a sealing mechanism.
And in the cloud data deleting stage, the data owner acquires the re-encryption key from the trusted third party key management center again, and then acquires outsourced data from the cloud storage service provider for re-encryption.
And after the re-encryption operation is carried out, the re-encrypted data is stored to the cloud again to cover the original data.
And the data owner makes a key deletion request to the trusted third-party key management center so as to achieve the deterministic deletion of the cloud storage data.
Drawings
Fig. 1 is an overall framework diagram of the present invention.
FIG. 2 is a data storage phase framework diagram of the present invention.
FIG. 3 is a data deletion phase framework diagram of the present invention.
Detailed Description
The invention aims to provide a cloud storage data deterministic deletion method of a third-party key management center with credibility guarantee, so that data outsourced to a cloud storage system by a user can be safely and effectively deleted. The above two phases will be described in detail below:
first, data storage stage
The method comprises the following steps: after the data owner initializes the enclave, remote authentication is initiated to the trusted third party key management center.
Step two: the data owner and the trusted third party key management center negotiate out a session key and establish a secure session channel in the remote authentication process.
And thirdly, the trusted third party key management center derives a 128b data encryption key in the enclave, encrypts the data encryption key by using an AES-GCM encryption function SGX _ rijndael128GCM _ encrypt () and a session key which are provided by the SGX encryption library and only support the 128b key, and transmits the encrypted data encryption key to the data owner enclave.
Step four: the data owner acquires the session key using sgx _ ra _ get _ keys () function, and decrypts the data encryption key using sgx _ rijndael128GCM _ decrypt () with the session key as a parameter.
Step five: the data owner encrypts the data using the data encryption key and generates a corresponding file identifier.
Step six: and storing the encrypted data and the file identifier to a cloud storage service provider, and sending the file identifier to a third party key management server by using a secure session channel.
Step seven: the trusted third party key management center uses sgx _ seal _ data () function to seal the received file identifier and data encryption key to the database for secure storage.
Second, data deleting stage
The method comprises the following steps: the data owner generates a message 1 containing platform information, authentication status, and a request for acquisition of a data deletion key of the data owner using the gain _ ddk () function.
Step two: and the data owner initiates a data deletion request to the third-party key management center and the cloud storage service provider.
Step three: and the trusted third-party key management center confirms the identity of the data owner, and confirms the platform information, the authentication state and the acquisition request of the data deletion key in the data packet sent by the data owner. And simultaneously, the cloud storage service provider acquires encrypted data corresponding to the file identifier provided by the data owner.
Step four: after the platform information and the authentication state provided by the data owner pass the authentication, a 128b data deletion key is derived in the third party key management center Enclave, and the encrypted data deletion key, the third party key management center platform information and the authentication state are generated together to be a message 2 to be returned to the data owner through an AES-GCM encryption function SGX _ rijndael128GCM _ encrypt () and a session key encryption data deletion key which are provided by an SGX encryption library and only support the 128b key.
Step five: after the data owner receives the message 2 sent by the third-party key management center, the data encrypted by the data encryption key is re-encrypted by using a data deletion key decrypted by a decryption function sgx _ rijndael128GCM _ decrypt () in the data owner's enclave to obtain re-encrypted data, and the re-encrypted data is sent to the cloud storage service provider again to cover the data storage position encrypted by the original data encryption key.
Step six: and the data owner sends a data encryption key corresponding to the deleted file identifier and a data deletion key request message 3 to the trusted third party key management center.
Step seven: and the trusted third party key management center deletes the data encryption key and the data deletion key corresponding to the file identifier in the database and returns a successful return value to the data owner.
Claims (2)
1. A cloud storage data deterministic deletion method based on an SGX technology is characterized by comprising the following steps:
the trusted third party key management center comprises a key derivation module, a key sealing module and a key decapsulation module; a key derivation module live _ key () is used for deriving a session key, a data encryption key and a data deletion key in the authentication process of the data owner and the trusted third party key management center; the derivation process of the key is protected by the enclave, namely, a key derivation function in the trusted execution space enclave is called from the untrusted execution space of the trusted third party key management center; the key encapsulation module seal _ key () stores the key into a database of the trusted key management center after the key is derived; calling SGX _ seal _ data () function package keys in an SGX trusted package library in the enclave and storing the function package keys in a database; the key decapsulation module unseal _ key (), when the data owner acquires the data encryption key from the trusted third party key management center again, the trusted third party key management center acquires the corresponding data encryption key from the database according to the file identifier provided by the data owner, calls an SGX _ unseal _ data () function in the SGX trusted encapsulation library to decapsulate the key, encrypts the key by using the session key, and sends the key to the data owner;
the data owner comprises a data encryption module, a data decryption module, a data deletion key acquisition module and a data uploading and downloading module; the data encryption module encrypt _ secret (), wherein the data is encrypted by an SGX _ rijndael128GCM _ encrypt () function of an SGX trusted key repository in an enclave by using a key acquired from a trusted third party key management center; the data decryption module decrypt _ secret (), wherein the data is decrypted in the enclave through an SGX _ rijndael128GCM _ decrypt () function of an SGX trusted key repository by using a key acquired from a trusted third party key management center; the data deleting key acquiring module gain _ ddk (), the data owner and the trusted third party key management center are disconnected after the data encryption key acquiring stage is finished, and when the data deleting key is required to be acquired, the secure connection is required to be reestablished; because both parties have established a trusted relationship, the data owner of the connection provides an authentication state, platform information and a data encryption key hash value; after the trusted third party key management center confirms the message, judging whether the user establishes connection; if the connection is established, the trusted third-party key management center sends the authentication state and the platform information to the data owner, and similarly, if the state information is consistent, the secondary safe connection is carried out, and the data owner puts forward a request for acquiring the data deletion key to the trusted third-party key management center.
2. The cloud storage data deterministic deletion method based on the SGX technology according to claim 1, characterized in that:
the data uploading module comprises two sub-modules, the data uploading module writes _ buf _ to _ file () packages the encrypted data to the cloud, and the data downloading module reads _ file _ to _ buf () downloads the cloud data to the local.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011263176.8A CN112532380B (en) | 2020-11-12 | 2020-11-12 | Cloud storage data deterministic deletion method based on SGX technology |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011263176.8A CN112532380B (en) | 2020-11-12 | 2020-11-12 | Cloud storage data deterministic deletion method based on SGX technology |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112532380A true CN112532380A (en) | 2021-03-19 |
| CN112532380B CN112532380B (en) | 2023-01-31 |
Family
ID=74982306
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011263176.8A Active CN112532380B (en) | 2020-11-12 | 2020-11-12 | Cloud storage data deterministic deletion method based on SGX technology |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112532380B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114422117A (en) * | 2021-12-14 | 2022-04-29 | 杭州宇链科技有限公司 | Privacy-protecting video acquisition method and corresponding playing method thereof |
| CN115484031A (en) * | 2022-09-13 | 2022-12-16 | 山东大学 | SGX-based method and system for removing duplicate of cloud storage ciphertext without trusted third party |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5276735A (en) * | 1992-04-17 | 1994-01-04 | Secure Computing Corporation | Data enclave and trusted path system |
| CN108768978A (en) * | 2018-05-16 | 2018-11-06 | 浙江大学 | A kind of remote storage method of servicing and system based on SGX |
| CN110138799A (en) * | 2019-05-30 | 2019-08-16 | 东北大学 | A kind of secure cloud storage method based on SGX |
-
2020
- 2020-11-12 CN CN202011263176.8A patent/CN112532380B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5276735A (en) * | 1992-04-17 | 1994-01-04 | Secure Computing Corporation | Data enclave and trusted path system |
| CN108768978A (en) * | 2018-05-16 | 2018-11-06 | 浙江大学 | A kind of remote storage method of servicing and system based on SGX |
| CN110138799A (en) * | 2019-05-30 | 2019-08-16 | 东北大学 | A kind of secure cloud storage method based on SGX |
Non-Patent Citations (2)
| Title |
|---|
| DTS/TSGS-0333535VG00: "TECHNICAL SPECIFICATION 5G; Authentication and Key Management for Applications (AKMA) based on 3GPP credentials in the 5G System (5GS) (3GPP TS 33.535 version 16.0.0 Release 16)", 《ETSI TS 133 535》 * |
| 王冠等: "基于SGX的Hadoop KMS安全增强方案", 《信息安全研究》 * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114422117A (en) * | 2021-12-14 | 2022-04-29 | 杭州宇链科技有限公司 | Privacy-protecting video acquisition method and corresponding playing method thereof |
| CN114422117B (en) * | 2021-12-14 | 2023-09-22 | 杭州宇链科技有限公司 | Privacy-protected video acquisition method and corresponding playing method thereof |
| CN115484031A (en) * | 2022-09-13 | 2022-12-16 | 山东大学 | SGX-based method and system for removing duplicate of cloud storage ciphertext without trusted third party |
| CN115484031B (en) * | 2022-09-13 | 2024-03-08 | 山东大学 | SGX-based trusted-free third-party cloud storage ciphertext deduplication method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112532380B (en) | 2023-01-31 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111191286B (en) | HyperLegger Fabric block chain private data storage and access system and method thereof | |
| CN109361668B (en) | Trusted data transmission method | |
| JP3776619B2 (en) | Encryption communication terminal, encryption communication center apparatus, encryption communication system, and storage medium | |
| US8625802B2 (en) | Methods, devices, and media for secure key management in a non-secured, distributed, virtualized environment with applications to cloud-computing security and management | |
| WO2014145039A1 (en) | Intra-computer protected communications between applications | |
| CN107453880B (en) | Cloud data secure storage method and system | |
| CN102567688B (en) | File confidentiality keeping system and file confidentiality keeping method on Android operating system | |
| US9215070B2 (en) | Method for the cryptographic protection of an application | |
| EP2973183A1 (en) | Intra-computer protected communications between applications | |
| JPH0669915A (en) | Apparatus and method for control of code key | |
| CN112532380B (en) | Cloud storage data deterministic deletion method based on SGX technology | |
| US11196558B1 (en) | Systems, methods, and computer-readable media for protecting cryptographic keys | |
| US11570155B2 (en) | Enhanced secure encryption and decryption system | |
| CN107066885A (en) | Cross-platform credible middleware realizes system and implementation method | |
| CN112613048A (en) | Secret key use frequency management method and system based on SGX in cloud storage mode | |
| CN109981579B (en) | Hadoop key management service security enhancement method based on SGX | |
| JP2000347566A (en) | Contents administration device, contents user terminal, and computer-readable recording medium recording program thereon | |
| Keleman et al. | Secure firmware update in embedded systems | |
| CN113609522B (en) | Data authorization and data access method and device | |
| CN115189928B (en) | Dynamic security migration method and system for password service virtual machine | |
| CN115442030A (en) | Encryption and decryption network transmission method and equipment | |
| CN115221546A (en) | Safety data processing method and device for burning after use | |
| US20080059788A1 (en) | Secure electronic communications pathway | |
| CN115277259B (en) | Method for supporting large-scale cross-platform migration of persistent data through privacy calculation | |
| CN116248279B (en) | Data calculation containerized trusted execution method based on blockchain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |