CN112671802B - Data sharing method and system based on oblivious transmission protocol - Google Patents

Data sharing method and system based on oblivious transmission protocol Download PDF

Info

Publication number
CN112671802B
CN112671802B CN202110037668.3A CN202110037668A CN112671802B CN 112671802 B CN112671802 B CN 112671802B CN 202110037668 A CN202110037668 A CN 202110037668A CN 112671802 B CN112671802 B CN 112671802B
Authority
CN
China
Prior art keywords
data
sender
receiver
target data
hash value
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110037668.3A
Other languages
Chinese (zh)
Other versions
CN112671802A (en
Inventor
李屹
潘盈瑜
郜策宇
方莉
陈萍
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing University of Posts and Telecommunications
Original Assignee
Beijing University of Posts and Telecommunications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing University of Posts and Telecommunications filed Critical Beijing University of Posts and Telecommunications
Priority to CN202110037668.3A priority Critical patent/CN112671802B/en
Publication of CN112671802A publication Critical patent/CN112671802A/en
Application granted granted Critical
Publication of CN112671802B publication Critical patent/CN112671802B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

One or more embodiments of the present specification provide a data sharing method and system based on an oblivious transmission protocol; the method comprises the steps that firstly, a sender encrypts data needing to be shared and uploads the data to an agent. The receiver then requests the file from the sender through the encrypted request. And after receiving the re-key, the proxy re-encrypts the stored file according to the re-key and then sends the re-key to the receiver. Finally, the receiver decrypts the received encrypted file to obtain the required file. The method is based on the inadvertent proxy transmission of a three-party model, and the file data sharing is carried out by comprehensively considering the security of file sharing, the operation privacy of a user and data control. Therefore, the effect of providing powerful privacy protection is achieved while data security is guaranteed.

Description

Data sharing method and system based on oblivious transmission protocol
Technical Field
One or more embodiments of the present disclosure relate to the field of data transmission technologies, and in particular, to a method and a system for data sharing based on an oblivious transmission protocol.
Background
Proxy re-encryption is one of the common methods for ensuring data confidentiality and access controllability, and is an encryption algorithm that can convert a ciphertext from one encryption key to another encryption key. The user uploads the encrypted data to the proxy server and then shares the data with others by generating and sharing the relevant key (not the encryption key). The agent cannot decrypt the encrypted data or alter each access. In data sharing, the encryption key is not revealed to anyone, so proxy re-encryption is more secure than direct encryption.
The existing proxy re-encryption has the following disadvantages:
1. proxy re-encryption neglects to protect the privacy of the data sharing activities themselves.
The privacy protection requirement of the data requester is that the sender or the agent is not expected to know what data the sender or the agent requests; when a data sender actively shares data, the privacy protection requirement is that an agent is not expected to know what data the agent shares. The data analysis behaviors contain a large amount of privacy information, and meanwhile, as the data are stored in the agents and are shared by the agents, the agents can speculate that other information is profitable by writing the data sharing behaviors separately, which is a great threat to the privacy of users. (e.g., estimating the value of data or user representation by data sharing frequency and attributes, etc.)
2. Original three-party data sharing neglects data authenticity and integrity check.
Since the data is stored in a third party agent, the authenticity and integrity of the data needs to be guaranteed. If the authenticity of the data cannot be guaranteed and the integrity cannot be checked, the user often cannot find and maintain the right when the data has problems. Therefore, a way for providing data verification to three parties should be designed, and when a third party agent improperly stores data or causes data damage, it is necessary to discover the damaged data and prove that the agent stores the missed certificate so that the user can make a subsequent benefit complaint and maintenance.
Disclosure of Invention
In view of the above, an object of one or more embodiments of the present disclosure is to provide a data sharing method and system based on an oblivious transmission protocol, so as to solve the above problems.
In view of the above, one or more embodiments of the present specification provide a data sharing method based on an oblivious transmission protocol, including:
the method comprises the steps that a receiver uses a public key of the receiver to carry out asymmetric encryption on an identifier of target data in n data owned by a sender, and sends the encrypted identifier to the sender, wherein n is an integer larger than 1, and the n data are respectively encrypted by n sub-private keys of the sender in advance in a preparation stage and then sent to an agent for storage;
based on the received encrypted identifier and the n sub-private keys, the sender calculates n re-keys and sends the n re-keys to the agent;
the proxy uses the received n re-keys to re-encrypt the n stored encrypted data respectively and sends the n re-encrypted data to a receiver;
and the receiver selects the data corresponding to the identifier from the n received data after re-encryption by using a private key corresponding to the public key to decrypt so as to obtain the target data.
Based on the same inventive concept, one or more embodiments of the present specification further provide a data sharing system based on an oblivious transport protocol, comprising a sender, an agent and a receiver,
the method comprises the steps that a receiving party carries out asymmetric encryption on an identifier of target data in n data owned by a sending party by using a public key of the receiving party, and sends the encrypted identifier to the sending party, wherein n is an integer larger than 1, and the n data are respectively encrypted by the sending party by using n sub-private keys in advance in a preparation stage and then sent to an agent for storage;
based on the received encrypted identifier and the n sub-private keys, the sender calculates n re-keys and sends the n re-keys to the agent;
the proxy uses the received n re-keys to re-encrypt the n stored encrypted data respectively and sends the n re-encrypted data to a receiver;
and the receiver selects the data corresponding to the identifier from the n received data after re-encryption by using a private key corresponding to the public key to decrypt so as to obtain the target data.
As can be seen from the above description, the data sharing method and system based on the oblivious transmission protocol provided in one or more embodiments of the present specification are based on the oblivious transmission concept, merge the concept of proxy re-encryption, expand the two-party model in data transmission into a three-party model, introduce the proxy to greatly make up the calculation amount that the original two-party oblivious transmission model algorithm brings to the sender, and transfer the calculation amount to the proxy. The method and the device have the advantages that the storage space of the sender is saved while the data safety and the user operation privacy are guaranteed, and meanwhile, the sender still has the corresponding data control right. In data transmission, the effect of providing powerful privacy protection is achieved while data security is guaranteed.
Drawings
In order to more clearly illustrate one or more embodiments or prior art solutions of the present specification, the drawings that are needed in the description of the embodiments or prior art will be briefly described below, and it is obvious that the drawings in the following description are only one or more embodiments of the present specification, and that other drawings may be obtained by those skilled in the art without inventive effort from these drawings.
FIG. 1 is a schematic diagram of a prior art proxy re-encryption;
FIG. 2 is a flow diagram of a method for data sharing based on an oblivious transfer protocol according to one or more embodiments of the present description;
fig. 3 is a schematic diagram of a system for data sharing based on an oblivious transfer protocol according to one or more embodiments of the present description.
Detailed Description
For the purpose of promoting a better understanding of the objects, aspects and advantages of the present disclosure, reference is made to the following detailed description taken in conjunction with the accompanying drawings.
It is to be noted that unless otherwise defined, technical or scientific terms used in one or more embodiments of the present specification should have the ordinary meaning as understood by those of ordinary skill in the art to which this disclosure belongs. The word "comprising" or "comprises", and the like, means that the element or item listed before the word covers the element or item listed after the word and its equivalents, but does not exclude other elements or items.
As described in the background section, it is also difficult for the existing data sharing method to meet the requirements of data sharing privacy and data integrity, and the applicant finds in the process of implementing the present disclosure that, referring to fig. 1, in the existing three-party proxy data sharing model, since encrypted data is stored in a proxy, data sharing is performed among a sender, a proxy and a receiver. The proxy re-encryption technology can only ensure the security of data and realize the management of data authority, and in the process, the data sharing behavior of the sender is known by the proxy and can be analyzed, and the behavior of the receiver requesting data is also known by the proxy and the sender and can be analyzed. According to the information, more user privacy, data information and the like can be further estimated, and the great privacy problem is caused. While the data is stored in a third party, this also poses problems to the authenticity of the data.
In view of this, one or more embodiments of the present disclosure provide a data sharing scheme for an agent oblivious transport protocol, and specifically, a sender encrypts data to be shared and uploads the encrypted data to an agent. The receiver then requests the file from the sender via the encrypted request. And after receiving the re-key, the proxy re-encrypts the stored file according to the re-key and then sends the re-key to the receiver. Finally, the receiver decrypts the received encrypted file to obtain the required file.
It can be seen that the data sharing scheme of the proxy oblivious transfer protocol in one or more embodiments of the present specification performs file data sharing based on the oblivious proxy transfer of a three-way model, and comprehensively considers the security of file sharing, the privacy of user operation, and data control. Therefore, the effect of providing powerful privacy protection is achieved while data security is guaranteed.
The technical solutions of one or more embodiments of the present specification are described in detail below with reference to specific embodiments.
Referring to fig. 2, a data sharing method based on an oblivious transmission protocol according to an embodiment of the present specification includes the following steps:
step S201, the receiver uses the own public key to carry out asymmetric encryption on the identifier of the target data in n data owned by the sender, and sends the encrypted identifier to the sender, wherein n is an integer larger than 1, and the n data are respectively encrypted by the sender in advance in a preparation stage by using n sub-private keys and then sent to an agent for storage.
In this step, the private key of the receiving party is a random number pre-selected by the receiving party in the preparation stage, and the public key of the receiving party is pre-calculated by the receiving party according to the random number in the preparation stage. The sender selects a random number as a private key and calculates a public key according to the private key. To reduce the overhead of repeatedly generating and storing a pair of random private/public keys, the sender may use a hierarchical deterministic Wallet (HD Wallet) to generate subkeys that correspond one-to-one to the sending file.
In some embodiments of the present specification, the generating the key specifically may include:
defining a finite field based on a prime number of not less than 160 bits;
selecting a plurality of elliptic curves which are defined on the finite field and have bilinear mapping relation;
obtaining respective N-order generating elements of the elliptic curves;
and calculating the public key according to one of the N-order generators and the random number.
As an example, choose E1,E2And EtIs defined in a finite field FpAbove elliptic curve, p is a large prime number (at least 160 bits). E1,E2And EtThere is a bilinear mapping relationship between: e is E1×E2→Et。G1,G2And GtAre respectively E1,E2And EtThe order of the generator of (1) is N. Then there is e (G)1,G2)=Gt. Enc ()/Dec () is a symmetric encryption algorithm. Open system parameter SP ═ E1,E2,Et,p,G1,G2,Gt,n,Enc(),Dec()).
And generating a public key and a private key of the sender and the receiver according to the system related parameters.
In this step, the identifier of the file may be a file number, and is sent to the agent as a directory of the file.
Step S202, based on the received encrypted identifier and the n sub-private keys, the sender calculates n re-keys and sends the n re-keys to the agent.
In step S203, the agent re-encrypts the n stored encrypted data with the n received re-keys, and sends the re-encrypted n data to the receiving party.
And step S204, the receiver selects the data corresponding to the identifier from the n pieces of received re-encrypted data to decrypt by using a private key corresponding to the public key so as to obtain the target data.
In some embodiments of this specification, the integrity of the data may be judged by verifying the obtained target data and the hash value of the target data, and specifically includes:
in the preparation phase, the sender stores the first hash values of the n data calculated by the hash algorithm into the block chain.
After the target data is obtained, a receiving party searches the first hash value of the target data from the block chain according to the identifier of the target data, and calculates a second hash value of the target data through a hash algorithm.
And verifying the integrity of the obtained target data by the receiver by comparing the searched first hash value with the calculated second hash value.
In this step, the obtained target data may have a situation that the data is damaged, and if the first hash value is inconsistent with the second hash value, the target data obtained by the receiving party is damaged, an intelligent contract for data auditing may be initiated in the block chain, and accountability may be determined according to a responsible party of the problem.
In some embodiments of the present specification, the intelligent contract may be used to store the file hash value in the block chain after the stored file hash value is agreed, specifically including:
the sender uploads the first hash value to a block chain;
after the agent receives the encrypted file, judging whether the hash value of the received encrypted file is consistent with a first hash value uploaded to a block chain by a sender;
if not, returning to the sender to report an error, resending the encrypted file by the sender, and returning to the previous step;
if yes, the agent completes storage and uploads the received hash value of the encrypted file to the block chain.
Based on the same inventive concept, corresponding to any embodiment method, one or more embodiments of the present specification further provide a data sharing system based on an oblivious transmission protocol.
The receiver uses a public key of the receiver to perform asymmetric encryption on an identifier of target data in n data owned by the sender, and sends the encrypted identifier to the sender, wherein n is an integer greater than 1, and the n data are respectively encrypted by the sender with n sub-private keys in advance in a preparation stage and then sent to the agent for storage.
Based on the received encrypted identifier and the n sub-private keys, the sender calculates n re-keys and sends the n re-keys to the agent.
And the proxy uses the received n re-keys to re-encrypt the n stored encrypted data respectively and sends the n re-encrypted data to a receiver.
And the receiver selects the data corresponding to the identifier from the n received data after the re-encryption by using the private key corresponding to the public key to decrypt so as to obtain the target data.
In the present system, the n child private keys are generated by the sender using a hierarchical deterministic wallet in advance in the preparation phase.
In the preparation stage, a sender stores first hash values of the n data calculated by a hash algorithm into a block chain;
after the target data is obtained, a receiving party searches the first hash value of the target data from the block chain according to the identifier of the target data, calculates a second hash value of the obtained target data through a hash algorithm, and verifies the integrity of the obtained target data by comparing the searched first hash value with the calculated second hash value.
In response to determining, by the comparison, that the first hash value is inconsistent with the second hash value, the recipient determines that the obtained target data is corrupted and initiates a smart contract for data auditing in the blockchain.
As a specific example, referring to fig. 3, Alice and Bob respectively select random numbers as their respective private keys, and calculate their respective public keys according to the private keys. For each file, Alice generates a corresponding child private key using the HD wallet. And encrypting each file, generating related information of a re-key, packaging all contents and sending the packaged contents to an agent, and storing all messages after the agent receives the contents. Bob identifies the file he wants to obtain, encrypts its serial number (set to Y) using his own public key, and sends it to Alice. And the Alice receives the Y, performs re-secret key calculation on all the sub-private keys according to the Y, generates a corresponding re-secret key, and sends the re-secret key to the agent. And after receiving all the re-encryption keys, the agent re-encrypts all the files uploaded by Alice according to the re-encryption keys to obtain all the re-encrypted files and sends the re-encrypted files to Bob. And after receiving all the re-encrypted files, Bob uses the private key of the Bob to decrypt the re-encrypted files to obtain the selected files. The end result of the proxy inadvertently transferring the protocol is that Bob cannot obtain any other files than the selected file. And neither Alice nor the agent knows which file Bob has obtained.
In order to verify whether the file is damaged or not, Alice sends the hash value of the encrypted file to the blockchain, and the agent sends the received hash value of the encrypted file and the hash value of the re-encrypted file to the blockchain. And B, the agent acquires the hash value of the encrypted file sent from Alice to the blockchain from the blockchain, compares the hash value with the hash value of the encrypted file sent and received from the agent to the blockchain, and confirms whether the file in the Alice uploading process is damaged or not, and Bob acquires the hash value from the blockchain, and compares the hash value with the hash value of the re-encrypted file received by the agent to obtain whether the file is damaged or not and a result of which the file is damaged in which step.
Therefore, in the embodiment, based on the concept of oblivious transmission, the concept of proxy re-encryption is fused, the two-party model in data transmission is expanded into a three-party model, the proxy is introduced to greatly make up the calculation amount brought to the sender by the original two-party oblivious transmission model algorithm, and the calculation amount is transferred to the proxy. The method not only ensures the data security and the user operation privacy, but also saves the storage space of the sender, and the sender still has the corresponding data control right. In data transmission, the effect of providing powerful privacy protection is achieved while data security is guaranteed. Meanwhile, the authenticity and the integrity of data are guaranteed according to the process that the agent transmits the algorithm carelessly based on the intelligent contract of the block chain.
The system of the foregoing embodiment is used to implement the corresponding data sharing method based on the oblivious transmission protocol in any of the foregoing embodiments, and has the beneficial effects of the corresponding method embodiment, which are not described herein again.
It should be noted that the above description describes certain embodiments of the present disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.
Those of ordinary skill in the art will understand that: the discussion of any embodiment above is meant to be exemplary only, and is not intended to intimate that the scope of the disclosure, including the claims, is limited to these examples; within the spirit of the present disclosure, features from the above embodiments or from different embodiments may also be combined, steps may be implemented in any order, and there are many other variations of different aspects of one or more embodiments of the present description as described above, which are not provided in detail for the sake of brevity.
While the present disclosure has been described in conjunction with specific embodiments thereof, many alternatives, modifications, and variations of these embodiments will be apparent to those of ordinary skill in the art in light of the foregoing description. For example, other memory architectures (e.g., dynamic ram (dram)) may use the discussed embodiments.
It is intended that the one or more embodiments of the present specification embrace all such alternatives, modifications and variations as fall within the broad scope of the appended claims. Therefore, any omissions, modifications, substitutions, improvements, and the like that may be made without departing from the spirit and principles of one or more embodiments of the present disclosure are intended to be included within the scope of the present disclosure.

Claims (10)

1. A method for data sharing based on an oblivious transport protocol, comprising:
the method comprises the steps that a receiver uses a public key of the receiver to carry out asymmetric encryption on an identifier of target data in n data owned by a sender, and sends the encrypted identifier to the sender, wherein n is an integer larger than 1, and the n data are respectively encrypted by n sub-private keys of the sender in advance in a preparation stage and then sent to an agent for storage;
based on the received encrypted identifier and the n sub-private keys, the sender calculates n re-keys and sends the n re-keys to the agent;
the proxy uses the received n re-keys to re-encrypt the n stored encrypted data respectively and sends the n re-encrypted data to a receiver;
and the receiver selects the data corresponding to the identifier from the n received data after the re-encryption by using the private key corresponding to the public key to decrypt so as to obtain the target data.
2. The method of claim 1, wherein the private key of the receiving party is a random number pre-selected by the receiving party during the preparation phase, and the public key of the receiving party is pre-calculated by the receiving party during the preparation phase based on the random number.
3. The method of claim 2, wherein the public key of the receiver is pre-computed by the receiver in the preparation phase by:
defining a finite field based on a prime number of not less than 160 bits;
selecting a plurality of elliptic curves which are defined on the finite field and have bilinear mapping relation;
obtaining respective N-order generating elements of the elliptic curves;
and calculating the public key according to one of the N-order generators and the random number.
4. The method of claim 1, wherein the n child private keys are generated by a sender in advance during the preparation phase using a hierarchical deterministic wallet.
5. The method according to any one of claims 1 to 4,
in the preparation stage, a sender stores first hash values of the n data calculated by a hash algorithm into a block chain;
the method further comprises the following steps:
after the target data is obtained, a receiving party searches the first hash value of the target data from the block chain according to the identifier of the target data, and calculates a second hash value of the obtained target data through a hash algorithm;
and verifying the integrity of the obtained target data by the receiver by comparing the searched first hash value with the calculated second hash value.
6. The method of claim 5, wherein the receiver verifying the integrity of the obtained target data comprises:
in response to determining, by the comparison, that the first hash value is inconsistent with the second hash value, the recipient determines that the obtained target data is corrupted and initiates a smart contract for data auditing in the blockchain.
7. A data sharing system based on an oblivious transmission protocol is characterized by comprising a sender, an agent and a receiver,
the method comprises the steps that a receiving party carries out asymmetric encryption on an identifier of target data in n data owned by a sending party by using a public key of the receiving party, and sends the encrypted identifier to the sending party, wherein n is an integer larger than 1, and the n data are respectively encrypted by the sending party by using n sub-private keys in advance in a preparation stage and then sent to an agent for storage;
based on the received encrypted identifier and the n sub-private keys, the sender calculates n re-keys and sends the n re-keys to the agent;
the proxy uses the received n re-keys to re-encrypt the n stored encrypted data respectively and sends the n re-encrypted data to a receiver;
and the receiver selects the data corresponding to the identifier from the n received data after re-encryption by using a private key corresponding to the public key to decrypt so as to obtain the target data.
8. The system of claim 7, wherein the n child private keys are generated by the sender in advance during the preparation phase using a hierarchical deterministic wallet.
9. The system of claim 7 or 8,
in the preparation stage, a sender stores first hash values of the n data calculated by a hash algorithm into a block chain;
after the target data is obtained, a receiver searches the first hash value of the target data from the block chain according to the identifier of the target data, calculates a second hash value of the obtained target data through a hash algorithm, and verifies the integrity of the obtained target data by comparing the searched first hash value with the calculated second hash value.
10. The system of claim 9, wherein in response to determining from the comparison that the first hash value is inconsistent with the second hash value, the recipient determines that the target data obtained is corrupted and initiates a smart contract for data auditing in the blockchain.
CN202110037668.3A 2021-01-12 2021-01-12 Data sharing method and system based on oblivious transmission protocol Active CN112671802B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110037668.3A CN112671802B (en) 2021-01-12 2021-01-12 Data sharing method and system based on oblivious transmission protocol

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110037668.3A CN112671802B (en) 2021-01-12 2021-01-12 Data sharing method and system based on oblivious transmission protocol

Publications (2)

Publication Number Publication Date
CN112671802A CN112671802A (en) 2021-04-16
CN112671802B true CN112671802B (en) 2022-06-17

Family

ID=75414530

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110037668.3A Active CN112671802B (en) 2021-01-12 2021-01-12 Data sharing method and system based on oblivious transmission protocol

Country Status (1)

Country Link
CN (1) CN112671802B (en)

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113381854B (en) * 2021-05-21 2022-05-31 杭州趣链科技有限公司 Data transmission method, device, equipment and storage medium
CN113515496A (en) * 2021-05-25 2021-10-19 上海旺链信息科技有限公司 File transmission method and device, electronic equipment and storage medium
CN113312647B (en) * 2021-06-23 2022-06-24 东北大学秦皇岛分校 Multi-agent data sharing method based on block chain storage
CN114244493B (en) * 2021-11-05 2023-07-18 南京邮电大学 Block chain-based key management method with threshold inadvertently updatable
CN114338038B (en) * 2021-12-27 2023-06-23 内蒙古科技大学 Storage system for secret inquiry of block chain data and careless transmission method
CN114362949B (en) * 2022-01-06 2022-11-18 北京海泰方圆科技股份有限公司 Transmission method, device, medium and equipment
CN114338228B (en) * 2022-01-26 2022-07-29 北京信安世纪科技股份有限公司 Mirror image security processing method and device and storage medium
CN114697077A (en) * 2022-02-24 2022-07-01 国网江西省电力有限公司供电服务管理中心 Electric energy data transmission method and device, storage medium and computer equipment
CN114301594B (en) * 2022-03-01 2022-05-17 华控清交信息科技(北京)有限公司 Inadvertent transmission method, multi-party secure computing platform and device for inadvertent transmission
CN114301609B (en) * 2022-03-01 2022-05-17 华控清交信息科技(北京)有限公司 Inadvertent transmission method, multi-party secure computing platform and device for inadvertent transmission

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130212388A1 (en) * 2012-02-13 2013-08-15 Alephcloud Systems, Inc. Providing trustworthy workflow across trust boundaries
CN110661618B (en) * 2019-08-20 2021-04-27 创新先进技术有限公司 Data transmission method and device and electronic equipment
CN111277413B (en) * 2020-03-06 2021-08-06 电子科技大学 Reverse password firewall method suitable for proxy re-encryption

Also Published As

Publication number Publication date
CN112671802A (en) 2021-04-16

Similar Documents

Publication Publication Date Title
CN112671802B (en) Data sharing method and system based on oblivious transmission protocol
JP7164580B2 (en) Secure multi-party loss-tolerant storage and transfer of cryptographic keys for blockchain-based systems in conjunction with wallet management systems
Kumar et al. Secure storage and access of data in cloud computing
RU2701480C2 (en) Cryptographic system for sharing keys
CN109246098B (en) Method for supporting comparison of synchronous ciphertext of backup server
US20140192976A1 (en) Method and system for id-based encryption and decryption
CN107154845B (en) BGN type ciphertext decryption outsourcing scheme based on attributes
JP6363032B2 (en) Key change direction control system and key change direction control method
JP2020508021A (en) Key exchange device and method
WO2017097344A1 (en) Method for re-keying an encrypted data file
CN103237040A (en) Storage method, storage server and storage client
Saroj et al. Threshold cryptography based data security in cloud computing
US11128452B2 (en) Encrypted data sharing with a hierarchical key structure
Son et al. Conditional proxy re-encryption for secure big data group sharing in cloud environment
CN104158880A (en) User-end cloud data sharing solution
JP2016504874A (en) Key sharing network device and configuration thereof
CN109547413B (en) Access control method of convertible data cloud storage with data source authentication
Singh et al. Secured user's authentication and private data storage-access scheme in cloud computing using Elliptic curve cryptography
JP2020532177A (en) Computer-implemented systems and methods for advanced data security, high-speed encryption, and transmission
Parmar et al. A Comparative Evaluation of Algorithms in the Implementation of an Ultra‐Secure Router‐to‐Router Key Exchange System
Belguith et al. CUPS: secure opportunistic cloud of things framework based on attribute‐based encryption scheme supporting access policy update
Lara-Nino et al. Key-establishment protocols for constrained cyber-physical systems
Siva et al. Hybrid cryptography security in public cloud using TwoFish and ECC algorithm
Buvana Optimize cryptography algorithm for efficient data security on cloud computing
CN114978496B (en) Lightweight encryption-based safe data deduplication method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant