CN112732695A

CN112732695A - Cloud storage data security deduplication method based on block chain

Info

Publication number: CN112732695A
Application number: CN202110080490.0A
Authority: CN
Inventors: 刘文印; 张桂鹏; 林禄滨; 钟林峰
Original assignee: Guangdong University of Technology
Current assignee: Guangdong University of Technology
Priority date: 2021-01-21
Filing date: 2021-01-21
Publication date: 2021-04-30
Anticipated expiration: 2041-01-21
Also published as: CN112732695B

Abstract

The invention discloses a block chain-based cloud storage data security duplicate removal method, which is characterized in that a generated file label is sent to a cloud storage service provider for repeated detection; if the result is file repetition, the user generates a file repeated storage log, and executes an intelligent contract through an intelligent contract management center to integrate the storage log into a transaction and upload the transaction to a block chain for storage, so that the current storage state information is safely stored; if the result is that the file is not repeated, the key server generates a permission key of the user by constructing a role hierarchical hash tree, performs safe encryption operation on data by using the permission key, and uploads a ciphertext to a cloud storage server for storage; and generating a file unrepeated storage log and transaction with the assistance of the intelligent contract management center. The method and the system can realize safe duplication removal and storage of the data of the cloud user, resist stealing and tampering malicious behaviors of a cloud storage service provider, greatly reduce the computing overhead of the cloud storage server and ensure privacy safety.

Description

Cloud storage data security deduplication method based on block chain

Technical Field

The invention belongs to the technical field of block chains, and particularly relates to a cloud data security duplicate removal method based on a block chain.

Background

Currently, the cloud computing technology has been widely applied in the information field, and can effectively allocate computing resources and improve the efficiency of data storage. With the continuous development of cloud computing technology, more and more users choose to outsource their data to cloud storage server providers, and cloud storage service providers face data storage management problems in a big data environment. With the rapid growth of user data, a large amount of redundant data is uploaded to and stored on the cloud storage server, which consumes a large amount of communication bandwidth and storage space of the cloud storage service provider. The data de-duplication technology can detect and eliminate redundant data on the cloud storage server, so that the cloud storage server is prevented from storing the same user data for multiple times, but the data de-duplication technology cannot be compatible with a traditional encryption algorithm. Generally, to ensure the security of data, users need to perform encryption operations on data using conventional encryption algorithms before outsourcing their data. Since a user may select different encryption keys, even the same data may be eventually encrypted into different ciphertexts, which makes it impossible for a cloud storage service provider to perform a corresponding deduplication technology.

In order to realize effective deduplication of encrypted data, related researchers propose a safe deduplication algorithm based on convergent encryption, namely a convergent key of user data is calculated through a safe hash function, and then the data is encrypted through the convergent key to obtain a unique ciphertext. However, since the encryption algorithm is a deterministic encryption strategy, the cloud storage service provider can crack the key through brute force attack to obtain the original ciphertext. Related researchers put forward a security guarantee scheme of a convergence secret key, namely, a secret sharing scheme is used for cutting the secret key into fragments, the fragments are scattered to a plurality of cloud storage servers for storage, and meanwhile, a deterministic hash value is used for replacing a random value generated by a traditional secret sharing scheme, so that higher reliability is realized; however, the scheme still cannot resist collusion attack performed by a cloud storage service provider, and once a plurality of cloud storage servers collude with each other, the key fragments can still be reconstructed and restored to a complete key, so as to obtain an original file.

In recent years, the blockchain technology has attracted extensive attention and applications in academia and industry due to the characteristics of decentralization, information traceability, data non-falsification and the like. Related researchers have proposed a block chain-based security deduplication scheme, which stores tag information of user data by using a block chain as a secure log database, downloads corresponding tag information from a block when the user data needs to be verified, and determines whether the user data is complete by matching the tag information. However, due to the lack of effective encryption algorithm participation and the guarantee of the security protocol, the confidentiality and security of the data in the storage state and the transmission state cannot be guaranteed. Therefore, a better method is needed to ensure the security of the user data and resist malicious tampering and stealing of the user data by the cloud storage provider.

Disclosure of Invention

The invention aims to provide a block chain-based cloud storage data security deduplication method, which ensures confidentiality and security of data on a cloud storage server, generates a storage log by using a block chain technology to generate information of user data, and integrates the storage log into a transaction to be uploaded to a block chain for storage; the user can decrypt the file and execute a local data auditing protocol through the transaction information on the blockchain at any time so as to complete the safe storage and the integrity verification.

In order to achieve the purpose, the invention adopts the following technical scheme:

a cloud storage data security deduplication method based on a block chain comprises the following steps:

step S1, generating a file label by constructing a Merkle hash tree, and sending the file label to a cloud storage service provider for repeatability detection;

step S2, if the result is file repetition, generating a file repeated storage log, and executing an intelligent contract through an intelligent contract management center to integrate the storage log into a transaction and upload the transaction to a block chain for storage, so as to safely store the current storage state information;

step S3, if the result is that the file is not repeated, the key server generates an authority key of the user by constructing a role hierarchical hash tree, performs safe encryption operation on data through the authority key, and uploads a ciphertext to a cloud storage server for storage; and meanwhile, generating a file unrepeated storage log and transaction under the assistance of the intelligent contract management center.

Preferably, in step S1, the file F is divided into n data blocks F ═ B_iConstructing a Merkle hash tree by taking the data blocks as leaf nodes, and calculating a root node R (i is more than or equal to 1 and less than or equal to n-1); the root node R is used as a label of the file F and is sent to a cloud storage service provider CSP for repeated check; the CSP will check if the tag is already present and return the detection result to the user.

Preferably, if a file label exists, the user identity is identified by ID_UAnd the identity ID of the cloud storage service provider_CSPUploading the file to a block chain, sending a request of storing the file to the block chain, entrusting the request to an intelligent contract management center (SCMC), and uploading the ID by the SCMC_UAnd ID_CSPConversion into blockchain accounts EA by elliptic curve algorithm_UAnd EA_CSPGenerating a transaction TX (To From Value Data) including file repeated storage log Data by executing the intelligent contract I, and submitting the transaction TX To a block chain by the SCMC;

wherein To is the account EA of the sender_UFrom is the account number EA of the receiving party_CSPValue pays for the need to create the transactionData is the information stored in the transaction TX, sig (TX) is the signature of the user U on the transaction TX.

Preferably, if the file label does not exist, the convergence key is calculated to be K_CEi＝H(B_i) The key server KS generates a corresponding key authority K according to the role hierarchical hash tree_RAnd sending to the user; user-calculated final encryption key

And additional information I ═ ID of the file_U||ID_F||K_R| n | | T, and data B_iEncrypted with additional information I to ciphertext C_IEncrypt (pk, I) and C_Bi＝Encrypt(K_Bi,B_i) Wherein Encrypt (.) is a DES symmetric encryption algorithm; then the user calculates the ID of the unrepeated log information Data of the file_U||ID_CSP||C_I||Sig_sk(R) and the detected value Y m.H (data), and transmits information (H (data), Y, C_Bi) The CSP is given; the CSP detects whether the formula e (Y, g) e (H (data) and pk) is true or not, so as to verify the correctness of the additional information; if the equation holds, SCMC accepts (ID)_U,ID_CSPData) and executing smart contract II To create a transaction containing log information Data as TX To From Value Data sig (TX), wherein the log information Data is ID_U||ID_CSP||C_I||Sig_sk(R); the SCMC submits TX to the block chain to generate a new block.

Preferably, a memory log TX is created along with the blockchain, which includes a file-duplicate memory log and a file-non-duplicate memory log for recording the file storage condition.

Preferably, the method further comprises the following steps: when the integrity of the file needs to be verified, a local data auditing algorithm is executed by downloading the storage log, so that whether the downloaded file is complete or not is verified.

Preferably, after downloading the file F ', the file F' is divided into n data blocks F '═ B'_i}_1≤i≤n-1Then constructing a Merkle hash tree by taking the data blocks as leaf nodes, and finally constructing a Merkle hash tree by taking the data blocks as leaf nodesCalculating a root node R'; downloading and storing log information Data from block chain as ID_U||ID_CSP||C(I)||Sig_sk(R) and checking the correctness of the time stamp T and the number n of data blocks; if correct, the transaction signature Sig is decrypted using its public key pk_sk(R), obtaining a file label R, and finally verifying whether the formula R 'is true, if true, indicating that the downloaded file is complete, i.e. F is F'.

Preferably, when the data is stored in the cloud server, the user sends an integrity check request to the SCMC, which selects an index set S { S } containing c elements₁,s₂,...,s_cAnd the set Q { (i, v)_i) In which v is_iIs the ith random value, satisfies i ∈ S and

the BSC then sets Q { (i, v)_i) Sending to the CSP as a challenge, and outputting a result t (t ═ 1 indicates successful verification, and t ═ 0 indicates failed verification); when t is 1, the CSP needs to sort out the corresponding data block serial number on the server by using the set Q and generate the certification label P of the corresponding data block as GenProof (C)_Bi,Q,Φ_i) Wherein GenProof (,) is a proof tag generation function, C_BiIs the ciphertext and phi corresponding to the data block_iThe CSP returns a proof tag P to the user, and the user determines the integrity of the cloud data by verifying the correctness of the P.

According to the invention, the data security deduplication and storage of the cloud user are realized through the block chain technology, the malicious behaviors of stealing, tampering and the like of a cloud storage service provider are resisted, the computing overhead of the cloud storage server is greatly reduced, and the privacy security is ensured.

Drawings

In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on the drawings without creative efforts; wherein the content of the first and second substances,

FIG. 1 is a flow chart of a cloud storage data security deduplication method of the present invention;

FIG. 2 is a schematic diagram of a hierarchical role hash tree according to the present invention;

FIG. 3 is a schematic representation of the Mercker hash tree of the present invention (when the data block n is 6);

FIG. 4 is an intelligent contract I according to the present invention;

FIG. 5 is a smart contract II according to the present invention;

FIG. 6 is a schematic diagram of a transaction in which a document according to the present invention is stored;

FIG. 7 is a schematic diagram of a transaction when a file is not stored according to the present invention;

fig. 8 is a smart contract III according to the present invention.

Detailed Description

The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

In order to make the aforementioned objects, features and advantages of the present invention comprehensible, embodiments accompanied with figures are described in further detail below.

As shown in fig. 1, the present invention provides a block chain-based cloud storage data security deduplication method, which includes the following steps:

step S3, if the result is that the file is not repeated, the key server generates the authority key of the user by constructing a role hierarchical hash tree, performs safe encryption operation on the data through the authority key, and uploads the ciphertext to the cloud storage server for storage; and meanwhile, generating a file unrepeated storage log and transaction under the assistance of the intelligent contract management center.

According to the invention, the data security deduplication and storage of the cloud user are realized through the block chain technology, the malicious actions of stealing, tampering and the like of a cloud storage service provider are resisted, the computing overhead of the cloud storage server is greatly reduced, and the privacy security is ensured.

Further, step S1 specifically includes:

dividing file F into n data blocks F ═ B_iThe data blocks are used as leaf nodes to construct a Merkle hash tree (as shown in figure 3), a root node R is calculated, and a user uses the root node R as a label of a file F and sends the file F to a cloud storage service provider (CSP) for repeatability check; the CSP will check if the tag is already present and return the detection result to the user.

Further, let the user ID be represented as ID_UThe identity of the file owned by it is represented as ID_FSetting e: GXG → G_TIs a bilinear map, G and G_TFor both multiplicative groups, p, G is the generator of G, with the same prime order. A storage log TX is created together with the blockchain, and includes a file duplicate storage log and a file non-duplicate storage log, so as to record the file storage condition.

If the file tag is present, this indicates that the file F has been stored. First, identify the user ID_UAnd the identity ID of the cloud storage service provider_CSPUploading the file to a block chain, sending a request of storing the file to the block chain, entrusting the request to an intelligent contract management center (SCMC), and enabling the SCMC to upload an identification ID (identity) first_UAnd ID_CSPConversion into block chain account EA by elliptic curve algorithm ECDSA-secp256k1_UAnd EA_CSPAnd generates a one by executing the intelligent contract I (as shown in FIG. 4)The pen includes a transaction TX ═ To | | From | | | Value | | | Data | | sig (TX) for the file repeated storage log Data, as shown in fig. 6, To is the account EA of the sender_UFrom is the account EA of the receiver_CSPValue is the fee to be paid for creating the transaction, and the Value is the service fee of the storage file F; data is the information stored in the transaction TX, with a value of 0, sig (TX) being the signature of the user U on the transaction TX. Finally the SCMC submits the transaction TX to the blockchain.

If the file label does not exist, the file is not stored on the cloud server, and the convergence key is calculated to be K_CEi＝H(B_i). The key server KS will generate a corresponding key authority K according to the role hierarchical hash tree_RAnd sent to the user. User-calculated final encryption key

And additional information I ═ ID of the file_U||ID_F||K_R| n | | T, and data B_iEncrypted with additional information I to ciphertext C_IEncrypt (pk, I) and C_Bi＝Encrypt(K_Bi,B_i) Wherein Encrypt () is DES symmetric encryption algorithm. Then the user calculates the ID of the unrepeated log information Data of the file_U||ID_CSP||C_I||Sig_sk(R) and the detected value Y m.H (data), and transmits information (H (data), Y, C_Bi) To the CSP. The CSP first checks whether the formula e (Y, g) ═ e (h (data)) and pk are true, thereby verifying the correctness of the additional information. If the equation holds, SCMC accepts (ID)_U,ID_CSPData) and execute smart contract II (as shown in fig. 5) To create a transaction TX To From Value Data sig (TX) containing log information Data, as shown in fig. 7, where Value is the storage service fee and log information Data ID_U||ID_CSP||C_I||Sig_sk(R) in the presence of a catalyst. Finally the SCMC submits TX to the block chain to generate a new block.

The generated encryption key comprises two types: a public-private key pair and an authority key. For the generation of the public-private key pair, the Key Server (KS) may randomly select an integer m as the private key sk ═ m, and the public key may beTo calculate as pk ═ g^m. For the generation of the authority key, the Key Server (KS) calculates the authority key according to the authority difference of the users, and a role hierarchical hash tree can be constructed by utilizing a balanced binary tree as shown in figure 2, so as to map the relationship between the user authority and the encryption key. Since users in the common hierarchical system have different roles, different roles have different privilege levels correspondingly. The invention defines the role attributes of the users as L (L belongs to N), each user has the respective role attribute L, therefore, the role attributes of m users form an ordered set { L ∈ N }_i}_1≤i≤mThe ordered set { L }_i}_1≤i≤mAs a key to a node, a role-level hash tree is constructed using properties of a balanced binary tree. Each node of the hash tree may represent a group of roles. Wherein the value of the ith node is RG | | | L_iAnd RG represents a unique identification of the node. When rights belong to a role group RG_U||L_iThe user U needs to upload the data F to the cloud server and its specified rights belong to RGU' | | L in the role group_jCan the member U' access the data F. The authority key K_RThe calculation formula of (2) is as follows: k_R＝H₁(RG_U||L_i)||H₂(RG_U，||L_j) Wherein H is₁And H₂For a secure hash function, | | represents a connector. When the user belongs to the role group RG_UWhen updating is needed, only the node value corresponding to the authority level hash tree needs to be updated.

Further, in order to download the file F, the encryption key K needs to be recovered_Bi. First the user sends a download request to the SCMC. SCMC downloads stored log information Data from block chain as ID_U||ID_CSP||C(I)||Sig_skAnd (R) and sending to the user. The user analyzes the ciphertext C (I) of the additional information of the file from the Data of the storage log, and decrypts the plaintext I (ID) of the additional information by using the private key sk of the user_U||ID_F||K_RIf n T, the user can continue to analyze the authority key K from the additional information I_RAnd using the authority key K_RAnd a convergence key K_CEiTo obtainEncryption key

The end user utilizes the encryption key K_BiDecrypting a data block Bi ═ Decrypt (K) from the cloud storage server_Bi,C_Bi) And restore file F ═ B_i}。

Further, the present invention also includes: when the integrity of the file needs to be verified, a local data auditing algorithm is executed by downloading the storage log, so that whether the downloaded file is complete or not is verified. The method specifically comprises the following steps:

after downloading the file F ', the file F' is divided into n data blocks F '═ B'_i}_1≤i≤n-1Then, constructing a Merkle Hash tree by taking the data blocks as leaf nodes, and finally calculating a root node R' of the Merkle Hash tree; downloading and storing log information Data from block chain as ID_U||ID_CSP||C(I)||Sig_sk(R) and checking the correctness of the time stamp T and the number n of data blocks; if correct, the transaction signature Sig is decrypted using its public key pk_sk(R), obtaining a file label R, and finally verifying whether the formula R 'is true, if true, indicating that the downloaded file is complete, i.e. F is F'.

The invention also supports the integrity verification of the remote cloud data, and can verify the integrity of the data on the remote cloud server through a random sampling algorithm based on an intelligent contract. When the data is stored at the cloud server, the user sends an integrity audit request to the SCMC. The SCMC executes the smart contract III shown in fig. 8 to transmit a randomly sampled set Q of data block sequence numbers. Specifically, the SCMC selects an index set S ═ { S } containing c elements₁,s₂,...,s_cAnd the set Q { (i, v)_i) In which v is_iIs the ith random value, satisfies i ∈ S and

the BSC then sets Q { (i, v)_i) It sends it as a challenge to the CSP and outputs the result t (t-1 indicates successful authentication and t-0 indicates failed authentication). When t is 1, the CSP needs to select the corresponding data block sequence number on the server by using the set Q and generatesProof tag P-GenProof (C) corresponding to the data block_Bi,Q,Φ_i). Wherein GenProof (,) is the proof tag Generation function, C_BiIs the ciphertext and phi corresponding to the data block_iAnd finally, the CSP returns a proof tag P to the user, and the user determines the integrity of the cloud data by verifying the correctness of the P.

The cloud storage data security deduplication method provided by the invention can ensure the confidentiality and the security of data on a cloud storage server, and mainly utilizes a block chain technology to generate a storage log from information of user data, and integrates the storage log into a transaction to be uploaded to a block chain for storage. The user can decrypt the file and execute a local data auditing protocol through the transaction information on the blockchain at any time so as to complete the safe storage and the integrity verification.

It will be apparent to those skilled in the art that various modifications and variations can be made in the present invention without departing from the spirit or scope of the invention. It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that modifications and variations can be made without departing from the spirit and scope of the invention as defined by the appended claims.

Claims

1. A cloud storage data security deduplication method based on a block chain is characterized by comprising the following steps:

2. The block chain-based cloud storage data security deduplication method of claim 1, wherein in step S1, file F is divided into n data blocks F ═ B_iConstructing a Merkle hash tree by taking the data blocks as leaf nodes, and calculating a root node R; the root node R is used as a label of the file F and is sent to a cloud storage service provider CSP for repeated check; the CSP will check if the tag is already present and return the detection result to the user.

3. The block chain-based cloud storage data security deduplication method of claim 1 or 2, wherein if a file tag exists, a user identity ID is used_UAnd the identity ID of the cloud storage service provider_CSPUploading the file to a block chain, sending a request of storing the file to the block chain, entrusting the request to an intelligent contract management center (SCMC), and uploading the ID by the SCMC_UAnd ID_CSPConversion into blockchain accounts EA by elliptic curve algorithm_UAnd EA_CSPGenerating a transaction TX (To From Value Data) including file repeated storage log Data by executing the intelligent contract I, and submitting the transaction TX To a block chain by the SCMC;

wherein To is the account EA of the sender_UFrom is the account EA of the receiver_CSPValue is the fee to be paid for creating the transaction, Data is the information stored in the transaction TX, sig (TX) is the signature of the transaction TX by the user U.

4. The block chain-based cloud storage data security deduplication method of claim 3, wherein if a file label does not exist, a convergence key is calculated to be K_CEi＝H(B_i) The key server KS generates a corresponding key authority K according to the role hierarchical hash tree_RAnd sending to the user; user-calculated final encryption key

And additional information I ═ ID of the file_U||ID_F||K_R| n | | T, and data B_iEncrypted with additional information I to ciphertext C_IEncrypt (pk, I) and C_Bi＝Encrypt(K_Bi,B_i) Wherein Encrypt (.) is a DES symmetric encryption algorithm; then the user calculates the ID of the unrepeated log information Data of the file_U||ID_CSP||C_I||Sig_sk(R) and the detected value Y m.H (data), and transmits information (H (data), Y, C_Bi) The CSP is given; the CSP detects whether the formula e (Y, g) e (H (data) and pk) is true or not, so as to verify the correctness of the additional information; if the equation holds, SCMC accepts (ID)_U,ID_CSPData) and executing an intelligent contract II To create a transaction containing log information Data as TX To From Value Data sig (TX), wherein the log information Data is ID_U||ID_CSP||C_I||Sig_sk(R); the SCMC submits TX to the block chain to generate a new block.

5. The safe deduplication method for block chain-based cloud storage data as claimed in claim 2 or 4, wherein a storage log TX is created together with the block chain, and the storage log TX includes a file duplicate storage log and a file non-duplicate storage log for recording file storage.

6. The block chain based cloud storage data security deduplication method of claim 5, further comprising: when the integrity of the file needs to be verified, a local data auditing algorithm is executed by downloading the storage log, so that whether the downloaded file is complete or not is verified.

7. The secure block chain-based cloud storage data deduplication method of claim 6, wherein after downloading the file F ', the file F' is divided into n data blocks F '═ B'_i}_1≤i≤n-1Then the data block is taken as a leafConstructing a Merkle hash tree by the nodes, and finally calculating a root node R' of the Merkle hash tree; downloading and storing log information Data from block chain as ID_U||ID_CSP||C(I)||Sig_sk(R) and checking the correctness of the time stamp T and the number n of data blocks; if correct, the transaction signature Sig is decrypted using its public key pk_sk(R), obtaining a file label R, and finally verifying whether the formula R 'is true, if true, indicating that the downloaded file is complete, i.e. F is F'.

8. The block chain based secure deduplication method of cloud storage data as claimed in claim 4, wherein when the data is stored in the cloud server, the user sends an integrity audit request to the SCMC, which selects the index set S ═ { S } containing c elements₁,s₂,...,s_cAnd the set Q { (i, v)_i) In which v is_iIs the ith random value, satisfies i ∈ S and

the BSC then sets Q { (i, v)_i) Sending to the CSP as a challenge, and outputting a result t (t ═ 1 indicates successful verification, and t ═ 0 indicates failed verification); when t is 1, the CSP needs to sort out the corresponding data block serial number on the server by using the set Q and generate the certification label P of the corresponding data block as GenProof (C)_Bi,Q,Φ_i) Wherein Genproof () is a proof tag generation function, C_BiIs the ciphertext and phi corresponding to the data block_iThe CSP returns a proof tag P to the user, and the user determines the integrity of the cloud data by verifying the correctness of the P.