CN112804209A - Cloud storage audit data processing method - Google Patents

Abstract

The invention belongs to the technical field of cloud storage auditing, and particularly discloses a cloud storage auditing data processing method, wherein a public key of a TPM is generated during parameter setting, so that information leakage is prevented, and a malicious cloud server cannot forge a label through the public key of the TPM and a large amount of verification label information; after the cloud server receives the blind data, only restoring the blind data into real data without restoring the corresponding tags; and blindly processing the data in an auditing stage, and generating an integrity evidence by using the blind data and the corresponding label. According to the method, a data integrity certification protocol framework is optimized, the cloud server only recovers the real data after receiving the blind data and does not recover the real label, the data is blindly processed again when generating the audit data, multiplication and power operation of the recovered label are changed into addition operation during blind data processing, and therefore the efficiency of the cloud audit protocol is improved.

Description

Cloud storage audit data processing method

Technical Field

The invention belongs to the technical field of cloud storage auditing, and particularly relates to a cloud storage auditing data processing method.

Background

With the rise of cloud computing, more and more users store data in the cloud, and the users lose control over own data because the users no longer store original data locally, which inevitably causes the users to worry about the security of the own data. Therefore, the user needs to audit and check own data to ensure the security of the own data, and thus an integrity audit scheme of the data in the cloud storage is generated. In some cases, it is often not a single user but a group-based cloud storage system. For example, in an enterprise, employees outsource work documents to cloud storage servers and then share them to colleagues. However, when work documents are outsourced to cloud servers, because they are not physically controlled by the owner of the data, how to ensure their security is a difficult problem, especially the integrity of the outsourced data.

In 2019, Tian et al proposed a lightweight security audit scheme for shared data in cloud storage. But we have proven their solution to be insecure mathematically, and an adversary can easily forge the authentication tag. In this case, even if all outsourced data has been deleted by the cloud server, it can still provide the correct proof of possession of the data. Meanwhile, the malicious cloud server can modify the data block and the corresponding identity authentication tag at will without detection.

Disclosure of Invention

The invention aims to provide a cloud audit data processing method, which solves the problems that an adversary can forge a verification label and the scheme efficiency in the prior art.

The invention is realized by the following technical scheme:

a cloud storage audit data processing method is characterized by comprising the following steps:

s1, generating data according to the set parameters;

s2, carrying out blind processing on the generated data to obtain blind data;

s3, selecting a TPM for authorization from the virtual TPM pool according to the TPM management strategy, and calculating an authentication tag corresponding to the blind data by the authorized TPM within the authorization time of the blind data;

s4, the authorized TPM sends the blind data and the authentication tag to the cloud server; before receiving the messages, the cloud server checks whether the authorization of the TPM at the current time is valid;

if the authorization of the TPM is invalid, the cloud server does not store the data and returns a reply of invalid authorization to the TPM;

if authorization of the TPM is valid, the cloud server verifies correctness of the authentication tag, if the verification is correct, blind data are recovered, and the cloud server stores real data and the authentication tag corresponding to the blind data; if the verification is incorrect, rejecting; if the authorization of the TPM is invalid, the cloud server does not take any measures;

s5, when the data integrity of the cloud server is to be checked, the TPM initiates challenge information of integrity check to the cloud server;

s6, the cloud server generates a data integrity evidence according to the challenge information of the TPM;

s7, the TPM examines the integrity evidence provided by the cloud server and verifies the correctness of the integrity evidence.

Further, step S1 specifically includes: by group administrator selecting a random

As private key of TPM, simultaneously calculating

β_iFor TPM_iPrivate key of, Z_p ^*Is a prime number field composed of non-zero elements;

random number selected by group administrator

Sending the information to the group members and the cloud server; k is a radical of₁To benefit from group usersA random secret seed generated with a pseudorandom function;

group administrator random selection

And calculate

And calculates TPM in the following manner_iPublic key of (2):

α^ja random value alpha of the jth fragment of the corresponding data block;

and the group administrator selects an interaction function f and a function sequence fi', sets an input sending window and an output sending window, and then sends the input sending window and the output sending window to the cloud server.

Further, step S2 specifically includes: (a) random secret seed k₁Blind factor for user computing group membership

Then calculates blind data block m'_ij，m′_ij＝m_ij+α_i；

(b) Upload data m'_ijIs sent by the group member to the group administrator, who also calculates the hash (id)_i,j) And will id_i,j,m′_ijSecurely sent to a group administrator, and then a new event is created by the group members; id_i,jIs a blind data block m'_ijIdentification information of (a);

(c) for new events, use hash (id)_i,j) Recording the event and broadcasting the event in the group; according to the same hash algorithm, the group administrator verifies the hash (id) after receiving the request_i,j) (ii) a If the verification passes, the group administrator will receive the blind data block m'_ij。

Further, in step S3, selecting one TPM for authorization from the virtual TPM pool according to the TPM management policy, specifically:

(a) group administrator computing according to TPM management policyAND input port u in virtual TPM pool_iCorresponding output port TPM_i；

(b) TPM generated by group administrator_iThe authorization message is as follows: { (ID)_group||u_i||Δt_i),Δt′_iWhere the identity of the group manager is ID_group，Δt_iDenotes the time, Δ t ', at which the group administrator is requested to process'_iRepresenting a time of authorization of the TPM by the group administrator; u. of_iA port for handling this event on behalf of the group administrator;

(c) the group administrator calculates the value H according to the authorization message₁As follows:

H₁((ID_group||u_i||Δt),Δt_i′)；

(d) the group administrator sends an authorization message to the cloud server and sends alpha^j,β_i,m′_ijAnd H₁Send to TPM_i；

Wherein alpha is^jA TPM for a random value α corresponding to a jth fragment of a data block (used in generating a tag for a jth data block)_iPrivate key of beta_iFor TPM_iThe private key of (2) for generating an authentication tag; m'_ijAre blind data blocks.

Further, in step S3, the specific process of calculating the corresponding authentication tag by the authorized TPM includes the following steps:

(a) obtaining a blind data block m'_ijThen, TPM_iTo give m'_ijAuthentication tag of'_iThe following were used:

then, data File (m'_ij，σ′_i) And H₁By TPM_iSending the data to a cloud server;

(b) upon receipt of the authorization message of the corresponding group administrator and the corresponding TPM'_is(m′_ij,σ′_i) Then, the output port TPM is calculated by the cloud server first_i；

If the message is only made by TPM_iAt Δ t'_iSent H to be calculated by the cloud server₁((ID_group||u_i||Δt),Δt′_i) And TPM_iCalculated H₁((ID_group||u_i||Δt),Δt′_i) Comparing; if the two are the same, the next algorithm is run, otherwise, execution is stopped.

Further, in step S4, the cloud server checks whether the authorization of the TPM at the current time is valid, which includes the following specific steps:

computing a validation tag σ by a cloud serverⁱThe correctness of (2):

if the above equation is true, then (m ') is received and stored'_ij，σ′_i) Otherwise, rejecting.

Further, in step S4, the specific process of restoring the blind data to the real data is as follows:

based on k₁Cloud server computing

And the real data is calculated using the following formula:

m_ij＝m′_ij-α_i

m'_ijfor blind data blocks, α_iBlind factors corresponding to the ith data block;

finally, the cloud stores the real data block m_i＝(m_i1,m_i2,…,m_is) And corresponding authentication tag sigma of blind dataⁱ。

Further, step S6 specifically includes: when the group administrator needs to audit the integrity of the cloud server data, a challenge is initiated to the cloud server, and Δ t is randomly selected_iAs to TPM_iWherein the input u_iHas a transmission window of Δ t_i；

Group administrator passingu_iAt Δ t_iTo TPM_iSend audit grant command and will { ID_group||u_iSending | Δ t } as audit authorization information to the cloud server;

when TPM_iAfter receiving the authorization command, executing an audit process, specifically as follows:

(a) by TPM_iRandomly selecting c blocks from all blocks sharing data, and representing the index of the selected block as L;

(b) by TPM_iThe two random numbers o that are generated are,

and calculating X ═ g^o,R＝g^r；

(c) By TPM_iComputing

(d) By TPM_iOutputting challenge information:

then, TPM_iThe CM is sent to the cloud.

Further, step S6 specifically includes: after receiving the challenge information, the cloud server firstly bases on the { ID }_group||u_iCalculating a TPM of a port; the cloud server then verifies the authorization message ID_group||u_i||Δt}；

The cloud server generates a data integrity certification as follows:

(a) decomposing the subset L from the index set L₁,…,L_dWherein the TPM_iSelected block and signed is L_i；

(b) Based on k₁Cloud server computing

And calculating m 'from this'_ij＝m_ij+α_iThen countCalculating out

And for each subset L by the cloud server_iComputing

Wherein i is more than or equal to 1 and less than or equal to d and j is more than or equal to 1 and less than or equal to s;

(c) computing by cloud server

And

integrity proofs are then generated as follows:

Pr f＝{{w_i}_1≤i≤d,π}

finally sends it to TPM_i。

Further, step S7 specifically includes: based on the received integrity proof and challenge message, the TPM verifies the correctness of the following equation:

herein, the

So it is equivalent to verify:

if the equation is True, the TPM outputs True, otherwise outputs False.

Compared with the prior art, the invention has the following beneficial technical effects:

the invention discloses a cloud audit data processing method, and designs a safe TPM public key generation method. The novel public key enables the safety of the scheme to be based on the problem of difficult discrete logarithm, and in a semi-honest environment, malicious adversaries cannot utilize known public information to crack key parameters of users by a method of solving a linear equation set to forge data labels, so that the information leakage is effectively prevented, and the data safety of the users is protected; the invention designs an efficient cloud data processing method, after a cloud server receives blind data of a user, only the blind data is restored into real data, but tags corresponding to blind data blocks are not restored into real tags; instead, the data is blindly processed again in the data auditing stage, and integrity evidence is generated by using the blind data and the corresponding label. According to the method, the multiplication operation and the power operation required by the cloud server for recovering the label corresponding to the real data block are converted into the addition operation required by the data in the blind processing process, so that a large amount of calculation burden of the cloud server at the order end is reduced, and the efficiency of the cloud audit protocol is improved.

Drawings

Fig. 1 is a model diagram of a cloud storage auditing system of the invention.

Detailed Description

The present invention will now be described in further detail with reference to specific examples, which are intended to be illustrative, but not limiting, of the invention.

The cloud storage auditing system model provided by the invention comprises four entities: a group administrator (GM), a group member (M), a cloud server (C), and a TPM. For a group, there are multiple group members. And after the data owner creates the data file, the data file is outsourced to a cloud server. And corresponding shared data can then be accessed and modified by any group member. Here, the GM may be an original data owner. Here we describe the functionality of four entities:

1. cloud server (C): the cloud (C) also provides a cloud platform for group members to share data.

2. Group member (M): the following tasks need to be accomplished: a) blind data; b) blind data is recorded and broadcast in the swarm.

3. Group Manager (GM): the following tasks need to be accomplished: a) giving a management strategy of the TPM; b) generating a public and private key pair of the TPM; c) and generating a secret seed for blinding the data of the group members and recovering the real data of the cloud.

4. The TPM needs to accomplish the following tasks: a) generating a data authentication tag for the group members; b) integrity of cloud data is verified on behalf of the swarm members.

The cloud storage audit protocol is executed in the following manner:

1. and (3) data uploading stage:

(a) the group members (data owners) generate and outsource data to cloud server servers. The data is first blindly processed and recorded by the hah diagram and then sent to the group administrator.

(b) And the group administrator selects a TPM for authorization from the virtual TPM pool according to the TPM management strategy, and the authorized TPM calculates a corresponding authentication tag in the authorization time of the blind data.

(c) The authorized TPM then sends the blind data and authentication tag to the cloud server. Before receiving these messages, the cloud server checks whether the authorization of the TPM at the current time is valid.

(d) If the authorization of the TPM is invalid, the cloud server does not store the data and returns a reply of invalid authorization to the TPM;

if valid, the cloud server will verify the correctness of the authentication tag. And if the verification is correct, recovering the blind data. Finally, the cloud server stores the real data and the authentication tag corresponding to the blind data.

2. And (3) auditing stage:

(a) and according to the TPM management strategy, selecting a TPM by the group administrator and authorizing.

(b) The challenge message is sent to the authorized TPM through the cloud. The cloud will then check if the authorization from the TPM is valid. If valid, the cloud will generate a shared data integrity manifest.

(c) Finally, by checking the correctness of the proof, the TPM may verify the integrity of the shared data in the cloud.

During parameter setting, a public key of the TPM is generated, so that information leakage is prevented, and a malicious cloud server cannot forge a label through the public key of the TPM and a large amount of verification label information; after the cloud server receives the blind data, only the blind data is restored to be real data, and the corresponding label is not restored. And blindly processing the data in an auditing stage, and generating an integrity evidence by using the blind data and the corresponding label. The efficiency of the overall protocol can be improved.

The invention discloses a cloud audit data processing method, which specifically comprises the following steps:

the method comprises the following steps: setting parameters, and generating all parameters required by the scheme;

step two: blind processing of data, namely blinding the data by a user;

step three: group administrator authorization;

step four: generating a verification label;

step five: checking the verification tag;

step six: recovering the data, namely recovering blind data into real data;

step seven: initiating a challenge, and when a group administrator wants to check the integrity of cloud data, enabling the TPM to initiate challenge information of integrity check to the cloud server;

step eight: generating an evidence, wherein the cloud server generates a data integrity evidence according to the challenge information of the TPM;

and step nine, evidence examination, wherein the TPM examines the integrity evidence provided by the cloud server and verifies the correctness of the integrity evidence.

The following is a table of letter annotations for each formula:

step one, parameter setting:

(a) the group administrator selects a random

Private key as TPMWhile calculating

(b) Random number selected by group administrator

And sending the information to the group members and the cloud server.

(c) Group administrator random selection

And calculate

And calculates TPM in the following manner_iPublic key of (2):

(d) the group administrator selects an interaction function f and a function sequence f'_iAnd sets input and output transmission windows and then transmits them to the cloud server.

Step two: data blind processing, namely, blind processing of data by a user:

(a) random secret seed k₁Blind factor for computing group membership

Blind data block m'_i′_jIs calculated as m'_ij＝m_ij+α_i。

(b) Upload data m'_ijIs sent by the group member to the group administrator, which also calculates the hash (id)_i,j) (hash value) and will id_i,j,m′_ijSecurely sent to the group administrator and then a new event is created by the group members.

(c) For new events, use hash (id)_i,j) The event is recorded and will be broadcast within the group. According to the same hash algorithm, the group administrator verifies the hash (id) after receiving the request_i,j). Such asIf fruit verified, it will receive m'_ij。

Step three: group administrator authorization:

(a) according to the TPM management strategy, the group administrator calculates the input port u in the virtual TPM pool_iCorresponding output port TPM_i。

(b) TPM generated by group administrator_iThe authorization message is as follows: { (ID)_group||u_i||Δt_i),Δt′_iWherein the identity of the group manager is ID_group，Δt_iIndicating the time of request for the group administrator's processing, Δ t_i' denotes the time of authorization of the TPM by the group administrator, u_iRepresenting the port that the group administrator uses to handle this event.

(c) The group administrator calculates the value H according to the authorization message₁As follows:

H₁((ID_group||u_i||Δt),Δt′_i)

(d) the group administrator then sends an authorization message to the cloud and sends alpha^j,β_i,m′_ijAnd H₁Send to TPM_i。

Step four: generation of the verification tag:

(a) obtaining a blind data block m'_ijThen, TPM_iTo give m'_ijAuthentication tag of'_iThe following were used:

e.g. m'₅Is generated as an authentication tag

Then, data File (m'_ij，σ′_i) And H₁By TPM_iAnd sending the data to a cloud server.

(b) Upon receipt of the authorization message of the corresponding group administrator and the corresponding TPM'_is(m′_ij,σ′_i) Then, first, output port TPM is calculated by cloud_i. If the message is only made by TPM_iAt Δ t_i' sent, then H to be computed by the cloud server₁((ID_group||u_i||Δt),Δt′_i) And TPM_iCalculated H₁((ID_group||u_i||Δt),Δt′_i) A comparison is made. If the two are the same, the next algorithm is run, otherwise, execution is stopped.

Step five: checking of the verification tag:

computing a validation tag σ by a cloud serverⁱThe correctness of (2):

if the above equation is true, then (m ') is received and stored'_ij，σ′_i) Otherwise, rejecting.

Step six: and (3) data recovery, namely recovering blind data into real data:

based on k₁Cloud server computing

And the real data is calculated using the following equation:

m_ij＝m′_ij-α_i

note that the true blind data validation tag σ is not computed hereⁱ. Finally, the cloud stores the real data block m_i＝(m_i1,m_i2,…,m_is) And corresponding blind authenticator sigmaⁱ。

Step seven: initiating a challenge

When a group administrator needs to audit the integrity of cloud server data, the cloud is challenged, and delta t is randomly selected_iAs to TPM_iWherein the input u_iHas a transmission window of Δ t_i. Group administrator through u_iAt Δ t_iTo TPM_iSend audit grant command and will { ID_group||u_iAnd | Δ t } is sent to the cloud server as audit authorization information. When TPM_iAfter receiving an authorization command of a group manager, executing an audit process, specifically as follows:

(a) by TPM_iC blocks are randomly selected from all blocks sharing data, and an index of the selected block is denoted as L.

(b) By TPM_iThe two random numbers o that are generated are,

and calculating X ═ g^o,R＝g^r。

(c) By TPM_iComputing

(d) By TPM_iOutputting challenge information:

then, TPM_iChallenge information CM is sent to the cloud.

Step eight: generating integrity evidence with a server:

after receiving the challenge information CM, the cloud server firstly bases on the { ID_group||u_iCalculate port TPM. The cloud server then verifies the authorization message ID_group||u_i| Δ t }. The cloud server generates a data integrity certification as follows:

(a) decomposing the subset L from the index set L₁,…,L_dWherein the TPM_iSelected block and signed is L_i。

(b) Based on k₁Cloud server computing

And calculating m 'from this'_ij＝m_ij+α_iThen calculate

And for each subset L by the cloud server_iComputing

Wherein i is more than or equal to 1 and less than or equal to d and j is more than or equal to 1 and less than or equal to s.

(c) Computing by cloud server

And

integrity proofs are then generated as follows:

Prf＝{{w_i}_1≤i≤d,π}

finally sends it to TPM_i。

Step nine: and (3) evidence examination, wherein the TPM examines integrity evidence provided by the cloud server and verifies the correctness of the integrity evidence:

based on the received integrity proof and challenge message CM, the TPM verifies the correctness of the following formula:

herein, the

So it is equivalent to verification:

if the equation is True, the TPM outputs True, otherwise outputs False.

Claims (10)

1. A cloud storage audit data processing method is characterized by comprising the following steps:

s1, generating data according to the set parameters;

s2, carrying out blind processing on the generated data to obtain blind data;

s3, selecting a TPM for authorization from the virtual TPM pool according to the TPM management strategy, and calculating an authentication tag corresponding to the blind data by the authorized TPM within the authorization time of the blind data;

s4, the authorized TPM sends the blind data and the authentication tag to the cloud server; before receiving the messages, the cloud server checks whether the authorization of the TPM at the current time is valid;

if the authorization of the TPM is invalid, the cloud server does not store the data and returns a reply of invalid authorization to the TPM;

if authorization of the TPM is valid, the cloud server verifies correctness of the authentication tag, if the verification is correct, blind data are recovered, and the cloud server stores real data and the authentication tag corresponding to the blind data; if the verification is incorrect, rejecting; if the authorization of the TPM is invalid, the cloud server does not take any measures;

s5, when the data integrity of the cloud server is to be checked, the TPM initiates challenge information of integrity check to the cloud server;

s6, the cloud server generates a data integrity evidence according to the challenge information of the TPM;

s7, the TPM examines the integrity evidence provided by the cloud server and verifies the correctness of the integrity evidence.

2. The cloud storage audit data processing method according to claim 1, wherein step S1 specifically includes: by group administrator selecting a random

As private key of TPM, simultaneously calculating

β_iFor TPM_iPrivate key of, Z_p ^*Is a prime number composed of non-zero elementsA domain;

random number selected by group administrator

Sending the information to the group members and the cloud server; k is a radical of₁A random secret seed generated for a group of users using a pseudorandom function;

group administrator random selection

And calculate

And calculates TPM in the following manner_iPublic key of (2):

α^ja random value alpha of the jth fragment of the corresponding data block;

group administrator selects interaction function f and function sequence f_i' and sets an input transmission and output transmission window, and then transmits to the cloud server.

3. The cloud storage audit data processing method according to claim 2, wherein step S2 specifically includes: (a) random secret seed k₁Blind factor for user computing group membership

Then calculates blind data block m'_ij，m′_ij＝m_ij+α_i；

(b) Upload data m'_ijIs sent by the group member to the group administrator, who also calculates the hash (id)_i,j) And will id_i,j,m′_ijSecurely sent to a group administrator, and then a new event is created by the group members; id_i,jIs a blind data block m'_ijIdentification information of (a);

(c) for new eventsUsing hash (id)_i,j) Recording the event and broadcasting the event in the group; according to the same hash algorithm, the group administrator verifies the hash (id) after receiving the request_i,j) (ii) a If the verification passes, the group administrator will receive the blind data block m'_ij。

4. The method for processing cloud storage audit data according to claim 1, wherein in step S3, one TPM for authorization is selected from a virtual TPM pool according to a TPM management policy, specifically:

(a) according to the TPM management strategy, the group administrator calculates the input port u in the virtual TPM pool_iCorresponding output port TPM_i；

(b) TPM generated by group administrator_iThe authorization message is as follows: { (ID)_group||u_i||Δt_i),Δt′_iWhere the identity of the group manager is ID_group，Δt_iIndicating the time of request for the group administrator's processing, Δ t_i' represents the time authorized by the group administrator for the TPM; u. of_iA port for handling this event on behalf of the group administrator;

(c) the group administrator calculates the value H according to the authorization message₁As follows:

H₁((ID_group||u_i||Δt),Δt′_i)；

(d) the group administrator sends an authorization message to the cloud server and sends alpha^j,β_i,m′_ijAnd H₁Send to TPM_i；

Wherein alpha is^jA TPM for a random value α corresponding to a jth fragment of a data block (used in generating a tag for a jth data block)_iPrivate key of beta_iFor TPM_iThe private key of (2) for generating an authentication tag; m'_ijAre blind data blocks.

5. The cloud storage audit data processing method according to claim 3, wherein in step S3, the specific process of calculating the corresponding authentication tag by the authorized TPM comprises the following steps:

(a) obtaining a blind data block m'_ijThen, TPM_iTo give m'_ijAuthentication tag of'_iThe following were used:

then, data File (m'_ij，σ′_i) And H₁By TPM_iSending the data to a cloud server;

(b) upon receipt of the authorization message of the corresponding group administrator and the corresponding TPM'_is(m′_ij,σ′_i) Then, the output port TPM is calculated by the cloud server first_i；

If the message is only made by TPM_iAt Δ t_i' sent, then H to be computed by the cloud server₁((ID_group||u_i||Δt),Δt′_i) And TPM_iCalculated H₁((ID_group||u_i||Δt),Δt′_i) Comparing; if the two are the same, the next algorithm is run, otherwise, execution is stopped.

6. The cloud storage audit data processing method according to claim 3, wherein in step S4, the cloud server checks whether the authorization of the TPM at the current time is valid, and the specific process is as follows:

computing a validation tag σ by a cloud serverⁱThe correctness of (2):

if the above equation is true, then (m ') is received and stored'_ij，σ′_i) Otherwise, rejecting.

7. The cloud storage audit data processing method according to claim 3, wherein in step S4, the specific process of restoring the blind data to the real data is as follows:

based on k₁Cloud server computing

And the real data is calculated using the following formula:

m_ij＝m′_ij-α_i

m'_ijfor blind data blocks, α_iBlind factors corresponding to the ith data block;

finally, the cloud stores the real data block m_i＝(m_i1,m_i2,…,m_is) And corresponding authentication tag sigma of blind dataⁱ。

8. The cloud storage audit data processing method according to claim 1, wherein step S6 specifically includes: when the group administrator needs to audit the integrity of the cloud server data, a challenge is initiated to the cloud server, and Δ t is randomly selected_iAs to TPM_iWherein the input u_iHas a transmission window of Δ t_i；

Group administrator through u_iAt Δ t_iTo TPM_iSend audit grant command and will { ID_group||u_iSending | Δ t } as audit authorization information to the cloud server;

when TPM_iAfter receiving the authorization command, executing an audit process, specifically as follows:

(a) by TPM_iRandomly selecting c blocks from all blocks sharing data, and representing the index of the selected block as L;

(b) by TPM_iThe two random numbers o that are generated are,

and calculating X ═ g^o,R＝g^r；

(c) By TPM_iComputing

(d) By TPM_iOutputting challenge information:

then, TPM_iThe CM is sent to the cloud.

9. The cloud storage audit data processing method according to claim 3, wherein step S6 specifically includes: after receiving the challenge information, the cloud server firstly bases on the { ID }_group||u_iCalculating a TPM of a port; the cloud server then verifies the authorization message ID_group||u_i||Δt}；

The cloud server generates a data integrity certification as follows:

(a) decomposing the subset L from the index set L₁,…,L_dWherein the TPM_iSelected block and signed is L_i；

(b) Based on k₁Cloud server computing

And calculating m 'from this'_ij＝m_ij+α_iThen calculate

And for each subset L by the cloud server_iComputing

Wherein i is more than or equal to 1 and less than or equal to d and j is more than or equal to 1 and less than or equal to s;

(c) computing by cloud server

And

integrity proofs are then generated as follows:

Prf＝{{w_i}_1≤i≤d,π}

finally sends it to TPM_i。

10. The cloud storage audit data processing method according to claim 1, wherein step S7 specifically includes: based on the received integrity proof and challenge message, the TPM verifies the correctness of the following equation:

herein, the

1 ≦ i ≦ d, so it is equivalent to verify:

if the equation is True, the TPM outputs True, otherwise outputs False.

Images