CN112906056A - Cloud storage key security management method based on block chain - Google Patents
Cloud storage key security management method based on block chain Download PDFInfo
- Publication number
- CN112906056A CN112906056A CN202110284942.7A CN202110284942A CN112906056A CN 112906056 A CN112906056 A CN 112906056A CN 202110284942 A CN202110284942 A CN 202110284942A CN 112906056 A CN112906056 A CN 112906056A
- Authority
- CN
- China
- Prior art keywords
- key
- user
- cloud storage
- block chain
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Medical Informatics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a block chain-based cloud storage key security management method. In order to realize safe and reliable key management, a data owner can firstly generate a key authentication code by using a message authentication code mechanism, then divide a key into key fragments by adopting a secret sharing scheme, and finally cooperate with a node management center to integrate the key fragments into effective transactions and issue the transactions to a block chain. When data needs to be downloaded, the owner of the data can recover a complete encryption key from the block chain by using the valid private key of the owner of the data, and the integrity of the encryption key can be verified by using the key authentication code. According to the invention, the safety management of the cloud storage key is realized through the block chain technology, and malicious attacks such as collusion, stealing, tampering and the like initiated by a cloud storage service provider are resisted, so that the data privacy safety of a data owner is ensured.
Description
Technical Field
The invention belongs to the field of block chains, and particularly relates to a cloud storage key security management method based on a block chain.
Background
In recent years, with the rapid development of cloud computing technology, more and more cloud storage service providers provide data storage services for users, and at the moment, the users can choose to outsource their data to the cloud storage service providers, so as to save local storage space. However, with the rapid increase of data volume, the storage space and transmission bandwidth of outsourced data also show an explosive growth trend. In order to improve storage efficiency and save data storage space, cloud storage service providers need to perform repetitive detection on the external packet data by using a data de-duplication technology (also called data de-duplication technology) so as to eliminate redundant data therein, avoid storing repetitive data, and finally only keep one copy of data to the cloud storage server. Although the deduplication technology can improve the storage utilization rate, the data is stored on the incomplete trusted cloud storage platform, and the control right and the management right of the data are separated at the moment, so that the data is separated from the direct management of a user. In order to ensure the security of data on the cloud server, a user needs to perform an additional encryption operation on data plaintext, but using a conventional encryption algorithm results in the same data generating different ciphertexts, so that an effective data deduplication operation cannot be performed.
In order to realize effective safe data deduplication, related researchers propose a convergence encryption algorithm, that is, data is subjected to hash operation to obtain a convergence key, and then the data is subjected to encryption operation by using the convergence key to obtain a ciphertext. The convergent encryption can enable the same data to generate the same ciphertext, and ensures that the deduplication operation is smoothly performed. However, in the converged encryption algorithm, the number of converged keys is linearly related to the data volume, that is, the converged keys also rapidly increase with the increasing data volume, so that the user himself/herself needs to bear a large burden of key management. Related researchers provide a high-reliability key management scheme, the coded keys are stored on a plurality of cloud servers in a distributed mode through a secret sharing scheme mechanism, and the keys in a certain data range can be reconstructed and recovered through the rest keys even if the keys are lost and damaged, so that the fault tolerance of the keys is improved. The trusted key server is introduced to store and manage the convergence key, but the completely trusted key server does not exist in reality, and the scheme is easy to be attacked by collusion of a cloud storage service provider, namely, the cloud storage service provider may collude with the key server to steal the convergence key of a user and finally acquire original data of the user. In fact, most existing cloud storage schemes supporting converged key management rely too much on the introduction of trusted key servers to be vulnerable to such collusion attacks.
Therefore, a better cloud storage key security management method is found to ensure the security and confidentiality of the convergence key, and the problems that the introduction of a trusted key server and the hostile attacks such as collusion, stealing, tampering and the like initiated by an adversary are concerned by researchers are avoided.
Disclosure of Invention
In order to solve the technical problem, the invention provides a block chain-based cloud storage key security management method, and according to the scheme, a secret seed is introduced into cloud data storage to generate an encryption key, so that the confidentiality of data is improved. In order to realize safe and reliable key management, a data owner can firstly generate a key authentication code by using a message authentication code mechanism, then divide a key into key fragments by adopting a secret sharing scheme, and finally cooperate with a node management center to integrate the key fragments into effective transactions and issue the transactions to a block chain. When data needs to be downloaded, a data owner can recover a complete encryption key from the block chain by using a valid private key of the data owner, and can verify the correctness of the encryption key through a key authentication code. According to the invention, the safety management of the cloud storage key is realized through the block chain technology, and malicious attacks such as collusion, stealing, tampering and the like initiated by a cloud storage service provider are resisted, so that the data privacy safety of a data owner is ensured.
In order to achieve the above object, the present invention provides a block chain-based cloud storage key security management method, which specifically includes the following steps:
s1, respectively identifying the user identity and the owned file, and obtaining the public key and the private key of the user through an MOD function; then the public key is published, and the private key is stored locally;
s2, calculating a data block label of the file, and sending the data block label to a cloud storage service provider (CSP) for searching;
s3, calculating an encryption key of the file, and encrypting the file based on the encryption key to obtain a ciphertext; then sending the ciphertext to the cloud storage service provider CSP for storage;
s4, generating a key authentication code by using a message authentication code mechanism, and verifying the integrity of the encryption key;
s5, adopting Share cutting algorithm in secret sharing scheme to process the encryption key KFDividing to obtain a key fragment set, and calculating the abstract information and the ciphertext of the key;
s6, integrating the summary information of the key into a transaction, uploading the transaction to a block chain for storage, and sending the ciphertext to a cloud server for storage;
s7, analyzing the transaction to obtain a complete encryption key and a key authentication code, and verifying whether the encryption key is a correct key by detecting the correctness of the key authentication code;
and S8, when the verification is passed, calculating the original file according to the complete encryption key.
Preferably, the step S1 is specifically:
s1.1, respectively identifying the identity of a user and owned files;
s1.2, inputting an RSA index e disclosed by a user into a MOD function ed ≡ 1MOD phi (N), and outputting N and d, wherein N is a product of two different prime numbers e and d, and N < e;
s1.3, based on the step S1.2, obtaining the public key pk ═ N, e and the private key sk ═ N, d of the user;
s1.4, the public key pk of the user is published, and the private key sk is stored locally.
Preferably, the step S2 is specifically:
s2.1, calculating a data block label of the user file;
s2.2, sending the data block tags to a cloud storage service provider (CSP), and executing search operation on the data block tags by the CSP on tag data;
s2.3, if the data block tags are stored in the tag database, uploading files is not needed, and the CSP returns a block pointer to a user; otherwise, step S3 is executed.
Preferably, the step S3 is specifically:
s3.1, calculating a hash number based on the file owned by the user;
s3.2, calculating a blind factor based on the hash number and a random number selected by a user;
s3.3, based on the blind factor, sending the hash number to a node management center for signature to obtain a signature of the blind factor, and returning the signature of the blind factor to a user;
s3.4, calculating a secure secret seed based on the random number; obtaining an encryption key of the user according to the secure secret seed;
s3.5, encrypting the file based on the encryption key to obtain a ciphertext; and then sending the ciphertext to the cloud storage service provider CSP for storage, and adding the data block tag to a tag database.
Preferably, the step S4 is specifically:
calculating to obtain a key hash value based on the encryption key, and obtaining a key authentication code according to the key hash value; and then, the key authentication code is segmented by adopting a segmentation algorithm function of a secret sharing scheme.
Preferably, the step S6 is specifically:
s6.1, calculating key abstract information Data based on the user identity identification, the file identification owned by the user and the ciphertext, and sending the key abstract information Data to the node management center;
s6.2, after the node management center receives the key abstract information Data, a transaction is created;
and S6.3, the node management center issues the transaction on the block chain and returns a transaction pointer to the user.
Preferably, the transaction comprises: the account address of the sender, the account address of the recipient, the fee to be paid to create the transaction, the data stored in the transaction, and the signature of the transaction.
Preferably, the step S7 is specifically:
s7.1, when a file F needs to be downloaded, a transaction pointer is sent to the node management center, the node management center returns the key summary information Data by acquiring the transaction pointer, and a plaintext is obtained through the private key;
s7.2, checking the correctness of the timestamp, and analyzing the timestamp to obtain a key fragment and an authentication code fragment from the plaintext, namely recovering a complete encryption key and a complete key authentication code by using a recovery algorithm of a secret sharing scheme;
and S7.3, finally, verifying whether the encryption key is the correct key by detecting the correctness of the key authentication code.
Preferably, the step S7.3 is specifically:
step one, utilizing a Hash function H2Calculate Kfm1And pass through a hash function H1And said Kfm1To obtain macF1;
Step two, converting the macF1And the resolved key authentication code is finally compared;
step three, if the two encryption keys are the same, the analyzed encryption key is a complete encryption key; otherwise, the analyzed encryption key is illegally tampered in the transmission stage.
Preferably, the original file in step S8 is calculated by an AES symmetric decryption algorithm.
Compared with the prior art, the invention has the beneficial effects that:
according to the invention, the secret seed is introduced into the cloud data storage to generate the encryption key, so that the confidentiality of the data is improved. In order to realize safe and reliable key management, a data owner can firstly generate a key authentication code by using a message authentication code mechanism, then divide a key into key fragments by adopting a secret sharing scheme, and finally cooperate with a node management center to integrate the key fragments into effective transactions and issue the transactions to a block chain. When data needs to be downloaded, a data owner can recover a complete encryption key from the block chain by using a valid private key of the data owner, and can verify the correctness of the encryption key through a key authentication code. According to the invention, the safety management of the cloud storage key is realized through the block chain technology, and malicious attacks such as collusion, stealing, tampering and the like initiated by a cloud storage service provider are resisted, so that the data privacy safety of a data owner is ensured.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings without inventive exercise.
FIG. 1 is a schematic flow diagram of the process of the present invention;
FIG. 2 is a block diagram of the system of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In order to make the aforementioned objects, features and advantages of the present invention comprehensible, embodiments accompanied with figures are described in further detail below.
Example 1
Referring to fig. 1, the present invention provides a block chain-based cloud storage key security management method, which specifically includes the following steps:
s1, user information identification
Assuming the user's identity as IDUIdentification of the file it owns is IDF. The user inputs and outputs N, d the public RSA index e as the MOD function ed ≡ 1MOD Φ (N), where N is<e, N is the product of two different prime numbers. Therefore, the public key pk of the user is (N, e), and the private key sk is (N, d). The user publishes the public key pk and stores the private key sk locally.
S2, repeatability detection
The user calculates the data block label T of the fileFTagGen (f), where TagGen () may be a Sha128 hash function, where the data block tag TFThe method is used for detecting the repeatability of the data block. Next, the user sends a chunk tag T to a cloud storage service provider (CSP)F. The CSP performs a search operation on the tag database. If the tag database already stores the data block tag TFThen it indicates that the user does not need to upload file F and the CSP will return a chunk pointer σ (F) to the user. If the tag database does not store the file tag TFThe user will continue to perform step 3.
S3, data encryption
The user needs to calculate the encryption key K of the file FF. Specifically, the user selects a random number r, y ← ZNCalculating the hash number H ═ H1(F) And the blind factor x ═ h' · remod N, where H1(.) may be a Sha256 hash function; and sends the hash number h' to the node management center (i.e., responsible for managing all nodes under the blockchain network). The node management center signs the hash number h' to obtain a signature y ═ x of the blind factor xdmod n and return y to the user. The user calculates z as y r-1mod N, and verify the formula h ═ zeWhether modN holds. If true, z is a valid secret seed. User-calculated encryption keyWherein, KFRefers to a key, H, used to encrypt a data file, F2For sha256 hash function, p is a security parameter pre-selected during establishment, and is generally a fixed value; z is a secure secret seed calculated by means of random numbers r and y, the function of which is to randomize the secret key KF,Is an exclusive or operation. And using the encryption key KFEncrypting the file F to obtain a ciphertext CF=Encrypt(KFF), wherein the Encrypt function may be an AES symmetric encryption algorithm. Finally, the user combines the ciphertext CFSending to CSP for storage and labeling TFAdding to the tag database.
S4, key authentication code generation
The user may generate the key authentication code mac using the message authentication code mechanismFThereby verifying the key KFThe integrity of (c). Specifically, the user calculates a key hash value KfmAnd a key authentication code macFI.e. Kfm=H2(KF),Wherein H1、H2Is a secure SHA256 hash function. Finally, the user uses the cut algorithm function Share (.) of the secret sharing scheme to combine macFDivided into j segments, i.e. { macfj}=Share(macF)(1≤j≤l)。
S5, key segmentation
User also uses the split algorithm function Share algorithm in secret sharing scheme to encrypt the key KFPerforming a slicing, i.e. { Kfj}=Share(KF) Wherein, infjMean the key KFAnd j represents the serial number of the key fragment, and Share (the) is a segmentation algorithm function. Then calculates the secret key KFSummary information ofj=Kfj||macfj||TKAnd its ciphertext CIj=E(pk,Ij) Wherein, TKAuxiliary information as a key is recorded in the digest information for a time stamp/current time.
S6, generating transaction
The user can integrate the summary information of the key into one transaction, upload the transaction to the block chain for storage, and simultaneously send the ciphertext to the cloud server for storage; as shown with reference to fig. 2. Specifically, the user calculates key digest information Data as H (ID) firstU)||H(IDF)||H(j)||CIjWhere H is a secure SHA256 hash function. The user sends the key summary information Data to the node management center. The node management center creates a transaction TX, wherein the TX comprises the parameters: from User's account, To CSP's account, Value key distribution charge, Data H (ID) for creating TX chargesU)||H(IDF)||H(j)||CIj(data stored in the transaction TX), Signature ═ sig (TX) (Signature of the transaction TX). Finally, the node management center issues the transaction TX on the blockchain and returns a pointer σ (TX) to the transaction to the user.
S7, transaction analysis
When the file F needs to be downloaded, the user firstly sends a transaction pointer sigma (TX) to the node management center, and the node management center returns key summary information Data H (ID) by acquiring the transaction pointer sigma (TX)U)||H(IDF)||H(j)||CIj. The user calculates H (ID)U)||H(IDF) H (j), and from key digest information Data H (ID)U)||H(IDF)||H(j)||CIjIn the step (b) to obtain CIiAnd finally, obtaining the plaintext Ii through the private key sk. The user can check the time stamp TKAnd from IiIn the step (ii) to obtain Kfj||macfj. So when the user gets K key fragments K from the blockchainfjAnd authentication code fragment macfj, namely, a complete encryption key K can be recovered by using a reconstruction algorithm Recover of a secret sharing schemeFAnd a key authentication code macFI.e. KF=Recover({Kfj}),macF=Recover({macfj})。
The user can authenticate the code mac by detecting the secret keyFTo verify the correctness of the encryption key KFWhether it is the correct key. Specifically, the user uses the hash function H first1And H2Function calculation Kfm1=H2(KF),Final comparison macF1And resolved macFIf they are the same, then the key KFAdditional key authentication code macFIs correct. Can judge the encryption key KFIs the complete key. Otherwise if macF1And macFNot identical, it indicates the key KFHas been tampered illegally in the transmission stage.
S8, file downloading
When the verification is passed, the user can use the analyzed key macFCalculate the original file, i.e. F ═ Decrypt (K)F,CF) Wherein the Decrypt function may be an AES symmetric decryption algorithm.
The above-described embodiments are merely illustrative of the preferred embodiments of the present invention, and do not limit the scope of the present invention, and various modifications and improvements of the technical solutions of the present invention can be made by those skilled in the art without departing from the spirit of the present invention, and the technical solutions of the present invention are within the scope of the present invention defined by the claims.
Claims (10)
1. A cloud storage key security management method based on a block chain is characterized by specifically comprising the following steps:
s1, respectively identifying the user identity and the owned file, and obtaining the public key and the private key of the user through an MOD function; then the public key is published, and the private key is stored locally;
s2, calculating a data block label of the file, and sending the data block label to a cloud storage service provider (CSP) for searching;
s3, calculating an encryption key of the file, and encrypting the file based on the encryption key to obtain a ciphertext; then sending the ciphertext to the cloud storage service provider CSP for storage;
s4, generating a key authentication code by using a message authentication code mechanism, and verifying the integrity of the encryption key;
s5, adopting Share cutting algorithm in secret sharing scheme to process the encryption key KFDividing to obtain a key fragment set, and calculating the abstract information and the ciphertext of the key;
s6, integrating the summary information of the key into a transaction, uploading the transaction to a block chain for storage, and sending the ciphertext to a cloud server for storage;
s7, analyzing the transaction to obtain a complete encryption key and a key authentication code, and verifying whether the encryption key is a correct key by detecting the correctness of the key authentication code;
and S8, when the verification is passed, calculating the original file according to the complete encryption key.
2. The block chain-based cloud storage key security management method according to claim 1, wherein the step S1 specifically includes:
s1.1, respectively identifying the identity of a user and owned files;
s1.2, inputting an RSA index e disclosed by a user into a MOD function ed ≡ 1MOD phi (N), and outputting N and d, wherein N is a product of two different prime numbers e and d, and N < e;
s1.3, based on the step S1.2, obtaining the public key pk ═ N, e and the private key sk ═ N, d of the user;
s1.4, the public key pk of the user is published, and the private key sk is stored locally.
3. The block chain-based cloud storage key security management method according to claim 1, wherein the step S2 specifically includes:
s2.1, calculating a data block label of the user file;
s2.2, sending the data block tags to a cloud storage service provider (CSP), and executing search operation on the data block tags by the CSP on tag data;
s2.3, if the data block tags are stored in the tag database, uploading files is not needed, and the CSP returns a block pointer to a user; otherwise, step S3 is executed.
4. The block chain-based cloud storage key security management method according to claim 1, wherein the step S3 specifically includes:
s3.1, calculating a hash number based on the file owned by the user;
s3.2, calculating a blind factor based on the hash number and a random number selected by a user;
s3.3, based on the blind factor, sending the hash number to a node management center for signature to obtain a signature of the blind factor, and returning the signature of the blind factor to a user;
s3.4, calculating a secure secret seed based on the random number; obtaining an encryption key of the user according to the secure secret seed;
s3.5, encrypting the file based on the encryption key to obtain a ciphertext; and then sending the ciphertext to the cloud storage service provider CSP for storage, and adding the data block tag to a tag database.
5. The block chain-based cloud storage key security management method according to claim 1, wherein the step S4 specifically includes:
calculating to obtain a key hash value based on the encryption key, and obtaining a key authentication code according to the key hash value; and then, the key authentication code is segmented by adopting a segmentation algorithm function of a secret sharing scheme.
6. The block chain-based cloud storage key security management method according to claim 1, wherein the step S6 specifically includes:
s6.1, calculating key abstract information Data based on the user identity identification, the file identification owned by the user and the ciphertext, and sending the key abstract information Data to the node management center;
s6.2, after the node management center receives the key abstract information Data, a transaction is created;
and S6.3, the node management center issues the transaction on the block chain and returns a transaction pointer to the user.
7. The block chain-based cloud storage key security management method according to claim 6, wherein the transaction includes: the account address of the sender, the account address of the recipient, the fee to be paid to create the transaction, the data stored in the transaction, and the signature of the transaction.
8. The block chain-based cloud storage key security management method according to claim 1, wherein the step S7 specifically includes:
s7.1, when a file F needs to be downloaded, a transaction pointer is sent to the node management center, the node management center returns the key summary information Data by acquiring the transaction pointer, and a plaintext is obtained through the private key;
s7.2, checking the correctness of the timestamp, and analyzing the timestamp to obtain a key fragment and an authentication code fragment from the plaintext, namely recovering a complete encryption key and a complete key authentication code by using a recovery algorithm of a secret sharing scheme;
and S7.3, finally, verifying whether the encryption key is the correct key by detecting the correctness of the key authentication code.
9. The block chain-based cloud storage key security management method according to claim 8, wherein the step S7.3 is specifically:
step one, utilizing a Hash function H2Calculate Kfm1And pass through a hash function H1And said Kfm1To obtain macF1;
Step two, converting the macF1And the resolved key authentication code is finally compared;
step three, if the two encryption keys are the same, the analyzed encryption key is a complete encryption key; otherwise, the analyzed encryption key is illegally tampered in the transmission stage.
10. The block chain-based cloud storage key security management method according to claim 1, wherein the original file in step S8 is calculated by an AES symmetric decryption algorithm.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110284942.7A CN112906056A (en) | 2021-03-17 | 2021-03-17 | Cloud storage key security management method based on block chain |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110284942.7A CN112906056A (en) | 2021-03-17 | 2021-03-17 | Cloud storage key security management method based on block chain |
Publications (1)
Publication Number | Publication Date |
---|---|
CN112906056A true CN112906056A (en) | 2021-06-04 |
Family
ID=76105474
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110284942.7A Pending CN112906056A (en) | 2021-03-17 | 2021-03-17 | Cloud storage key security management method based on block chain |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112906056A (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113688405A (en) * | 2021-07-08 | 2021-11-23 | 电子科技大学 | Bidirectional authentication hybrid encryption method based on block chain |
CN113783854A (en) * | 2021-08-30 | 2021-12-10 | 湖南天河国云科技有限公司 | Block chain-based credit data cross-chain sharing method and device |
CN114760072A (en) * | 2022-06-13 | 2022-07-15 | 南京易科腾信息技术有限公司 | Signature and signature verification method, device and storage medium |
CN116090024A (en) * | 2023-02-06 | 2023-05-09 | 山东昱鑫信息科技有限公司 | Reliable data storage device, system and method |
CN117240625A (en) * | 2023-11-14 | 2023-12-15 | 武汉海昌信息技术有限公司 | Tamper-resistant data processing method and device and electronic equipment |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106100832A (en) * | 2016-06-12 | 2016-11-09 | 广东工业大学 | Key management method based on convergent encryption in a kind of cloud storage data deduplication |
CN109040045A (en) * | 2018-07-25 | 2018-12-18 | 广东工业大学 | A kind of cloud storage access control method based on the encryption of ciphertext policy ABE base |
-
2021
- 2021-03-17 CN CN202110284942.7A patent/CN112906056A/en active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106100832A (en) * | 2016-06-12 | 2016-11-09 | 广东工业大学 | Key management method based on convergent encryption in a kind of cloud storage data deduplication |
CN109040045A (en) * | 2018-07-25 | 2018-12-18 | 广东工业大学 | A kind of cloud storage access control method based on the encryption of ciphertext policy ABE base |
Non-Patent Citations (3)
Title |
---|
GUIPENG ZHANG等: "A secure authorized deduplication scheme for cloud data based on blockchain", 《INFORMATION PROCESSING AND MANAGEMENT》 * |
GUIPENG ZHANG等: "BDKM:A Blockchain-Based Secure Deduplication Scheme with Reliable Key Management", 《NEURAL PROCESSING LETTERS》 * |
张桂鹏: "云存储系统中数据安全去重技术研究", 《中国优秀博硕士学位论文全文数据库(硕士)信息科技楫》 * |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113688405A (en) * | 2021-07-08 | 2021-11-23 | 电子科技大学 | Bidirectional authentication hybrid encryption method based on block chain |
CN113783854A (en) * | 2021-08-30 | 2021-12-10 | 湖南天河国云科技有限公司 | Block chain-based credit data cross-chain sharing method and device |
CN113783854B (en) * | 2021-08-30 | 2023-10-17 | 湖南天河国云科技有限公司 | Credit data cross-chain sharing method and device based on block chain |
CN114760072A (en) * | 2022-06-13 | 2022-07-15 | 南京易科腾信息技术有限公司 | Signature and signature verification method, device and storage medium |
CN114760072B (en) * | 2022-06-13 | 2022-09-02 | 南京易科腾信息技术有限公司 | Signature and signature verification method, device and storage medium |
CN116090024A (en) * | 2023-02-06 | 2023-05-09 | 山东昱鑫信息科技有限公司 | Reliable data storage device, system and method |
CN116090024B (en) * | 2023-02-06 | 2024-01-30 | 上海泰锟医药技术有限公司 | Reliable data storage device, system and method |
CN117240625A (en) * | 2023-11-14 | 2023-12-15 | 武汉海昌信息技术有限公司 | Tamper-resistant data processing method and device and electronic equipment |
CN117240625B (en) * | 2023-11-14 | 2024-01-12 | 武汉海昌信息技术有限公司 | Tamper-resistant data processing method and device and electronic equipment |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111639361B (en) | Block chain key management method, multi-person common signature method and electronic device | |
CN110300112B (en) | Block chain key hierarchical management method | |
US10404455B2 (en) | Multiple-phase rewritable blockchain | |
CN112906056A (en) | Cloud storage key security management method based on block chain | |
CN103414690B (en) | One can openly be verified the high in the clouds data property held method of calibration | |
CN111130757A (en) | Multi-cloud CP-ABE access control method based on block chain | |
CN111327620B (en) | Data security traceability and access control system under cloud computing framework | |
CN110971411B (en) | SM2 homomorphic signature method for encrypting private key by multiplying based on SOTP technology | |
CN112732695B (en) | Cloud storage data security deduplication method based on block chain | |
CN111274594B (en) | Block chain-based secure big data privacy protection sharing method | |
CN109905230B (en) | Data confidentiality verification method and system in cloud storage | |
Jalil et al. | A secure and efficient public auditing system of cloud storage based on BLS signature and automatic blocker protocol | |
CN115021903A (en) | Electronic medical record sharing method and system based on block chain | |
Song et al. | Cryptanalysis and improvement of verifiable quantum (k, n) secret sharing | |
WO2014030706A1 (en) | Encrypted database system, client device and server, method and program for adding encrypted data | |
CN108809996B (en) | Integrity auditing method for duplicate deletion stored data with different popularity | |
CN109145650B (en) | Efficient and safe outsourcing big data auditing method in cloud environment | |
CN114885325A (en) | Credible auditing method and system for regulating and controlling service network security suitable for 5G network | |
Armknecht et al. | Sharing proofs of retrievability across tenants | |
CN114826607B (en) | Edge computing node compression method based on block chain and lightweight storage system | |
CN115114648A (en) | Data processing method and device and electronic equipment | |
CN111585756A (en) | Certificateless cloud auditing method suitable for multi-copy-multi-cloud condition | |
Keerthana et al. | Slicing, Tokenization, and Encryption Based Combinational Approach to Protect Data-at-Rest in Cloud Using TF-Sec Model | |
CN111539031A (en) | Data integrity detection method and system for privacy protection of cloud storage tag | |
Neela et al. | A Hybrid Cryptography Technique with Blockchain for Data Integrity and Confidentiality in Cloud Computing |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210604 |
|
RJ01 | Rejection of invention patent application after publication |