CN112906056A - Cloud storage key security management method based on block chain - Google Patents

Cloud storage key security management method based on block chain Download PDF

Info

Publication number
CN112906056A
CN112906056A CN202110284942.7A CN202110284942A CN112906056A CN 112906056 A CN112906056 A CN 112906056A CN 202110284942 A CN202110284942 A CN 202110284942A CN 112906056 A CN112906056 A CN 112906056A
Authority
CN
China
Prior art keywords
key
user
cloud storage
block chain
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110284942.7A
Other languages
Chinese (zh)
Inventor
刘文印
张桂鹏
钟林峰
林禄滨
杨振国
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong University of Technology
Original Assignee
Guangdong University of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangdong University of Technology filed Critical Guangdong University of Technology
Priority to CN202110284942.7A priority Critical patent/CN112906056A/en
Publication of CN112906056A publication Critical patent/CN112906056A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Medical Informatics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a block chain-based cloud storage key security management method. In order to realize safe and reliable key management, a data owner can firstly generate a key authentication code by using a message authentication code mechanism, then divide a key into key fragments by adopting a secret sharing scheme, and finally cooperate with a node management center to integrate the key fragments into effective transactions and issue the transactions to a block chain. When data needs to be downloaded, the owner of the data can recover a complete encryption key from the block chain by using the valid private key of the owner of the data, and the integrity of the encryption key can be verified by using the key authentication code. According to the invention, the safety management of the cloud storage key is realized through the block chain technology, and malicious attacks such as collusion, stealing, tampering and the like initiated by a cloud storage service provider are resisted, so that the data privacy safety of a data owner is ensured.

Description

Cloud storage key security management method based on block chain
Technical Field
The invention belongs to the field of block chains, and particularly relates to a cloud storage key security management method based on a block chain.
Background
In recent years, with the rapid development of cloud computing technology, more and more cloud storage service providers provide data storage services for users, and at the moment, the users can choose to outsource their data to the cloud storage service providers, so as to save local storage space. However, with the rapid increase of data volume, the storage space and transmission bandwidth of outsourced data also show an explosive growth trend. In order to improve storage efficiency and save data storage space, cloud storage service providers need to perform repetitive detection on the external packet data by using a data de-duplication technology (also called data de-duplication technology) so as to eliminate redundant data therein, avoid storing repetitive data, and finally only keep one copy of data to the cloud storage server. Although the deduplication technology can improve the storage utilization rate, the data is stored on the incomplete trusted cloud storage platform, and the control right and the management right of the data are separated at the moment, so that the data is separated from the direct management of a user. In order to ensure the security of data on the cloud server, a user needs to perform an additional encryption operation on data plaintext, but using a conventional encryption algorithm results in the same data generating different ciphertexts, so that an effective data deduplication operation cannot be performed.
In order to realize effective safe data deduplication, related researchers propose a convergence encryption algorithm, that is, data is subjected to hash operation to obtain a convergence key, and then the data is subjected to encryption operation by using the convergence key to obtain a ciphertext. The convergent encryption can enable the same data to generate the same ciphertext, and ensures that the deduplication operation is smoothly performed. However, in the converged encryption algorithm, the number of converged keys is linearly related to the data volume, that is, the converged keys also rapidly increase with the increasing data volume, so that the user himself/herself needs to bear a large burden of key management. Related researchers provide a high-reliability key management scheme, the coded keys are stored on a plurality of cloud servers in a distributed mode through a secret sharing scheme mechanism, and the keys in a certain data range can be reconstructed and recovered through the rest keys even if the keys are lost and damaged, so that the fault tolerance of the keys is improved. The trusted key server is introduced to store and manage the convergence key, but the completely trusted key server does not exist in reality, and the scheme is easy to be attacked by collusion of a cloud storage service provider, namely, the cloud storage service provider may collude with the key server to steal the convergence key of a user and finally acquire original data of the user. In fact, most existing cloud storage schemes supporting converged key management rely too much on the introduction of trusted key servers to be vulnerable to such collusion attacks.
Therefore, a better cloud storage key security management method is found to ensure the security and confidentiality of the convergence key, and the problems that the introduction of a trusted key server and the hostile attacks such as collusion, stealing, tampering and the like initiated by an adversary are concerned by researchers are avoided.
Disclosure of Invention
In order to solve the technical problem, the invention provides a block chain-based cloud storage key security management method, and according to the scheme, a secret seed is introduced into cloud data storage to generate an encryption key, so that the confidentiality of data is improved. In order to realize safe and reliable key management, a data owner can firstly generate a key authentication code by using a message authentication code mechanism, then divide a key into key fragments by adopting a secret sharing scheme, and finally cooperate with a node management center to integrate the key fragments into effective transactions and issue the transactions to a block chain. When data needs to be downloaded, a data owner can recover a complete encryption key from the block chain by using a valid private key of the data owner, and can verify the correctness of the encryption key through a key authentication code. According to the invention, the safety management of the cloud storage key is realized through the block chain technology, and malicious attacks such as collusion, stealing, tampering and the like initiated by a cloud storage service provider are resisted, so that the data privacy safety of a data owner is ensured.
In order to achieve the above object, the present invention provides a block chain-based cloud storage key security management method, which specifically includes the following steps:
s1, respectively identifying the user identity and the owned file, and obtaining the public key and the private key of the user through an MOD function; then the public key is published, and the private key is stored locally;
s2, calculating a data block label of the file, and sending the data block label to a cloud storage service provider (CSP) for searching;
s3, calculating an encryption key of the file, and encrypting the file based on the encryption key to obtain a ciphertext; then sending the ciphertext to the cloud storage service provider CSP for storage;
s4, generating a key authentication code by using a message authentication code mechanism, and verifying the integrity of the encryption key;
s5, adopting Share cutting algorithm in secret sharing scheme to process the encryption key KFDividing to obtain a key fragment set, and calculating the abstract information and the ciphertext of the key;
s6, integrating the summary information of the key into a transaction, uploading the transaction to a block chain for storage, and sending the ciphertext to a cloud server for storage;
s7, analyzing the transaction to obtain a complete encryption key and a key authentication code, and verifying whether the encryption key is a correct key by detecting the correctness of the key authentication code;
and S8, when the verification is passed, calculating the original file according to the complete encryption key.
Preferably, the step S1 is specifically:
s1.1, respectively identifying the identity of a user and owned files;
s1.2, inputting an RSA index e disclosed by a user into a MOD function ed ≡ 1MOD phi (N), and outputting N and d, wherein N is a product of two different prime numbers e and d, and N < e;
s1.3, based on the step S1.2, obtaining the public key pk ═ N, e and the private key sk ═ N, d of the user;
s1.4, the public key pk of the user is published, and the private key sk is stored locally.
Preferably, the step S2 is specifically:
s2.1, calculating a data block label of the user file;
s2.2, sending the data block tags to a cloud storage service provider (CSP), and executing search operation on the data block tags by the CSP on tag data;
s2.3, if the data block tags are stored in the tag database, uploading files is not needed, and the CSP returns a block pointer to a user; otherwise, step S3 is executed.
Preferably, the step S3 is specifically:
s3.1, calculating a hash number based on the file owned by the user;
s3.2, calculating a blind factor based on the hash number and a random number selected by a user;
s3.3, based on the blind factor, sending the hash number to a node management center for signature to obtain a signature of the blind factor, and returning the signature of the blind factor to a user;
s3.4, calculating a secure secret seed based on the random number; obtaining an encryption key of the user according to the secure secret seed;
s3.5, encrypting the file based on the encryption key to obtain a ciphertext; and then sending the ciphertext to the cloud storage service provider CSP for storage, and adding the data block tag to a tag database.
Preferably, the step S4 is specifically:
calculating to obtain a key hash value based on the encryption key, and obtaining a key authentication code according to the key hash value; and then, the key authentication code is segmented by adopting a segmentation algorithm function of a secret sharing scheme.
Preferably, the step S6 is specifically:
s6.1, calculating key abstract information Data based on the user identity identification, the file identification owned by the user and the ciphertext, and sending the key abstract information Data to the node management center;
s6.2, after the node management center receives the key abstract information Data, a transaction is created;
and S6.3, the node management center issues the transaction on the block chain and returns a transaction pointer to the user.
Preferably, the transaction comprises: the account address of the sender, the account address of the recipient, the fee to be paid to create the transaction, the data stored in the transaction, and the signature of the transaction.
Preferably, the step S7 is specifically:
s7.1, when a file F needs to be downloaded, a transaction pointer is sent to the node management center, the node management center returns the key summary information Data by acquiring the transaction pointer, and a plaintext is obtained through the private key;
s7.2, checking the correctness of the timestamp, and analyzing the timestamp to obtain a key fragment and an authentication code fragment from the plaintext, namely recovering a complete encryption key and a complete key authentication code by using a recovery algorithm of a secret sharing scheme;
and S7.3, finally, verifying whether the encryption key is the correct key by detecting the correctness of the key authentication code.
Preferably, the step S7.3 is specifically:
step one, utilizing a Hash function H2Calculate Kfm1And pass through a hash function H1And said Kfm1To obtain macF1
Step two, converting the macF1And the resolved key authentication code is finally compared;
step three, if the two encryption keys are the same, the analyzed encryption key is a complete encryption key; otherwise, the analyzed encryption key is illegally tampered in the transmission stage.
Preferably, the original file in step S8 is calculated by an AES symmetric decryption algorithm.
Compared with the prior art, the invention has the beneficial effects that:
according to the invention, the secret seed is introduced into the cloud data storage to generate the encryption key, so that the confidentiality of the data is improved. In order to realize safe and reliable key management, a data owner can firstly generate a key authentication code by using a message authentication code mechanism, then divide a key into key fragments by adopting a secret sharing scheme, and finally cooperate with a node management center to integrate the key fragments into effective transactions and issue the transactions to a block chain. When data needs to be downloaded, a data owner can recover a complete encryption key from the block chain by using a valid private key of the data owner, and can verify the correctness of the encryption key through a key authentication code. According to the invention, the safety management of the cloud storage key is realized through the block chain technology, and malicious attacks such as collusion, stealing, tampering and the like initiated by a cloud storage service provider are resisted, so that the data privacy safety of a data owner is ensured.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings without inventive exercise.
FIG. 1 is a schematic flow diagram of the process of the present invention;
FIG. 2 is a block diagram of the system of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In order to make the aforementioned objects, features and advantages of the present invention comprehensible, embodiments accompanied with figures are described in further detail below.
Example 1
Referring to fig. 1, the present invention provides a block chain-based cloud storage key security management method, which specifically includes the following steps:
s1, user information identification
Assuming the user's identity as IDUIdentification of the file it owns is IDF. The user inputs and outputs N, d the public RSA index e as the MOD function ed ≡ 1MOD Φ (N), where N is<e, N is the product of two different prime numbers. Therefore, the public key pk of the user is (N, e), and the private key sk is (N, d). The user publishes the public key pk and stores the private key sk locally.
S2, repeatability detection
The user calculates the data block label T of the fileFTagGen (f), where TagGen () may be a Sha128 hash function, where the data block tag TFThe method is used for detecting the repeatability of the data block. Next, the user sends a chunk tag T to a cloud storage service provider (CSP)F. The CSP performs a search operation on the tag database. If the tag database already stores the data block tag TFThen it indicates that the user does not need to upload file F and the CSP will return a chunk pointer σ (F) to the user. If the tag database does not store the file tag TFThe user will continue to perform step 3.
S3, data encryption
The user needs to calculate the encryption key K of the file FF. Specifically, the user selects a random number r, y ← ZNCalculating the hash number H ═ H1(F) And the blind factor x ═ h' · remod N, where H1(.) may be a Sha256 hash function; and sends the hash number h' to the node management center (i.e., responsible for managing all nodes under the blockchain network). The node management center signs the hash number h' to obtain a signature y ═ x of the blind factor xdmod n and return y to the user. The user calculates z as y r-1mod N, and verify the formula h ═ zeWhether modN holds. If true, z is a valid secret seed. User-calculated encryption key
Figure BDA0002980068430000081
Wherein, KFRefers to a key, H, used to encrypt a data file, F2For sha256 hash function, p is a security parameter pre-selected during establishment, and is generally a fixed value; z is a secure secret seed calculated by means of random numbers r and y, the function of which is to randomize the secret key KF
Figure BDA0002980068430000091
Is an exclusive or operation. And using the encryption key KFEncrypting the file F to obtain a ciphertext CF=Encrypt(KFF), wherein the Encrypt function may be an AES symmetric encryption algorithm. Finally, the user combines the ciphertext CFSending to CSP for storage and labeling TFAdding to the tag database.
S4, key authentication code generation
The user may generate the key authentication code mac using the message authentication code mechanismFThereby verifying the key KFThe integrity of (c). Specifically, the user calculates a key hash value KfmAnd a key authentication code macFI.e. Kfm=H2(KF),
Figure BDA0002980068430000092
Wherein H1、H2Is a secure SHA256 hash function. Finally, the user uses the cut algorithm function Share (.) of the secret sharing scheme to combine macFDivided into j segments, i.e. { macfj}=Share(macF)(1≤j≤l)。
S5, key segmentation
User also uses the split algorithm function Share algorithm in secret sharing scheme to encrypt the key KFPerforming a slicing, i.e. { Kfj}=Share(KF) Wherein, infjMean the key KFAnd j represents the serial number of the key fragment, and Share (the) is a segmentation algorithm function. Then calculates the secret key KFSummary information ofj=Kfj||macfj||TKAnd its ciphertext CIj=E(pk,Ij) Wherein, TKAuxiliary information as a key is recorded in the digest information for a time stamp/current time.
S6, generating transaction
The user can integrate the summary information of the key into one transaction, upload the transaction to the block chain for storage, and simultaneously send the ciphertext to the cloud server for storage; as shown with reference to fig. 2. Specifically, the user calculates key digest information Data as H (ID) firstU)||H(IDF)||H(j)||CIjWhere H is a secure SHA256 hash function. The user sends the key summary information Data to the node management center. The node management center creates a transaction TX, wherein the TX comprises the parameters: from User's account, To CSP's account, Value key distribution charge, Data H (ID) for creating TX chargesU)||H(IDF)||H(j)||CIj(data stored in the transaction TX), Signature ═ sig (TX) (Signature of the transaction TX). Finally, the node management center issues the transaction TX on the blockchain and returns a pointer σ (TX) to the transaction to the user.
S7, transaction analysis
When the file F needs to be downloaded, the user firstly sends a transaction pointer sigma (TX) to the node management center, and the node management center returns key summary information Data H (ID) by acquiring the transaction pointer sigma (TX)U)||H(IDF)||H(j)||CIj. The user calculates H (ID)U)||H(IDF) H (j), and from key digest information Data H (ID)U)||H(IDF)||H(j)||CIjIn the step (b) to obtain CIiAnd finally, obtaining the plaintext Ii through the private key sk. The user can check the time stamp TKAnd from IiIn the step (ii) to obtain Kfj||macfj. So when the user gets K key fragments K from the blockchainfjAnd authentication code fragment macfj, namely, a complete encryption key K can be recovered by using a reconstruction algorithm Recover of a secret sharing schemeFAnd a key authentication code macFI.e. KF=Recover({Kfj}),macF=Recover({macfj})。
The user can authenticate the code mac by detecting the secret keyFTo verify the correctness of the encryption key KFWhether it is the correct key. Specifically, the user uses the hash function H first1And H2Function calculation Kfm1=H2(KF),
Figure BDA0002980068430000101
Final comparison macF1And resolved macFIf they are the same, then the key KFAdditional key authentication code macFIs correct. Can judge the encryption key KFIs the complete key. Otherwise if macF1And macFNot identical, it indicates the key KFHas been tampered illegally in the transmission stage.
S8, file downloading
When the verification is passed, the user can use the analyzed key macFCalculate the original file, i.e. F ═ Decrypt (K)F,CF) Wherein the Decrypt function may be an AES symmetric decryption algorithm.
The above-described embodiments are merely illustrative of the preferred embodiments of the present invention, and do not limit the scope of the present invention, and various modifications and improvements of the technical solutions of the present invention can be made by those skilled in the art without departing from the spirit of the present invention, and the technical solutions of the present invention are within the scope of the present invention defined by the claims.

Claims (10)

1. A cloud storage key security management method based on a block chain is characterized by specifically comprising the following steps:
s1, respectively identifying the user identity and the owned file, and obtaining the public key and the private key of the user through an MOD function; then the public key is published, and the private key is stored locally;
s2, calculating a data block label of the file, and sending the data block label to a cloud storage service provider (CSP) for searching;
s3, calculating an encryption key of the file, and encrypting the file based on the encryption key to obtain a ciphertext; then sending the ciphertext to the cloud storage service provider CSP for storage;
s4, generating a key authentication code by using a message authentication code mechanism, and verifying the integrity of the encryption key;
s5, adopting Share cutting algorithm in secret sharing scheme to process the encryption key KFDividing to obtain a key fragment set, and calculating the abstract information and the ciphertext of the key;
s6, integrating the summary information of the key into a transaction, uploading the transaction to a block chain for storage, and sending the ciphertext to a cloud server for storage;
s7, analyzing the transaction to obtain a complete encryption key and a key authentication code, and verifying whether the encryption key is a correct key by detecting the correctness of the key authentication code;
and S8, when the verification is passed, calculating the original file according to the complete encryption key.
2. The block chain-based cloud storage key security management method according to claim 1, wherein the step S1 specifically includes:
s1.1, respectively identifying the identity of a user and owned files;
s1.2, inputting an RSA index e disclosed by a user into a MOD function ed ≡ 1MOD phi (N), and outputting N and d, wherein N is a product of two different prime numbers e and d, and N < e;
s1.3, based on the step S1.2, obtaining the public key pk ═ N, e and the private key sk ═ N, d of the user;
s1.4, the public key pk of the user is published, and the private key sk is stored locally.
3. The block chain-based cloud storage key security management method according to claim 1, wherein the step S2 specifically includes:
s2.1, calculating a data block label of the user file;
s2.2, sending the data block tags to a cloud storage service provider (CSP), and executing search operation on the data block tags by the CSP on tag data;
s2.3, if the data block tags are stored in the tag database, uploading files is not needed, and the CSP returns a block pointer to a user; otherwise, step S3 is executed.
4. The block chain-based cloud storage key security management method according to claim 1, wherein the step S3 specifically includes:
s3.1, calculating a hash number based on the file owned by the user;
s3.2, calculating a blind factor based on the hash number and a random number selected by a user;
s3.3, based on the blind factor, sending the hash number to a node management center for signature to obtain a signature of the blind factor, and returning the signature of the blind factor to a user;
s3.4, calculating a secure secret seed based on the random number; obtaining an encryption key of the user according to the secure secret seed;
s3.5, encrypting the file based on the encryption key to obtain a ciphertext; and then sending the ciphertext to the cloud storage service provider CSP for storage, and adding the data block tag to a tag database.
5. The block chain-based cloud storage key security management method according to claim 1, wherein the step S4 specifically includes:
calculating to obtain a key hash value based on the encryption key, and obtaining a key authentication code according to the key hash value; and then, the key authentication code is segmented by adopting a segmentation algorithm function of a secret sharing scheme.
6. The block chain-based cloud storage key security management method according to claim 1, wherein the step S6 specifically includes:
s6.1, calculating key abstract information Data based on the user identity identification, the file identification owned by the user and the ciphertext, and sending the key abstract information Data to the node management center;
s6.2, after the node management center receives the key abstract information Data, a transaction is created;
and S6.3, the node management center issues the transaction on the block chain and returns a transaction pointer to the user.
7. The block chain-based cloud storage key security management method according to claim 6, wherein the transaction includes: the account address of the sender, the account address of the recipient, the fee to be paid to create the transaction, the data stored in the transaction, and the signature of the transaction.
8. The block chain-based cloud storage key security management method according to claim 1, wherein the step S7 specifically includes:
s7.1, when a file F needs to be downloaded, a transaction pointer is sent to the node management center, the node management center returns the key summary information Data by acquiring the transaction pointer, and a plaintext is obtained through the private key;
s7.2, checking the correctness of the timestamp, and analyzing the timestamp to obtain a key fragment and an authentication code fragment from the plaintext, namely recovering a complete encryption key and a complete key authentication code by using a recovery algorithm of a secret sharing scheme;
and S7.3, finally, verifying whether the encryption key is the correct key by detecting the correctness of the key authentication code.
9. The block chain-based cloud storage key security management method according to claim 8, wherein the step S7.3 is specifically:
step one, utilizing a Hash function H2Calculate Kfm1And pass through a hash function H1And said Kfm1To obtain macF1
Step two, converting the macF1And the resolved key authentication code is finally compared;
step three, if the two encryption keys are the same, the analyzed encryption key is a complete encryption key; otherwise, the analyzed encryption key is illegally tampered in the transmission stage.
10. The block chain-based cloud storage key security management method according to claim 1, wherein the original file in step S8 is calculated by an AES symmetric decryption algorithm.
CN202110284942.7A 2021-03-17 2021-03-17 Cloud storage key security management method based on block chain Pending CN112906056A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110284942.7A CN112906056A (en) 2021-03-17 2021-03-17 Cloud storage key security management method based on block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110284942.7A CN112906056A (en) 2021-03-17 2021-03-17 Cloud storage key security management method based on block chain

Publications (1)

Publication Number Publication Date
CN112906056A true CN112906056A (en) 2021-06-04

Family

ID=76105474

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110284942.7A Pending CN112906056A (en) 2021-03-17 2021-03-17 Cloud storage key security management method based on block chain

Country Status (1)

Country Link
CN (1) CN112906056A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113688405A (en) * 2021-07-08 2021-11-23 电子科技大学 Bidirectional authentication hybrid encryption method based on block chain
CN113783854A (en) * 2021-08-30 2021-12-10 湖南天河国云科技有限公司 Block chain-based credit data cross-chain sharing method and device
CN114760072A (en) * 2022-06-13 2022-07-15 南京易科腾信息技术有限公司 Signature and signature verification method, device and storage medium
CN116090024A (en) * 2023-02-06 2023-05-09 山东昱鑫信息科技有限公司 Reliable data storage device, system and method
CN117240625A (en) * 2023-11-14 2023-12-15 武汉海昌信息技术有限公司 Tamper-resistant data processing method and device and electronic equipment

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106100832A (en) * 2016-06-12 2016-11-09 广东工业大学 Key management method based on convergent encryption in a kind of cloud storage data deduplication
CN109040045A (en) * 2018-07-25 2018-12-18 广东工业大学 A kind of cloud storage access control method based on the encryption of ciphertext policy ABE base

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106100832A (en) * 2016-06-12 2016-11-09 广东工业大学 Key management method based on convergent encryption in a kind of cloud storage data deduplication
CN109040045A (en) * 2018-07-25 2018-12-18 广东工业大学 A kind of cloud storage access control method based on the encryption of ciphertext policy ABE base

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
GUIPENG ZHANG等: "A secure authorized deduplication scheme for cloud data based on blockchain", 《INFORMATION PROCESSING AND MANAGEMENT》 *
GUIPENG ZHANG等: "BDKM:A Blockchain-Based Secure Deduplication Scheme with Reliable Key Management", 《NEURAL PROCESSING LETTERS》 *
张桂鹏: "云存储系统中数据安全去重技术研究", 《中国优秀博硕士学位论文全文数据库(硕士)信息科技楫》 *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113688405A (en) * 2021-07-08 2021-11-23 电子科技大学 Bidirectional authentication hybrid encryption method based on block chain
CN113783854A (en) * 2021-08-30 2021-12-10 湖南天河国云科技有限公司 Block chain-based credit data cross-chain sharing method and device
CN113783854B (en) * 2021-08-30 2023-10-17 湖南天河国云科技有限公司 Credit data cross-chain sharing method and device based on block chain
CN114760072A (en) * 2022-06-13 2022-07-15 南京易科腾信息技术有限公司 Signature and signature verification method, device and storage medium
CN114760072B (en) * 2022-06-13 2022-09-02 南京易科腾信息技术有限公司 Signature and signature verification method, device and storage medium
CN116090024A (en) * 2023-02-06 2023-05-09 山东昱鑫信息科技有限公司 Reliable data storage device, system and method
CN116090024B (en) * 2023-02-06 2024-01-30 上海泰锟医药技术有限公司 Reliable data storage device, system and method
CN117240625A (en) * 2023-11-14 2023-12-15 武汉海昌信息技术有限公司 Tamper-resistant data processing method and device and electronic equipment
CN117240625B (en) * 2023-11-14 2024-01-12 武汉海昌信息技术有限公司 Tamper-resistant data processing method and device and electronic equipment

Similar Documents

Publication Publication Date Title
CN111639361B (en) Block chain key management method, multi-person common signature method and electronic device
CN110300112B (en) Block chain key hierarchical management method
US10404455B2 (en) Multiple-phase rewritable blockchain
CN112906056A (en) Cloud storage key security management method based on block chain
CN103414690B (en) One can openly be verified the high in the clouds data property held method of calibration
CN111130757A (en) Multi-cloud CP-ABE access control method based on block chain
CN111327620B (en) Data security traceability and access control system under cloud computing framework
CN110971411B (en) SM2 homomorphic signature method for encrypting private key by multiplying based on SOTP technology
CN112732695B (en) Cloud storage data security deduplication method based on block chain
CN111274594B (en) Block chain-based secure big data privacy protection sharing method
CN109905230B (en) Data confidentiality verification method and system in cloud storage
Jalil et al. A secure and efficient public auditing system of cloud storage based on BLS signature and automatic blocker protocol
CN115021903A (en) Electronic medical record sharing method and system based on block chain
Song et al. Cryptanalysis and improvement of verifiable quantum (k, n) secret sharing
WO2014030706A1 (en) Encrypted database system, client device and server, method and program for adding encrypted data
CN108809996B (en) Integrity auditing method for duplicate deletion stored data with different popularity
CN109145650B (en) Efficient and safe outsourcing big data auditing method in cloud environment
CN114885325A (en) Credible auditing method and system for regulating and controlling service network security suitable for 5G network
Armknecht et al. Sharing proofs of retrievability across tenants
CN114826607B (en) Edge computing node compression method based on block chain and lightweight storage system
CN115114648A (en) Data processing method and device and electronic equipment
CN111585756A (en) Certificateless cloud auditing method suitable for multi-copy-multi-cloud condition
Keerthana et al. Slicing, Tokenization, and Encryption Based Combinational Approach to Protect Data-at-Rest in Cloud Using TF-Sec Model
CN111539031A (en) Data integrity detection method and system for privacy protection of cloud storage tag
Neela et al. A Hybrid Cryptography Technique with Blockchain for Data Integrity and Confidentiality in Cloud Computing

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20210604

RJ01 Rejection of invention patent application after publication