CN114036539A - Safety auditable Internet of things data sharing system and method based on block chain - Google Patents
Safety auditable Internet of things data sharing system and method based on block chain Download PDFInfo
- Publication number
- CN114036539A CN114036539A CN202111310002.7A CN202111310002A CN114036539A CN 114036539 A CN114036539 A CN 114036539A CN 202111310002 A CN202111310002 A CN 202111310002A CN 114036539 A CN114036539 A CN 114036539A
- Authority
- CN
- China
- Prior art keywords
- data
- key
- internet
- things
- ciphertext
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 69
- 238000012795 verification Methods 0.000 claims abstract description 47
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 44
- 230000006870 function Effects 0.000 claims abstract description 32
- 230000002776 aggregation Effects 0.000 claims abstract description 21
- 238000004220 aggregation Methods 0.000 claims abstract description 21
- 238000005516 engineering process Methods 0.000 claims abstract description 14
- 238000012946 outsourcing Methods 0.000 claims abstract description 9
- 238000006243 chemical reaction Methods 0.000 claims description 36
- 238000005538 encapsulation Methods 0.000 claims description 32
- 230000008569 process Effects 0.000 claims description 24
- 238000006116 polymerization reaction Methods 0.000 claims description 12
- 238000004364 calculation method Methods 0.000 claims description 10
- 238000011217 control strategy Methods 0.000 claims description 10
- 230000007246 mechanism Effects 0.000 claims description 8
- 230000009466 transformation Effects 0.000 claims description 8
- 238000013500 data storage Methods 0.000 claims description 7
- 230000004931 aggregating effect Effects 0.000 claims description 3
- 230000006399 behavior Effects 0.000 claims description 3
- 239000000284 extract Substances 0.000 claims description 3
- 230000006855 networking Effects 0.000 claims description 3
- 238000004806 packaging method and process Methods 0.000 claims description 3
- 230000002441 reversible effect Effects 0.000 claims description 3
- 238000007726 management method Methods 0.000 abstract description 10
- 230000001360 synchronised effect Effects 0.000 abstract description 10
- 238000012550 audit Methods 0.000 abstract description 5
- 238000004891 communication Methods 0.000 description 5
- 230000008901 benefit Effects 0.000 description 4
- 238000013461 design Methods 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 238000011156 evaluation Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 101100115146 Mus musculus Ctif gene Proteins 0.000 description 1
- 241000700605 Viruses Species 0.000 description 1
- 101100115147 Xenopus tropicalis ctif gene Proteins 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000009956 central mechanism Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000009795 derivation Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 230000008676 import Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000009545 invasion Effects 0.000 description 1
- 230000002427 irreversible effect Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 231100000279 safety data Toxicity 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Automation & Control Theory (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a block chain-based security auditable Internet of things data sharing system and method, which improve the security of security data sharing of the Internet of things by using a block chain technology. And fine-grained control over the data access authority of the Internet of things is realized by using an attribute-based encryption mode, and the computing overhead of a user side is reduced by using an outsourcing decryption technology. The core function of the system is to realize the control of the access times of the user, and to manage each access of the user by using the algorithms of synchronous aggregation signature, verifiable random function and the like. In the pay use model, the system allocates limited times of data access rights of the internet of things according to the pay condition of the user on the data. Meanwhile, the intelligent contract function of the block chain provides user management, signature verification and access audit functions for the system.
Description
Technical Field
The invention belongs to the technical field of information security, Internet of things and information sharing, and particularly relates to a block chain-based security auditable Internet of things data sharing system and method.
Background
1. Block chain and intelligent contract
The block chain is a chain data structure formed by combining data blocks in a sequential connection mode according to a time sequence, and is a distributed account book which is guaranteed in a cryptographic mode and cannot be tampered and forged. Broadly speaking, the blockchain technique is a completely new distributed infrastructure and computing paradigm that utilizes blockchain data structures to verify and store data, utilizes distributed node consensus algorithms to generate and update data, cryptographically secures data transmission and access security, and utilizes intelligent contracts composed of automated script code to program and manipulate data.
The intelligent contract is a special protocol, which is used when making contracts in a block chain, and contains code functions, and can also interact with other contracts, make decisions, store data, send Ethernet coins and other functions. The intelligent contract principal provides verification and runs the conditions established within the contract. Smart contracts allow trusted transactions to be conducted without third parties. These transactions are traceable and irreversible.
2. Ciphertext policy attribute based encryption
Ciphertext policy attribute based encryption (CP-ABE) can provide privacy-protecting fine-grained access control for data sharing. The method specifically comprises four algorithms:
(1)Setup(1λ) → (PP, MSK) input security parameter lambda, output system public parameter PP and master key MSK. The security parameter λ is used to define the security level of the system, the public parameter PP is the default input for other algorithms, and the master key MSK may generate an attribute key for the user.
(2)Inputting PP, MSK and user attribute setThe user attribute key SK is output. User's attribute key SK and attribute setAssociation, usable for decrypting access policies withAnd matching the ciphertext.
(3)Input PP, message m and access policyAnd outputting the message ciphertext CT. Due to CT and access policyCorrelation, if attribute set corresponding to user attribute key SKSatisfying access policiesThe user can decrypt the CT.
(4) Dec (SK, CT) → m/. DELTA.: input SK, CT if the set of attributes in SKWith access in CTMatchingOutputting the message m, otherwise outputting ≠ represents decryption error. User's attribute key SK and attribute setAssociation, CT and access policyAnd when the two are matched, the user can recover the plaintext m from the CT by using the SK.
3. Synchronized aggregated signatures
Synchronous Aggregated Signature (SAS) comprises six algorithms:
(1)Setup(1λ) Input security parameter λ → PP, output system disclosure parameter PP. The safety parameter lambda being used to determineDefining the security level of the system, the public parameter PP is the default input for other algorithms.
(2) KeyGen (PP) → (pk, sk), which inputs the PP and outputs the public and private keys pk/sk. The algorithm generates a key pair for the user.
(3) Sign (PP, sk, m, ω) → σ input PP, sk, message m, and validity period ω, output signature σ. The signature value is bound to the message and the validity period for verification of the validity period of the message.
(4) Verify (PP, pk, m, σ) → 1/0: input PP, pk, m, σ, output 1 indicates that the signature is valid, otherwise output 0.
(5)Agg(PP,PK,Msg,Sig)→σ∑Input PP, a set of public keys PK ═ PK (PK)1,…,pkl) A set of messages Msg ═ m1,…,ml) A set of signatures Sig ═ (σ)1,…,σl) Output aggregate signature σ∑。
(6)AggVerify(PP,PK,Msg,σ∑) → 1/0 input PP, PK, Msg, σ∑Output 1 indicates that the aggregated signature is valid, otherwise output 0.
4. Verifiable random function
A Verifiable Random Function (VRF) is a pseudo random function that can provide a verification function, and comprises four algorithms:
(1)Setup(1λ) Input security parameter λ → PP, output system disclosure parameter PP.
(2) KeyGen (PP) → (pk, sk), which inputs the PP and outputs the public and private keys pk/sk.
(3) Save (PP, sk, x) → (y, pi), input PP, sk and message x, output VRF evaluation value y and proof value pi.
(4) Verify (PP, pk, x, y, pi) → 1/0: import PP, pk, x, y, pi, export 1 indicates (y, pi) is a valid evaluation and proof value for x, otherwise 0 is exported.
5. Attribute set access policy definition
Attribute set definition: the system represents a single attribute by the symbol A, let { A1,A2,…,AnDenotes the set of all attributes. Order symbolRepresents a set of attributes of a user and satisfiesRepresenting sets of attributes using n-bit stringsWherein a isiE {0,1} represents the bit value corresponding to the ith attribute: if it isThen ai1 is ═ 1; if it isThen ai0. For example, assuming n is 6, thenRepresenting a collection of attributesContaining an attribute A1,A3,A5,A6}。
The access policy defines: the system uses a system based on an AND gate (AND gate) AND a set of attributes A1,A2,…,AnAccess structure of { right before } defines access policyRepresenting access policies using n-bit stringsWherein b isiE {0,1} represents the bit value corresponding to the ith attribute: if it isThen b isi1 is ═ 1; if it isThen b isi0. For example, assuming n is 6, thenIndicating satisfaction of an access policyNeeds to contain the attribute A3,A5}。
The attribute is defined by matching with the access policy: for attribute collectionAnd access policyIf a is satisfied for all i e {1, …, n }, theni≥biThen called attribute setAnd access policyMatch, expressed as
6. The technical proposal closest to the proposal of the application
(1) Block chain-based data controlled circulation method CN202110564714.5
The following steps are described: the invention discloses a block chain-based data controlled circulation method, belonging to the field of network security; firstly, establishing a data transfer alliance chain in an untrusted network environment, and establishing a trusted third party, a data uploading area and a downloading area; secondly, executing an intelligent contract for data encryption uploading, encrypting the revolution data and uploading the revolution data to a data transfer central station by setting an access control structure tree among different users; then executing intelligent contract of data abstract uplink, extracting abstract information of the circulated data and uplink memory evidence; then executing an intelligent contract generated by the key, and dynamically generating a resource access key by a trusted third party according to the identity attribute of the data receiver; and finally, executing the intelligent contract obtained by data decryption, decrypting by a data receiver by using the resource access key to obtain the clear text of the data to be transferred, and verifying the authenticity of the data to be transferred by comparing the data digests on the chain and the data digests on the chain. The invention ensures the credible data source and controls the flowing range of the data.
The disadvantages are as follows: the invention controls the data flow by using the access control strategy, but the use times of the data resources by the user can not be limited, and the data resources can be used for unlimited times once authorized.
(2) Multi-authority attribute based encryption method CN202110411887.3 based on block chain
The following steps are described: the invention provides a multi-authority attribute-based encryption method based on a block chain, which comprises the steps of carrying out global initialization on a system, generating a system public parameter GP and recording the GP into a created block; initializing attribute authorities, wherein all the attribute authorities generate a group of attribute public and private keys by utilizing GP; encrypting data, wherein an encryptor generates a data ciphertext and a key ciphertext by using a symmetric encryption algorithm and an attribute encryption algorithm; generating a user private key, wherein the attribute authority generates a group of attribute private keys for the user; decrypting the data, and decrypting the ciphertext by using the attribute private key by the user to obtain shared data; and attribute revocation, wherein due to the fact that the user attribute is revoked, the attribute set of the user attribute does not meet the access strategy, and the updated ciphertext address cannot be obtained. The invention records the time sequence attribute state of the user by using the block chain, realizes the distributed distribution, storage and cancellation of the attribute private key, improves the key management efficiency of a distributed attribute-based encryption mechanism, and enhances the security of data sharing in a distributed environment.
The disadvantages are as follows: the invention utilizes an attribute-based encryption method to carry out fine-grained control on data use, but cannot realize the outsourcing decryption function, and a user can recover a ciphertext by carrying out a large amount of operations. Moreover, the server needs to respond to all data requests, and cannot resist distributed denial of service attacks.
(3) Block chain-based security authentication method for power distribution Internet of things CN202110718633.6
The following steps are described: the invention discloses a safety certification method of a power distribution internet of things based on a block chain, which comprises the following steps: the method comprises the steps that each edge gateway is used as a block chain node to construct a block chain, each power terminal device sends corresponding device information and a preset password to the edge gateway, the edge gateway processes the device information and the preset password to complete registration, the edge gateway generates a first encrypted ciphertext and a second encrypted ciphertext, the edge gateway generates a target ciphertext combination based on the first encrypted ciphertext and the second encrypted ciphertext, the target ciphertext combination is linked on the block chain, the power terminal device sends authentication information to the edge gateway, the edge gateway obtains authentication data from the authentication information, the edge gateway obtains a first authentication data abstract based on the authentication data and extracts a second digital abstract from the block chain, and the edge gateway realizes the safety authentication of the edge gateway on the power terminal device based on the first authentication data abstract and the second digital abstract. Therefore, the identity authentication of the power terminal equipment can be completed more efficiently.
The disadvantages are as follows: according to the method, identity authentication among the Internet of things devices is realized by combining a block chain technology, but the safe sharing of the Internet of things data cannot be realized, and fine-grained safety control on the data is not considered.
(4) Method CN202010409745.9 for safely sharing data based on private chain
The following steps are described: the invention relates to a data security sharing method based on a private chain, and belongs to the field of block chains and the Internet. The invention discloses a method for safely sharing data based on a private chain, which connects data blocks into a data network to form a complete database with data storage and sharing functions. By utilizing the safety characteristic of the block chain and the distributed management of the root zone data, the method can be applied to the management of a large amount of private data and ensure the authenticity of the data. The method can timely and effectively process huge and fragmented data, and better guarantee privacy of the authority and communication management of the Internet of things equipment. In addition, the block chain technology is combined with an off-chain database, data and data storage permission is separated, so that a central mechanism cannot lose or leak data due to management loss or equipment failure, a decentralized management system is realized, DDoS attack can be resisted, and self-protection is realized.
The disadvantages are as follows: the invention utilizes the private chain to carry out data security sharing, has no public chain or alliance chain in application scene, and is not suitable for the use of the Internet of things system facing public service. In addition, data is not encrypted, and fine-grained access control is not performed, which easily causes a problem of data leakage. The scheme also cannot audit the use condition of the data.
(5) Internet of things security agent data sharing module design method CN201910543004.7 adopting block chain technology
The following steps are described: the invention discloses a method for designing a data sharing module of an Internet of things security agent by adopting a block chain technology. The method integrates a blockchain network, a processing node of the blockchain network serves as a proxy server, when a user is a registered member of the network, the user can access data through verification of the blockchain network, the proxy also re-encrypts the data through conversion of a policy set in the process of sharing the data, and the blockchain network and the cloud server work cooperatively to ensure an anti-collusion scheme.
The disadvantages are as follows: according to the method, the security protection is performed on the data of the Internet of things by using the attribute basis and the proxy re-encryption function, but the encryption process and the decryption process of the scheme both involve a large number of bilinear pairwise operations and power exponent operations, and are not suitable for the use of resource-limited Internet of things equipment, because a large amount of operation can quickly exhaust the computing resources and electric quantity of the sensor node, and a large amount of communication bandwidth can be occupied. Compared with the prior art, the method has the advantages that the computing overhead is low, a large amount of computing requirements are outsourced to the cloud platform and the block chain intelligent contract to be executed, and the computing amount of the Internet of things equipment and the user side can be reduced. In addition, the invention can also manage and control and audit the use times of the data resources of the user.
The prior technical scheme and the system have the following problems to prevent the deployment of the prior technical scheme and the prior technical system in practical application. (1) The efficiency of the Attribute Based Encryption (ABE) algorithm. The ABE scheme can provide a flexible access control mode, but the existing scheme has the problems of high communication and calculation cost and complex decryption process. Cipher text length, bilinear pairwise operand and power exponent operand in most existing schemes are linearly increased along with complexity of an access strategy, and use of ABE in the scene of the Internet of things is seriously hindered. Therefore, an important challenge is how to optimize communication and computational efficiency in a pay-for-use model. (2) A distributed denial of service attack (DDoS attack) problem on ABE ciphertext. In the existing ABE scheme architecture, the cloud server cannot determine whether the user has the decryption authority for the ciphertext, so all download requests need to be responded. And a malicious attacker or an unauthorized user can frequently initiate a data downloading request to the cloud platform by utilizing the vulnerability. In order to achieve the purpose of large-scale attack, an attacker can control a plurality of hosts to simultaneously send requests to the cloud platform in a short time to obtain responses by injecting viruses into a large number of computers, so that the resource of the cloud platform is exhausted. This type of attack is known as a denial of service attack. Thus, a second challenge is how to prevent denial of service attacks against the ABE scheme. (3) Resource usage auditing problems. In order to achieve transparency of cloud service charging, data owners need to audit cloud storage and cloud computing resources that are actually consumed. The traditional signature-based auditing mode requires a data owner to download a signature generated by each interaction between a user and a cloud platform, and then verify the signature values one by one, so that larger communication and calculation expenses are generated. Therefore, the third major challenge is how to achieve efficient cloud resource auditing.
Disclosure of Invention
Aiming at the defects in the prior art, the invention aims to provide a safety auditable Internet of things data sharing system and method based on a block chain. In order to realize privacy protection of data, the safety of safe data sharing of the Internet of things is improved by using a block chain technology. The block chain is used for generating/encrypting the data of the Internet of things, the key nodes in the extraction/decryption process provide the storage verification, the reliability of information transmission is greatly improved, and the calculation overhead of a user side is reduced through the outsourcing decryption technology.
Furthermore, the invention also realizes fine-grained control on the data access authority of the Internet of things by using an attribute-based encryption mode. And the control on the access times of the user is realized, and each access of the user is managed by using algorithms such as a synchronous aggregation signature and a verifiable random function. In the pay use model, the system allocates limited times of data access rights of the internet of things according to the pay condition of the user on the data. Meanwhile, the intelligent contract function of the block chain can also provide user management, signature verification and access audit functions for the system.
Aiming at the problems of privacy disclosure, easiness in denial of service attack and hacker invasion and the like existing in the traditional data sharing method, the invention designs a safety auditable Internet of things data sharing system based on a block chain in a payment business model. Firstly, the Internet of things equipment encrypts data by using a ciphertext attribute strategy-based encryption scheme, so that the attributes of data users are limited, fine-grained data sharing access control is realized, and the access times of the users can be defined; secondly, introducing a payment business model into the data sharing system, enabling the cloud server to charge for the provided service, and generating a corresponding resource use certificate through a verifiable random function and a synchronous aggregation signature; then, the Internet of things equipment management party can automatically verify the certificate generated by the cloud server by using the block chain intelligent contract; and finally, outsourcing a large amount of operations to the cloud server for computing by an outsourcing computing method, so that the decryption overhead of the user side is reduced. The distributed denial of service attack for the cloud storage ciphertext is resisted, the decryption overhead of users in fine-grained security data sharing is reduced, and the service provided by the cloud platform is audited by using the block chain intelligent contract. Multiple service proofs can be aggregated through the synchronous aggregation signature, so that the auditing efficiency is improved.
The invention specifically adopts the following technical scheme:
a block chain-based secure auditable Internet of things data sharing system comprises the following elements: the key generation center KGC, the cloud server, the block chain platform and the Internet of things equipment;
the key generation center is used for providing a public and private key pair for a data user and Internet of things equipment of the Internet of things, wherein the public key is used for submitting block chain platform deposit certificates; providing a public key and a ciphertext conversion key of a data user to a cloud server;
the Internet of things equipment encrypts data to generate a ciphertext, generates a signature key pair according to the data access times, uploads the ciphertext and the signature key pair to a cloud server to be stored, and sends the ciphertext to a block chain platform to be stored;
the cloud server is used for providing data storage service for the Internet of things and outsourcing decryption service for data users;
the block chain platform provides evidence storage service for the data storage, sharing, access and charging processes of the Internet of things;
when a data user applies for accessing the encrypted data of the Internet of things, the cloud server completes ciphertext conversion operation and sends the converted ciphertext to the block chain platform for evidence storage; and the received conversion ciphertext can be decrypted to obtain a plaintext after the correctness of the conversion ciphertext is verified by a block chain intelligent contract.
The data user according to the present invention may be understood as an entry device for a user to perform data access, and may be an intelligent device such as a PC or a mobile terminal, which is burdened with functions of arithmetic processing such as decryption operation.
Further, the key generation center generates a public parameter PP and distributes keys for entities in the system, including: distributing public and private key Pairs (PKs) for Internet of things equipment in the Internet of thingsO,SKO) Public and private key Pairs (PKs) are distributed to data consumersU,SKU) Generating cryptogram transformation key TK for data userUAnd extracting the secret key RKU(ii) a Key generation center will (PK)U,SKU,RKU) Send to the data user and send (PK)U,TKU) Sending the data to a cloud server; the key generation center sends the public parameter PP to a block chain platform for storing the certificate; the Internet of things equipment is used for providing public keyPKOThe data user uses the public key PKUSending the verification to a block chain platform for evidence storage;
the Internet of things equipment is used for encrypting the generated data m and using an access control strategyFor allowing user attribute of data accessLimiting to generate a ciphertext CT; the method comprises the steps that the internet of things equipment authorizes a data user to access data with the number of times of kappa, the internet of things equipment generates a kappa pair signature key pair, and a signature private key is encrypted to generate CK; the Internet of things equipment uploads the ciphertext CT and the signature key pair CK to a cloud server for storage, and the cloud server sends the CT to a block chain platform for storage;
when a data user applies for accessing the encrypted data of the Internet of things, an access request req is submitted to a cloud server, and the cloud server completes ciphertext conversion operation and sends a converted ciphertext to a block chain platform for evidence storage; the converted ciphertext TCT is submitted to a block chain intelligent contract for correctness verification, if the verification is passed, the converted ciphertext TCT is decrypted to recover a plaintext m, and a data user generates a data resource use proof;
the cloud server provides service for authorized data users according to the access control strategy; after receiving the proof of access proof of the data user, the cloud server submits the proof to the blockchain intelligent contract for verification.
Further, for the cloud server, if proof passes verification, aggregation is performed to generate an aggregation proof∑Submitting to the Internet of things equipment for charging for the provided service; service proof of cloud server by calling intelligent contract through equipment of Internet of things∑Carrying out verification and then carrying out payment receiving operation;
the blockchain platform utilizes intelligent contracts to perform data use and payment behaviors on data users and aggregate proof generated by a cloud server∑And (6) carrying out verification.
And, a block chain-based secure auditable internet of things data sharing method, characterized in that:
the key generation center provides a public and private key pair for a data user and the Internet of things equipment of the Internet of things; wherein the public key is used for submitting the block chain platform deposit certificate; providing a public key and a ciphertext conversion key of a data user to a cloud server;
the Internet of things equipment encrypts data to generate a ciphertext, generates a signature key pair according to the data access times, uploads the ciphertext and the signature key pair to a cloud server to be stored, and sends the ciphertext to a block chain platform to be stored;
when a data user applies for accessing the encrypted data of the Internet of things, the cloud server completes ciphertext conversion operation and sends the converted ciphertext to the block chain platform for evidence storage; and the received conversion ciphertext can be decrypted to obtain a plaintext after the correctness of the conversion ciphertext is verified by a block chain intelligent contract.
Further, the method comprises the following steps:
step S1: the key generation center carries out system initialization;
step S2: the key generation center generates a key; which generates a public parameter PP and distributes keys for entities in the system, comprising: distributing public and private key Pairs (PKs) for Internet of things equipment in the Internet of thingsO,SKO) Public and private key Pairs (PKs) are distributed to data consumersU,SKU) Generating cryptogram transformation key TK for data userUAnd extracting the secret key RKU(ii) a Key generation center will (PK)U,SKU,RKU) Send to the data user and send (PK)U,TKU) Sending the data to a cloud server; the key generation center sends the public parameter PP to a block chain platform for storing the certificate; the Internet of things equipment sends a public key PKOThe data user uses the public key PKUSending the verification to a block chain platform for evidence storage;
step S3: the Internet of things equipment performs data encryption and sharing: it encrypts the generated data m and uses an access control policyFor allowing user attribute of data accessLimiting to generate a ciphertext CT; the method comprises the steps that the internet of things equipment authorizes a data user to access data with the number of times of kappa, the internet of things equipment generates a kappa pair signature key pair, and a signature private key is encrypted to generate CK; the Internet of things equipment uploads the ciphertext CT and the signature key pair CK to a cloud server for storage, and the cloud server sends the CT to a block chain platform for storage;
step S4: the data user makes the data request of the internet of things: when a data user applies for accessing the encrypted data of the Internet of things, an access request req is submitted to a cloud server, and the cloud server completes ciphertext conversion operation and sends a converted ciphertext to a block chain platform for evidence storage;
step S5: the data user decrypts and proves the data of the Internet of things after the received conversion ciphertext is subjected to correctness verification by the intelligent contract of the block chain;
step S6: after receiving a proof of access of a data user, submitting the proof to a block chain intelligent contract by the cloud server for verification; if proof passes, then polymerization is performed to generate proof of polymerization proof∑Submitting to the Internet of things equipment for charging for the provided service;
step S7: service proof of cloud server by calling intelligent contract through equipment of Internet of things∑Authentication is performed and then a charge and receipt operation is performed.
Further, step S1 specifically includes the following processes:
setup (1) for initial loading of KGC by the key generation centerλ) → (PP, MSK): the key generation center generates an elliptic curve group G ═ p, E according to the safety parameter lambdap(a, b), Q), wherein Q is the generator of an elliptic curve G, the order of the group G being a prime number p; generating bilinear pairs (p, G)TE) wherein groups G and GTIs a prime number p, and the bilinear pairings map e: GXG → GT(ii) a Let the global property set of the system be
The key generation center selects a random numberWhereinCalculating U-k1Q,V=k2Q,Qi=αiQ,Ui=αiU,Vi=αiV; generating public parameter PP of CP-ABE algorithmABE=(Qi,Ui,Vi) Master key MSKABE=(α,k1,k2) Where i ∈ [1, n ]];
The key generation center randomly selects h eRG, generating public parameter PP of VRF algorithmVRF=QVRF=hQ;
The key generation center randomly selects w epsilonRG, generating the public parameter PP of the SAS algorithmSAS=QSAS=wQ;
The key generation center selects a key generation function KDF, and requires the length of a key output by the KDF to be the key length of the SM1 cryptographic algorithm;
The key generation center outputs a system public parameter PP ═ PP (PP)ABE,PPVRF,PPSAS,KDF,H0,H1,H2) And the master key MSK ═ MSKABE=(α,k1,k2) (ii) a The key generation center sends the public parameter PP to a block chain platform for storing the certificate;
step S2 specifically includes the following processes:
KGC.KeyGen(PP,MSK,S)→(PKO,SKO,PKU,SKU,TKU,RKU): the key generation center generates keys for the Internet of things equipment and the data users;
the key generation center randomly selectsGenerating public and private key Pair (PK) of Internet of things equipmentO,SKO) Public and private key Pair (PK) for data usersU,SKU)=(ηQ,η)。
The key generation center inputs a set of attributes of a userCalculating polynomial ring Zp[α]Function ofSelecting random number by key generation centerCalculating s ∈ ZpSo that the equationIf true; key generation center selecting reversible random numbersCalculating gamma1=(r+k1t)ζ- 1modp,γ2=(s-k2t)ζ-1modp; cipher text of data user is converted into cipher keyCiphertext extracting secret key as RKU=ζ;
The key generation center assigns public and private key Pairs (PKs)O,SKO) Sending to the Internet of things equipment (PK)U,SKU,RKU) Send to the data user (PK)U,TKU) And sending the data to the cloud server.
Further, the internet of things equipment encrypts a plaintext by adopting a key encapsulation mechanism, namely encrypting a plaintext message m by using a symmetric encryption algorithm and an encapsulation key EK, then encrypting the encapsulation key EK by using a key-based encryption technology, and embedding an access control strategy into the plaintext;
the encryption process in step S3 includes:
private key SK for Internet of things equipmentOAnd access control policyEncrypting a plaintext m; encrypting a plaintext by adopting a key encapsulation mechanism, namely encrypting a plaintext message m by using a symmetric encryption algorithm and an encapsulation key EK, then encrypting the encapsulation key EK by using a key-based encryption technology, and embedding an access control strategy into the plaintext;
input data m and access control policyRandom number is selected to thing networking deviceComputingkm=KDF(rmQ),Let fiExpression polynomialMiddle alphaiThe coefficients of the terms; computing Outputting the ciphertextAnd an encapsulation key EK ═ μmWhere i ∈ [1, n ]];
Message m and VRF certification value P of encapsulation key EK by SM1 cryptographic symmetric encryption algorithm2Encrypting and outputting ciphertext Cm=SM1.Enc(KDF(EK),(m||P2));
Setting that an authorized data user accesses the Internet of things data file for at most k times, and randomly selecting the Internet of things equipmentComputing kappa pair signature key pairsWherein i ∈ [1, κ ]](ii) a Adopts SM1 national secret symmetric encryption algorithm and packaging key EK pair skiEncrypting to calculate access key cipher text CSKi=SM1.Enc(KDF(EK),ski);
Internet of things equipment output ciphertextThe encapsulation key EK and the set CK ═ pki,CSKi}i∈[1,κ]Where CK represents a set of k pairs of signing key pairs.
Further, step S4 specifically includes the following processes:
U.Req(PP,PKU,SKUinfo): the data user sends out the Internet of things data access request information Info and calculates Y ═ Ye(QVRF,(H1(Info)+SKU)-1QVRF),π=(H1(Info)+SKU)-1QVRFOutput req ═ of (Info, PK)U,Y,π);
The cloud server performs the following verification and ciphertext conversion operations:
first, it is verified whether the following conditions are all satisfied:
(3) Verifying whether the number of times of requests of a data user for CT does not exceed k times;
if the verification conditions are met, the cloud server performs ciphertext conversion calculation for the data user;
inputting cipher textAnd ciphertext conversion keyIf it is notThe user's attribute set and access control policyIf not, outputting T to represent the data user is an unauthorized user; if it isCloud platform performing ciphertext transformation computations
According to a functionIf in the access policyThenForming a polynomial; otherwise, the method is not established; order toηiRepresents alpha in the polynomial Λ (alpha)iThe coefficients of the terms; obviously, the zero-order coefficient η of the polynomial Λ (α)0Not equal to 0; cloud platform computing:
And the cloud server updates the CT request times ctr of the data user to ctr +1, and stores (TCT, ctr) in the block chain.
Further, step S5 specifically includes the following processes:
U.DecVerify(PP,PKO,RKU,TCT,CSKctr)→(m,ski) /T: the data consumer recovers the access key sk from the converted ciphertextiAnd a plaintext message m;
the data user extracts the key RK with the ciphertextURecovering the original message m from Zeta; firstly, calculating:
Computing m | P using SM1 cryptographic symmetric decryption algorithm and encapsulation key EK2=SM1.Dec(KDF(EK),Cm);
Computing skctr=SM1.Dec(KDF(EK),CSKctr) Output (m, sk)i);
Let ω be the current time period, the data user uses ski=ziCalculating d ═ H1(req,ω),Φ1=H2(0,ω),Φ2=H0(1,ω),σ=zctrΦ1+zctrdΦ2Proof of output Proofctr(req, σ, ω) and Proof ofctrThe evidence is stored on the blockchain.
Further, step S6 specifically includes the following processes:
Blockchain.AggProof(PP,PK,Proof)→ProofΣ/T: the cloud server invokes a Proof of Proof (Proof) of aggregating data consumers on a blockchain from an intelligent contract1,…,Proofl) The corresponding public key is PK ═ PK (PK)1,…,PKl) (ii) a For i e [1, l ∈ ]]The cloud server calls the intelligent contract to calculate di=H1(reqi,ω),Φ1=H0(0,ω),Φ2=H0(1, ω); authenticationWhether the result is true or not; if not, outputting T; otherwise, performing proving polymerization operation; inputting PK ═ PK1,…,PKl),Req=(Req1,…,Reql),Sig=(σ1,…,σl) The cloud server calls the intelligent contract to calculateProof of output polymerization ProofΣ=(Req,σΣ,ω)。
Further, step S7 specifically includes the following processes:
Blockchain.Verify(PP,PK,ProofΣ) → 1/0: the Internet of things equipment calls an intelligent contract to verify the aggregation certificate; if ω is not the current time period, or PK ═ PK (PK)1,…,PKl) If the public key in the set appears at least twice, the aggregation is proved to be false, and 0 is output; for i e [1, l ∈ ]]And d, the Internet of things equipment calls the intelligent contract to calculatei=H1(reqi,ω),Φ1=H0(0,ω),Φ2=H0(1, ω), verificationWhether the result is true or not; if yes, outputting 1; otherwise, 0 is output.
Compared with the prior art, the invention and the preferred scheme thereof have the beneficial effects that:
(1) aiming at the problem of how to improve the efficiency of an attribute-based encryption (ABE) algorithm, a large amount of operations are outsourced to a cloud server for calculation by using an outsourced decryption-based ciphertext strategy attribute-based encryption scheme, so that the decryption calculation amount of a user is reduced to a constant order of magnitude. Thereby reducing the decryption overhead at the user end (i.e., reducing the computational overhead for the data user).
(2) Aiming at the problem of how to prevent denial of service attack (aiming at the problem of how to resist distributed denial of service supply aiming at cloud storage ciphertext) aiming at the ABE scheme, the Internet of things equipment encrypts data by using a ciphertext attribute strategy-based encryption scheme, so that the attribute of a data user is limited, fine-grained data sharing access control is realized, and the access times of the user can be defined. And the cloud platform verifies the downloading and decryption authority of the user through the ciphertext conversion key TK of the user. If the associated attribute set in TK and the request ciphertext CTIf the encryption algorithm is matched with the encryption algorithm, the cloud platform executes an outsourcing decryption algorithm; otherwise, the cloud platform refuses the data access request of the user. In the system of the invention, a data user needs to use a secret key to generate a downloading request before downloading encryption, and a verifiable random function can verify the downloading request, so as to prevent impersonation attack, namely a malicious attacker impersonates the identity of a legal user to send the downloading request.
(3) Aiming at the problem of how to realize efficient cloud resource auditing, the invention uses the synchronous aggregation signature to realize the auditing operation of the data so as to realize the control of the data access times. First, the SAS aggregates signatures of the same time period into a short aggregated signature, thereby avoiding sending a large number of signatures and their corresponding credentials to the user. The user only needs to verify the single aggregation signature, and the auditing operation of the data resources is realized. Second, in the encryption phase, the data owner prepares k signature keys for the outsourced document, where k represents an upper limit on the number of downloads defined within a time period. Each signing key can only be used to generate one signature and its proof within one time period. The number of data uses for all authorized users can thus be limited. Multiple service proofs can be aggregated through the synchronous aggregation signature, so that the auditing efficiency is improved.
The design points comprise:
1. the control of the access times of the user is realized, and each access of the user is managed by using algorithms such as synchronous aggregation signatures, verifiable random functions and the like.
2. In the pay use model, the system allocates limited times of data access rights of the internet of things according to the pay condition of the user on the data.
3. And auditing the service provided by the cloud platform by using the intelligent contract of the block chain, and performing resource use certification verification and access auditing functions.
4. And aggregating the plurality of service proofs through the synchronous aggregation signature, thereby improving the auditing efficiency.
5. And the decryption overhead of the user side is reduced. The system has the advantages that the distributed denial of service attack aiming at the cloud storage ciphertext can be resisted, and the calculation overhead of the user in fine-grained safety data sharing is reduced.
Drawings
The invention is described in further detail below with reference to the following figures and detailed description:
fig. 1 is a schematic diagram of a system architecture and a work flow according to an embodiment of the present invention.
Detailed Description
In order to make the features and advantages of the present invention comprehensible, embodiments accompanied with figures are described in detail as follows:
the technical solution of the present invention is further described below with reference to the accompanying drawings and examples.
The system architecture of the present embodiment is shown in fig. 1, and each role includes a Key Generation Center (KGC), a cloud server, a block chain, an internet of things, and a data user. The functions of the entities in the system and the operations performed are summarized as follows. The symbol definition in the system of the present embodiment is shown in table 1.
The key generation center: responsible for establishing the system and generating the public parameter PP, and distributing the key for the entity in the system (step (r)): distributing public and private key Pairs (PK) for Internet of things equipmentO,SKO) Public and private key Pairs (PKs) are distributed to data consumersU,SKU) Generating a cryptogram transformation key TK for a userUAnd extracting the secret key RKUWill (PK)U,SKU,RKU) Is sent to the data user, andwill (PK)U,TKU) And sending the data to the cloud platform. And the key generation center sends the public parameter PP to the blockchain platform for evidence storage. Internet of things equipment public key PKOThe user will use the public key PKUAnd sending the data to a block chain platform for evidence storage.
The Internet of things: is a network of physical objects that embed sensors, software and other technologies to establish connections and exchange data with other devices and systems over the internet. In order to protect data privacy, the internet of things equipment needs to encrypt generated data m and use an access control strategyTo the attributes of the user who is allowed to access the dataAnd limiting to generate the ciphertext CT. Assuming that the access frequency of the user authorized by the internet of things device to the data is kappa, the internet of things device generates a kappa pair signature key pair, and encrypts a signature private key to generate CK. And finally, the Internet of things equipment uploads the ciphertext CT and the signature key pair CK to a cloud platform for storage, and the cloud platform sends the CT to a block chain platform for storage (step II). The management side of the Internet of things needs to call a service proof of the intelligent contract to the cloud platform∑Verification is performed and then a payment receiving operation is performed (step (c)).
The data user: and applying for accessing the encrypted data of the Internet of things, submitting an access request req to a cloud server (step (c)), and completing ciphertext conversion operation by the cloud server (step (c)). And the data user submits the received conversion ciphertext TCT to the block chain intelligent contract for correctness verification, and if the conversion ciphertext TCT is correct, the block chain intelligent contract is decrypted to recover a plaintext m. Then, the data user needs to generate the proof of use of data resource proof (step (v)).
Cloud server: the method provides data storage service for the Internet of things and outsources decryption service for data users so as to reduce the calculated amount of the data users. The security requires that the cloud server cannot acquire sensitive data in the files of the Internet of things in the outsourcing decryption processAnd (4) information. The cloud server needs to reject the access request of the unauthorized data user and provides service to the authorized data user according to the access control policy (step (r)). After receiving the proof of access proof of the data user, the cloud platform submits the proof to the blockchain intelligent contract for verification. If passing the verification, performing polymerization to generate a proof of polymerization proof∑To charge for the provided service (step (c)).
Block chains: the method provides evidence storage service for the data storage, sharing, access and charging processes of the Internet of things, and meanwhile verifies the data use and payment behaviors of data users and the aggregated signature generated by the cloud server by using an intelligent contract (step (phi), (phi)).
TABLE 1 legends
The operation process comprises the following steps:
1. system initialization phase
·KGC.Setup(1λ) → (PP, MSK): the key generation center generates an elliptic curve group G ═ p, E according to the safety parameter lambdap(a, b), Q), wherein Q is the generator of the elliptic curve G, the order of the group G being the prime number p. Generating bilinear pairs (p, G)TE) wherein groups G and GTIs a prime number p, and the bilinear pairings map e: GXG → GT. Let the global property set of the system be
-KGC selecting random numbersWhereinCalculating U-k1Q,V=k2Q,Qi=αiQ,Ui=αiU,Vi=αiAnd V. Generating public parameter PP of CP-ABE algorithmABE=(Qi,Ui,Vi) Master key MSKABE=(α,k1,k2) Where i ∈ [1, n ]]。
-KGC randomly choosing h eRG, generating public parameter PP of VRF algorithmVRF=QVRF=hQ。
-KGC randomly choosing w eRG, generating the public parameter PP of the SAS algorithmSAS=QSAS=wQ。
The KGC selects a key generation function KDF (key derivation function), and requires that the length of a KDF output key is the key length of the cryptographic algorithm SM1 (symmetric encryption scheme).
-KGC output system public parameter PP ═ (PP)ABE,PPVRF,PPSAS,KDF,H0,H1,H2) And the master key MSK ═ MSKABE=(α,k1,k2). And the KGC sends the public parameter PP to the block chain platform for evidence storage.
2. Key generation phase
·KGC.KeyGen(PP,MSK,S)→(PKO,SKO,PKU,SKU,TKU,RKU): and the key generation center generates keys for the Internet of things equipment and the user.
-KGC random pickingGenerating public and private key Pair (PK) of Internet of things equipmentO,SKO) (β Q, β) and a user's public and private key Pair (PK)U,SKU)=(ηQ,η)。
-KGC input user's set of attributesCombination of Chinese herbsCalculating polynomial ring Zp[α]Function ofKGC selects random numbersCalculating s ∈ ZpSo that the equationThis is true. KGC selects reversible random numbersCalculating gamma1=(r+k1t)ζ-1modp,γ2=(s-k2t)ζ-1modp. User's ciphertext to transform into a keyCiphertext extracting secret key as RKU=ζ。
KGC will public and private key Pair (PK)O,SKO) Sending to the Internet of things equipment (PK)U,SKU,RKU) Send to the user (PK)U,TKU) And sending the data to the cloud platform.
3. Internet of things data encryption and sharing stage
·Private key SK for Internet of things equipmentOAnd access control policyThe plaintext m is encrypted. The system adopts a key encapsulation mechanism (key encapsulation mechanism) to encrypt the plaintext, namely, a symmetric encryption algorithm and an encapsulation key EK are used to encrypt a plaintext message m, then a key-based encryption technology is used to encrypt an encapsulation key EK, and access control is performedThe policy is embedded in ciphertext. The key encapsulation mechanism has the advantage that the encryption algorithm has no limitation on the type of data collected by the internet of things, so that the data of the internet of things can be sourced from different sensing devices.
-input data m and access control policyRandom number selection for Internet of things equipmentComputingkm=KDF(rmQ),Let fiExpression polynomialMiddle alphaiThe coefficient of the term. Computing Outputting the ciphertextAnd an encapsulation key EK ═ μmWhere i ∈ [1, n ]]。
-certifying the value P of the message m and VRF for the encapsulation key EK using SM1 cryptographic symmetric encryption algorithm2Encrypting and outputting ciphertext Cm=SM1.Enc(KDF(EK),(m||P2))。
-assuming that the data user is authorized to access the internet of things data file k times at most. Random selection of Internet of things equipmentComputing kappa pair signature key pairsWherein i ∈ [1, κ ]]. Using SM1 cryptographic symmetric encryption algorithm to use packaging key EK to skiEncrypting to calculate access key cipher text CSKi=SM1.Enc(KDF(EK),ski)。
-the internet of things device outputs the ciphertextThe encapsulation key EK and the set CK ═ pki,CSKi}i∈[1,κ]Where CK represents a set of k pairs of signing key pairs.
4. Internet of things data request phase
·U.Req(PP,PKU,SKUInfo): the data user sends out the Internet data access request information Info and calculates Y ═ e (Q)VRF,(H1(Info)+SKU)-1QVRF),π=(H1(Info)+SKU)-1QVRFOutput req ═ of (Info, PK)U,Y,π)。
The cloud server performs the following authentication and ciphertext conversion operations. First, it is verified whether the following conditions are all satisfied:
(3) Verifying whether the number of CT requests of the data user does not exceed k.
And if the verification conditions are met, the cloud server performs ciphertext conversion calculation for the data user.
-input ciphertextAnd ciphertext conversion keyIf it is notThe user's attribute set and access control policyIf not, then output T represents the data user is an unauthorized user. If it isCloud platform performing ciphertext transformation computations
According to a functionIf in the access policyThenForming a polynomial; otherwise, this is not true. Order toηiRepresents alpha in the polynomial Λ (alpha)iThe coefficient of the term. Obviously, the zero-order coefficient η of the polynomial Λ (α)0Not equal to 0. Cloud platform computing
The cloud server updates the CT request times ctr +1 of the data users, and stores (TCT, ctr) in the blockchain.
5. Data decryption and certification stage of Internet of things
·U.DecVerify(PP,PKO,RKU,TCT,CSKctr)→(m,ski) /T: the data user recovers the access key sk from the converted ciphertextiAnd a plaintext message m.
-extracting the key RK from the cipher text by the data consumerUζ recovers the original message m. First of all, calculate
-computing m | P using SM1 cryptographic symmetric decryption algorithm and the encapsulation key EK2=SM1.Dec(KDF(EK),Cm)。
-calculating skctr=SM1.Dec(KDF(EK),CSKctr) Output (m, sk)i)。
Let ω be the current time period, the data user use ski=ziCalculating d ═ H1(req,ω),Φ1=H2(0,ω),Φ2=H0(1,ω),σ=zctrΦ1+zctrdΦ2Proof of output Proofctr(req, σ, ω) and Proof ofctrThe evidence is stored on the blockchain.
6. Proof stage of block chain aggregation
·Blockchain.AggProof(PP,PK,Proof)→ProofΣ/T: the cloud server calls the intelligent contract to aggregate the Proof of data users from the block chain (Proof)1,…,Proofl) The corresponding public key is PK ═ PK (PK)1,…,PKl). For i e [1, l ∈ ]]The cloud server calls the intelligent contract to calculate di=H1(reqi,ω),Φ1=H0(0,ω),Φ2=H0(1, ω). AuthenticationWhether or not this is true. If not, outputting T. Otherwise, a proof polymerization operation is performed. Inputting PK ═ PK1,…,PKl),Req=(Req1,…,Reql),Sig=(σ1,…,σl) The cloud server calls the intelligent contract to calculateProof of output polymerization ProofΣ=(Req,σΣ,ω)。
7. Block chain aggregation verification phase
·Blockchain.Verify(PP,PK,ProofΣ) → 1/0: and the Internet of things equipment calls an intelligent contract to verify the aggregation certificate. If ω is not the current time period, or PK ═ PK (PK)1,…,PKl) If the public key in (1) appears at least twice in the set, the aggregation is proved to be false, and 0 is output. For i e [1, l ∈ ]]And d, the Internet of things equipment calls the intelligent contract to calculatei=H1(reqi,ω),Φ1=H0(0,ω),Φ2=H0(1, ω), verificationWhether or not this is true. If true, 1 is output. Otherwise, 0 is output.
It should be understood that the above-described embodiments of the present invention are merely examples for clearly illustrating the present invention, and are not intended to limit the embodiments of the present invention. Other variations and modifications will be apparent to persons skilled in the art in light of the above description. And are neither required nor exhaustive of all embodiments. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present invention should be included in the protection scope of the claims of the present invention.
Claims (10)
1. A safety auditable Internet of things data sharing system based on a block chain is characterized by comprising the following elements: the key generation center KGC, the cloud server, the block chain platform and the Internet of things equipment;
the key generation center is used for providing a public and private key pair for a data user and Internet of things equipment of the Internet of things, wherein the public key is used for submitting block chain platform deposit certificates; providing a public key and a ciphertext conversion key of a data user to a cloud server;
the Internet of things equipment encrypts data to generate a ciphertext, generates a signature key pair according to the data access times, uploads the ciphertext and the signature key pair to a cloud server to be stored, and sends the ciphertext to a block chain platform to be stored;
the cloud server is used for providing data storage service for the Internet of things and outsourcing decryption service for data users;
when a data user applies for accessing the encrypted data of the Internet of things, the cloud server completes ciphertext conversion operation and sends the converted ciphertext to the block chain platform for evidence storage; and the received conversion ciphertext can be decrypted to obtain a plaintext after the correctness of the conversion ciphertext is verified by a block chain intelligent contract.
2. The blockchain-based secure auditable internet of things data sharing system of claim 1, wherein:
the key generation center is used for generating the public parameter PP and distributing the key for the entity in the system, and comprises the following steps: distributing public and private key Pairs (PKs) for Internet of things equipment in the Internet of thingsO,SKO) Public and private key Pairs (PKs) are distributed to data consumersU,SKU) Generating cryptogram transformation key TK for data userUAnd extracting the secret key RKU(ii) a The key generation center is used for generating (PK)U,SKU,RKU) Send to the data user and send (PK)U,TKU) Sending the data to a cloud server; the key generation center is also used for sending the public parameter PP to the block chain platform for storing the certificate; the Internet of things equipment sends a public key PKOThe data user uses the public key PKUSending the verification to a block chain platform for evidence storage;
the Internet of things equipment is used for encrypting the generated data m and using an access control strategyFor allowing user attribute of data accessLimiting to generate a ciphertext CT; the method comprises the steps that the internet of things equipment authorizes a data user to access data with the number of times of kappa, the internet of things equipment generates a kappa pair signature key pair, and a signature private key is encrypted to generate CK; internet of things equipmentUploading the CK of the ciphertext CT and the signature key pair to a cloud server for storage, and sending the CT to a block chain platform by the cloud server for certificate storage;
when a data user applies for accessing the encrypted data of the Internet of things, an access request req is submitted to a cloud server, and the cloud server completes ciphertext conversion operation and sends a converted ciphertext to a block chain platform for evidence storage; the converted ciphertext TCT is submitted to a block chain intelligent contract for correctness verification, if the verification is passed, the converted ciphertext TCT is decrypted to recover a plaintext m, and a data user generates a data resource use proof;
the cloud server provides service for authorized data users according to the access control strategy; after receiving a proof of access of a data user, submitting the proof to a block chain intelligent contract by the cloud server for verification;
for the cloud server, if proof passes verification, aggregation is carried out to generate an aggregation proof∑Submitting to the Internet of things equipment for charging for the provided service; service proof of cloud server by calling intelligent contract through equipment of Internet of things∑Carrying out verification and then carrying out payment receiving operation;
the blockchain platform utilizes intelligent contracts to perform data use and payment behaviors on data users and aggregate proof generated by a cloud server∑And (6) carrying out verification.
3. A block chain-based security auditable Internet of things data sharing method is characterized in that:
the key generation center provides a public and private key pair for a data user and the Internet of things equipment of the Internet of things; wherein the public key is used for submitting the block chain platform deposit certificate; providing a public key and a ciphertext conversion key of a data user to a cloud server;
the Internet of things equipment encrypts data to generate a ciphertext, generates a signature key pair according to the data access times, uploads the ciphertext and the signature key pair to a cloud server to be stored, and sends the ciphertext to a block chain platform to be stored;
when a data user applies for accessing the encrypted data of the Internet of things, the cloud server completes ciphertext conversion operation and sends the converted ciphertext to the block chain platform for evidence storage; and the received conversion ciphertext can be decrypted to obtain a plaintext after the correctness of the conversion ciphertext is verified by a block chain intelligent contract.
4. The block chain based secure auditable internet of things data sharing method of claim 3, comprising the steps of:
step S1: the key generation center carries out system initialization;
step S2: the key generation center generates a key; which generates a public parameter PP and distributes keys for entities in the system, comprising: distributing public and private key Pairs (PKs) for Internet of things equipment in the Internet of thingsO,SKO) Public and private key Pairs (PKs) are distributed to data consumersU,SKU) Generating cryptogram transformation key TK for data userUAnd extracting the secret key RKU(ii) a Key generation center will (PK)U,SKU,RKU) Send to the data user and send (PK)U,TKU) Sending the data to a cloud server; the key generation center sends the public parameter PP to a block chain platform for storing the certificate; the Internet of things equipment sends a public key PKOThe data user uses the public key PKUSending the verification to a block chain platform for evidence storage;
step S3: the Internet of things equipment performs data encryption and sharing: it encrypts the generated data m and uses an access control policyFor allowing user attribute of data accessLimiting to generate a ciphertext CT; the method comprises the steps that the internet of things equipment authorizes a data user to access data with the number of times of kappa, the internet of things equipment generates a kappa pair signature key pair, and a signature private key is encrypted to generate CK; the Internet of things equipment uploads the ciphertext CT and the signature key pair CK to the cloud server for storage,the cloud server sends the CT to a block chain platform for storing the certificate;
step S4: the data user makes the data request of the internet of things: when a data user applies for accessing the encrypted data of the Internet of things, an access request req is submitted to a cloud server, and the cloud server completes ciphertext conversion operation and sends a converted ciphertext to a block chain platform for evidence storage;
step S5: the data user decrypts and proves the data of the Internet of things after the received conversion ciphertext is subjected to correctness verification by the intelligent contract of the block chain;
step S6: after receiving a proof of access of a data user, submitting the proof to a block chain intelligent contract by the cloud server for verification; if proof passes, then polymerization is performed to generate proof of polymerization proof∑Submitting to the Internet of things equipment for charging for the provided service;
step S7: service proof of cloud server by calling intelligent contract through equipment of Internet of things∑Authentication is performed and then a charge and receipt operation is performed.
5. The block chain-based secure auditable internet of things data sharing method of claim 4, wherein:
step S1 specifically includes the following processes:
setup (1) for initial loading of KGC by the key generation centerλ) → (PP, MSK): the key generation center generates an elliptic curve group G ═ p, E according to the safety parameter lambdap(a, b), Q), wherein Q is the generator of an elliptic curve G, the order of the group G being a prime number p; generating bilinear pairs (p, G)TE) wherein groups G and GTIs a prime number p, and the bilinear pairings map e: GXG → GT(ii) a Let the global property set of the system be
The key generation center selects a random numberWhereinCalculating U-k1Q,V=k2Q,Qi=αiQ,Ui=αiU,Vi=αiV; generating public parameter PP of CP-ABE algorithmABE=(Qi,Ui,Vi) Master key MSKABE=(α,k1,k2) Where i ∈ [1, n ]];
The key generation center randomly selects h eRG, generating public parameter PP of VRF algorithmVRF=QVRF=hQ;
The key generation center randomly selects w epsilonRG, generating the public parameter PP of the SAS algorithmSAS=QSAS=wQ;
The key generation center selects a key generation function KDF, and requires the length of a key output by the KDF to be the key length of the SM1 cryptographic algorithm;
The key generation center outputs a system public parameter PP ═ PP (PP)ABE,PPVRF,PPSAS,KDF,H0,H1,H2) And the master key MSK ═ MSKABE=(α,k1,k2) (ii) a The key generation center sends the public parameter PP to a block chain platform for storing the certificate;
step S2 specifically includes the following processes:
KGC.KeyGen(PP,MSK,S)→(PKO,SKO,PKU,SKU,TKU,RKU): the key generation center generates keys for the Internet of things equipment and the data users;
the key generation center randomly selectsGenerating public and private key Pair (PK) of Internet of things equipmentO,SKO) Public and private key Pair (PK) for data usersU,SKU)=(ηQ,η);
The key generation center inputs a set of attributes of a userCalculating polynomial ring Zp[α]Function ofSelecting random number by key generation centerCalculating s ∈ ZpSo that the equationIf true; key generation center selecting reversible random numbersCalculating gamma1=(r+k1t)ζ- 1modp,γ2=(s-k2t)ζ-1modp; cipher text of data user is converted into cipher keyCiphertext extracting secret key as RKU=ζ;
The key generation center assigns public and private key Pairs (PKs)O,SKO) Sending to the Internet of things equipment (PK)U,SKU,RKU) Send to the data user (PK)U,TKU) And sending the data to the cloud server.
6. The block chain-based secure auditable internet of things data sharing method of claim 5, wherein:
the Internet of things equipment encrypts a plaintext by adopting a key encapsulation mechanism, namely encrypting a plaintext message m by using a symmetric encryption algorithm and an encapsulation key EK, then encrypting the encapsulation key EK by using a key-based encryption technology, and embedding an access control strategy into the plaintext;
the encryption process in step S3 includes:
private key SK for Internet of things equipmentOAnd access control policyEncrypting a plaintext m; encrypting a plaintext by adopting a key encapsulation mechanism, namely encrypting a plaintext message m by using a symmetric encryption algorithm and an encapsulation key EK, then encrypting the encapsulation key EK by using a key-based encryption technology, and embedding an access control strategy into the plaintext;
input data m and access control policyRandom number is selected to thing networking deviceComputingkm=KDF(rmQ),Let fiExpression polynomialMiddle alphaiThe coefficients of the terms; computing Outputting the ciphertextAnd an encapsulation key EK ═ μmWhere i ∈ [1, n ]];
Message m and VRF certification value P of encapsulation key EK by SM1 cryptographic symmetric encryption algorithm2Encrypting and outputting ciphertext Cm=SM1.Enc(KDF(EK),(m||P2));
Setting that an authorized data user accesses the Internet of things data file for at most k times, and randomly selecting the Internet of things equipmentComputing kappa pair signature key pairsWherein i ∈ [1, κ ]](ii) a Adopts SM1 national secret symmetric encryption algorithm and packaging key EK pair skiEncrypting to calculate access key cipher text CSKi=SM1.Enc(KDF(EK),ski);
7. The block chain-based secure auditable internet of things data sharing method of claim 6, wherein:
step S4 specifically includes the following processes:
U.Req(PP,PKU,SKUinfo): the data user sends out a thing networking data access request information Info and calculates Y ═ e (Q)VRF,(H1(Info)+SKU)-1QVRF),π=(H1(Info)+SKU)-1QVRFOutput req ═ of (Info, PK)U,Y,π);
The cloud server performs the following verification and ciphertext conversion operations:
first, it is verified whether the following conditions are all satisfied:
(3) Verifying whether the number of times of requests of a data user for CT does not exceed k times;
if the verification conditions are met, the cloud server performs ciphertext conversion calculation for the data user;
inputting cipher textAnd ciphertext conversion keyIf it is notThe user's attribute set and access control policyIf not, outputting T to represent the data user is an unauthorized user; if it isCloud platform performing ciphertext transformation computations
According to a functionIf in the access policyThenForming a polynomial; otherwise, the method is not established; order toηiRepresents alpha in the polynomial Λ (alpha)iThe coefficients of the terms; obviously, the zero-order coefficient η of the polynomial Λ (α)0Not equal to 0; cloud platform computing:
And the cloud server updates the CT request times ctr of the data user to ctr +1, and stores (TCT, ctr) in the block chain.
8. The block chain-based secure auditable internet of things data sharing method of claim 7, wherein:
step S5 specifically includes the following processes:
U.DecVerify(PP,PKO,RKU,TCT,CSKctr)→(m,ski) /T: the data consumer recovers the access key sk from the converted ciphertextiAnd a plaintext message m;
the data user extracts the key RK with the ciphertextURecovering the original message m from Zeta; firstly, calculating:
Computing m | P using SM1 cryptographic symmetric decryption algorithm and encapsulation key EK2=SM1.Dec(KDF(EK),Cm);
Computing skctr=SM1.Dec(KDF(EK),CSKctr) Output (m, sk)i);
Let omega be whenPrevious time period, said data user using ski=ziCalculating d ═ H1(req,ω),Φ1=H2(0,ω),Φ2=H0(1,ω),σ=zctrΦ1+zctrdΦ2Proof of output Proofctr(req, σ, ω) and Proof ofctrThe evidence is stored on the blockchain.
9. The block chain-based secure auditable internet of things data sharing method of claim 8, wherein:
step S6 specifically includes the following processes:
Blockchain.AggProof(PP,PK,Proof)→ProofΣ/T: the cloud server invokes a Proof of Proof (Proof) of aggregating data consumers on a blockchain from an intelligent contract1,…,Proofl) The corresponding public key is PK ═ PK (PK)1,…,PKl) (ii) a For i e [1, l ∈ ]]The cloud server calls the intelligent contract to calculate di=H1(reqi,ω),Φ1=H0(0,ω),Φ2=H0(1, ω); authenticationWhether the result is true or not; if not, outputting T; otherwise, performing proving polymerization operation; inputting PK ═ PK1,…,PKl),Req=(Req1,…,Reql),Sig=(σ1,…,σl) The cloud server calls the intelligent contract to calculateProof of output polymerization ProofΣ=(Req,σΣ,ω)。
10. The block chain-based secure auditable internet of things data sharing method of claim 9, wherein:
step S7 specifically includes the following processes:
Blockchain.Verify(PP,PK,ProofΣ) → 1/0: the Internet of things equipment calls an intelligent contract to verify the aggregation certificate; if ω is not the current time period, or PK ═ PK (PK)1,…,PKl) If the public key in the set appears at least twice, the aggregation is proved to be false, and 0 is output; for i e [1, l ∈ ]]And d, the Internet of things equipment calls the intelligent contract to calculatei=H1(reqi,ω),Φ1=H0(0,ω),Φ2=H0(1, ω), verificationWhether the result is true or not; if yes, outputting 1; otherwise, 0 is output.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111200870 | 2021-10-14 | ||
CN202111200870X | 2021-10-14 |
Publications (1)
Publication Number | Publication Date |
---|---|
CN114036539A true CN114036539A (en) | 2022-02-11 |
Family
ID=80136558
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202111310002.7A Pending CN114036539A (en) | 2021-10-14 | 2021-11-05 | Safety auditable Internet of things data sharing system and method based on block chain |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN114036539A (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114697042A (en) * | 2022-03-07 | 2022-07-01 | 电子科技大学 | Block chain-based Internet of things security data sharing proxy re-encryption method |
CN114726533A (en) * | 2022-03-23 | 2022-07-08 | 扬州大学 | Block chain based redundant data detection and deletion method in edge computing environment |
CN114785622A (en) * | 2022-06-21 | 2022-07-22 | 深圳赛思鹏科技发展有限公司 | Access control method, device and storage medium for multi-identification network |
CN116401640A (en) * | 2023-06-07 | 2023-07-07 | 国网福建省电力有限公司 | Block chain-based network alignment system and method for inconsistent power data |
CN117056983A (en) * | 2023-10-13 | 2023-11-14 | 中国移动紫金(江苏)创新研究院有限公司 | Multistage controllable data sharing authorization method, device and blockchain system |
CN117714211A (en) * | 2024-02-04 | 2024-03-15 | 杭州海康威视数字技术股份有限公司 | Attribute encryption method, system and device supporting data integrity audit |
WO2024088145A1 (en) * | 2022-10-27 | 2024-05-02 | 腾讯科技(深圳)有限公司 | Data processing method and apparatus, and program product, computer device and storage medium |
-
2021
- 2021-11-05 CN CN202111310002.7A patent/CN114036539A/en active Pending
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114697042A (en) * | 2022-03-07 | 2022-07-01 | 电子科技大学 | Block chain-based Internet of things security data sharing proxy re-encryption method |
CN114726533A (en) * | 2022-03-23 | 2022-07-08 | 扬州大学 | Block chain based redundant data detection and deletion method in edge computing environment |
CN114726533B (en) * | 2022-03-23 | 2023-12-01 | 扬州大学 | Method for detecting and deleting redundant data in edge computing environment based on block chain |
CN114785622A (en) * | 2022-06-21 | 2022-07-22 | 深圳赛思鹏科技发展有限公司 | Access control method, device and storage medium for multi-identification network |
WO2024088145A1 (en) * | 2022-10-27 | 2024-05-02 | 腾讯科技(深圳)有限公司 | Data processing method and apparatus, and program product, computer device and storage medium |
CN116401640A (en) * | 2023-06-07 | 2023-07-07 | 国网福建省电力有限公司 | Block chain-based network alignment system and method for inconsistent power data |
CN116401640B (en) * | 2023-06-07 | 2023-09-22 | 国网福建省电力有限公司 | Block chain-based network alignment system and method for inconsistent power data |
CN117056983A (en) * | 2023-10-13 | 2023-11-14 | 中国移动紫金(江苏)创新研究院有限公司 | Multistage controllable data sharing authorization method, device and blockchain system |
CN117056983B (en) * | 2023-10-13 | 2024-01-02 | 中国移动紫金(江苏)创新研究院有限公司 | Multistage controllable data sharing authorization method, device and blockchain system |
CN117714211A (en) * | 2024-02-04 | 2024-03-15 | 杭州海康威视数字技术股份有限公司 | Attribute encryption method, system and device supporting data integrity audit |
CN117714211B (en) * | 2024-02-04 | 2024-04-30 | 杭州海康威视数字技术股份有限公司 | Attribute encryption method, system and device supporting data integrity audit |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN113783836B (en) | Internet of things data access control method and system based on block chain and IBE algorithm | |
Xue et al. | Combining data owner-side and cloud-side access control for encrypted cloud storage | |
CN109040045B (en) | Cloud storage access control method based on ciphertext policy attribute-based encryption | |
CN108292402B (en) | Determination of a common secret and hierarchical deterministic keys for the secure exchange of information | |
AU2003202511B2 (en) | Methods for authenticating potential members invited to join a group | |
CN114036539A (en) | Safety auditable Internet of things data sharing system and method based on block chain | |
US10880100B2 (en) | Apparatus and method for certificate enrollment | |
CN101989984A (en) | Electronic document safe sharing system and method thereof | |
JP2023500570A (en) | Digital signature generation using cold wallet | |
CN114039790A (en) | Block chain-based fine-grained cloud storage security access control method | |
CN114666032B (en) | Block chain transaction data privacy protection method based on homomorphic encryption | |
CN108809996B (en) | Integrity auditing method for duplicate deletion stored data with different popularity | |
CN113329003B (en) | Access control method, user equipment and system for Internet of things | |
Win et al. | A privacy preserving content distribution mechanism for DRM without trusted third parties | |
Kaaniche et al. | Id-based user-centric data usage auditing scheme for distributed environments | |
Surya et al. | Single sign on mechanism using attribute based encryption in distributed computer networks | |
Neela et al. | A Hybrid Cryptography Technique with Blockchain for Data Integrity and Confidentiality in Cloud Computing | |
CN113556236B (en) | Energy data middlebox sensitive content entrusting and authorizing method based on proxy signature | |
CN117648706B (en) | Access control method based on block chain and attribute encryption | |
Wu et al. | A Robust Two Factor Authentication Scheme with Fine Grained Biometrics Verification | |
Satapathy et al. | A Secure Model and Algorithms for Cloud Computing based on Multicloud Service Providers | |
US20240214187A1 (en) | System and Method of Creating Symmetric Keys Using Elliptic Curve Cryptography | |
Lu et al. | Research on Data Security and Encryption Technology in Network Transmission | |
CN118659923A (en) | Quantum security enhancement method for simple authentication and security layer protocol | |
Ramesh | KL Neela |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |