CN115643098A - Cloud data sharing system and auditing system based on certificateless encryption - Google Patents

Cloud data sharing system and auditing system based on certificateless encryption Download PDF

Info

Publication number
CN115643098A
CN115643098A CN202211338932.8A CN202211338932A CN115643098A CN 115643098 A CN115643098 A CN 115643098A CN 202211338932 A CN202211338932 A CN 202211338932A CN 115643098 A CN115643098 A CN 115643098A
Authority
CN
China
Prior art keywords
user
cloud server
data
key
cloud
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211338932.8A
Other languages
Chinese (zh)
Inventor
李欣
李元正
谭良
陈阳
文艺
杨贺昆
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Guotai Netcom Technology Co ltd
Chengdu Guotai Wangxin Technology Co ltd
Original Assignee
Beijing Guotai Netcom Technology Co ltd
Chengdu Guotai Wangxin Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Guotai Netcom Technology Co ltd, Chengdu Guotai Wangxin Technology Co ltd filed Critical Beijing Guotai Netcom Technology Co ltd
Priority to CN202211338932.8A priority Critical patent/CN115643098A/en
Publication of CN115643098A publication Critical patent/CN115643098A/en
Pending legal-status Critical Current

Links

Images

Abstract

The invention discloses a cloud data sharing system and an auditing system based on certificateless encryption, which comprise a key generation end, a user end, a cloud server end and an auditing server end; the key generation end is used for initializing system parameters and generating a corresponding public and private key pair with the user end in a certificateless encryption mode; the user side is used for generating a data signature and a data label and uploading or downloading data according to a data duplication removing result or an identity verification result responded by the cloud server side; the cloud server side is used for carrying out data duplicate removal and identity verification and responding to the user side; and the audit server side is used for sending challenge to the cloud server side for ownership certification according to the audit request and feeding back a verification result to the user side. The invention solves the problems of certificate management and key escrow through certificateless encryption, designs a new data sharing and possession proof scheme based on certificateless encryption, and realizes cloud data deduplication, data sharing and data integrity audit in a multi-user scene.

Description

Cloud data sharing system and auditing system based on certificateless encryption
Technical Field
The invention relates to the technical field of data security storage, in particular to a cloud data sharing system and an auditing system based on certificateless encryption.
Background
The existing cloud data sharing method has the problems that a third party key is leaked, a cloud space repeated file occupies space and memory space, a user is difficult to finish auditing independently, and the like.
Disclosure of Invention
Aiming at the defects in the prior art, the invention provides a cloud data sharing system and an auditing system based on certificateless encryption.
In order to achieve the purpose of the invention, the invention adopts the technical scheme that:
in a first aspect, the present invention provides a cloud data sharing system based on certificateless encryption, including:
the key generation end is used for initializing system parameters and generating a corresponding public and private key pair with the user end in a certificateless encryption mode;
the system comprises a key generation end, a user end, a cloud server end and a key generation end, wherein the key generation end is used for generating a corresponding public and private key pair in a certificateless encryption mode, initializing cloud data to generate a data signature and a data label, sending an uploading request to the cloud server end, uploading data according to a data deduplication result responded by the cloud server end, sending a downloading request to the cloud server end, and downloading data according to an identity verification result responded by the cloud server end;
the cloud server side is used for receiving the uploading request sent by the user side, performing data duplication elimination according to the uploading request, responding to the user side, receiving the downloading request sent by the user side, performing identity verification according to the downloading request and responding to the user side.
Further, the generation of the corresponding public and private key pair by the key generation end and the user end in a certificateless encryption manner specifically comprises:
the key generation end selects a prime number P, sets a P-order cyclic addition group G1, selects a generation element P of the group G1, sets a P-order cyclic multiplication group G2, and sets bilinear mapping
Figure BDA0003915704320000021
Calculating parameters
Figure BDA0003915704320000022
Two secure hash functions H1 and H2 are defined, where H1 is mapped from {0,1}
Figure BDA0003915704320000023
Mapping of H2 from G1 to
Figure BDA0003915704320000024
Where {0,1 }' denotes a set of binary sequences of arbitrary bit length,
Figure BDA0003915704320000025
representing a finite field Z p = 0,1, ·, p-1} finite field resulting from removal of element 0; random selection of master private key
Figure BDA0003915704320000026
Calculating the master public key P Pub = s · P; disclosing system parameters
Figure BDA0003915704320000027
Receiving identity ID sent by user terminal U Calculating partial private key y = s · H1 (ID) U ) And secretly sending y to the user;
the user side randomly selects
Figure BDA0003915704320000028
As secret value, the public key X = X · P is calculated and the identity ID is assigned U Sending the key to a key generation end; calculation equation y · P = P pub ·H1(ID U ) Checking the correctness of part of private keys, receiving y if an equality is established, and rejecting the y if the equality is not established; the complete shared key S = (x, y) is obtained.
Further, the generating of the data signature and the data tag after the user initializes the cloud data specifically includes:
the user side divides a plaintext M into n blocks to obtain n data blocks M1, M2,. And Mn, and a file F = { M, M1, M2,. And Mn }; using master public key P in certificateless encryption mode pub Encrypting the file F to obtain a ciphertext F' = { C, C1, C2, ·, cn }; calculate plaintext signature σ = x · H2 (ID) F' 0, num) + yC, plaintext Block signature
Figure BDA0003915704320000029
Wherein
Figure BDA00039157043200000210
The unique identifier of each part of the file F is obtained, i is the index of the block mi, num is the number of the shared users, C is the complete ciphertext, and the signature SIGN = { sigma, sigma is obtained 12 ,...,σ n }; calculate plaintext tag T = ID U ||ID F' ||Num||Sig(ID U ||ID F' | Num), plaintext block label
Figure BDA00039157043200000211
Wherein Sig is a digital signature based on the user identity, | | is a connector, and the TAG = { T, T1, T2.
Further, the upload request and the download request each include:
user identity ID, document signature SIGN, document TAG.
Further, the data deduplication performed by the cloud server according to the upload request specifically includes:
the cloud server side sequentially selects TAGs from the file TAG TAG and searches whether the same TAGs exist in a TAG storage area in the cloud server; if yes, sending a challenge to the user side for possession certification, adding the user identity ID into the ID sequence corresponding to the tag for data sharing after the challenge is successful, and notifying all users in the sequence to update the shared key S; if not, after comparing all the labels, feeding back and uploading the corresponding part of the ciphertext Ci to the user side, and informing the user that the shared secret key S is the complete private key of the user.
Further, the authentication performed by the cloud server according to the download request specifically includes:
the cloud server side verifies whether the user ID corresponding to each label in the file label TAG and the user identity ID correspond correctly or not; if the result is correct, sending a challenge to the user side for ownership verification, and sending a ciphertext Ci corresponding to the tag to the user side after the challenge is successful; if not, an error is reported.
Further, the sending, by the cloud server, the challenge to the user side for the proof of possession specifically includes:
the user side calculates the number Num 'of the shared users of the current user side and sends the number Num' to the cloud server side, and the user side calculates after receiving the response of the cloud server side for verifying the number of the shared users and the file signature SIGN
Figure BDA0003915704320000031
The cloud server side verifies that Num = Num', and if the verification is passed, the cloud server side continues to pass the main public key P pub Verifying signatures
Figure BDA0003915704320000032
If the signature is a valid signature, continuously verifying Y = sigma if the signature passes verification i P, if the verification passes, the proof of possession passes; otherwise, if any verification fails, an error is reported.
Further, the updating of the shared key by all users in the cloud server side notification sequence specifically includes:
the cloud server receives a new user number Num sent by the user end for updating, receives a newly added or cancelled user ID and a corresponding label, performs user ID adding or cancelling operation in the ID sequence corresponding to the label to obtain a new ID sequence corresponding to the label, and notifies the user in the new ID sequence to update the shared key;
the user side generates a new user number Num when a user has a new increase or cancel change, sends the new user number Num to the cloud server side, simultaneously informs the cloud server side of updating the user number Num, sends a new or cancel user ID and a corresponding label to the cloud server side, and randomly generates a new user number Num after receiving the notice of updating the shared key
Figure BDA0003915704320000041
As a secret value, a new public key X = X · P is calculated.
In a second aspect, the invention further provides a certificate-free encryption-based cloud data auditing system applying the sharing system, which comprises a key generation end, a user end, a cloud server end and an auditing server end;
the audit server side is used for receiving an audit request sent by the user side after the user side successfully uploads the file, sending a challenge to the cloud server side for carrying out ownership certification, carrying out verification according to the certification and the file TAG fed back by the cloud server side, and feeding back a verification result to the user side.
Further, the sending, by the audit server, a challenge to the cloud server for proof of possession specifically includes:
the auditing server randomly selects c elements to form a set I,
Figure BDA0003915704320000042
random generation
Figure BDA0003915704320000043
Sending an audit challenge chal = { j, ω = j Sending the SIGN and the file signature SIGN to a cloud server side;
the cloud server side calculates delta = ∑ according to stored information of files to be checked j∈I ω j ·σ j And Ω = ∑ Σ j∈I ω j ·c j And sending the certificate Pr = (delta, omega) and the file TAG TAG to the audit server side.
The invention has the following beneficial effects:
the certificateless encryption is adopted, so that the safety problem caused by the leakage of a third party key is avoided; the data deduplication is performed by selecting the client side for deduplication, so that the cloud space storage can be reduced, and meanwhile, the management efficiency is greatly improved; the data sharing not only avoids the condition that a non-owner accesses important data, but also ensures that the data can be shared by a plurality of owners; public auditing overcomes the problem that the efficiency of independent completion of a user is too low, and allows any third-party auditor to help the user disclose verification data. The invention solves the problems of certificate management and key escrow through certificateless encryption, designs a new data sharing and possession proving scheme based on certificateless encryption, and realizes cloud data deduplication, data sharing and data integrity audit under a multi-user scene.
Drawings
Fig. 1 is a schematic structural diagram of a cloud data sharing system and an auditing system based on certificateless encryption according to the present invention.
Detailed Description
The following description of the embodiments of the present invention is provided to facilitate the understanding of the present invention by those skilled in the art, but it should be understood that the present invention is not limited to the scope of the embodiments, and it will be apparent to those skilled in the art that various changes may be made without departing from the spirit and scope of the invention as defined and defined in the appended claims, and all matters produced by the invention using the inventive concept are protected.
Example 1
As shown in fig. 1, an embodiment of the present invention provides a cloud data sharing system based on certificateless encryption, including:
the key generation end is used for initializing system parameters and generating a corresponding public and private key pair with the user end in a certificateless encryption mode;
the system comprises a key generation end, a user end, a cloud server end and a key generation end, wherein the key generation end is used for generating a corresponding public and private key pair in a certificateless encryption mode, initializing cloud data to generate a data signature and a data label, sending an uploading request to the cloud server end, uploading data according to a data deduplication result responded by the cloud server end, sending a downloading request to the cloud server end, and downloading data according to an identity verification result responded by the cloud server end;
the cloud server end is used for receiving the uploading request sent by the user end, performing data deduplication according to the uploading request, responding to the user end, receiving the downloading request sent by the user end, performing identity verification according to the downloading request and responding to the user end.
In an optional embodiment of the present invention, the generation of the corresponding public and private key pair by the key generation end and the user end in the certificateless encryption manner specifically includes:
the key generation end selects prime number P, sets a P-order cyclic addition group G1, selects a generation element P of the group G1, sets a P-order cyclic multiplication group G2, and sets bilinear mapping
Figure BDA0003915704320000051
Calculating parameters
Figure BDA0003915704320000052
Two secure hash functions H1 and H2 are defined, where H1 is mapped from {0,1}
Figure BDA0003915704320000053
Mapping of H2 from G1 to
Figure BDA0003915704320000054
Where {0,1 }' denotes a set of binary sequences of arbitrary bit length,
Figure BDA0003915704320000055
represents a finite field Z p = 0,1, ·, p-1} finite field resulting from removal of element 0; random selection of master private key
Figure BDA0003915704320000061
Calculating the master public key P Pub = s · P; disclosing system parameters
Figure BDA0003915704320000062
Receiving identity ID sent by user terminal U Calculating partial private key y = s · H1 (ID) U ) And secretly sending y to the user;
the user side randomly selects
Figure BDA0003915704320000063
As secret value, the public key X = X · P is calculated and the identity ID is assigned U Sending the key to a key generation end; calculation equation y · P = P pub ·H1(ID U ) Checking the correctness of part of private keys, receiving y if an equality is established, and rejecting the y if the equality is not established; the complete shared key S = (x, y) is obtained.
Specifically, the interactive process of certificateless encryption between the key generation end and the user end is as follows:
1. setting system parameters by using a key generation end, selecting a prime number P, setting a P-order cyclic addition group G1, selecting a generation element P of the group G1, setting a P-order cyclic multiplication group G2, and setting bilinear mapping
Figure BDA0003915704320000064
Calculating parameters
Figure BDA0003915704320000065
2. Two secure hash functions H1 and H2 are defined using the key generation side, where H1 is mapped from {0,1}
Figure BDA0003915704320000066
Mapping of H2 from G1 to
Figure BDA0003915704320000067
Where {0,1 }' denotes a set of binary sequences of arbitrary bit length,
Figure BDA0003915704320000068
represents a finite field Z p = 0,1, ·, p-1} finite field resulting from removal of element 0;
3. using secret key generation side randomnessSelecting a master private key
Figure BDA0003915704320000069
Calculating the master public key P Pub =s·P;
4. Publishing system parameters using a key generator
Figure BDA00039157043200000610
5. Random selection using user side
Figure BDA00039157043200000611
As secret value, the public key X = X · P is calculated and the identity ID is assigned U Sending the key to a key generation end;
6. using secret key to generate ID sent by end accepting user end U Calculating partial private key y = s · H1 (ID) U ) And secretly sending y to the user;
7. calculating the equation y.P = P by using the user side pub ·H1(ID U ) Checking the correctness of the partial private key, receiving the partial private key y if the equality is established, and rejecting the partial private key y if the equality is not established;
8. and obtaining a complete private key (x, y) by using the user side according to the secret value x and the partial private key y. In the case where there is no user increase or decrease, only the user U knows the shared key S = (x, y), and the private key is unchanged. Every time the user increases or decreases, the updated user can obtain a new shared key.
In an optional embodiment of the present invention, the generating of the data signature and the data tag after the user side initializes the cloud data specifically includes:
the user side divides a plaintext M into n blocks to obtain n data blocks M1, M2,. And Mn, and a file F = { M, M1, M2,. And Mn } is obtained; using master public key P in certificateless encryption mode pub Encrypting the file F to obtain a ciphertext F' = { C, C1, C2, ·, cn }; calculate plaintext signature σ = x · H2 (ID) F' 0, num) + yC, plaintext Block signature
Figure BDA0003915704320000071
Wherein
Figure BDA0003915704320000072
The unique identifier of each part of the file F is obtained, i is the index of the block mi, num is the number of the shared users, C is the complete ciphertext, and the signature SIGN = { sigma, sigma is obtained 12 ,...,σ n }; calculate plaintext tag T = ID U ||ID F' ||Num||Sig(ID U ||ID F' | Num), plaintext block label
Figure BDA0003915704320000073
Sig is a digital signature based on the user identity, | is a connector, a key generation center randomly selects a public and private key pair (pk, sk) to generate and verify a file label, sk is stored for the user secret, pk is public, and a label TAG = { T, T1, T2,. And Tn } is obtained.
In an optional embodiment of the present invention, an interaction process of uploading a file from a user side to a cloud server side is as follows:
1. sending an uploading request to a cloud server by using a user side, wherein the uploading request comprises a user Identity (ID), a file Signature (SIGN) and a file TAG (TAG);
2. the data deduplication is performed by utilizing a cloud server side, and specifically comprises the following steps:
the method comprises the steps that a cloud server side is utilized to select a TAG T from a file TAG TAG and search whether the same TAG T exists in a TAG storage area in the cloud server;
if yes, sending a challenge to the user side for possession certification, adding the user identity ID into the ID sequence corresponding to the tag for data sharing after the challenge is successful, and notifying all users in the sequence to update the shared key S;
if not, continuing to select the tags T1, T2,. Tn and sequentially searching whether the same tags T1, T2,. Tn exist in a tag storage area in the cloud server;
if yes, sending a challenge to the user side for possession certification, adding the user identity ID into the ID sequence corresponding to the tag for data sharing after the challenge is successful, and notifying all users in the sequence to update the shared key S;
and if the cipher key does not exist, feeding back and uploading the corresponding part of the cipher text Ci to the user side, and informing the user that the shared secret key S is the complete private key of the user.
3. And receiving an uploading instruction of the cloud server by using the user side, and uploading the corresponding part of the ciphertext.
In an optional embodiment of the present invention, an interactive process of downloading a file from a cloud server by a user side is as follows:
1. sending a downloading request to a cloud server by using a user side, wherein the downloading request comprises a user Identity (ID), a file Signature (SIGN) and a file TAG (TAG);
2. identity authentication is carried out by utilizing a cloud server, and the method specifically comprises the following steps:
verifying whether the user ID corresponding to each label in the file label TAG and the user identity ID correspond to the right or not by using the cloud server; if the result is correct, sending a challenge to the user side for ownership verification, and sending a ciphertext Ci corresponding to the tag to the user side after the challenge is successful; if not, an error is reported.
3. And the cloud server side sends the ciphertext Ci corresponding to the label to the user side, and the user side decrypts by using the shared key S to obtain the plaintext.
In an optional embodiment of the present invention, the sending, by the cloud server, the challenge to the user side for the proof of possession specifically includes:
the user side calculates the number Num 'of the shared users of the current user side and sends the number Num' to the cloud server side, and the user side calculates the number of the shared users and the passing response of the file signature SIGN after receiving the verification of the number of the shared users and the passing response of the cloud server side
Figure BDA0003915704320000081
The cloud server side verifies that Num = Num', and if the verification is passed, the cloud server side continues to pass the main public key P pub Verifying signatures
Figure BDA0003915704320000091
If the signature is a valid signature, continuously verifying Y = sigma if the signature passes verification i P, if the verification passes, the proof of possession passes; otherwise, if any verification fails, an error is reported.
Specifically, the interaction process of the cloud server side and the user side for the possession proving challenge is as follows:
1. the user side receives the challenge, calculates the Num 'of the sharing user and sends the Num' to the cloud server side;
2. the cloud server side verifies that Num = Num', and if the verification is passed, the next step is continued; otherwise, reporting an error;
3. the cloud server side verifies the signature through the public key pk
Figure BDA0003915704320000092
If the signature is a valid signature, continuing the next step if the signature passes the verification; otherwise, reporting an error;
4. user-side computing
Figure BDA0003915704320000093
5. Cloud server side computing sigma i P, verify Y = σ i P, if the verification is passed, the possession proof is passed, otherwise, an error is reported.
In an optional embodiment of the present invention, the updating of the shared key by all users in the cloud server side notification sequence of the present invention specifically includes:
the cloud server receives a new user number Num sent by the user end for updating, receives a newly added or cancelled user ID and a corresponding label, performs user ID adding or cancelling operation in the ID sequence corresponding to the label to obtain a new ID sequence corresponding to the label, and notifies the user in the new ID sequence to update the shared key;
the user side generates a new user number Num when a user has a new increase or cancel change, sends the new user number Num to the cloud server side, simultaneously informs the cloud server side of updating the user number Num, sends a new or cancel user ID and a corresponding label to the cloud server side, and randomly generates a new user number Num after receiving the notice of updating the shared key
Figure BDA0003915704320000094
As a secret value, a new public key X = X · P is calculated.
Specifically, the interaction process of sharing between the cloud server and the user side is as follows:
1. when a user has new addition or cancel change, a user side generates a new user number Num, sends the new Num to a cloud space and an audit server and simultaneously informs the cloud space and the audit server of updating the Num;
2. the cloud server receives a new user number Num sent by the user side for updating;
3. the user side sends the newly added or cancelled user ID and the corresponding label to the cloud server side;
4. the cloud server receives the newly added or cancelled user ID and the corresponding label, and adds or cancels the user ID in the ID sequence corresponding to the label to obtain a new ID sequence corresponding to the label;
5. the cloud server side informs the users in the new ID sequence of updating the shared key;
6. the user side randomly generates a new shared key after receiving the notice of updating the shared key
Figure BDA0003915704320000101
As a secret value, a new public key X = X · P is calculated.
Example 2
As shown in fig. 1, an embodiment of the present invention provides a certificate-free encryption-based cloud data auditing system based on a sharing system described in embodiment 1, including a key generation end, a user end, a cloud server end, and an auditing server end;
the audit server side is used for receiving an audit request sent by the user side after the user side successfully uploads the file, sending a challenge to the cloud server side for carrying out ownership certification, carrying out verification according to the certification and the file TAG fed back by the cloud server side, and feeding back a verification result to the user side.
In an optional embodiment of the present invention, sending, by the audit server of the present invention, a challenge to the cloud server side for proof of possession specifically includes:
the auditing server randomly selects c elements to form a set I,
Figure BDA0003915704320000102
random generation
Figure BDA0003915704320000103
Sending an audit challenge chal = { j, ω = j Sending the SIGN and the file signature SIGN to a cloud server side;
the cloud server side calculates delta = ∑ according to stored information of files to be checked j∈I ω j ·σ j And Ω = ∑ Σ j∈I ω j ·c j And sending the certificate Pr = (delta, omega) and the file TAG TAG to the audit server side.
Specifically, the interaction process of public auditing by the user side, the auditing server side and the cloud server side is as follows:
1. after the user successfully uploads the file, in order to ensure that the file is completely stored in the cloud server, an audit request comprising a user Identity (ID), a signature SIGN of the file to be inspected and a TAG of the file to be inspected is sent to a third-party audit server;
2. the audit server generates a challenge:
(1) C elements are randomly selected to form a set I,
Figure BDA0003915704320000111
randomly selecting c elements from 1 to n, wherein n is the total number of the data blocks;
(2) Random generation
Figure BDA0003915704320000112
(3) Sending an audit challenge chal = { j, ω = j And SIGN the file to the cloud server side.
3. The cloud server end is challenged:
(1) Calculating delta = ∑ according to stored information of files to be checked j∈I ω j ·σ j And Ω = ∑ Σ j∈I ω j ·c j
(2) And sending the certificate Pr = (delta, omega) and the file TAG TAG to the audit server side.
4. And (3) verification feedback of the audit server side:
(1) Signature verification by public key pk
Figure BDA0003915704320000113
Whether the TAG is valid or not is judged to judge whether the TAG is valid or not, if the TAG is verified, the next step is carried out, and if not, an error is reported;
(2) According to the certificate Pr and the information of the file to be checked, the verification equation delta P = ∑ sigma j∈I ω j ·X·H2(ID F' ,i,Num)+Ω·P Pub ·H1(ID U ) And if so, indicating that the cloud server correctly stores the file to be checked and feeding back success to the user, otherwise, feeding back failure.
The invention consists of a key generation center, a cloud server, a user and an auditor. Firstly, a key generation center initializes system parameters and generates a public and private key pair with a user, and the complete private key of the user is only stored by the user; before a user stores data in a cloud server, the hash value of the data is sent to the cloud server to be inquired; if the corresponding hash value can be retrieved, the data is stored in the cloud server, the cloud server initiates data owner certification to the user, if the user can pass the verification, the user is added to a cloud data owner list for data sharing, and the user does not upload the data any more; and if the corresponding hash value cannot be retrieved, the fact that corresponding data does not exist in the cloud server is indicated, the user calculates the hash value of the data, encrypts the data and uploads the data to the cloud server for storage. Users and other third party auditors can also use the designed ownership certification scheme to carry out integrity audit on the data stored in the cloud.
The invention solves the problems of certificate management and key escrow through certificateless encryption, designs a new data sharing and possession proof scheme based on certificateless encryption, and realizes cloud data deduplication, data sharing and data integrity audit in a multi-user scene.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The principle and the implementation mode of the invention are explained by applying specific embodiments in the invention, and the description of the embodiments is only used for helping to understand the method and the core idea of the invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.
It will be appreciated by those of ordinary skill in the art that the embodiments described herein are intended to assist the reader in understanding the principles of the invention and are to be construed as being without limitation to such specifically recited embodiments and examples. Those skilled in the art can make various other specific changes and combinations based on the teachings of the present invention without departing from the spirit of the invention, and these changes and combinations are within the scope of the invention.

Claims (10)

1. A cloud data sharing system based on certificateless encryption, comprising:
the key generation end is used for initializing system parameters and generating a corresponding public and private key pair with the user end in a certificateless encryption mode;
the system comprises a key generation end, a user end, a cloud server end and a key generation end, wherein the key generation end is used for generating a corresponding public and private key pair in a certificateless encryption mode, initializing cloud data to generate a data signature and a data label, sending an uploading request to the cloud server end, uploading data according to a data deduplication result responded by the cloud server end, sending a downloading request to the cloud server end, and downloading data according to an identity verification result responded by the cloud server end;
the cloud server side is used for receiving the uploading request sent by the user side, performing data duplication elimination according to the uploading request, responding to the user side, receiving the downloading request sent by the user side, performing identity verification according to the downloading request and responding to the user side.
2. The cloud data sharing system based on certificateless encryption of claim 1, wherein the key generation end and the user end generate corresponding public and private key pairs in a certificateless encryption manner, specifically:
the key generation end selects prime number P, sets a P-order cyclic addition group G1, selects a generation element P of the group G1, sets a P-order cyclic multiplication group G2, and sets bilinear mapping
Figure FDA0003915704310000011
G1 XG 1 → G2, calculating parameters
Figure FDA0003915704310000012
Two secure hash functions H1 and H2 are defined, where H1 is mapped from {0,1}
Figure FDA0003915704310000013
Mapping H2 from G1 to
Figure FDA0003915704310000014
Where {0,1 }' denotes a set of binary sequences of arbitrary bit length,
Figure FDA0003915704310000015
represents a finite field Z p = 0,1, ·, p-1} finite field resulting from removal of element 0; random selection of master private key
Figure FDA0003915704310000016
Calculating the master public key P Pub = s · P; disclosing system parameters
Figure FDA0003915704310000017
Receiving identity ID sent by user terminal U Calculating partial private key y = s · H1 (ID) U ) And secretly sending part of the private key y to the user side;
the user side randomly selects
Figure FDA0003915704310000018
As secret value, the public key X = X · P is calculated and the identity ID is assigned U Sending to a key generation end; calculation equation y · P = P pub ·H1(ID U ) Checking the correctness of part of the private key, if the equality is established, receiving part of the private key y, and if not, rejecting the part; the complete shared key S = (x, y) is obtained.
3. The cloud data sharing system based on certificateless encryption as claimed in claim 2, wherein the generating of the data signature and the data tag after the initialization of the cloud data by the user terminal specifically comprises:
the user side divides a plaintext M into n blocks to obtain n data blocks M1, M2,. And Mn, and a file F = { M, M1, M2,. And Mn }; using master public key P in certificateless encryption mode pub Encrypting the file F to obtain a ciphertextF' = { C, C1, C2,.., cn }; calculate plaintext signature σ = x · H2 (ID) F' 0, num) + yC, plaintext Block signature
Figure FDA0003915704310000021
Wherein
Figure FDA0003915704310000022
The unique identifier of each part of the file F is obtained, i is the index of the block mi, num is the number of the shared users, C is the complete ciphertext, and the signature SIGN = { sigma, sigma is obtained 12 ,...,σ n }; calculate plaintext tag T = ID U ||ID F' ||Num||Sig(ID U ||ID F' | Num), plaintext block label
Figure FDA0003915704310000023
Wherein Sig is a digital signature based on the user identity, | | is a connector, and the TAG = { T, T1, T2.
4. The system according to claim 3, wherein the upload request and the download request each include:
user identity ID, document signature SIGN, document TAG.
5. The cloud data sharing system based on certificateless encryption according to claim 4, wherein the data deduplication performed by the cloud server according to the uploading request specifically comprises:
the cloud server side sequentially selects TAGs from the file TAG TAG to search whether the same TAGs exist in a TAG storage area in the cloud server; if yes, sending a challenge to the user side for possession certification, adding the user identity ID into the ID sequence corresponding to the tag for data sharing after the challenge is successful, and notifying all users in the sequence to update the shared key S; if not, feeding back and uploading the corresponding part of the ciphertext Ci to the user side after comparing all the tags, and informing the user that the shared secret key S is the complete private key of the user.
6. The system according to claim 5, wherein the authentication performed by the cloud server according to the download request specifically comprises:
the cloud server side verifies whether the user ID corresponding to each label in the file label TAG and the user identity ID correspond correctly or not; if the identity is correct, sending a challenge to the user side for carrying out the possession certification, and sending the ciphertext Ci corresponding to the label to the user side after the challenge is successful; if not, an error is reported.
7. The system according to claim 6, wherein the cloud server sends the challenge-to-possess proof to the user side specifically as follows:
the user side calculates the number Num 'of the shared users of the current user side and sends the number Num' to the cloud server side, and the user side calculates after receiving the response of the cloud server side for verifying the number of the shared users and the file signature SIGN
Figure FDA0003915704310000031
The cloud server side verifies that Num = Num', and if the verification is passed, the cloud server side continues to pass the main public key P pub Verifying signatures
Figure FDA0003915704310000032
If the signature is a valid signature, continuously verifying Y = sigma if the signature passes verification i P, if the verification passes, the proof of possession passes; otherwise, if any verification is not passed, an error is reported.
8. The system according to claim 7, wherein the cloud server side notification sequence includes that the update of the shared key by all users is as follows:
the cloud server receives a new user number Num sent by the user end for updating, receives a newly added or cancelled user ID and a corresponding label, performs user ID adding or cancelling operation in an ID sequence corresponding to the label to obtain a new ID sequence corresponding to the label, and notifies users in the new ID sequence to update a shared key;
the user side generates a new user number Num when a user has a new increase or cancel change, sends the new user number Num to the cloud server side, simultaneously informs the cloud server side of updating the user number Num, sends a new or cancel user ID and a corresponding label to the cloud server side, and randomly generates a new user number Num after receiving the notice of updating the shared key
Figure FDA0003915704310000033
As a secret value, a new public key X = X · P is calculated.
9. A cloud data auditing system based on certificateless encryption applying the sharing system of any one of claims 1 to 8, which is characterized by comprising a key generation end, a user end, a cloud server end and an auditing server end;
the audit server side is used for receiving an audit request sent by the user side after the user side successfully uploads the file, sending a challenge to the cloud server side for carrying out ownership certification, carrying out verification according to the certification and the file TAG fed back by the cloud server side, and feeding back a verification result to the user side.
10. The cloud data auditing system based on certificateless encryption according to claim 9, wherein the auditing server sending challenge to the cloud server side for proof of possession specifically is:
the auditing server randomly selects c elements to form a set I,
Figure FDA0003915704310000041
random generation
Figure FDA0003915704310000042
Sending an audit challenge chal = { j, ω = j Sending the SIGN and the file signature SIGN to a cloud server side;
the cloud server side calculates delta = ∑ according to stored information of files to be checked j∈I ω j ·σ j And Ω = ∑ Σ j∈I ω j ·c j And sending the certificate Pr = (delta, omega) and the file TAG TAG to the audit server side.
CN202211338932.8A 2022-10-28 2022-10-28 Cloud data sharing system and auditing system based on certificateless encryption Pending CN115643098A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211338932.8A CN115643098A (en) 2022-10-28 2022-10-28 Cloud data sharing system and auditing system based on certificateless encryption

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211338932.8A CN115643098A (en) 2022-10-28 2022-10-28 Cloud data sharing system and auditing system based on certificateless encryption

Publications (1)

Publication Number Publication Date
CN115643098A true CN115643098A (en) 2023-01-24

Family

ID=84946633

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211338932.8A Pending CN115643098A (en) 2022-10-28 2022-10-28 Cloud data sharing system and auditing system based on certificateless encryption

Country Status (1)

Country Link
CN (1) CN115643098A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116599650A (en) * 2023-07-14 2023-08-15 民航成都电子技术有限责任公司 Ciphertext deduplication method, ciphertext deduplication device, ciphertext deduplication equipment and storage medium
CN116938452A (en) * 2023-09-15 2023-10-24 天津太极风控网络科技有限公司 Cloud audit method for encrypted backup account set

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116599650A (en) * 2023-07-14 2023-08-15 民航成都电子技术有限责任公司 Ciphertext deduplication method, ciphertext deduplication device, ciphertext deduplication equipment and storage medium
CN116599650B (en) * 2023-07-14 2023-10-13 民航成都电子技术有限责任公司 Ciphertext deduplication method, ciphertext deduplication device, ciphertext deduplication equipment and storage medium
CN116938452A (en) * 2023-09-15 2023-10-24 天津太极风控网络科技有限公司 Cloud audit method for encrypted backup account set
CN116938452B (en) * 2023-09-15 2023-12-08 天津太极风控网络科技有限公司 Cloud audit method for encrypted backup account set

Similar Documents

Publication Publication Date Title
CN111914027B (en) Block chain transaction keyword searchable encryption method and system
CN109951296B (en) Remote data integrity verification method based on short signature
CN105939191B (en) The client secure De-weight method of ciphertext data in a kind of cloud storage
CN107508686B (en) Identity authentication method and system, computing device and storage medium
CN115643098A (en) Cloud data sharing system and auditing system based on certificateless encryption
US11050745B2 (en) Information processing apparatus, authentication method, and recording medium for recording computer program
CN110365469B (en) Data integrity verification method in cloud storage supporting data privacy protection
CN110011998B (en) Identity-based multi-backup remote data holding verification method
CN110690957B (en) Anti-quantum computing private key backup, loss report and recovery method and system
CN109670826B (en) Anti-quantum computation block chain transaction method based on asymmetric key pool
CN115225409B (en) Cloud data safety duplicate removal method based on multi-backup joint verification
CN110719172B (en) Signature method, signature system and related equipment in block chain system
CN110737915A (en) Anti-quantum-computation anonymous identity recognition method and system based on alliance chain and implicit certificate
CN111046411B (en) Power grid data safe storage method and system
US20150023498A1 (en) Byzantine fault tolerance and threshold coin tossing
CN109302286B (en) Fido equipment key index generation method
Abo-Alian et al. Auditing-as-a-service for cloud storage
CN109462581B (en) Ciphertext deduplication method capable of resisting continuous attack of violent dictionary adversary
CN110737907B (en) Anti-quantum computing cloud storage method and system based on alliance chain
CN109670827B (en) Anti-quantum computation blockchain transaction method based on symmetric key pool
CN110851848A (en) Privacy protection method for symmetric searchable encryption
CN115499150A (en) Method and system for auditing integrity of edge data
CN109784917B (en) Anti-quantum computation blockchain secret transaction system and method based on symmetric key pool
Kanagamani et al. Zero knowledge based data deduplication using in-line Block Matching protocolfor secure cloud storage
Hiremath et al. Homomorphic authentication scheme for proof of retrievability with public verifiability

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination