CN116938581A

CN116938581A - Outsourcing data integrity auditing method, device, equipment and medium

Info

Publication number: CN116938581A
Application number: CN202311022225.2A
Authority: CN
Inventors: 黄琼; 林展任; 肖媚燕; 李奇华; 林宏源
Original assignee: South China Agricultural University
Current assignee: South China Agricultural University
Priority date: 2023-08-15
Filing date: 2023-08-15
Publication date: 2023-10-24

Abstract

The application relates to a method, a device, equipment and a medium for auditing the integrity of package data, wherein the method comprises the following steps: before uploading the file data, the data owner encrypts a plaintext data block of the file data to obtain a ciphertext, calculates and determines an authentication tag and a signature value of the file data according to a system global parameter, a hash value of the file data and the ciphertext of the file data, and sends a ciphertext data set, an authentication tag set and the signature value of the file data to a cloud server for storage; before the cloud storage server stores data, the cloud server verifies the relevance of the ciphertext data set and the authentication tag set of the file data, generates a challenge data set under the assistance of an intelligent contract, calculates the data integrity certification of the file data, stores the audit record of the file data, and determines a final audit result according to the data integrity certification and the audit record. The method and the system can eliminate the problem of data security caused by the fact that the third party auditor hooks the cloud storage server manager to cheat the data owner.

Description

Outsourcing data integrity auditing method, device, equipment and medium

Technical Field

The present application relates to the field of information security, and in particular, to an outsourcing data integrity auditing method, a corresponding apparatus, an electronic device, and a computer readable storage medium.

Background

Data is growing as a valuable resource from time to time in many forms of blowout. For data owners, storage space of computer equipment such as an internet of things system is limited, a large amount of data is directly stored locally, the storage space is occupied very much, and long-time management and maintenance of a large amount of data face a plurality of difficulties. Outsourcing data to cloud storage server storage has significant advantages in the aspects of unified storage, management and communication sharing of the data, and as an excellent tool, the outsourcing data to cloud storage server storage provides powerful and flexible storage and calculation resources and can be used as an intermediate medium for data communication sharing, and the outsourcing data to cloud storage server storage has become a common and effective solution. To alleviate the heavy data storage pressure locally, while enabling secure sharing of data, more and more data owners tend to outsource their confidential data to cloud storage servers. However, the cloud storage server brings great convenience to the data owner, and also causes people to worry about privacy and security of the data.

On the one hand, the cloud storage server, as an entity holding the management rights of the data rather than ownership rights, may itself be interested in resolving the content of the data, e.g., the cloud storage server may illegally steal the user's original data to obtain profits, which violates the confidentiality of the data. On the other hand, the integrity of outsourced data is also relevant to the personal interests of the data owner. Considering that some anomalies are objectively present, for example, equipment failure may result in data loss in the cloud. Worse yet, data stored on the cloud may be maliciously deleted by the cloud storage server to reduce storage space and reduce maintenance costs, which undermines the integrity and availability of the data. In addition, a malicious party may be a data owner who will attempt to 35820 a cloud storage server that stores data in a honest manner. On this basis, the data integrity of many schemes is checked regularly by independent third party auditors employed by the data owners. However, in the real world, the third party auditors are often not completely trusted, and the audit scheme of the third party auditors is used for prolonging the audit time of the third party auditors and preventing malicious actions such as users from being deceived by a malicious cloud storage server from affecting the audit process, so that the third party auditors are supervised, limited and even removed, and the development trend of the data integrity audit study is developed.

Currently, challenge datasets are generated by data owners or third party auditors in participation. However, it is not desirable for the data owner to generate the challenge data set for retransmission to the cloud storage server, there are problems of transmission overhead and data authentication, and there is also a calculation overhead, and in fact, the data owner should not pay additional cost for outsourcing data audit. The generation of the challenge data set by third party auditors is likewise not efficient, and in addition to increasing the data owner overhead, potentially malicious third party auditors can deceive the data owner's security risk with benefit from the cloud storage server administrator.

Therefore, the method is suitable for the problems that a challenge data set with safer and more reliable sources is lacking in the prior art, the challenge data set is generated by a data owner and then transmitted to a cloud storage server, transmission cost and data authentication are caused, calculation cost and additional cost are caused, a malicious third party auditor deceives the data owner together due to benefit in the cloud storage server manager, and potential safety hazards of the data are caused, and the like.

Disclosure of Invention

The present application aims to solve the above problems and provide an outsourced data integrity auditing method, a corresponding device, an electronic device and a computer readable storage medium.

In order to meet the purposes of the application, the application adopts the following technical scheme:

the application provides an outsourcing data integrity auditing method which is suitable for one of the purposes of the application, and comprises the following steps:

the method comprises the steps that a data owner initiates an outsourcing data request to obtain a system global parameter generated by a cloud server, a hash value corresponding to file data is determined according to the system global parameter and the file data of the data owner, a unique identification of the file data is determined according to the hash value corresponding to the file data, and a file uploading instruction returned by the cloud server is determined based on the unique identification of the file data;

the data owner determines a plaintext data set corresponding to the file data based on the file uploading instruction, determines a ciphertext data set corresponding to the file data according to the plaintext data set, determines an authentication tag set and a signature value corresponding to the ciphertext data set based on the system global parameter, the ciphertext data set corresponding to the file data and a hash value corresponding to the file data, and uploads the authentication tag set and the signature value to the cloud storage server for detection to determine a file data storage result;

the cloud storage server acquires an intelligent contract corresponding to the file data according to the file data storage result, records a target block height corresponding to the file data according to the intelligent contract, and determines a target block hash value corresponding to the file data according to the target block height so as to determine a challenge data set corresponding to the file data;

The cloud storage server determines data integrity certification corresponding to the file data according to the system global parameter, the ciphertext data set, the authentication tag set, the challenge data set and the signature value, and stores audit records of the file data;

and the data owner determines a final audit result according to the data integrity certification and the audit record so as to complete the audit of the file data.

Optionally, the step of determining the file uploading instruction returned by the cloud server based on the unique identifier of the file data includes the following steps:

the cloud storage server responds to a file data detection instruction to acquire a unique identifier corresponding to the file data;

and the cloud storage server detects whether the unique identifier corresponding to the file data exists or not, and if the unique identifier corresponding to the file data does not exist in the cloud storage server, a file data uploading instruction is returned to the data owner.

Optionally, the step of determining, by the data owner, a plaintext data set corresponding to the file data based on the file upload instruction, and determining, by the data owner, a ciphertext data set corresponding to the file data according to the plaintext data set, includes the steps of:

The data owner responds to a file encryption instruction to divide the file data into a plurality of file data blocks with the same size;

the data owner calculates hash values corresponding to the file data blocks based on a secure hash algorithm, and determines a key corresponding to each file data block according to the hash values corresponding to the file data blocks;

the data owner encrypts plaintext data corresponding to each file data block according to a key corresponding to each file data block based on a symmetric encryption algorithm to determine ciphertext data corresponding to each file data block;

and determining a ciphertext data set corresponding to the file data according to the ciphertext data corresponding to each file data block.

Optionally, the step of determining the authentication tag set and the signature value corresponding to the ciphertext data set based on the system global parameter, the ciphertext data set corresponding to the file data, and the hash value corresponding to the file data includes the steps of:

the data owner further segments the ciphertext data corresponding to each file data block to determine ciphertext data segmentation results of the ciphertext data corresponding to each file data block;

And determining an authentication tag corresponding to the file data based on a preset authentication tag function according to the ciphertext data segmentation result, a system global parameter and a hash value corresponding to the file data, and determining an authentication tag set corresponding to the file data according to the authentication tag.

And determining a signature value according to the hash value corresponding to the system global parameter and the file data.

Optionally, the step of recording a target block height corresponding to the file data according to the intelligent contract, determining a target block hash value corresponding to the file data according to the target block height, so as to determine a challenge data set corresponding to the file data includes the following steps:

the intelligent contract responds to the block height detection instruction, detects the current block height, performs an addition operation to obtain a target block height, and stores the target block height on a block chain and returns the target block height to the cloud storage server;

and the cloud storage server determines a target block hash value according to the target block height, and determines a challenge data set corresponding to the file data according to the target block hash value and the system global parameter.

Optionally, the step of determining, by the cloud storage server, the data integrity certification corresponding to the file data according to the system global parameter, the ciphertext data set, the authentication tag set, the challenge data set, and the signature value includes the following steps:

the cloud storage server responds to a data integrity proving instruction and determines a system global parameter, a ciphertext data set, an authentication tag set, a challenge data set and a signature value corresponding to the file data;

the cloud storage server determines an integrity certification element corresponding to the file data according to the system global parameter, the signature value, the ciphertext data set and the challenge data set;

the cloud storage server determines a nonlinear combination corresponding to the file data according to the system global parameter, the integrity proving element corresponding to the file data, the ciphertext data set and the challenge data set;

the cloud storage server determines an aggregation tag corresponding to the file data according to the authentication tag set and the challenge data set;

and the cloud storage server determines the data integrity certification corresponding to the file data according to the integrity certification element, the nonlinear combination and the aggregation label corresponding to the file data.

Optionally, the step of determining the final audit result by the data owner according to the data integrity certification and the audit record includes the following steps:

determining a challenge data set corresponding to the file data according to the block hash value corresponding to the file data, and determining the final audit result according to the system global parameter, the unique identifier corresponding to the file data, the challenge data set corresponding to the file data and the data integrity certification;

the data owner responds to an audit result detection instruction, and refuses the final audit result when detecting that the audit times corresponding to the file data are inconsistent with the audit times in the audit log file of the cloud storage server;

the data owner determines the hash value and the transaction hash value of the audit record according to the audit record, determines the input data field value under the transaction according to the transaction hash value, and refuses the final audit result if detecting that the hash value of the audit record is inconsistent with the input data field value under the transaction;

and the data owner determines the corresponding block according to the height of the block corresponding to the file data, and refuses the final audit result when detecting that the generation time of the block is before the time of the cloud storage server to start to execute the audit task.

And the data owner determines the block hash value corresponding to the block height according to the block height corresponding to the file data and the block hash value corresponding to the file data, and refuses the final audit result if detecting that the block hash value corresponding to the file data is inconsistent with the block hash value corresponding to the block height.

And the data owner determines a challenge data set according to the block hash value corresponding to the file data, and determines an audit result according to the challenge data set and the integrity certification.

An outsourced data integrity auditing apparatus adapted to another object of the present application includes:

the data uploading determining module is used for setting a data owner to initiate an outsourcing data request to obtain a system global parameter generated by the cloud server, determining a hash value corresponding to the file data according to the system global parameter and the file data of the data owner, determining a unique identifier of the file data according to the hash value corresponding to the file data, and determining a file uploading instruction returned by the cloud server based on the unique identifier of the file data;

The data storage result determining module is configured to determine a plaintext data set corresponding to the file data based on the file uploading instruction, determine a ciphertext data set corresponding to the file data according to the plaintext data set, determine an authentication tag set and a signature value corresponding to the ciphertext data set based on the system global parameter, the ciphertext data set corresponding to the file data and a hash value corresponding to the file data, and upload the authentication tag set and the signature value to the cloud storage server for detection to determine a file data storage result;

the challenge data set determining module is configured to obtain an intelligent contract corresponding to the file data according to the file data storage result by the cloud storage server, record a target block height corresponding to the file data according to the intelligent contract, and determine a target block hash value corresponding to the file data according to the target block height so as to determine a challenge data set corresponding to the file data;

the integrity certification determining module is configured to determine data integrity certification corresponding to the file data according to the system global parameter, the ciphertext data set, the authentication tag set, the challenge data set and the signature value by the cloud storage server, and store an audit record of the file data;

And the data auditing module is arranged for determining a final auditing result according to the data integrity certification and the auditing record by the data owner so as to complete the auditing of the file data.

An electronic device adapted for another object of the present application comprises a central processor and a memory, said central processor being adapted to invoke the steps of running a computer program stored in said memory to perform the outsourced data integrity auditing method of the present application.

A computer-readable storage medium adapted to another object of the present application stores, in the form of computer-readable instructions, a computer program implemented according to the outsourced data integrity auditing method, which when invoked by a computer, performs the steps comprised by the corresponding method.

Compared with the prior art, the method for auditing the integrity of the outsourced data aims at the problems that a challenge data set which is safer and more reliable in source is lacking in the prior art, the challenge data set is generated by a data owner and then transmitted to a cloud storage server, the problems of transmission cost and data authentication exist, calculation cost and additional cost are brought, a malicious third party auditor cheats the data owner together due to benefit in the cloud storage server to cause potential safety hazard of the data, and the like, and the method for auditing the integrity of the outsourced data comprises the following beneficial effects:

Firstly, when the outsourcing data audit is carried out, no participation of a data owner or a third party auditor is needed when the challenge data set is generated, so that the source of the challenge data set is safer, more reliable and more reliable, the safety requirements of different standards among all parties such as the data owner, a cloud storage server and the like are met, the generated challenge data set is verifiable by all parties such as the data owner, the cloud storage server and the like, and a design method without entity interaction is adopted, so that the participation of the third party auditor is not needed in the whole process of outsourcing data audit, and the data safety problem caused by the malicious third party auditor deceiving the data owner together by benefit of the cloud storage server manager is eliminated;

secondly, the application has safe and efficient data deduplication function, is constructed based on a symmetric encryption algorithm and a blockchain technology, allows the cloud server to calculate a unified integrity certification on the same user data, thereby improving the storage space utilization rate of the cloud server, saving computing resources and relieving the key management burden of a data owner;

thirdly, the application adopts the blockchain to record the data audit result, the data on the blockchain is public, traceable and non-counterfeit, and whether the cloud storage server has malicious behaviors such as deceptive data owners or not can be detected through verifying the data on the chain, so that the cloud storage server is prevented from delaying audit and generating a disputed audit result, and the final audit result of outsourced data is reliable and reliable.

Drawings

The foregoing and/or additional aspects and advantages of the application will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings, in which:

FIG. 1 is an exemplary architecture employed by the outsourced data integrity auditing method of the present application;

FIG. 2 is a flow chart of a method for auditing integrity of packet data according to an embodiment of the present application;

FIG. 3 is a schematic flow chart of determining a file upload instruction returned by a cloud storage server based on a hash value corresponding to file data in an embodiment of the present application;

FIG. 4 is a flow chart of determining a ciphertext data set corresponding to file data according to a plaintext data set by a data owner according to an embodiment of the present application;

FIG. 5 is a flowchart illustrating a method for determining an authentication tag set corresponding to a ciphertext data set based on a system global parameter, the ciphertext data set corresponding to file data, and a hash value corresponding to file data in an embodiment of the application;

FIG. 6 is a flowchart illustrating a method for determining a challenge data set corresponding to file data according to an embodiment of the present application;

FIG. 7 is a flowchart of determining a data integrity certification corresponding to file data according to a system global parameter, a ciphertext data set, an authentication tag set, a challenge data set, and a signature value in an embodiment of the present application;

FIG. 8 is a schematic block diagram of a packet data integrity audit device in accordance with an embodiment of the present application;

fig. 9 is a schematic structural diagram of a computer device according to an embodiment of the present application.

Detailed Description

Embodiments of the present application are described in detail below, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to like or similar elements or elements having like or similar functions throughout. The embodiments described below by referring to the drawings are illustrative only and are not to be construed as limiting the application.

As used herein, the singular forms "a", "an", "the" and "the" are intended to include the plural forms as well, unless expressly stated otherwise, as understood by those skilled in the art. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. It will be understood that when an element is referred to as being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may also be present. Further, "connected" or "coupled" as used herein may include wirelessly connected or wirelessly coupled. The term "and/or" as used herein includes all or any element and all combination of one or more of the associated listed items.

It will be understood by those skilled in the art that all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs unless defined otherwise. It will be further understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the prior art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein.

As used herein, "client," "terminal device," and "terminal device" are understood by those skilled in the art to include both devices that include only wireless signal receivers without transmitting capabilities and devices that include receiving and transmitting hardware capable of two-way communication over a two-way communication link. Such a device may include: a cellular or other communication device such as a personal computer, tablet, or the like, having a single-line display or a multi-line display or a cellular or other communication device without a multi-line display; a PCS (Personal Communications Service, personal communication system) that may combine voice, data processing, facsimile and/or data communication capabilities; a PDA (Personal Digital Assistant ) that can include a radio frequency receiver, pager, internet/intranet access, web browser, notepad, calendar and/or GPS (Global Positioning System ) receiver; a conventional laptop and/or palmtop computer or other appliance that has and/or includes a radio frequency receiver. As used herein, "client," "terminal device" may be portable, transportable, installed in a vehicle (aeronautical, maritime, and/or land-based), or adapted and/or configured to operate locally and/or in a distributed fashion, at any other location(s) on earth and/or in space. As used herein, a "client," "terminal device," or "terminal device" may also be a communication terminal, an internet terminal, or a music/video playing terminal, for example, a PDA, a MID (Mobile Internet Device ), and/or a mobile phone with music/video playing function, or may also be a device such as a smart tv, a set top box, or the like.

The application refers to hardware such as a server, a client, a service node, and the like, which essentially is an electronic device with personal computer and other functions, and is a hardware device with necessary components disclosed by von neumann principles such as a central processing unit (including an arithmetic unit and a controller), a memory, an input device, an output device, and the like, wherein a computer program is stored in the memory, and the central processing unit calls the program stored in the memory to run, executes instructions in the program, and interacts with the input and output devices, thereby completing specific functions.

It should be noted that the concept of the present application, called "server", is equally applicable to the case of server clusters. The servers should be logically partitioned, physically separate from each other but interface-callable, or integrated into a physical computer or group of computers, according to network deployment principles understood by those skilled in the art. Those skilled in the art will appreciate this variation and should not be construed as limiting the implementation of the network deployment approach of the present application.

One or more technical features of the present application, unless specified in the clear, may be deployed either on a server for implementation and the client remotely invokes an online service interface provided by the acquisition server for implementation of the access, or may be deployed and run directly on the client for implementation of the access.

The neural network model cited or possibly cited in the application can be deployed on a remote server and can be used for implementing remote call on a client, or can be deployed on a client with sufficient equipment capability for direct call, unless specified by plaintext, and in some embodiments, when the neural network model runs on the client, the corresponding intelligence can be obtained through migration learning so as to reduce the requirement on the running resources of the hardware of the client and avoid excessively occupying the running resources of the hardware of the client.

The various data related to the present application, unless specified in the plain text, may be stored either remotely in a server or in a local terminal device, as long as it is suitable for being invoked by the technical solution of the present application.

Those skilled in the art will appreciate that: although the various methods of the present application are described based on the same concepts so as to be common to each other, the methods may be performed independently of each other unless specifically indicated otherwise. Similarly, for the various embodiments disclosed herein, all concepts described herein are presented based on the same general inventive concept, and thus, concepts described herein with respect to the same general inventive concept, and concepts that are merely convenient and appropriately modified, although different, should be interpreted as equivalents.

The various embodiments of the present application to be disclosed herein, unless the plain text indicates a mutually exclusive relationship with each other, the technical features related to the various embodiments may be cross-combined to flexibly construct a new embodiment as long as such combination does not depart from the inventive spirit of the present application and can satisfy the needs in the art or solve the deficiencies in the prior art. This variant will be known to the person skilled in the art.

In the wave of economic globalization, with the vigorous development of computer technology, cross-border data intercommunication sharing has become one of the important means of modern international communication. In particular in the agricultural field, the data has the clear characteristics of large volume, wide dimension, close individuals, large overall difference and the like, and the application of cross-border data communication and sharing among data owners can effectively improve the agricultural production efficiency and quality, trace the sources and the flow directions of agricultural products, ensure the food safety, promote the sustainable development of agriculture and simultaneously facilitate the agricultural cooperation and communication among different countries. However, the data collected by the agricultural internet of things system relates to sensitive data such as personal information of farmers and agricultural production data, and cross-border data communication and sharing relate to problems such as network environment and data privacy protection among different countries, and the cross-border data communication and sharing still face many challenges.

Data is growing as a valuable resource from time to time in many forms of blowout. For data owners, storage space of computer equipment such as an internet of things system is limited, a large amount of data is directly stored locally to occupy the storage space, and long-time management and maintenance of a large amount of data face a plurality of difficulties. Outsourcing data to cloud storage server storage has significant advantages in the aspects of unified storage, management and communication sharing of the data, and as an excellent tool, the outsourcing data to cloud storage server storage provides powerful and flexible storage and calculation resources and can be used as an intermediate medium for data communication sharing, and the outsourcing data to cloud storage server storage has become a common and effective solution. To alleviate the heavy data storage pressure locally, while enabling secure sharing of data, more and more data owners tend to outsource their confidential data to cloud storage servers. However, the cloud storage server brings great convenience to the data owner, and also causes people to worry about privacy and security of the data.

On the one hand, the cloud storage server, as an entity holding the management rights of the data rather than ownership rights, may itself be interested in resolving the content of the data, e.g., the cloud storage server may illegally steal the user's original data to obtain profits, which violates the confidentiality of the data. On the other hand, the integrity of outsourced data is also relevant to the personal interests of the data owner. Considering that some anomalies are objectively present, for example, equipment failure may result in data loss in the cloud. Worse yet, data stored on the cloud may be maliciously deleted by the cloud storage server to reduce storage space and reduce maintenance costs, which undermines the integrity and availability of the data. In addition, a malicious party may be a data owner who will attempt to 35820 a cloud storage server that stores data in a honest manner. In order to effectively monitor the data of the cloud storage server and prevent the malicious data owner, 35820, from reaching the cloud storage server, an effective and solution is to use outsourced data integrity audit, which allows the cloud storage server to prove that the data is perfect and un-holed in an Xun-holed way through a probability audit mode. On this basis, the data integrity of many schemes is checked regularly by independent third party auditors employed by the data owners. However, in the real world, the third party auditors are often not completely trusted, and the audit scheme of the third party auditors is used for prolonging the audit time of the third party auditors and preventing malicious actions such as users from being deceived by a malicious cloud storage server from affecting the audit process, so that the third party auditors are supervised, limited and even removed, and the development trend of the data integrity audit study is developed.

To combat potential malicious behavior in outsourcing data implementation, outsourcing data integrity auditing techniques are developed that can help data owners check the integrity of outsourcing data. In particular, each data audit requires a data set to be used to describe the target data block and corresponding challenge coefficients for the data audit, the data set being referred to as a challenge data set, the quality of the challenge data set directly affecting the accuracy and reliability of the results of the data audit. In most existing data auditing techniques, the challenge data set is participated in generation by the data owner or a third party auditor. However, it is not desirable for the data owner to generate the challenge data set for retransmission to the cloud storage server, and there is a transmission overhead and a data authentication problem that also brings about a calculation overhead, so that the data owner should not pay additional cost for outsourcing data audit. The generation of the challenge data set by third party auditors is likewise not efficient, and in addition to increasing the data owner overhead, potentially malicious third party auditors can deceive the data owner's security risk with benefit from the cloud storage server. Thus, existing data audit schemes lack a more secure and reliable source of challenge data sets. Further, outsourcing data is increasingly flowing to scale the amount of data stored in the cloud year by year. The present inventors have made a corresponding search in consideration of solving the problem.

The data owner outsources the data to the cloud server, before outsourcing the data, an encryption key and a decryption key are generated, a plaintext data block is encrypted to obtain a ciphertext, an authentication tag and a signature value are further calculated to obtain the authentication tag, the encryption key and the decryption key are stored on a blockchain, a ciphertext data set, the authentication tag set and the signature value are sent to the cloud server to be stored, and if the data already exist, a user interacts with the cloud server to prove ownership so as to obtain the use right of the data on the cloud. Finally, the user can verify the integrity of the data through the audit record. The cloud storage server generates system global parameters, stores user data and provides data integrity certification periodically, before storing the data, the cloud server verifies the relevance of the ciphertext data set and the authentication tag set, generates a challenge data set with the assistance of an intelligent contract, further calculates the data integrity certification, and stores audit records through a log file and a blockchain for verification of a data owner.

With reference to the above exemplary scenario and referring to fig. 1 and 2, in one embodiment, the outsourced data integrity auditing method of the present application includes the steps of:

Step S10, a data owner initiates an outsourcing data request to acquire a system global parameter generated by a cloud server, a hash value corresponding to the file data is determined according to the system global parameter and the file data of the data owner, a unique identification of the file data is determined according to the hash value corresponding to the file data, and a file uploading instruction returned by the cloud server is determined based on the unique identification of the file data;

acquiring system global parameters generated by a cloud storage server and file data of a data owner in response to a data integrity audit event, the generating the system global parameters including causingLet->Is two different p-factorial cyclic groups, where g is +.>Is u is->Random element in the above, e:> is a bilinear map. Determining a hash value corresponding to the file data according to the system global parameter and the file data based on a hash function, wherein the hash function comprises: h (& gt) & lt & gt>H ₁ (·):/>H ₂ (·):H ₃ (·):/>Two pseudo-random functions: f (. Cndot.) {0,1} ^* →[1,n]，h(·):And determining a file uploading instruction returned by the cloud storage server based on the hash value corresponding to the file data.

In some embodiments, the cloud storage server and the data owner may obtain the system global parameter, and generate public keys and private key parameters corresponding to the cloud storage server and the data owner according to the system global parameter, where the public keys and the private key parameters include: public-private key Pair (PK) of cloud storage server _CSP ,SK _CSP ) Private key alpha of cloud storage server, public key g of cloud storage server ^α Public-private key Pair (PK) of data owner _DO ,SK _DO ) Private key x of data owner and public key g of data owner ^x Etc.

In some embodiments, before determining a file upload instruction returned by the cloud storage server, determining a hash value corresponding to the file data according to a global parameter of a system and the file data of the data owner, so as to further calculate and determine a unique identifier corresponding to the file data, and send the unique identifier corresponding to the file data to the cloud storage server, so that the cloud storage server detects whether the file data is already stored on the cloud storage server, the cloud storage server returns a detection result to the data owner, the data owner responds to the cloud storage server according to the received detection result, and the cloud storage server detects whether the file data is already stored on the cloud storage server, and specifically includes:

when a data owner wants to upload file data to cloud storageWhen the server is used, the data owner firstly calculates the hash value SK corresponding to the file data _FID The following formula:

SK _FID ＝H ₁ (F)

f is file data owned by a data owner;

The data owner further calculates a unique identification FID of the file data as follows:

the data owner sends the FID to a cloud storage server, and the cloud storage server stores the FID on the cloud ^* It is checked whether FID is already present. If the file data F does not exist, the cloud storage server returns FRESH to the data owner, and the data owner can encrypt the file data F; otherwise, the cloud storage server returns the EXISTED to the data owner, which means that the data owner can further calculate the ownership of the document data F, so as to acquire the use right of the corresponding document ciphertext data on the cloud. Public key PK for data owners to utilize cloud storage servers _CSP The private key SK of the data owner _DO Hash value SK corresponding to file data _FID The ownership certificate PF of the file data F is calculated as follows:

wherein the PF represents ownership of the file data F, and the PK _CSP A public key representing a cloud storage server, the SK _DO A private key representing a data owner, the SK _FID Representing the hash value corresponding to the file data.

The data owner sends the ownership certificate PF of the file data F to a cloud storage server, and the cloud storage server sends the ownership certificate PF of the file data F and the private key SK of the cloud storage server according to the received ownership certificate PF of the file data F _CSP Public key PK of data owner _DO FID on cloudA matching check is performed, the formula of which is as follows:

the match is correctly represented as follows:

and if the matching is successful, the data owner obtains the use right of the ciphertext data of the corresponding file on the cloud.

Step S20, the data owner determines a plaintext data set corresponding to the file data based on the file uploading instruction, determines a ciphertext data set corresponding to the file data according to the plaintext data set, determines an authentication tag set and a signature value corresponding to the ciphertext data set based on the system global parameter, the ciphertext data set corresponding to the file data and a hash value corresponding to the file data, and uploads the authentication tag set and the signature value to the cloud storage server for detection to determine a file data storage result;

the data owner determines a plaintext data set corresponding to the file data based on the file uploading instruction, determines a ciphertext data set corresponding to the file data according to the plaintext data set, determines an encryption key and a decryption key of each plaintext data block according to the plaintext data corresponding to the file data of the data owner, further determines the ciphertext data set corresponding to the file data by encrypting the plaintext data block corresponding to the file data, encrypts a related key corresponding to the file data, and stores the related key on a blockchain.

Specifically, before uploading the file data F, the data owner divides the file data F into n fixed-size data blocks M ₁ ,M ₂ ,...,M _n The method comprises the steps of carrying out a first treatment on the surface of the Then calculating the encryption and decryption keys corresponding to each file data block, and calculating the file data block M by adopting SHA256 algorithm _i Hash value K of (a) _i ＝SHA256(M _i ) As its encryption and decryption key; using the file data block M _i Hash value K of (a) _i As a key for the symmetric encryption algorithm AES256 to encrypt the block of file data M _i Corresponding plaintext data, and further obtaining the file data block M _i Corresponding ciphertext data C _i ＝AES256(K _i ,M _i ) The ciphertext data corresponding to each file data block is determined, and is not described in detail herein, so that the ciphertext data corresponding to each file data block is determined, and thus, the ciphertext data set corresponding to the file data is determined.

In order to reduce the burden of key management, the data owner encrypts the key-related data, calculates the key k=sha256 (x) first, and then calculates the encryption result keys=aes 256 (K, SK) _FID ||K ₁ ||K ₂ ||...||K _n ) And storing the encryption result Key to the blockchain, wherein the data owner can recover the relevant key corresponding to the complete file data only by storing the private key x.

Determining an authentication tag set corresponding to the ciphertext data set based on the system global parameter, the ciphertext data set corresponding to the file data and the hash value corresponding to the file data, determining a signature value according to the system global parameter and the hash value corresponding to the file data, uploading the signature value to the cloud storage server for detection to determine a file data storage result, uploading the ciphertext data set corresponding to the file data, the authentication tag set and the signature value to the cloud storage server by the data owner together so that the cloud storage server verifies the correctness of the uploaded file data, performing data deduplication by the cloud storage server against the saved ciphertext, enabling the cloud storage server to store the new ciphertext data set and the authentication tag set in a database, and enabling a system administrator to deploy an intelligent contract, initialize a file object, send an address of the intelligent contract to the data owner and the cloud storage server and then take off line.

The data owner further segments the ciphertext data corresponding to each file data block to determine ciphertext data segmentation results of the ciphertext data corresponding to each file data block; and determining an authentication tag corresponding to the file data based on a preset authentication tag function according to the ciphertext data segmentation result, a system global parameter and a hash value corresponding to the file data, and determining an authentication tag set corresponding to the file data according to the authentication tag.

Specifically, the data owner first writes the file data block M _i Corresponding ciphertext data C _i Further dividing the file data block M _i Corresponding ciphertext data C _i Dividing into s blocks to determine ciphertext data division result { C _i,j } _{1≤i≤n,1≤j≤s} Based on a preset authentication tag function, calculating an authentication tag sigma corresponding to the file data according to the system global parameter, the ciphertext data segmentation result and the hash value corresponding to the file data _i The preset authentication tag function is expressed as follows:

the calculated signature value v is expressed as follows:

the data owner composes ciphertext data corresponding to each file data block into a ciphertext data set C corresponding to the file data, authentication tags corresponding to each file data block compose a file data authentication tag set phi, then the ciphertext data set C corresponding to the file data, the authentication tag set phi and a signature value v are uploaded to a cloud storage server, and after each item of data is received by the cloud storage server, the correctness of the file data can be checked through the following formula, which is expressed as follows:

by detecting whether the above formula is satisfied, if the formula is not satisfied, it is indicated that the ciphertext data set corresponding to the file data and the authentication tag set do not correspond, and at this time, the cloud storage server refuses to provide the file data storage service.

If the equation is satisfied, the cloud storage server performs repeatability detection on the ciphertext corresponding to the file data, and the cloud storage server checks whether the ciphertext corresponding to the newly uploaded file data is stored or not by comparing the existing ciphertext, if the ciphertext corresponding to the file data has a part stored by the cloud storage server, the ciphertext is not repeatedly stored, and only the non-repeated ciphertext and the corresponding authentication tag in the ciphertext corresponding to the file data are stored, so that the file data storage result is determined.

Step S30, the cloud storage server acquires an intelligent contract corresponding to the file data according to the file data storage result, records a target block height corresponding to the file data according to the intelligent contract, and determines a target block hash value corresponding to the file data according to the target block height so as to determine a challenge data set corresponding to the file data;

after the cloud storage server stores new file data according to the file data storage result, a system administrator deploys intelligent contracts SC _FID Initializing a File object through a FileSetUp function in a contract, wherein a FileSetUp algorithm and a structure File are as follows:

Wherein the addrCSP is the address of a Metamask wallet of the cloud storage server, and the BlockHeight records the block to which the block hash used by the cloud storage server to generate the challenge data set during each data examination belongsThe system administrator records the intelligent contract SC by the time of data audit _FID Is offline after being sent to the data owner and the cloud storage server.

The cloud storage server can access the intelligent contract to enable the intelligent contract to record the target block height, obtain the target block hash value according to the target block height recorded by the intelligent contract, and further calculate and obtain a challenge data set required by the data audit, and specifically comprises the following steps:

when the time reaches the audit opportunity of outsourcing data, the cloud storage server passes through the intelligent contract SC _FID The getlockheight function in (1) records the target block height, which is expressed as follows:

when the block height corresponding to the file data is file.blockheight=0, the cloud storage server can record and acquire the next block height of the file data through an intelligent contract, and at the moment, access to the intelligent contract records the next block height eta of the current latest block height, namely file.blockheight=block.number+1. When the block height corresponding to the file data is not equal to 0, the cloud storage server cannot access the function again to change the block height, and the cloud storage server must acquire the block hash value τ according to the previously recorded block height η, so as to calculate the challenge data set according to the block hash value τ.

The cloud storage server determines a target block hash value tau according to the target block height eta recorded by the intelligent contract, so that the cloud storage server calculates a challenge data set required by the data audit as follows:

i _ξ ＝f(τ||ξ),

wherein, xi is more than or equal to 1 and C is the check ciphertext block C required by data examination timing _i C is more than or equal to 1 and less than or equal to n, and the challenge data set corresponding to the file data is that

Step S40, the cloud storage server determines data integrity certification corresponding to the file data according to the system global parameter, the ciphertext data set, the authentication tag set, the challenge data set and the signature value, and stores an audit record of the file data;

and the cloud storage server calculates and determines the data integrity certification corresponding to the file data according to the system global parameter, the ciphertext data set, the authentication tag set, the challenge data set and the signature value, and stores and discloses a data audit record so as to enable a data owner to check the integrity of the package data. The cloud storage server responds to a data integrity proving instruction and determines a system global parameter, a ciphertext data set, an authentication tag set, a challenge data set and a signature value corresponding to the file data; the cloud storage server determines an integrity certification element corresponding to the file data according to the system global parameter, the signature value, the ciphertext data set and the challenge data set; the cloud storage server determines a nonlinear combination corresponding to the file data according to the system global parameter, the integrity proving element corresponding to the file data, the ciphertext data set and the challenge data set; the cloud storage server determines an aggregation tag corresponding to the file data according to the authentication tag set and the challenge data set; and the cloud storage server determines the data integrity certification corresponding to the file data according to the integrity certification element, the nonlinear combination and the aggregation label corresponding to the file data.

In particular, after the cloud storage server determines the challenge data set corresponding to the file data, the cloud storage server randomly selects the integer r,calculating an integrity certification element r=v corresponding to the file data ^r The method comprises the steps of carrying out a first treatment on the surface of the The cloud storage server is used for storing the integrity corresponding to the file data according to the system global parametersDetermining a nonlinear combination corresponding to the file data by the proving element, the ciphertext data set and the challenge data setThe cloud storage server calculates an aggregation tag corresponding to the file data according to the authentication tag set and the challenge data set corresponding to the file data> The cloud storage server calculates an integrity certification element corresponding to the file data> And the cloud storage server determines that the data integrity certification corresponding to the file data is proof= { R, mu, sigma, rho } according to the integrity certification element, the nonlinear combination and the aggregation label corresponding to the file data.

And S50, determining a final audit result by the data owner according to the data integrity certification and the audit record so as to finish the audit of the file data.

And the data owner determines a final audit result according to the data integrity certification and the audit record so as to complete the audit of the file data. Data owners recalculate challenge data sets i _ξ ＝f(τ||ξ),/>And calculates the following formula:

if the above formula is established, the file data is described as being intact, otherwise, the audit result is refused to be accepted;

the correctness of the file data is expressed as follows:

to enable the data owner to check the integrity of the data, the cloud storage server maintains and publishes data audit records through the smart contracts SC _FID The LogGen function records the completion of the data auditing task, and the LogGen function is as follows:

when the block height submitted by the cloud storage server is equal to the block height file of the intelligent contract record, judging whether the block hash value blockHash submitted by the cloud storage server is equal to the block hash value blockHash corresponding to the file, if so, adding one to the audit times, and triggering an event AuditLog to store audit evidence in a log of the intelligent contract; if not, triggering event Warning saves audit evidence to a log of the smart contract. The LogGen algorithm is used for saving audit evidence, ensuring that the cloud storage server can obtain the target block hash value tau by using the target block height eta to calculate a challenge data set, and preparing for the next audit task.

The cloud storage server calculates a hash value h of the data related to the audit _t =h (t c η τ R μ σ ρ), where t represents the time when the cloud storage server starts to perform the audit task. The cloud storage server initiates a transaction through the Metamask wallet, and the Input Data field of the transaction is set to h _t After the transaction is successfully stored in the blockchain, the cloud storage server obtains a transaction hash value TH, the cloud storage server generates an audit record { t, c, eta, tau, R, mu, sigma and rho } for each audit task, and the audit record and the transaction hash value TH are stored in an audit log file together, wherein the audit record and the transaction hash value TH are expressed as follows:

the step of determining a final audit result by the data owner according to the data integrity certification and the audit record comprises the following steps:

In some embodiments, the data owner accesses the smart contract SC _FID Obtaining the Times Times of data audit, and refusing to accept the audit result if the Times of data audit are inconsistent with the Times of data audit in the LogFile of the cloud server.

in some embodiments, the Data owner obtains the Input Data field value h under the transaction based on the transaction hash value TH _t And recalculate the hash value according to the record corresponding to the audit log fileIf->Then the audit result is refused to be accepted.

In some embodiments, the data owner finds the corresponding block according to the block height η, and obtains the time t of block generation ^* If time t of block generation ^* And refusing to accept the auditing result before the time t when the cloud server starts to execute the auditing task.

In some embodiments, the data owner finds the corresponding block according to the block height η, and obtains the block hash value τ ^* If the block hash value τ ^* And querying and acquiring a block hash value tau 'submitted to the intelligent contract by the cloud server in the intelligent contract log if tau is inconsistent with tau in the log file, and refusing to accept the audit result if tau' noteqtau.

Compared with the prior art, the method for auditing the integrity of the outsourced data aims at the problems that the challenge data set which is safer and more reliable in source is lacking in the prior art, the challenge data set is generated by the data owner and then transmitted to the cloud storage server, the problems of transmission cost and data authentication exist, calculation cost and additional cost are brought, and a malicious third party auditor cheats the data owner together due to benefit in the cloud storage server to cause potential safety hazard of the data, and the like, and the method for auditing the integrity of the outsourced data comprises the following beneficial effects that:

Firstly, when the outsourcing data audit is carried out, no participation of a data owner or a third party auditor is needed when the challenge data set is generated, so that the source of the challenge data set is safer, more reliable and more reliable, the safety requirements of different standards among all parties such as the data owner, a cloud storage server and the like are met, the generated challenge data set is verifiable by all parties such as the data owner, the cloud storage server and the like, and the design method without entity interaction is adopted, so that the participation of the third party auditor is not needed in the whole process of outsourcing data audit, and the problem of data safety caused by the fact that a malicious third party auditor deceives the data owner together due to benefit of a cloud storage server manager is eliminated;

On the basis of any embodiment of the present application, referring to fig. 3, the step of determining a file upload instruction returned by the cloud storage server based on the hash value corresponding to the file data includes the following steps:

step S101, the cloud storage server responds to a file data detection instruction to acquire a unique identifier corresponding to the file data;

before determining a file uploading instruction returned by the cloud storage server, determining a hash value corresponding to file data according to the system global parameter and the file data of the data owner so as to further calculate and determine a unique identifier corresponding to the file data.

Step S103, the cloud storage server detects whether the unique identifier corresponding to the file data exists or not, and if the unique identifier corresponding to the file data does not exist in the cloud storage server, a file data uploading instruction is returned to the data owner.

And sending the unique identifier corresponding to the file data to a cloud storage server so that the cloud storage server detects whether the file data exists on the cloud storage server, and if the unique identifier corresponding to the file data does not exist in the cloud storage server, returning a file data uploading instruction to the data owner.

The cloud storage server returns a detection result to a data owner, the data owner responds to the cloud storage server according to the received detection result, and the cloud storage server detects whether the file data exists on the cloud storage server or not, and the method specifically comprises the following steps:

when a data owner wants to upload file data to a cloud storage server, the data owner firstly calculates a hash value SK corresponding to the file data _FID The following formula:

SK _FID ＝H ₁ (F)

f is file data owned by a data owner;

the data owner sends the FID to a cloud storage server, and the cloud storage server stores the FID on the cloud ^* It is checked whether FID is already present. If not, return a file data upload instruction to the data owner indicating that the data owner mayEncrypting the uploading file data F; otherwise, the cloud storage server returns a file existence instruction EXISTED to the data owner, which means that the data owner can further calculate the ownership of the file data F, so as to acquire the use right of the corresponding file ciphertext data on the cloud.

On the basis of any embodiment of the present application, referring to fig. 4, the step of determining a plaintext data set corresponding to the file data according to the plaintext data set by the data owner based on the file upload instruction includes the following steps:

Step S201, the data owner responds to a file encryption instruction to divide the file data into a plurality of file data blocks with the same size;

the data owner divides the file data F into n fixed data blocks M with the same size before uploading the file data F ₁ ,M ₂ ,...,M _n 。

Step 203, the data owner calculates hash values corresponding to the file data blocks based on a secure hash algorithm, and determines a key corresponding to each file data block according to the hash values corresponding to the file data blocks;

calculating encryption and decryption keys corresponding to each file data block, wherein the secure hash algorithm can be SHA256 algorithm and the like, and calculating the file data block M by adopting the SHA256 algorithm _i Hash value K of (a) _i ＝SHA256(M _i ) As its encryption and decryption key;

step S205, the data owner encrypts plaintext data corresponding to each file data block according to a key corresponding to each file data block based on a symmetric encryption algorithm so as to determine ciphertext data corresponding to each file data block;

using the file data block M _i Hash value K of (a) _i As a key for the symmetric encryption algorithm AES256 to encrypt the block of file data M _i Corresponding plaintext data, and further obtaining the file data block M _i Corresponding ciphertext data C _i ＝AES256(K _i ,M _i ) The ciphertext data corresponding to each file data block is determined to be the same, and is not described in detail herein, so that the ciphertext data corresponding to each file data block is determined.

Step S207, determining a ciphertext data set corresponding to the file data according to the ciphertext data corresponding to each file data block.

It will be appreciated that after determining the ciphertext data corresponding to each of the file data blocks, determining a ciphertext data set corresponding to the file data from the ciphertext data corresponding to each of the file data blocks.

On the basis of any embodiment of the present application, referring to fig. 5, a step of determining an authentication tag set corresponding to a ciphertext data set based on the system global parameter, the ciphertext data set corresponding to the file data, and a hash value corresponding to the file data, and determining a signature value according to the hash value corresponding to the system global parameter and the file data, includes the following steps:

step S2001, the data owner further segments the ciphertext data corresponding to each file data block to determine a ciphertext data segmentation result of the ciphertext data corresponding to each file data block;

The data owner first sets the file data block M _i Corresponding ciphertext data C _i Further dividing the file data block M _i Corresponding ciphertext data C _i Dividing into s blocks to determine ciphertext data division result { C _i,j } _{1≤i≤n,1≤j≤s} 。

Step S2003, determining an authentication tag corresponding to the file data based on a preset authentication tag function according to the ciphertext data segmentation result, a system global parameter and a hash value corresponding to the file data, determining an authentication tag set corresponding to the file data according to the authentication tag, and determining a signature value according to the system global parameter and the hash value corresponding to the file data.

Based on a preset authentication tag function, according to the global parameter of the system, the ciphertext data segmentation result and the ciphertext data segmentation resultHash value corresponding to file data is calculated to obtain authentication label sigma corresponding to the file data _i The preset authentication tag function is expressed as follows:

the calculated signature value v is expressed as follows:

and the data owner composes ciphertext data corresponding to each file data block into a ciphertext data set C corresponding to the file data, and the authentication tag corresponding to each file data block composes the file data authentication tag set phi.

On the basis of any embodiment of the present application, referring to fig. 6, the step of recording a target block height corresponding to the file data according to the intelligent contract, determining a target block hash value corresponding to the file data according to the target block height, so as to determine a challenge data set corresponding to the file data includes the following steps:

step 301, the intelligent contract responds to a block height detection instruction, detects the current block height and performs an addition operation to obtain a target block height, the target block height is stored on a block chain and returned to a cloud server, and the cloud server determines a target block hash value according to the target block height;

Step S303, the cloud storage server determines a target block hash value according to the target block height, and determines a challenge data set corresponding to the file data according to the target block hash value and the system global parameter.

After determining the target block hash value corresponding to the file data block, the cloud storage server determines a challenge data set corresponding to the file data according to the target block hash value corresponding to the file data block.

On the basis of any embodiment of the present application, referring to fig. 7, the step of determining, by the cloud storage server, a data integrity certification corresponding to the file data according to the system global parameter, the ciphertext data set, the authentication tag set, the challenge data set, and the signature value includes the following steps:

step S401, the cloud storage server responds to a data integrity proving instruction, and determines a system global parameter, a ciphertext data set, an authentication tag set, a challenge data set and a signature value corresponding to the file data;

step S403, the cloud storage server determines an integrity certification element corresponding to the file data according to the system global parameter, the signature value, the ciphertext data set and the challenge data set;

Step S405, the cloud storage server determines a nonlinear combination corresponding to the file data according to the system global parameter, the integrity certification element corresponding to the file data, the ciphertext data set and the challenge data set;

step S407, the cloud storage server determines an aggregation tag corresponding to the file data according to the authentication tag set and the challenge data set;

and step 409, the cloud storage server determines the data integrity certification corresponding to the file data according to the integrity certification element, the nonlinear combination and the aggregation label corresponding to the file data.

When the cloud storage server determines the textAfter the challenge data set corresponding to the piece of data, the cloud storage server randomly selects an integer r,calculating an integrity certification element r=v corresponding to the file data ^r The method comprises the steps of carrying out a first treatment on the surface of the The cloud storage server determines a nonlinear combination corresponding to the file data according to the system global parameter, the integrity proving element corresponding to the file data, the ciphertext data set and the challenge data set> The cloud storage server calculates an aggregation tag corresponding to the file data according to the authentication tag set and the challenge data set corresponding to the file data >The cloud storage server calculates an integrity proving element corresponding to the file dataAnd the cloud storage server determines that the data integrity certification corresponding to the file data is Proof = { R, μ, σ, ρ } according to the signature value, the nonlinear combination, the aggregation tag and the integrity certification element corresponding to the file data.

Referring to fig. 8, an outsourced data integrity auditing apparatus according to one of the objects of the present application includes a data upload determining module 1100, a data storage result determining module 1200, a challenge data set determining module 1300, an integrity certification determining module 1400, and a data auditing module 1500. The data uploading determining module 1100 is configured to initiate an outsourcing data request for a data owner to obtain a system global parameter generated by the cloud server, determine a hash value corresponding to the file data according to the system global parameter and file data of the data owner, determine a unique identifier of the file data according to the hash value corresponding to the file data, and determine a file uploading instruction returned by the cloud server based on the unique identifier of the file data; a data storage result determining module 1200, configured to determine a plaintext data set corresponding to the file data based on the file upload instruction, determine a ciphertext data set corresponding to the file data according to the plaintext data set, determine an authentication tag set and a signature value corresponding to the ciphertext data set based on the system global parameter, the ciphertext data set corresponding to the file data, and a hash value corresponding to the file data, and upload the authentication tag set and the signature value to the cloud storage server for detection to determine a file data storage result; the challenge data set determining module 1300 is configured to obtain, by the cloud storage server, an intelligent contract corresponding to the file data according to the file data storage result, record, according to the intelligent contract, a target block height corresponding to the file data, and determine, according to the target block height, a target block hash value corresponding to the file data, so as to determine a challenge data set corresponding to the file data; the integrity certification determining module 1400 is configured to determine, by the cloud storage server, a data integrity certification corresponding to the file data according to the system global parameter, the ciphertext data set, the authentication tag set, the challenge data set, and the signature value, and store an audit record of the file data; the data auditing module 1500 is configured to determine a final auditing result according to the data integrity certification and the auditing record by the data owner, so as to complete the auditing of the file data.

On the basis of any embodiment of the present application, please refer to fig. 9, another embodiment of the present application further provides an electronic device, which may be implemented by a computer device, and as shown in fig. 9, the internal structure of the computer device is schematically shown. The computer device includes a processor, a computer readable storage medium, a memory, and a network interface connected by a system bus. The computer readable storage medium of the computer device stores an operating system, a database and computer readable instructions, the database can store a control information sequence, and when the computer readable instructions are executed by a processor, the processor can realize an outsourcing data integrity auditing method. The processor of the computer device is used to provide computing and control capabilities, supporting the operation of the entire computer device. The memory of the computer device may have stored therein computer readable instructions that, when executed by the processor, cause the processor to perform the outsourced data integrity auditing method of the present application. The network interface of the computer device is for communicating with a terminal connection. It will be appreciated by persons skilled in the art that the architecture shown in fig. 9 is merely a block diagram of some of the architecture relevant to the present inventive arrangements and is not limiting as to the computer device to which the present inventive arrangements are applicable, and that a particular computer device may include more or fewer components than shown, or may combine some of the components, or have a different arrangement of components.

The processor in this embodiment is configured to execute specific functions of each module and its sub-module in fig. 8, and the memory stores program codes and various data required for executing the above modules or sub-modules. The network interface is used for data transmission between the user terminal or the server. The memory in this embodiment stores the program codes and data required for executing all the modules/sub-modules in the outsourced data integrity auditing apparatus of the present application, and the server can call the program codes and data of the server to execute the functions of all the sub-modules.

The present application also provides a storage medium storing computer readable instructions that, when executed by one or more processors, cause the one or more processors to perform the steps of the outsourced data integrity auditing method of any of the embodiments of the present application.

The present application also provides a computer program product comprising computer programs/instructions which when executed by one or more processors implement the steps of the outsourced data integrity auditing method of any of the embodiments of the present application.

Those skilled in the art will appreciate that all or part of the processes implementing the methods of the above embodiments of the present application may be implemented by a computer program for instructing relevant hardware, where the computer program may be stored on a computer readable storage medium, where the program, when executed, may include processes implementing the embodiments of the methods described above. The storage medium may be a computer readable storage medium such as a magnetic disk, an optical disk, a Read-Only Memory (ROM), or a random access Memory (Random Access Memory, RAM).

The foregoing is only a partial embodiment of the present application, and it should be noted that it will be apparent to those skilled in the art that modifications and adaptations can be made without departing from the principles of the present application, and such modifications and adaptations are intended to be comprehended within the scope of the present application.

In summary, when the outsourcing data audit is performed, the participation of a data owner or a third party auditor is not needed when the challenge data set is generated, so that the source of the challenge data set is safer, more reliable and more reliable, the safety requirements of different standards among all parties such as the data owner, the cloud storage server and the like are met, the generated challenge data set is verifiable by all parties such as the data owner, the cloud storage server and the like, and the design method without entity interaction is adopted.

Claims

1. An outsourced data integrity auditing method, comprising the steps of:

2. The outsourced data integrity auditing method of claim 1, wherein the step of determining a file upload instruction returned by a cloud server based on a unique identification of the file data comprises the steps of:

3. The outsourced data integrity auditing method of claim 1, wherein the step of the data owner determining a plaintext data set corresponding to the file data based on the file upload instruction, and determining a ciphertext data set corresponding to the file data based on the plaintext data set, comprises the steps of:

4. A outsourced data integrity auditing method according to claim 3, characterized by the step of determining an authentication tag set and a signature value corresponding to a ciphertext data set based on the system global parameter, the ciphertext data set corresponding to the file data and a hash value corresponding to the file data, comprising the steps of:

Determining an authentication tag corresponding to the file data based on a preset authentication tag function according to the ciphertext data segmentation result, the system global parameter and a hash value corresponding to the file data, and determining an authentication tag set corresponding to the file data according to the authentication tag;

5. The outsourced data integrity auditing method of claim 3, wherein the step of recording a target block height corresponding to the file data according to the intelligent contract, determining a target block hash value corresponding to the file data according to the target block height, to determine a challenge data set corresponding to the file data, comprises the steps of:

6. The outsourced data integrity auditing method according to claim 1, characterized in that the step of the cloud storage server determining the data integrity certification corresponding to the file data according to the system global parameter, a ciphertext data set, an authentication tag set, a challenge data set, and a signature value, comprises the steps of:

7. The outsourced data integrity auditing method of any of claims 1-6, in which the step of the data owner determining a final audit result from the data integrity certification and audit record comprises the steps of:

8. An outsourced data integrity auditing apparatus, comprising:

9. An electronic device comprising a central processor and a memory, characterized in that the central processor is arranged to invoke a computer program stored in the memory for performing the steps of the method according to any of claims 1 to 7.

10. A computer-readable storage medium, characterized in that it stores in the form of computer-readable instructions a computer program implemented according to the method of any one of claims 1 to 7, which, when invoked by a computer, performs the steps comprised by the corresponding method.