CN117666960A

CN117666960A - Method, equipment and storage medium for realizing secure storage framework applying NVIDIA CUDA acceleration and improving Merkle hash tree

Info

Publication number: CN117666960A
Application number: CN202311677325.9A
Authority: CN
Inventors: 陈培鸿; 荣国平; 张贺; 邵栋
Original assignee: Nanjing University
Current assignee: Nanjing University
Priority date: 2023-08-03
Filing date: 2023-12-08
Publication date: 2024-03-08

Abstract

The invention discloses a method, equipment and a storage medium for realizing a secure storage framework applying NVIDIA CUDA acceleration and improving Merkle hash tree. The method comprises the following steps: designing and implementing a block device mapper with storage security capabilities based on the Linux Device Mapper framework; providing full-disc confidentiality protection for the storage device by adopting a full-disc encryption technology; providing full disk integrity protection for the storage device by adopting a hash tree technology; applying NVDIA CUDA to provide hardware acceleration computing capability for the cryptographic algorithm; the classical Merkle hash tree is improved, and the concurrent access and update efficiency of the hash tree is improved; when processing the write request, the consistency of the data block and the hash tree update is maintained by adopting a strategy of 'cache before write back' of the data block. The invention integrates the full-disk encryption technology and the Merkle hash tree, ensures the security of the storage device and the data thereof at the level of the block device, and still maintains extremely high I/O bandwidth performance.

Description

Method, equipment and storage medium for realizing secure storage framework applying NVIDIA CUDA acceleration and improving Merkle hash tree

Technical Field

The invention relates to the technical field of computer software, in particular to a method, equipment and a storage medium for realizing a secure storage framework applying NVIDIA CUDA acceleration and improving Merkle hash tree.

Background

The rapid development and wide application of big data technology bring great value and benefit to various industries. The storage infrastructure serves as the underlying support for the data center, providing mass data storage and high performance retrieval capabilities for large data traffic. In recent years, storage devices in data centers have been increasingly exposed to security threats such as data leakage, tampering, and damage. Data centers store large amounts of sensitive data, and storage security is therefore critical. In general, storage security aims to protect data confidentiality, integrity, and availability in storage systems and take corresponding measures to prevent unauthorized access, use, leakage, and corruption, including but not limited to access control, encryption, backup and restore, auditing and monitoring, and the like.

Conventional storage security solutions tend to be directed to only a single security element, such as confidentiality or integrity. Through decades of exploratory practices and optimizations, these schemes have achieved good results in terms of the protection capabilities of individual storage security factors. However, it is common and necessary to implement multiple storage security technologies simultaneously in production practice because of the limited scope and capabilities of security protection of a single storage security technology. However, due to the independence of the individual storage security technologies, there are great limitations in implementing fusion and cooperative work of multiple storage security technologies, and the most central problem is that it is difficult to perform cooperative optimization to reduce overall performance loss while prolonging the storage stack processing flow and increasing the processing complexity. At present, less research work is focused on solving the fusion problem of confidentiality technology and integrity technology and performance optimization, and the performance effect of the existing research results and production practice schemes is difficult to meet the requirements of data center business scenes.

Based on the problems, the invention provides a method, equipment and a storage medium for realizing a safe storage framework applying NVIDIA CUDA acceleration and improving Merkle hash tree, which are used for realizing high-strength safety protection of storage equipment and data thereof by fusing a full-disk encryption technology and a full-disk integrity verification technology of the storage equipment, and respectively solving the huge performance loss problem caused by hash tree metadata management and cryptographic algorithm calculation through an improved Merkle hash tree scheme and adopting NVIDIA CUDA hardware acceleration.

Disclosure of Invention

The invention aims to provide a method, equipment and a storage medium for realizing a secure storage framework applying NVIDIA CUDA acceleration and improving Merkle hash tree, which ensure the security of storage equipment and data thereof at a block equipment level and still maintain extremely high I/O bandwidth performance.

In a first aspect, an embodiment of the present invention provides a method for implementing a secure storage framework that applies NVIDIA CUDA acceleration and improves Merkle hash trees, where the method includes:

designing and realizing a block device mapper with storage security capability based on a Linux Device Mapper framework, wherein the block device mapper processing request comprises an I/O read request and an I/O write request, the I/O read request processing flow comprises a disk data block reading operation, a data block decrypting operation and a data block integrity checking operation, and the I/O write request processing flow comprises a data block encrypting operation, a data block integrity checking code calculating operation, a data block integrity checking code storing operation and a data block writing disk operation;

The data block encryption operation and the data block decryption operation adopt a full-disc encryption technology, and the full-disc encryption technology performs encryption or decryption processes on data blocks of a disk drive one by adopting a block encryption algorithm, so that full-disc confidentiality of static data residing in the disk drive is protected;

the data block integrity calculation operation, the data block integrity verification operation and the data block integrity verification code storage operation adopt a Merkle hash tree technology, and the Merkle hash tree technology calculates a message verification code for each disk data block, constructs a hash tree structure on the disk data block message verification code, and finally obtains a root node hash value representing the full disk data block message verification code, thereby protecting the full disk integrity of static data residing in a disk drive;

the block encryption algorithm and the message verification code calculation operation adopt an associated data authentication encryption algorithm XTS-HMAC, which is called XTS-AES-256-HMAC-SHA-512, and the associated data authentication encryption algorithm completes two calculation processes of the block encryption algorithm XTS-AES-256 calculation and the message verification code HMAC-SHA-512 calculation at the same time in one calculation process;

The system comprises a NVIDIA CUDA programming language, a NVIDIA GPU hardware device, a device side computing component, a hardware device and a hardware system, wherein the NVIDIA CUDA programming language is used for realizing parallel execution version of the associated data authentication encryption algorithm, the parallel execution version of the associated data authentication encryption algorithm comprises a host side control component and the device side computing component, the host side control component provides a service calling interface for submitting an associated data authentication encryption algorithm request and returning an associated data authentication encryption algorithm response for a block device mapper, the device side computing component adopts the NVIDIA CUDA programming language to realize parallel execution version codes of the associated data authentication encryption algorithm, and executes a computing process of the associated data authentication encryption algorithm on the NVIDIA GPU hardware device, and the host side control component and the device side computing component realize hardware acceleration computation of the associated data authentication encryption algorithm through mutual interaction and cooperation;

the Merkle hash tree technology improves a classical Merkle hash tree, the improved Merkle hash tree adopts a fat tree structure, tree nodes are divided into fixed three layers according to root nodes, intermediate nodes and leaf nodes, each intermediate node comprises 256 leaf nodes, hash values of each leaf node are message verification codes obtained by using a verification encryption algorithm with associated data on a disk data block, and hash values of the intermediate node and the root node are hash values obtained by using an incremental hash function on hash values of child nodes of the intermediate node;

The improved Merkle hash tree optimizes the access efficiency of the hash tree through a leaf node prefetching mechanism, a leaf node write-back mechanism and a fine-granularity read-write lock mechanism, and maintains the consistency of data block and hash tree update in I/O write request processing through a data block 'cache-before-write-back' strategy;

the delta hash function is a special type of hash function, and for a message with a hash value calculated in advance, if a part of the content of the message is modified, the hash value of the whole message can be updated by only executing a calculation operation on the modified part of the message without calculating the hash value of the whole message again.

The Merkle hash leaf child node prefetching mechanism is used for submitting an asynchronous hash leaf child node reading task to a disk metadata area when an I/O read-write request is processed, so that when the processing of the I/O read request needs to carry out data block integrity check or when the processing of the I/O write request needs to store data block integrity check codes, the hash value of the hash leaf child node involved in the operation is obtained in advance;

when the Merkle hash leaf child node write-back mechanism processes an I/O write request, after updating the hash leaf child node by using a data block message verification code related to the I/O write request, storing the updated leaf node hash value in a disk metadata area in an asynchronous write-back mode, and not blocking the return of the I/O write request;

The Merkle hash tree fine-granularity read-write lock mechanism is characterized in that when an I/O read-write request is processed, firstly, a read-write lock is applied to leaf nodes related to the I/O read request or leaf nodes, intermediate nodes and root nodes related to the I/O write request, then subsequent read or update operation is executed, and the read-write lock application process follows the locking sequence of tree nodes of the same layer from left to right and tree nodes of different layers from bottom to top;

the data block 'cache-before-write-back' strategy is that when an I/O write request is processed, the data block of the I/O request is firstly cached in a memory, then immediately returned, and the subsequent processing flow of the I/O write request is processed by an asynchronous thread, wherein the processing flow comprises data block encryption operation, data block message verification code calculation, hash tree node updating and storing the encrypted data block in a disk, and the consistency of the data block storage and the hash tree node updating is ensured among different I/O write requests through the Merkle hash tree fine-granularity read-write lock mechanism.

In a second aspect, an embodiment of the present invention further provides a computer device, including a processor and a memory, where the memory is configured to store instructions that, when executed, cause the processor to perform an implementation method for accelerating and improving a secure storage framework of a Merkle hash tree using NVIDIA CUDA according to any one of the embodiments of the present invention.

In a third aspect, embodiments of the present invention also provide a storage medium containing computer-executable instructions, which when executed by a computer processor, are configured to perform a method of implementing a secure storage framework for accelerating and improving Merkle hash trees using NVIDIA CUDA according to any of the embodiments of the present invention.

Compared with the prior art, the invention has the following advantages: the embodiment of the invention designs and realizes a block device mapper with storage security capability based on a Linux Device Mapper framework, and executes decryption operation and data block integrity check operation on a data block when processing an I/O read request, and executes encryption operation and data block integrity check code calculation, update and storage operation on the data block when processing an I/O write request; the encryption and decryption operation of the data block and the calculation operation of the message verification code are completed simultaneously in one calculation process through the encryption algorithm with the associated authentication; the NVIDIA CUDA is adopted to realize the parallel computing version of the encryption algorithm with the associated authentication so as to provide the hardware acceleration capability of algorithm computation; the method comprises the steps of improving a classical Merkle hash tree, constructing a hash tree on a message verification code of a data block and organizing the hash tree by adopting a fat tree structure, wherein tree nodes are divided into fixed three layers according to root nodes, intermediate nodes and leaf nodes, each intermediate node comprises 256 leaf nodes, and hash values of the intermediate nodes and the root nodes are updated by using an incremental hash function on child node hash values; optimizing the access efficiency of the hash tree through a leaf node prefetching mechanism and a leaf node write-back mechanism and a fine-granularity read-write lock mechanism; the consistency of the updating of the data blocks and the hash tree in the processing of the I/O write request is maintained through the strategy of 'caching before writing back' of the data blocks, and the extremely high I/O bandwidth performance can be maintained while the security capability coverage for providing the full disk confidentiality and the full disk integrity for the storage device is finally realized.

The full-disc confidentiality aims at protecting the disc data from being stolen and avoiding revealing private information, while the full-disc integrity aims at protecting the disc data from being maliciously tampered, and can detect the attack behaviors such as data tampering or destruction. On the premise of simultaneously providing the two storage security capacities, compared with a Linux original scheme (dm-crypt and dm-quality are mixed), the performance of the method is improved by 0.2 times on the read bandwidth (the Linux open source scheme does not support the write I/O request), and compared with an open source scheme (dm-x and dm-crypt are mixed) which works in a related mode, the performance of the method is respectively improved by 0.2 times and 1 time on the read bandwidth and the write bandwidth.

Drawings

FIG. 1 is a schematic diagram of a secure storage frame according to embodiment 1 of the present invention;

FIG. 2 is a flow chart of I/O read/write request processing of a block device mapper in a secure storage framework in accordance with embodiment 1 of the present invention;

FIG. 3 is a flowchart of a process for computing an authentication encryption algorithm with associated data in a secure storage framework according to embodiment 1 of the present invention;

FIG. 4 is a schematic diagram of the structure of a device-side component with associated data authentication encryption algorithm in a secure storage framework according to embodiment 1 of the present invention;

FIG. 5 is a schematic diagram of the structure of an improved Merkle hash tree of a block device mapper in a secure storage framework in accordance with embodiment 1 of the present invention;

FIG. 6 is a flow chart of a leaf node prefetch mechanism of an improved Merkle hash tree of a block device mapper in a secure storage framework in accordance with embodiment 1 of the present invention;

FIG. 7 is a flow chart of a leaf node write back mechanism of an improved Merkle hash tree of a block device mapper in a secure storage framework in accordance with embodiment 1 of the present invention;

FIG. 8 is a flow chart of a leaf node eviction mechanism of an improved Merkle hash tree of a block device mapper in a secure storage framework in accordance with embodiment 1 of the present invention;

fig. 9 is a schematic diagram of a computer device in embodiment 2 of the present invention.

Detailed description of the preferred embodiments

The following description of the embodiments of the present invention will be given in detail with reference to the accompanying drawings, and it is apparent that the embodiments described are only some, but not all embodiments of the present invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.

The term "storage security" as used herein is an emerging field of security, and in general, storage security is aimed at protecting data confidentiality, integrity, and availability in storage systems from unauthorized access, use, leakage, and corruption.

The term "incremental hash function" as used herein is a special type of hash function whose basic idea is: for a message with a pre-calculated hash value, if a part of the content of the message is modified, the hash value of the whole message can be updated by only performing a calculation operation on the modified part of the message, without re-calculating the hash value of the whole message.

The term "Merkle hash tree" as used herein is a special tree structure, which was first proposed in 1979 by the cryptologist Ralph Merkle, which first divides a message segment into a plurality of fixed-length blocks, then calculates hash values for each message segment block separately, then, by constructing a tree structure layer by layer on the hash value of each block, hash values of each upper node are obtained by hash calculation after splicing according to its child node hash values, and finally, a message Duan Haxi containing any number of block segments can be formed into a root hash value, so as to quickly verify the integrity of the message segment, which is generally used for verifying the integrity and security of a large data set.

The term "authentication encryption algorithm" as used herein is an encryption algorithm that combines encryption and authentication functions together, and that not only ensures confidentiality of communication data, but also verifies the integrity and authenticity of the data to avoid attacks such as tampering, insertion or deletion of the data. In the authentication encryption algorithm, encryption and authentication are performed simultaneously.

The term "authentication encryption algorithm with associated data" as used herein is a more advanced authentication encryption algorithm that not only provides encryption and authentication functions, but also protects the integrity and authenticity of associated data.

For ease of understanding, the main inventive concepts of the embodiments of the present invention will be described.

In the prior art, protection, such as confidentiality or integrity, is often only performed for a single security link of a storage device.

The method in the prior art generally needs to use multiple storage security technologies in a mixed manner in order to provide a more comprehensive storage security coverage, and due to the independence of the single storage security technology, the single storage security technology has great limitation in the aspects of fusion and cooperative work of the multiple storage security technologies, and the most central problem is that the single storage security technology prolongs the processing flow of a storage stack and increases the processing complexity, but is difficult to perform cooperative optimization to reduce the overall performance loss, so that the popularization, the use and the development of a security storage system in a production environment are limited.

Aiming at the problems, whether a new secure storage framework integrating a full-disk encryption technology and a full-disk integrity verification technology can be adopted is considered, hardware acceleration is carried out on a cryptographic algorithm by applying NVIDIA CUDA, and a classical Merkle hash tree is improved so as to reduce the overall performance loss of secure storage, thereby providing more comprehensive storage security coverage and simultaneously still maintaining higher I/O bandwidth performance.

Based on the above thinking, creatively proposes that by designing and implementing a block device mapper with storage security capability based on a Linux Device Mapper framework, a decryption operation and a data block integrity check operation are performed on a data block when an I/O read request is processed, and an encryption operation and a calculation, update and storage operation of a data block integrity check code are performed on the data block when an I/O write request is processed; the encryption and decryption operation of the data block and the calculation operation of the message verification code are completed simultaneously in one calculation process through the encryption algorithm with the associated authentication; the NVIDIA CUDA is adopted to realize the parallel computing version of the encryption algorithm with the associated authentication so as to provide the hardware acceleration capability of algorithm computation; the method comprises the steps of improving a classical Merkle hash tree, constructing a hash tree on a message verification code of a data block and organizing the hash tree by adopting a fat tree structure, wherein tree nodes are divided into fixed three layers according to root nodes, intermediate nodes and leaf nodes, each intermediate node comprises 256 leaf nodes, and hash values of the intermediate nodes and the root nodes are updated by using an incremental hash function on child node hash values; optimizing the access efficiency of the hash tree through a leaf node prefetching mechanism and a leaf node write-back mechanism and a fine-granularity read-write lock mechanism; the consistency of the updating of the data blocks and the hash tree in the processing of the I/O write request is maintained through the strategy of 'caching before writing back' of the data blocks, and the extremely high I/O bandwidth performance can be maintained while the security capability coverage for providing the full disk confidentiality and the full disk integrity for the storage device is finally realized.

Example 1:

FIG. 1 is a schematic structural diagram of a secure storage framework according to a first embodiment of the present invention, where the secure storage framework includes a block device mapper, a cryptographic algorithm, and an acceleration engine framework; the block device mapper works in a Linux kernel mode, logic devices can be created through the block device mapper to serve as safe storage devices, and full-disc confidentiality and full-disc integrity protection are provided for running service application programs in a Linux user mode; the cryptographic algorithm comprises an incremental hash function to be used by the block device mapper in working and an authentication encryption algorithm with associated data; the acceleration engine framework is divided into an acceleration engine kernel module and an acceleration engine daemon, and the acceleration engine kernel module and the acceleration engine daemon interact and cooperate through a Linux device file interface, so that the problem that a Linux user mode program is called by a Linux kernel mode program is solved. In addition, the secure storage framework also relates to related hardware devices and drivers thereof, including an NVIDIA GPU, a disk driver and trusted storage hardware, wherein the NVIDIA CUDA provides hardware acceleration capability for the computing process of the cryptographic algorithm, the disk driver is used for storing service application program data processed by the block device mapper and metadata relied on in normal operation of the block device mapper, and the trusted storage hardware is used for storing root node hash values of the improved hash tree. It should be noted that, the NVIDIA GPU, the disk drive, and the trusted storage hardware may be any type and multiple hardware devices, which are not limited in the embodiment of the present invention. In fig. 1, only the NVIDIA GPU, the disk drive, and the trusted storage hardware, one each of which is not specified, are illustrated, and are not limiting on the embodiments of the present invention.

FIG. 2 is a flow chart of I/O read/write request processing of a block device mapper in a secure storage framework, where the block device mapper acts as a driver for a logic device, and when a service application submits an I/O read/write request through the logic device, the block device mapper is responsible for processing the I/O read/write request, then submitting a data access request to a hardware device, and finally notifying the service application of the request processing result.

For an I/O read request, the block device mapper firstly submits a data block read request to the disk drive, and simultaneously submits a hash tree metadata read request to the disk drive, after the data block is read, the block device mapper calls a data block with associated data authentication encryption algorithm to execute decryption operation and message verification code calculation operation, after the calculation operation is completed, waits for the completion of the hash tree metadata read, once the hash tree metadata read is completed, the hash tree metadata is used for comparing with the message verification code of the data block to verify the integrity of the data block, if the verification is passed, the decrypted data block plaintext is returned to the service application program, and otherwise, an error code is returned to the service application program.

For I/O write requests, the block device mapper first saves the data block buffer of the I/O write request to the memory cache, and then completes subsequent processing of the I/O write request in a separate worker thread. The working thread firstly submits a hash tree metadata reading request to a disk drive, meanwhile, invokes an encryption algorithm with associated data authentication to execute encryption operation and message verification code calculation operation on a data block, waits for the completion of the hash tree metadata reading after the calculation operation is completed, uses a data block message verification code to update the hash tree metadata once the hash tree metadata is read, saves a root node hash value obtained after the hash tree metadata updating is completed in trusted storage hardware, finally submits a writing request to the disk drive, and persists the encrypted data block to the disk drive.

FIG. 3 is a flow chart of a process of computing the authentication encryption algorithm with associated data in the secure storage framework, wherein the authentication encryption algorithm with associated data is divided into a host-side component and a device-side component, and the two components interact and cooperate through the acceleration engine framework to complete a hardware acceleration process of computing the authentication encryption algorithm with associated data on the NVIDIA GPU.

The host side component with the associated data authentication encryption algorithm provides a call interface for encryption operation and decryption operation for the block device mapper in the Linux kernel mode, and when the host side component receives a cryptographic algorithm call request, the host side component submits a cryptographic algorithm acceleration calculation request through an acceleration engine framework. After the acceleration engine framework receives the cryptographic algorithm acceleration calculation request, the acceleration engine framework calls the equipment end assembly with the associated data authentication encryption algorithm, transmits the request data from the host memory to the NVIDIA GPU equipment memory, starts a calculation task on the NVIDIA GPU, transmits calculation result data from the NVIDIA GPU equipment memory back to the host memory after calculation is completed, and finally returns the calculation result data to the host end assembly with the associated data authentication encryption algorithm, so that the calculation result is returned to the block equipment mapper.

Fig. 4 is a schematic structural diagram of a device-side component with an associated data authentication encryption algorithm of a secure storage framework, and according to different parallel granularities such as grids, thread groups and threads provided by an NVIDIA CUDA programming model, input data of the algorithm are divided into blocks with corresponding parallel granularities, so that fine granularity parallelization calculation with the associated data authentication encryption algorithm is realized. According to the NVIDIA CUDA programming model, each NVIDIA CUDA calculation task is started by a CUDA kernel function, and each CUDA kernel function places the calculation task into a CUDA grid for execution, namely, parallel calculation of input message segments of different calculation tasks in the CUDA grid granularity is realized. Further, the CUDA grid is composed of a plurality of thread groups, and each message segment comprises a plurality of data blocks, so that each data block can be transmitted to each thread group to complete the computation of the XTS-AES-256 and the HMAC-SHA-512 of the message verification code algorithm, namely, the parallel computation of different data blocks in the input message segment in the granularity of the CUDA thread groups is realized. Still further, the CUDA thread group is composed of a plurality of threads, for the calculation of the block encryption algorithm of each data block, the calculation process of the plurality of block encryption algorithms AES-256 is included, and finally different AES block calculation results are linked through the operation mode XTS, so that each data block can be divided into a plurality of AES blocks, each AES block is submitted to different CUDA threads to execute AES-256 encryption or decryption calculation, that is, parallel calculation of different AES block and CUDA thread granularity in each data block is realized.

FIG. 5 is a schematic diagram of an improved Merkle hash tree of a block device mapper in a secure storage framework, wherein the improved Merkle hash tree adopts a "fat" tree structure, tree nodes are divided into fixed three layers according to root nodes, intermediate nodes and leaf nodes, each intermediate node comprises 256 leaf nodes, hash values of each leaf node are message authentication codes calculated by using a data authentication encryption algorithm with association on a disk data block, and hash values of the intermediate node and the root node are hash values calculated by using an incremental hash function on child node hash values thereof.

In order to improve the efficiency of accessing and updating the hash tree, the invention designs a caching strategy aiming at the hash tree nodes, wherein the intermediate nodes always reside in a memory cache region during the normal operation of the block device mapper, and the leaf nodes are dynamically loaded into the memory cache region or exchanged to a metadata region of a disk drive during the normal operation of the block device mapper. According to the caching strategy, the access and update flow of the hash tree node is also different from that of a classical Merkle hash tree, and is shown in the following steps:

when the leaf node to be read is positioned in the memory cache area, the hash value of the leaf node can be directly accessed without reading and checking from the metadata area of the disk drive; otherwise, submitting a read request of the hash value of the leaf node to a metadata area of the disk drive, and after the read is completed, checking the integrity of the hash value of the leaf node by using a corresponding intermediate node, if the check is passed, reading the hash value of the leaf node, otherwise, marking the hash value of the leaf node as damaged, and directly failing to check the integrity of the data block corresponding to the damaged leaf node.

In updating the hash tree, hash values of the intermediate node and the root node need to be updated in addition to leaf node hash values. Since the modified Merkle hash tree uses an incremental hash function to update the intermediate node and the root node, it is necessary to obtain the existing hash value of the leaf node. When the leaf node to be updated is located in the memory cache region, the hash value of the leaf node can be directly accessed and updated without reading and checking from the metadata region of the disk drive; otherwise, the hash leaf node needs to be read into the memory buffer area and pass the verification following the reading flow of the hash leaf node. After the leaf node to be updated is already located in the memory buffer, calculating a new hash value of the intermediate node by using the incremental hash function, updating, then further calculating a new hash value of the root node by using the incremental hash function, and finally storing the new hash value of the root node into the trusted storage hardware.

In order to ensure consistency of concurrent access and update of hash tree nodes, the invention designs a fine-grained lock mechanism for the hash tree, which comprises the following steps:

exclusive access to the root node of the hash tree is protected by adopting a mutual exclusion lock, and concurrent access to the middle node and the leaf node of the hash tree is protected by adopting a read-write lock;

The locking operation of the hash tree must be performed according to the hierarchical sequence of the nodes on the access path of the hash tree, that is, the locks of the leaf nodes must be first obtained, then the locks of the intermediate nodes must be obtained, and finally the locks of the root nodes must be obtained. For successive nodes of the same hierarchy, the locking must be performed in order of the index value of the node from small to large. Through the locking sequence of 'from left to right', 'bottom to top', the parallelism of hash tree access is improved, and simultaneously, the occurrence of deadlock is avoided;

before accessing a certain layer of nodes of the hash tree, after locks of all the nodes of the layer to be accessed are acquired, the nodes are started to be accessed, namely, the locking operation is ensured to be atomic;

after accessing a certain level of nodes of the hash tree, locks of all nodes of the level to be accessed are released after locks of a previous level of nodes must be acquired, which ensures that one access path is not covered by another access path before the access path is finished.

FIG. 6 is a flow chart of a leaf node prefetch mechanism of an improved Merkle hash tree of a block device mapper in a secure storage frame. It should be noted that, since the hash value of the hash leaf child node read from the metadata area of the disk drive needs to be verified by the hash value of the corresponding intermediate node, the verification process of each leaf node depends on the hash value of its sibling node, so each leaf node prefetch operation needs to align the range of the related leaf node to the intermediate node, that is, ensure that the sibling node of the prefetched leaf node is already prefetched. In addition, in order to avoid repeated reading of the same leaf node, before submitting the leaf node prefetching task to the disk drive, it is first detected whether the leaf node already exists in the memory cache area, if not, then it is detected whether other prefetching tasks in the leaf node prefetching task queue are related to reading the leaf node related to the prefetching task to be submitted at present, if not, then the leaf node prefetching task is submitted truly, and after the leaf node reading is completed, the integrity check is performed by using the corresponding intermediate node.

FIG. 7 is a flow chart of a leaf node write back mechanism of an improved Merkle hash tree of a block device mapper in a secure storage frame, the hash leaf child node write back mechanism adopts a locking failure rollback retry strategy, namely when attempting to acquire a leaf node read-write lock failure, all locks acquired previously are released, and the flow is restarted after waiting for a period of time, wherein the design has the following starting points: if the read-write lock of the leaf node is held by other working threads, the leaf node is repeatedly accessed in a period of time according to the principle of time space locality, so that the rollback retry of the write-back process can avoid the problem that the system performance is reduced due to frequent acquisition and holding of the lock. In addition, if all the involved leaf nodes are marked as clean, the write-back operation is not needed, and the read-write lock of the leaf nodes is directly released. If the leaf node has dirty leaf nodes, the dirty leaf nodes need to be written back to the bottom disk hash area, after the write back is finished, the leaf nodes are marked as clean, and then the read-write lock of the leaf nodes is released.

FIG. 8 is a flow chart of a leaf node eviction mechanism of an improved Merkle hash tree of a block device mapper in a secure storage framework, where the hash leaf child node eviction mechanism adopts a lock failure rollback retry policy, i.e., when attempting to acquire a leaf node read-write lock failure, all locks acquired previously are released, and the flow is restarted after waiting for a period of time, where the design starts: if the read-write lock of the leaf node is held by other working threads, according to the principle of time space locality, the leaf node is repeatedly accessed in a period of time, and the rollback retry of the eviction mechanism can avoid the subsequent unnecessary work of re-fetching the hash value. In addition, for the eviction object of the hash leaf child node eviction mechanism, with the intermediate node as a basic unit, if any leaf node in the intermediate node currently fetched from the hash leaf child node LRU cache queue is marked as dirty, the intermediate node is not evicted, but is put back in the queue again, waiting for the next eviction, and then the next intermediate node is processed instead. If all leaf nodes in the intermediate node are clean, then the memory occupied by all leaf nodes in the intermediate node is reclaimed.

Example 2

Fig. 9 is a schematic structural diagram of a computer device according to a second embodiment of the present invention, where, as shown in fig. 9, the computer device includes a general purpose processor, a special purpose processor, a memory, an input device and an output device; the number of general purpose processors and specialized processors in a computer apparatus may be one or more, fig. 9 exemplifies one general purpose processor and one specialized processor; the general purpose processors, special purpose processors, memory, input devices, and output devices in a computer device may be linked by a bus or other means, with a bus connection being shown in fig. 9 as an example.

The memory is used as a computer readable storage medium for storing software programs, computer executable programs and modules, such as program instructions/modules (e.g., a block device mapper module, an acceleration engine framework module, and a cryptographic algorithm module) corresponding to the implementation method of the secure storage framework applying NVIDIA CUDA acceleration and improving Merkle hash tree in the embodiment of the invention. The general purpose processor and the special purpose processor execute various functional applications and data processing of the computer device by running software programs, instructions and modules stored in the memory, that is, the implementation method for implementing the above-mentioned secure storage framework for applying NVIDIA CUDA acceleration and improving Merkle hash tree.

The memory may mainly include a memory program area and a memory data area, wherein the memory program area may store an operating system, at least one application program required for a function; the storage data area may store data created according to the use of the terminal, etc. In addition, the memory may include high-speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid-state storage device. In some examples, the memory may further include memory remotely located with respect to the processor, the remote memory being connectable to the computer device through a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.

The input means may be used to receive entered numeric or character information and to generate key signal inputs related to user settings and function control of the computer device. The output means may comprise a display device such as a display screen.

Example 3

A third embodiment of the present invention also provides a storage medium containing computer-executable instructions, which when executed by a computer processor, are configured to perform a method of implementing a secure storage framework that employs NVIDIA CUDA acceleration and improves Merkle hash trees, the method comprising:

Designing and implementing a block device mapper with storage security capability based on Linux Device Mapper framework, said block device mapper processing requests including I/O read requests and I/O write requests;

the processing flow of the I/O read request comprises a disk data block read operation, a data block decryption operation and a data block integrity check operation;

the I/O write request processing flow comprises a data block encryption operation, a data block integrity check code calculation operation, a data block integrity check code storage operation and a data block disk writing operation;

the data block encryption operation and the data block decryption operation adopt a full-disc encryption technology, and an encryption or decryption process is carried out on the data blocks of the disk drive one by one through a block encryption algorithm;

the data block integrity check operation, the data block integrity check code calculation operation and the data block integrity check code storage operation adopt Merkle hash tree technology, and a hash tree structure is constructed on the message verification code by calculating the message verification code for each disk data block to obtain a root node hash value representing the message verification code of the full disk data block;

the block encryption algorithm and the message verification code calculation operation are fused by adopting a verification encryption algorithm with associated data, and the verification encryption algorithm with associated data simultaneously completes two calculation operations of the block encryption algorithm calculation and the message verification code calculation in one calculation process;

Writing the associated data authentication encryption algorithm with the parallel execution version by using the NVIDIA CUDA, and realizing hardware acceleration calculation of the associated data authentication encryption algorithm by using the NVIDIA GPU;

the Merkle hash tree technology improves a classical Merkle hash tree, optimizes the access efficiency of the hash tree through a leaf node prefetching mechanism, a leaf node write-back mechanism and a fine-granularity read-write lock mechanism, and maintains the consistency of data block and hash tree update in I/O write request processing through a data block 'cache-before-write-back' strategy.

Of course, the storage medium containing the computer executable instructions provided in the embodiments of the present invention is not limited to the above-mentioned method operations, but may also perform related operations in the implementation method of applying NVIDIA CUDA acceleration and improving the secure storage framework of Merkle hash tree provided in any embodiment of the present invention.

From the above description of embodiments, it will be clear to a person skilled in the art that the present invention may be implemented by means of software and necessary general purpose hardware, but of course also by means of hardware, although in many cases the former is a preferred embodiment. Based on such understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art in the form of a software product, which may be stored in a computer readable storage medium, such as a floppy disk, a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), a FLASH Memory (FLASH), a hard disk or an optical disk of a computer, etc., and include several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method according to the embodiments of the present invention.

It should be noted that, in the embodiment of the above-mentioned secure storage framework computer device applying NVIDIA CUDA acceleration and improving Merkle hash tree, each unit and module included are only divided according to the functional logic, but not limited to the above-mentioned division, so long as the corresponding functions can be implemented; in addition, the specific names of the functional units are also only for distinguishing from each other, and are not used to limit the protection scope of the present invention.

Note that the above is only a preferred embodiment of the present invention and the technical principle applied. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, while the invention has been described in connection with the above embodiments, the invention is not limited to the embodiments, but may be embodied in many other equivalent forms without departing from the spirit or scope of the invention, which is set forth in the following claims.

Claims

1. A method for implementing a secure storage framework to which NVIDIA CUDA acceleration and Merkle hash tree improvement are applied, the method comprising:

the Merkle hash tree technology improves a classical Merkle hash tree, optimizes the access efficiency of the hash tree through a leaf node prefetching mechanism, a leaf node write-back mechanism and a fine-granularity read-write lock mechanism, and maintains the consistency of data blocks and hash tree updating in I/O write request processing through a data block 'cache-before-write-back' strategy.

2. The method for implementing the secure storage framework to which the NVIDIA CUDA acceleration and the modified Merkle hash tree are applied according to claim 1, wherein the writing the parallel execution version of the associated data authentication encryption algorithm by using the NVIDIA CUDA, implementing hardware acceleration calculation of the associated data authentication encryption algorithm by using the NVIDIA GPU, includes:

the parallel execution version of the authentication encryption algorithm with the associated data comprises a host control component and a device side calculation component;

the host control component provides a service calling interface with associated data authentication encryption algorithm request submission and response return for the block device mapper;

The equipment end computing component adopts NVIDIA CUDA programming language to realize parallel execution version codes with associated data authentication encryption algorithm, and executes the computing process with associated data authentication encryption algorithm on NVIDIA GPU hardware equipment;

and realizing hardware acceleration calculation with an associated data authentication encryption algorithm through interaction and cooperation of the host control component and the equipment computing component.

3. The method for implementing the secure storage framework with NVIDIA CUDA acceleration and modified Merkle hash tree applied according to claim 1, wherein the Merkle hash tree technique modifies a classical Merkle hash tree to provide full disk integrity protection for disk drives, comprising:

the improved Merkle hash tree adopts a fat tree structure, tree nodes are divided into fixed three layers according to root nodes, intermediate nodes and leaf nodes, and each intermediate node comprises 256 leaf nodes;

the hash value of each leaf node is a message verification code obtained by calculation through a data authentication encryption algorithm with associated data on a disk data block;

the hash values of the intermediate node and the root node are all hash values obtained by calculating the hash values of the child nodes by using an incremental hash function, wherein the incremental hash function is a special type of hash function, and if a part of the content of a message is modified, the hash value of the whole message can be updated by only executing calculation operation on the modified part of the message without re-calculating the hash value of the whole message.

4. The method for implementing the secure storage framework to which the NVIDIA CUDA acceleration and modification of the Merkle hash tree is applied according to claim 1, wherein the access efficiency of the hash tree is optimized by a leaf node prefetching mechanism and a leaf node write-back mechanism, and a fine-grained read-write lock mechanism, comprising:

the Merkle hash leaf child node prefetching mechanism is that when processing I/O read-write request, the data block integrity is verified according to the data block integrity check code, and asynchronous hash leaf child node reading task is submitted to the disk metadata area;

the Merkle hash leaf child node prefetching mechanism or when processing I/O write requests, the integrity check codes of the data blocks need to be stored, and asynchronous hash leaf child node reading tasks are submitted to a disk metadata area;

according to a Merkle hash leaf child node prefetching mechanism, when the processing of an I/O read request needs to carry out data block integrity check, the hash value of the hash leaf child node related to operation is acquired in advance;

when the I/O write request is processed, after the hash leaf child node is updated by the data block message verification code related to the I/O write request, the updated hash value of the leaf node is stored in a disk metadata area in an asynchronous write-back mode, and the return of the I/O write request is not blocked;

When processing an I/O read request, the Merkle hash tree fine-granularity read-write lock mechanism firstly applies a read-write lock to a leaf node related to the I/O read request, and then executes the read operation of the hash value of the leaf node;

when the Merkle hash tree fine-granularity read-write lock mechanism or the I/O read request is processed, firstly, applying read-write locks to leaf nodes, intermediate nodes and root nodes related to the I/O read request, and then executing update operations of the leaf nodes, the intermediate nodes and the root nodes;

the read-write locking process of the Merkle hash tree fine-grained read-write locking mechanism follows the locking sequence of tree nodes of the same layer from left to right and tree nodes of different layers from bottom to top so as to avoid deadlock.

5. The method for implementing the secure storage framework to which NVIDIA CUDA acceleration and modified Merkle hash tree is applied according to claim 1 or 4, wherein the maintaining consistency of data block and hash tree updates in I/O write request processing by a data block "cache-before-write-back" strategy comprises:

the data block 'cache-before-write-back' strategy is that when an I/O write request is processed, firstly, the data block of the I/O request is cached in a memory, then, the data block is immediately returned, and the subsequent processing flow of the I/O write request is processed by an asynchronous thread;

The subsequent processing flow of the I/O writing request comprises data block encryption operation, data block message verification code calculation, hash tree node update and storage of encrypted data blocks to a disk;

and the consistency of data block storage and hash tree node updating is ensured among different I/O write requests through the Merkle hash tree fine-granularity read-write lock mechanism.

6. A computer device for implementing the method of any one of claims 1-5, the device comprising a processor and a memory for storing instructions that when executed cause the processor to:

running a block device mapper with storage security capability developed based on Linux Device Mapper framework and performing processing operations on I/O read requests and I/O write requests sent to the block device mapper;

the I/O write request processing flow comprises a data block encryption operation, a data block integrity check code calculation operation, a data block integrity check code storage operation and a data block write-in disk operation;

the data block integrity check operation, the data block integrity check code calculation operation and the data block integrity check code storage operation adopt Merkle hash tree technology, and a hash tree structure is constructed on the message verification code by calculating the message verification code for each disk data block to obtain a root node hash value representing the message verification code of the whole disk data block;

7. The computer device of claim 6, wherein the processor is configured to implement hardware-accelerated computation of the associated data authentication encryption algorithm by the NVIDIA GPU by executing the associated data authentication encryption algorithm with a parallel execution version of the NVIDIA CUDA write by:

the host control component receives the request with the associated data authentication encryption algorithm submitted by the block device mapper and returns the response of the calculation result to the block device mapper;

the equipment end computing component is responsible for executing the computing process with the associated data authentication encryption algorithm of the parallel execution version realized by adopting the NVIDIA CUDA programming language on NVIDIA GPU hardware equipment;

8. The computer device of claim 6, wherein the processor is configured to execute a modified Merkle hash tree to provide full disk integrity protection for disk drives:

the hash values of the intermediate node and the root node are all hash values obtained by calculation through the increment hash function on the hash values of the child nodes, the increment hash function is a special type hash function, if a part of the content of a message is modified, the hash value of the whole message can be updated by executing calculation operation on the modified part of the message without calculating the hash value of the whole message again.

9. The computer device of claim 6, wherein the processor is configured to optimize the access efficiency of the hash tree by a leaf node prefetch mechanism and a leaf node write back mechanism, and a fine-grained read-write lock mechanism:

10. A computer device according to claim 6 or 9, wherein the processor is arranged to maintain consistency of data block and hash tree updates in the processing of I/O write requests by means of a data block "cache-before-write-back" strategy:

the data block 'buffer before write back' strategy is that when processing I/O write request, firstly buffer the data block of I/O request into memory, then return immediately, and then pass the subsequent processing flow of I/O write request to asynchronous thread for processing;

the subsequent processing flow of the I/O writing request comprises data block encryption operation, data block message verification code calculation, hash tree node update and storage of encrypted data blocks to a magnetic disk;

11. A storage medium containing computer executable instructions which, when executed by a computer processor, are adapted to perform the method of implementing a secure storage framework for applying NVIDIA CUDA acceleration and improving Merkle hash trees as claimed in any one of claims 1-5.