CN117851423A

CN117851423A - Data dynamic updating method, device and equipment

Info

Publication number: CN117851423A
Application number: CN202311638936.2A
Authority: CN
Inventors: 王刚; 于明亮; 刘增智; 李劲松; 王映彤; 彭振; 李静
Original assignee: China Travelsky Technology Co Ltd
Current assignee: China Travelsky Technology Co Ltd
Priority date: 2023-12-01
Filing date: 2023-12-01
Publication date: 2024-04-09

Abstract

The invention provides a method, a device and equipment for dynamically updating data, wherein the method comprises the following steps: acquiring a first ciphertext data block sent by a user; updating the second ciphertext data block corresponding to the identification information according to the identification information of the first ciphertext data block; the first ciphertext data block and the second ciphertext data block are stored in target nodes of a multi-branch path tree of the target file, and each node of the multi-branch path tree is marked with access value information. The scheme of the invention can solve the problem of high-efficiency dynamic update of the data on the cloud storage server.

Description

Data dynamic updating method, device and equipment

Technical Field

The present invention relates to the field of information security technologies, and in particular, to a method, an apparatus, and a device for dynamically updating data.

Background

The front-edge technologies such as big data, artificial intelligence and data mining bring challenges for mass data storage and use while accurately and comprehensively analyzing the data, and the local storage of users cannot meet the requirements of the big data, so that the cloud storage technology is generated for conveniently storing and efficiently calculating the mass data.

The cloud storage technology has the advantages of easy expansion, high-efficiency calculation, controllable resources and the like, and can provide convenient and low-cost data storage service for the data storage requirement required by big data. Since data is stored on a remote server through cloud storage technology, security of data assets is an important concern. At present, the data leakage event is endlessly layered, so that adverse effects are caused, and the important practical significance is provided for guaranteeing the safety and reliability of the data using process.

In addition, dynamic updating of data on a cloud storage server is also a worth discussing problem, and how to complete efficient dynamic updating of data blocks without downloading all data is also a worth discussing problem for users who want to update data blocks stored on remote cloud servers.

Disclosure of Invention

The invention aims to provide a method, a device and equipment for dynamically updating data, which solve the problem of high-efficiency dynamic updating of data on a cloud storage server.

In order to solve the technical problems, the technical scheme of the invention is as follows:

a method of dynamic updating of data, comprising:

acquiring a first ciphertext data block sent by a user;

updating the second ciphertext data block corresponding to the identification information according to the identification information of the first ciphertext data block; the first ciphertext data block and the second ciphertext data block are stored in target nodes of a multi-branch path tree of the target file, and each node of the multi-branch path tree is marked with access value information.

Optionally, acquiring the first ciphertext data block sent by the user includes:

acquiring identification information of a second ciphertext data block to be updated, which is sent by a user;

obtaining a stored second ciphertext data block according to the identification information of the second ciphertext data block to be updated;

and sending the second ciphertext data block to the user to obtain a first ciphertext data block returned by the user.

Optionally, according to the identification information of the second ciphertext data block to be updated, obtaining the stored second ciphertext data block includes:

reordering the multi-branch path tree according to the access value of each node and the order from high to low to obtain an updated multi-branch path tree;

and according to the identification information of the second ciphertext data block, sequentially searching the storage paths of the updated multi-branch path tree according to the storage paths of the updated multi-branch path tree to obtain the stored second ciphertext data block.

Optionally, sending the second ciphertext data block to the user to obtain a first ciphertext data block returned by the user, including:

the user updates the second ciphertext data block and encrypts the updated data block to obtain a first ciphertext data block;

determining a homomorphic signature of the first ciphertext data block;

and sending the first ciphertext data block, the homomorphic signature and the identification information to a cloud storage server to obtain a first ciphertext data block returned by the user.

Optionally, performing a corresponding operation on the second ciphertext data block corresponding to the identification information, and storing and/or deleting the first ciphertext data block, where the storing includes:

and updating the second ciphertext data block corresponding to the identification information into the first ciphertext data block, deleting the second ciphertext data block, or inserting the first ciphertext data block after the second ciphertext data block.

Optionally, the data dynamic update method further includes:

and dynamically updating the data block once every pair, and updating access values of the node corresponding to the data block and other nodes on the path from the node to the root node.

Optionally, the data dynamic update method further includes:

transmitting the relevant position information of the newly stored first ciphertext data block to a user;

and after confirming that the related position information is correct, updating the root node hash value and signature information of the multi-branch path tree, and updating the blockchain transaction block.

Optionally, the relevant location information includes:

the hash value corresponding to the ciphertext of the first ciphertext data block is stored in the position information of the target node of the multi-branch path tree, and the hash value information of all brothers nodes is stored in the path from the target node to the root node of the multi-branch path tree.

The invention also provides a device for dynamically updating data, which comprises:

the acquisition module is used for acquiring a first ciphertext data block sent by a user;

the updating module is used for updating the second ciphertext data block corresponding to the identification information according to the identification information of the first ciphertext data block; the first ciphertext data block and the second ciphertext data block are stored in target nodes of a multi-branch path tree of the target file, and each node of the multi-branch path tree is marked with access value information.

The present invention also provides a computing device comprising: a processor, a memory storing a computer program which, when executed by the processor, performs the method as described above.

The scheme of the invention at least comprises the following beneficial effects:

according to the scheme, the first ciphertext data block sent by the user is obtained; updating the second ciphertext data block corresponding to the identification information according to the identification information of the first ciphertext data block; the first ciphertext data block and the second ciphertext data block are stored in target nodes of a multi-branch path tree of the target file, and each node of the multi-branch path tree is marked with access value information. Efficient remote data dynamic updating can be achieved.

Drawings

FIG. 1 is a flow chart of a method for dynamically updating data according to an embodiment of the invention;

FIG. 2 is a schematic diagram of a system model of a method for dynamically updating data according to an embodiment of the present invention;

FIG. 3 is a schematic diagram of initializing a multi-branch path tree of a data dynamic update method according to an embodiment of the present invention;

FIG. 4 is a diagram illustrating data modification of a multi-branch path tree of a data dynamic update method according to an embodiment of the present invention;

FIG. 5 is a diagram illustrating multi-branch path tree data insertion for a method of dynamically updating data according to an embodiment of the present invention;

FIG. 6 is a diagram of multi-branch path tree data deletion for a data dynamic update method according to an embodiment of the present invention;

fig. 7 is a block diagram of a data dynamic update apparatus according to an embodiment of the present invention.

Detailed Description

Exemplary embodiments of the present invention will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present invention are shown in the drawings, it should be understood that the present invention may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the invention to those skilled in the art.

As shown in fig. 1, an embodiment of the present invention proposes a method for dynamically updating data, including:

step 11, acquiring a first ciphertext data block sent by a user;

step 12, updating the second ciphertext data block corresponding to the identification information according to the identification information of the first ciphertext data block; the first ciphertext data block and the second ciphertext data block are stored in target nodes of a multi-branch path tree of the target file, and each node of the multi-branch path tree is marked with access value information.

As shown in fig. 2, the present application builds a system model composed of a user, a cloud storage server CSP, a blockchain and a key management mechanism PKG, and solves the problem of efficient dynamic update of data uploaded to the cloud storage server by the user in the scenario. Specifically, as shown in fig. 3, in this embodiment, the present invention is applied to a cloud storage server, and proposes a data storage structure of a multi-branch path tree, where a file to be stored sent by a user is split into a plurality of encrypted data blocks, the plurality of encrypted data blocks are stored in leaf nodes of the multi-branch path tree, and hash values of the encrypted data blocks stored in each leaf node are marked. The plurality of leaf nodes are assembled up to an intermediate node of the upper layer, which marks a hash value calculated from the hash value of the leaf node under the intermediate node. The intermediate nodes continue to gather upwards until the root node, and the hash value of the root node is calculated according to the hash value of the intermediate node under the root node. And each node of the multi-branch path tree is marked with an access value, and after updating or deleting a data block stored in a certain node, the access value of the node and the access values of other nodes on the path from the node to the root node are correspondingly updated to represent the access times of the node on the path. When a certain data block is updated next time, the multi-branch path tree is reordered according to the access value data updated last time according to the order of the access values from high to low. And then searching the reordered multi-branch path tree to obtain a target data block needing to be subjected to corresponding operation.

In the dynamic updating process of the user data, a first ciphertext data block updated to a second ciphertext data block is obtained, corresponding updating operation is carried out on the pre-stored second ciphertext data block, the second ciphertext data block is deleted, or the second ciphertext data block is updated to be the first ciphertext data block, or the first ciphertext data block is inserted after the second ciphertext data block. And simultaneously recording the blockchain transaction blocks according to the corresponding data in the updating process.

The system model of the present invention, wherein the PKG is a trusted authority management responsible for setting public parameters for the whole system and generating key pairs for users in the system.

A User (User) is an entity which has a large amount of data and can be outsourced, but because the communication storage of the User is prioritized, the User needs to store the data on a cloud server, so that the User can check the block update at any time and maintain the block.

Cloud storage servers (CSPs) provide users with a large amount of storage resources and more efficient computing power in response to received user requests. Meanwhile, the method can check the block update at any time as the user, and maintain the block.

The blockchain has the advantages of decentralization, traceability, non-falsification and the like, so that the whole system realizes the safety integrity audit, public verification and other mechanisms.

In an optional embodiment of the present invention, step 11, obtaining a first ciphertext data block sent by a user includes:

step 111, obtaining identification information of a second ciphertext data block to be updated, which is sent by a user;

step 112, obtaining a stored second ciphertext data block according to the identification information of the second ciphertext data block to be updated;

and step 113, the second ciphertext data block is sent to the user, and the first ciphertext data block returned by the user is obtained.

In this embodiment, the user determines the second ciphertext data block to be modified according to the specific requirements. And finding the second ciphertext data block on the multi-branch path tree of the cloud storage server. And according to the specific updating requirement, decrypting, modifying and encrypting the second ciphertext data block to obtain the first ciphertext data block. And sending the first ciphertext data block to a cloud storage server for updating.

In an optional embodiment of the present invention, step 112, obtaining the stored second ciphertext data block according to the identification information of the second ciphertext data block to be updated includes:

step 1121, reordering the multi-branch path tree according to the access value of each node and the order from high to low to obtain an updated multi-branch path tree;

and step 1122, according to the identification information of the second ciphertext data block, sequentially searching the storage paths of the updated multi-branch path tree according to the storage paths of the updated multi-branch path tree to obtain the stored second ciphertext data block.

In this embodiment, a multi-branch path tree is introduced, and a local priority policy is used, and by adding an inter field (access value), which represents the access frequency of the user to the branch path data block, the data stored in the cloud server by the user is ordered from high to low through the inter field, so that the searching efficiency is improved, and the dynamic update scheme is optimized. In the operation processes of data updating and the like, each path of the multi-branch path tree is reordered according to the updated access value, and the storage paths with more access times are arranged in the front. And then searching each path in turn according to the arrangement sequence of the storage paths to obtain a data block.

In an optional embodiment of the present invention, step 113, sending the second ciphertext data block to the user to obtain a first ciphertext data block returned by the user, includes:

step 1131, the user updates the second ciphertext data block, and encrypts the updated data block to obtain a first ciphertext data block;

step 1132, determining a homomorphic signature of the first ciphertext data block;

and step 1133, transmitting the first ciphertext data block, the homomorphic signature and the identification information to a cloud storage server to obtain a first ciphertext data block returned by the user.

In this embodiment, for the update operation, the user sends a dynamic update request to the CSP, first, the user searches the path of the data block according to the access value iv, after finding the data block to be updated, encrypts the data block to be uploaded, calculates a homomorphic signature, packages and sends it to the CSP, after the CSP receives the request of the user, updates the data block, packages the location information of the update node and all the associated node information of the path from the update node to the root node to the user, after confirming the information, calculates the hash value of the new root node, signs it, and finally records the entire update information block.

In an alternative embodiment of the present invention, updating the second ciphertext data block corresponding to the identification information includes:

In an alternative embodiment of the present invention, the method further includes:

In the embodiment, the system is decentralised by introducing the blockchain, and each request and response of the user and the cloud storage service provider are all recorded in the block, so that the user and the cloud storage service provider can conveniently check the block, the credibility is increased, and the decentralised data integrity verification is completed. When uploading a file, a user splits the file into data blocks, stores the hash value of each data block in a multi-branch path tree, adds a parameter interface (iv) to each node to record the accessed frequency of sub-nodes below the node, and if the node is accessed, adds 1 to all the parameters iv in all nodes along the path from the node to the root node so as to record the accessed frequency of each path. When a user wants to dynamically update the data stored on the cloud server, the user searches through iv recorded in each path, so that the updating efficiency is improved, and if a data block to be updated is found, the user only needs to update the hash value on the path, and the user can complete the dynamic update of the data without downloading the whole tree.

In an alternative embodiment of the present invention, the relevant location information includes:

In the above embodiment of the present invention, when a user needs to update a part of blocks on the cloud storage server, the operations of modification, insertion and deletion are classified together. In the storing, the user adds a field iv (access value) to each node on the multi-branch path tree, iv represents the number of times the node is accessed, that is, if the node is a leaf node, the value of iv is increased by 1 every time an updating operation is performed, if the node is a non-leaf node, the child node performs every time an updating operation, and the value of iv is increased by 1.

The CSP sorts the iv value of each path from high to low, and when the user performs dynamic update, the user searches the path according to the method, so that a plurality of unusual files are prevented from being searched, and the searching efficiency is improved.

Specifically, when the user needs to access data block b in file F _i Modified to data block b' _i When the user searches the data block path according to iv, and after finding the data block to be updated, the user uses the encryption algorithm to search the data block b' _i Performing encryption operation to obtain ciphertext c' _i And recalculate its homomorphic signatureWherein W is _i As intermediate variable, W _i ＝ID _F I. Wherein, ID _F The identification of the file F is given, and i is the ith data block; u is a random number and H () is a hash function. The user then requests an update request (i, c' _i ,σ′ _i ) Sending to CSP, CSP adds the file FTo be modified of data block c _i Update to ciphertext block c' _i ，c _i For data block b _i Corresponding ciphertext data. And H (c' _i ) Position information index of node _i And all associated sibling information { ω ] in its path to the root node _i And transmitted to the user. Wherein H (c' _i ) For data block c' _i Hash value, ω of (a) _i Hash values for siblings. After the user ensures that the updated node location information is confirmed, according to { omega } _i And H (c' _i ) Calculate the hash value R' of the new root node and re-sign it _{root_modify} ＝H(R′) ^x The entire update message is then requested to record the block, the modification operation is specifically implemented as shown in FIG. 4, where m _n For data blocks, m 'in the figure' ₂ I.e. the modified data block, the access value iv of its corresponding node is changed from 0 to 1. And the access value of the node to the intermediate node on the root path is correspondingly increased by 1.

When the user needs to be in the data block b _i Post-insertion of a data blockAnd searching the path of the data block according to the access sequence by the user. Find data block b _i After that, the data block is first of all +_ using encryption algorithm>Performing encryption operation to generate encrypted data block->And recalculate its homomorphic signature ++>The user then sends an update request to the CSP>CSP inserts data block b to be inserted in file F _i The encryption data block is inserted at the back->And +.>Position information index of (a) _i And all associated sibling information { ω ] on the path to the root node _i And transmitted to the user. After the user confirms the updated node position information, the updated node position information is confirmed according to { omega } _i Sum } and->Calculating hash value R of new root node ^* . And re-sign sigs for updated root nodes _{root_insert} ＝H(R ^* ) ^x The entire update message is then requested to record the block, and a specific implementation of the insert operation is shown in fig. 5. Wherein->I.e. a newly inserted data block whose corresponding node has an access value of 1 and whose access value on the path to the root node is also 1.

The specific implementation method of the deletion operation is similar to the modification and insertion described above, and the corresponding schematic diagram is shown in fig. 6.

The system model designed by the invention realizes the verification of the data integrity by introducing a blockchain, and realizes the efficient remote data dynamic updating operation according to the local priority strategy by introducing a multi-branch path tree. The authenticity of each transaction is ensured through the characteristics of non-tampering of the block chain and the like, so that the integrity of data is ensured. By introducing the multi-branch path tree, the updating efficiency is greatly improved for the storage amount of the data file. By using a local priority policy, the efficiency of remote dynamic updating by the user is improved.

It should be noted that, the system model of the present invention not only performs data dynamic update, but also provides a new method for verifying the integrity of the data on the CSP. Specifically, system parameters are introduced, and the PKG generates a key for the user. And then, uploading the file, namely generating a signature of the file F by a user through a key generated by PKG, dividing the F into data blocks for encryption, calculating labels of the encrypted data blocks, constructing a multi-branch path tree through the encrypted data blocks, adding a parameter interview (iv) to each node to represent access frequency, calculating signatures of a root node and a root node of each node, and calculating homomorphic signatures for each encrypted data block. After a series of operations are executed, the user sends the encrypted file, the file tag and the homomorphic signature to the CSP, the CSP stores the encrypted file information after receiving the file sent by the user, sends a request to the user, and the user deletes the local copy after receiving the notification.

Remote data integrity verification is performed based on a "challenge-proof-verification" mechanism.

The user randomly selects one of the challenge sets and sends the challenge set and other ancillary information to the CSP a challenge request. The CSP receives the request, calculates the information of the challenge set, returns the obtained result to the user, and after receiving the response information, the user performs data integrity verification on the received data and records the result in a block.

The specific parameter settings corresponding to the data storage and integrity verification method of the invention are as follows:

1. bilinear mapping

G and G _T Is two multiplication loop groups with the same prime order p, and G is the generator of the multiplication loop group G. Selecting G to form bilinear map e=g×g→g _T ；

2. Hash function

H is a secure graph-to-point hash function: {0,1} ^* G represents the ratio of {0,1} ^* Mapping to G, H maps the string in the graph into each element of G. The disclosed parameters of the system are as follows:

{G,G _T ,p,Z _p g, e }, wherein Z _p Is a prime number set.

3. Key generation

The PKG generates a pair of RSA key pairs (spk, ssk) for the user to sign. The user selects a random number u e G, and then selects sk=x e Z _p As a means ofThe private key, the public key is: pk=g ^x Key pair P

Namely:

P＝(sk,pk)

and according to the parameter setting, the user performs file uploading work. The signature of the file F is first generated by the private key ssk generated by the PKG, namely:

Sig _F ＝ID _F ||Sig _ssk (ID _F )

wherein ID _F Representing the identity, sig, of the file F _F As an identifier of the file F.

Subsequently, the user splits the file F into n data blocks, namely:

F＝{B _i }＝{b ₁ ,b ₂ ,...,b _n }(1≤i≤n)

for the ith data block b _i The user generates ciphertext F by using an encryption algorithm to cause user file F and key P ^* The method comprises the following steps:

the user then calculates the label of the encrypted file, namely:

by encrypting files F ^* Constructing a multi-branch path tree and computing its root node, namely:

R＝Root(F ^* )

the user computes the signature of the root node, namely:

sig _root ＝H(R) ^x

the user computes for each encrypted data block its homomorphic signature, namely:

W _i ＝ID _F ||i

wherein W is _i As intermediate variable, take value as the identification of file F or the ith data block, sigma _i Is homomorphic signature.

After the user constructs the parameters, the { Sig }, is _F ,F ^* ,σ _i R is sent to CSP, then the user constructs an inserted request message and broadcasts, the request message is as follows:

wherein, ID _User Representing user identity, ID _CSP Representing a cloud storage server identifier,Representing encrypted file identity, sig _root The signature representing the root node, R is the root node.

After the CSP receives the file sent by the user, calculating whether the root hash value of the file is the same as the sent root node hash value, if so, storing the encrypted file, writing the result into the blockchain, and informing the user that:

after receiving the response of successful CSP storage, the user deletes the local file copy.

In order to verify whether the encrypted data block is completely stored on the cloud storage server, a user can be used as an auditor to execute an integrity verification protocol with the CSP, and the specific operation is as follows:

first, the user selects a set of c elements, namely:

I＝{S _i }＝{S ₁ ,S ₂ ,...,S _c }∈[1,n]

after the following calculation, two random number sets { r } are output _i Sum { z } _i -i.e.:

r＝f(S _i ,T _s ,Block _id )

z＝H(S _i ,r,Block _id )

f (·) is a pseudo-random function, satisfying f: {0,1 }) ^* →[1,n]、Block _id Representing the identity, T, of the current block _s Representing the current timestamp. The user will challenge chal= { (r) _i ,z _i ) The request is sent to the CSP with other auxiliary information and the request information is written to the block, i.e.:

the CSP receives the user request, verifies whether the challenge set chal is out of range or not, and if the challenge set chal is legal, the CSP calculates the certification information:

the CSP then records it in the tile and sends a response to the user, namely:

after receiving the CSP response, the user verifies the integrity of the data block by the following formula, and stores the result in a block, namely:

if the above equation is true, the data is complete, otherwise, the data stored by the user on the cloud server is corrupted.

The invention provides an audit model based on a blockchain, which realizes the trusted operation of decentralization by removing the introduction of a third party auditor into the blockchain on the basis of a traditional model. And the point-to-point transmission is carried out between the user and the cloud storage service provider, so that the public and transparent data storage are realized.

Next, for dynamic updating of the data block, a multi-branch path tree is introduced, and the initialization operation is as shown in FIG. 3. And the local priority strategy is used, and an inter field is added, wherein the field represents the access frequency of a user to the branch path data block, and the data stored on the cloud server by the user is ordered from high to low through the inter field, so that the searching efficiency is improved, and the dynamic updating scheme is optimized.

The invention realizes safe data integrity verification and dynamic update of remote data on the basis.

As shown in fig. 7, the present invention further provides a data dynamic update apparatus 70, including:

an obtaining module 71, configured to obtain a first ciphertext data block sent by a user;

an updating module 72, configured to update, according to the identification information of the first ciphertext data block, a second ciphertext data block corresponding to the identification information; the first ciphertext data block and the second ciphertext data block are stored in target nodes of a multi-branch path tree of the target file, and each node of the multi-branch path tree is marked with access value information.

determining a homomorphic signature of the first ciphertext data block;

Optionally, the data dynamic update method further includes:

Optionally, the relevant location information includes:

It should be noted that, the device is a device corresponding to the above method, and all implementation manners in the above method embodiments are applicable to the embodiment of the device, so that the same technical effects can be achieved.

An embodiment of the invention is a computing device comprising: a processor, a memory storing a computer program which, when executed by the processor, performs the method as described above. All the implementation manners in the method embodiment are applicable to the embodiment, and the same technical effect can be achieved.

Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.

It will be clear to those skilled in the art that, for convenience and brevity of description, specific working procedures of the above-described systems, apparatuses and units may refer to corresponding procedures in the foregoing method embodiments, and are not repeated herein.

In the embodiments provided in the present invention, it should be understood that the disclosed apparatus and method may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of the units is merely a logical function division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.

The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.

In addition, each functional unit in the embodiments of the present invention may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.

The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a usb disk, a removable hard disk, a ROM, a RAM, a magnetic disk, or an optical disk, etc.

Furthermore, it should be noted that in the apparatus and method of the present invention, it is apparent that the components or steps may be disassembled and/or assembled. Such decomposition and/or recombination should be considered as equivalent aspects of the present invention. Also, the steps of performing the series of processes described above may naturally be performed in chronological order in the order of description, but are not necessarily performed in chronological order, and some steps may be performed in parallel or independently of each other. It will be appreciated by those of ordinary skill in the art that all or any of the steps or components of the methods and apparatus of the present invention may be implemented in hardware, firmware, software, or a combination thereof in any computing device (including processors, storage media, etc.) or network of computing devices, as would be apparent to one of ordinary skill in the art after reading this description of the invention.

The object of the invention can thus also be achieved by running a program or a set of programs on any computing device. The computing device may be a well-known general purpose device. The object of the invention can thus also be achieved by merely providing a program product containing program code for implementing said method or apparatus. That is, such a program product also constitutes the present invention, and a storage medium storing such a program product also constitutes the present invention. It is apparent that the storage medium may be any known storage medium or any storage medium developed in the future. It should also be noted that in the apparatus and method of the present invention, it is apparent that the components or steps may be disassembled and/or assembled. Such decomposition and/or recombination should be considered as equivalent aspects of the present invention. The steps of executing the series of processes may naturally be executed in chronological order in the order described, but are not necessarily executed in chronological order. Some steps may be performed in parallel or independently of each other.

While the foregoing is directed to the preferred embodiments of the present invention, it will be appreciated by those skilled in the art that various modifications and adaptations can be made without departing from the principles of the present invention, and such modifications and adaptations are intended to be comprehended within the scope of the present invention.

Claims

1. A method for dynamically updating data, comprising:

acquiring a first ciphertext data block sent by a user;

2. The method of claim 1, wherein obtaining the first ciphertext data block transmitted by the user comprises:

3. The method for dynamically updating data according to claim 2, wherein obtaining the stored second ciphertext data block according to the identification information of the second ciphertext data block to be updated comprises:

4. The method of claim 2, wherein sending the second ciphertext data block to the user to obtain the first ciphertext data block returned by the user, comprises:

determining a homomorphic signature of the first ciphertext data block;

5. The method for dynamically updating data according to claim 1, wherein updating the second ciphertext data block corresponding to the identification information comprises:

and modifying the second ciphertext data block corresponding to the identification information into a first ciphertext data block, deleting the second ciphertext data block, or inserting the first ciphertext data block after the second ciphertext data block.

6. The method for dynamically updating data according to claim 1, further comprising:

7. The method for dynamically updating data according to claim 1, further comprising:

8. The method of claim 7, wherein the relevant location information comprises:

9. A data dynamic update apparatus, comprising:

10. A computing device, comprising: a processor, a memory storing a computer program which, when executed by the processor, performs the method of any one of claims 1 to 8.