WO2014068734A1 - データ保持検証システム及び方法 - Google Patents
データ保持検証システム及び方法 Download PDFInfo
- Publication number
- WO2014068734A1 WO2014068734A1 PCT/JP2012/078249 JP2012078249W WO2014068734A1 WO 2014068734 A1 WO2014068734 A1 WO 2014068734A1 JP 2012078249 W JP2012078249 W JP 2012078249W WO 2014068734 A1 WO2014068734 A1 WO 2014068734A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- data
- user terminal
- verification
- target data
- verification target
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3242—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/126—Applying verification of the received information the source of the received data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
Definitions
- the present invention relates to a data retention verification system and method, and is suitable for application to, for example, a cloud system that performs a cloud service.
- cloud which does not own the server and storage device and outsources data storage to an external contractor, has been highlighted for the purpose of improving the efficiency of information system development and reducing operation management costs. I'm bathing.
- the use of such a cloud service has the advantages of efficiency and cost reduction, but the company that manages the server and storage device is different from the person who uses the server and storage device, so the confidential information is entrusted to an outside company. Anxiety arises. Therefore, it is necessary to ensure the reliability of data by using encryption technology as a measure for detecting data loss in advance.
- Non-Patent Document 1 describes a method for realizing such data holding confirmation processing.
- security certification a theory called “security certification” that a server operator does not hold data and cannot be falsely verified.
- Non-Patent Document 1 when the technique described in Non-Patent Document 1 is used for the above-mentioned data retention certification, in order to prove the data retention of the storage apparatus without error 100%, not only the server but also the client In addition, an enormous amount of calculation (such as n-th power multiplication) is required.
- Non-Patent Document 1 when the client actually requests the management server (the server in the above example) for the data retention certification protocol, the calculation amount of the server / client becomes enormous. For example, when 1 gigabyte of file data is managed for each kilobyte according to the OS (Operating System) file format, etc., the client has a high calculation load in order to prove server data retention without any error. It is necessary to process the inverse element calculation or the power-residue multiplication, which is known in the art, over 1 million times.
- OS Operating System
- the present invention has been made in consideration of the above points, and data retention that enables verification with a small amount of communication or calculation whether or not the server device retains verification target data that the user terminal has entrusted to the server device.
- the user terminal transfers the data to the server device.
- a server having a data size that is specific to the verification target data and smaller than the verification target data using the verification target data and the verification information held in the server device by transmitting predetermined verification information Side evidence data is calculated, and the calculated server side evidence data is transmitted to the user terminal.
- user terminal side evidence data based on the verification information and the server transmitted from the server device Side evidence data, and based on the comparison result, the server device holds the verification target data. And to determine whether.
- predetermined verification information is sent from the user terminal to the server device.
- the server apparatus calculates server-side evidence data having a data size that is unique to the verification target data and smaller than the verification target data, using the verification target data and the verification information held in the server device A first step of transmitting the calculated server-side evidence data to the user terminal; a user terminal-side evidence data based on the verification information on the user terminal side; and the server transmitted from the server device Whether the server device holds the verification target data based on the comparison result. And as a second step determining.
- a data holding verification system and method it is possible to verify whether or not the server device holds the verification target data stored in the server device by the user terminal with a small communication amount or calculation amount.
- a data retention verification system and method can be realized.
- FIG. 1 is a block diagram showing an overall configuration of a cloud system according to first to third embodiments.
- FIG. It is a block diagram which shows the hardware constitutions of a user terminal and a service provision server. It is a block diagram which shows the logical structure of the user terminal by 1st Embodiment. It is a block diagram which shows the logic structure of the service provision server by 1st and 3rd embodiment. It is a flowchart which shows the process sequence of the public parameter registration process by 1st Embodiment. It is a flowchart which shows the process sequence of the verification object data registration process by 1st Embodiment. It is a conceptual diagram with which it uses for description of matching of a data identifier and verification object data.
- the cloud system 1 includes a user terminal 2 composed of, for example, a mobile phone or a personal computer, and a service provider server 3 of a cloud service provider, which are connected via a network 4.
- the user terminal 2 and the service providing server 3 include a CPU (Central Processing Unit) 11, a memory 12, an external storage device 13, a reading / writing device 14, a communication connected to each other via an internal bus 10.
- a device 15, an input device 16 and an output device 17 are provided.
- the CPU 11 is a processor that controls operation of the entire apparatus (the user terminal 2 or the service providing server 3).
- the memory 12 is used not only for storing various programs but also as a work memory for the CPU 11.
- the external storage device 13 is composed of a nonvolatile mass storage device such as a hard disk device, for example, and stores various programs and various data. A program stored in the external storage device 13 is expanded in the memory 12, and the CPU 11 executes the program to execute various processes as described below as the user terminal 2 or the service providing server 3 as a whole.
- the read / write device 14 is, for example, a memory reader / writer corresponding to a storage medium 18 such as an SD (Secure Digital) card, a micro SD card, or a micro SDHC (Secure Digital High Capacity) card, or a CD (Compact Disc) or DVD ( It is composed of a disk device corresponding to the storage medium 18 such as Digital (Versatile (Disc)).
- SD Secure Digital
- micro SDHC Secure Digital High Capacity
- CD Compact Disc
- DVD It is composed of a disk device corresponding to the storage medium 18 such as Digital (Versatile (Disc)).
- the communication device 15 is an interface for connecting the user terminal 2 or the service providing server 3 to the network 4 (FIG. 1), and is composed of, for example, a NIC (Network Interface Card).
- the input device 16 is composed of, for example, a touch button, a keyboard and / or a mouse, and the output device 17 is composed of, for example, a liquid crystal panel or a liquid crystal display.
- FIG. 3 shows a logical configuration of the user terminal 2.
- the user terminal 2 includes a control unit 20, a storage unit 21, an input unit 22, an output unit 23, and a communication unit 24.
- the control unit 20 is a functional block that executes various processes described below, and includes an overall processing unit 30, a random number generation unit 31, a prime number generation unit 32, and a basic calculation unit 33.
- the overall processing unit 30, random number generating unit 31, prime number generating unit 32, and basic arithmetic unit 33 are executed by the CPU 11 (FIG. 2) of the user terminal 2 executing a corresponding program developed in the memory 12 (FIG. 2). Embodied.
- the overall processing unit 30 is a functional part that performs overall control of processing in the user terminal 2. Control processing according to an instruction from the user input via the input unit 22, image output to the output unit 23, and communication unit Various processes such as communication with the service providing server 3 via 24 are executed.
- the random number generation unit 31 is a functional part that generates a pseudo random number having an arbitrary bit length (for example, 512 bits, 1024 bits, or 2048 bits) specified in advance using a secret key or the like. At this time, the data value of the secret key is updated to a new data value by the random number generation unit 31. Note that the random number generation unit 31 may generate a random number using a physical phenomenon such as temperature, time, and electric energy, or a random number generation algorithm.
- the prime number generation unit 32 requests the random number generation unit 31 to generate a pseudo random number, and through a test for determining whether the generated pseudo random number is a prime number, an arbitrary bit length (for example, 512 bits or 1024 bits) set in advance. (Or 2048 bits).
- a prime number algorithm in the prime number generation unit 32 a standard prime number generation algorithm can be applied.
- the basic operation unit 33 is a functional part that performs processing related to basic arithmetic operations such as addition, subtraction, and comparison operation.
- the storage unit 21 includes the memory 12, the external storage device 13, the storage medium 18, and the like described above with reference to FIG. As will be described later, the storage unit 21 stores communication data 34, a secret key 35, a public parameter 36, and temporary information 37.
- the communication data 34 includes verification target data 40, a voucher 41, and a data identifier 42.
- the verification target data 40 is user data deposited in the service providing server 3. In the present embodiment, the verification target data 40 is deleted after being transmitted to the service providing server 3, but is not necessarily deleted.
- the voucher 41 is data used when verifying whether or not the service providing server 3 holds the verification target data 40, and is calculated using the verification target data 40. A specific method for calculating the voucher 41 will be described later.
- the data identifier 42 is an identifier unique to the verification target data 40 created when the verification target data 40 is registered in the service providing server 3. The data identifier 42 is used when designating desired verification target data 40 to the service providing server 3.
- the private key 35 is an encryption key used when generating the voucher 41 and is created in the prime number generation unit 32 of the user terminal 2.
- the public parameter 36 is an encryption key used when verifying whether the verification target data 40 is held in the service providing server 3, and the temporary information 37 is temporarily stored in the process executed by the control unit 20. It is necessary data.
- the input unit 22 is a functional part that is used when the user operates the user terminal 2, and includes the input device 16 (FIG. 2).
- the output unit 23 is a functional part that presents various types of information to the user, and includes the output device 17 (FIG. 2).
- the communication unit 24 is an interface used when the user terminal 2 communicates with the service providing server 3 and includes the communication device 15 (FIG. 2).
- FIG. 4 shows a logical configuration of the service providing server 3.
- the service providing server 3 includes a control unit 50, a storage unit 51, an input unit 52, an output unit 53, and a communication unit 54.
- the control unit 50 is a functional block that executes various processes described later, and includes an overall processing unit 60 and a basic calculation unit 61.
- the overall processing unit 60 and the basic calculation unit 61 are realized by the CPU 11 (FIG. 2) of the service providing server 3 executing corresponding programs developed in the memory 12 (FIG. 2).
- the overall processing unit 60 is a functional part that performs overall control of processing in the service providing server 3. Control processing according to an instruction from the user input via the input unit 52, image output to the output unit 53, communication Various processes such as communication with the user terminal 2 via the unit 54 are executed.
- the basic operation unit 61 is a functional part that performs processing related to basic arithmetic operations such as addition, subtraction, and comparison operation.
- the storage unit 51 includes the memory 12, the external storage device 13, and the storage medium 18 described above with reference to FIG.
- the storage unit 51 stores verification target data 40, a data identifier 42, a public parameter 36, and temporary information 62, as will be described later.
- the verification target data 40 is user data deposited from the user terminal 2, and the data identifier 42 is an identifier unique to the verification target data 40 transmitted from the user terminal 2 together with the verification target data 40.
- the public parameter 36 is an encryption key used when verifying whether the verification target data 40 is held in the service providing server 3, and is registered in advance by the user terminal 2.
- the temporary information 62 is information that is temporarily required in the process executed by the control unit 50.
- the input unit 52 is a functional part that is used when the user operates the service providing server 3, and includes the input device 16 (FIG. 2).
- the output unit 53 is a functional part that presents various types of information to the operator of the service providing server 3, and includes the output device 17 (FIG. 2).
- the communication unit 54 is an interface used when the service providing server 3 communicates with the user terminal 2 and includes the communication device 15 (FIG. 2).
- FIG. 5 shows a series of public parameter registration processing according to this embodiment.
- public parameters are shared between the user terminal 2 and the service providing server 3 so that the service providing server 3 can verify whether or not the verification target data 40 deposited with the cloud service provider is held. This is a process performed in advance.
- the user operates the input unit 22 of his / her user terminal 2 to input the setting information of the secret key 35 and the public parameter 36 and to register the public parameter 36 to the service providing server 3. (Hereinafter referred to as “public parameter registration instruction”).
- the overall processing unit 30 (FIG. 3) of the user terminal 2 first generates a prime number for the prime number generation unit 32. Give instructions to do so.
- the prime number generation unit 32 generates two prime numbers (p and q) according to the instruction.
- the overall processing unit 30 stores these two prime numbers p and q generated by the prime number generation unit 32 in the storage unit 21 as a secret key 35 (SP2).
- the overall processing unit 30 reads the two secret keys p and q stored in the storage unit 21 in step SP1, and calculates the product of the read two secret keys p and q and these two secret keys p and q.
- An instruction to be calculated is given to the basic calculation unit 33.
- the basic operation unit 33 calculates the product of these two secret keys p and q in accordance with the instruction (SP3).
- the overall processing unit 30 stores the product of the two secret keys p and q calculated by the basic calculation unit 33 in the storage unit 21 as the public parameter 36, and stores the public parameter 36 in the communication unit 24 (FIG. 3). ) To the service providing server 3 (SP4).
- the entire processing unit 60 (FIG. 4) of the service providing server 3 receives the public parameter 36 via the communication unit 54 (SP5), the public parameter 36 is stored in the storage unit 51 (SP6).
- the overall processing unit 60 then transmits a registration processing result indicating whether or not the public parameter 36 has been normally registered (normally stored in the storage unit 51) to the user terminal 2 via the communication unit 54. (SP7).
- the overall processing unit 30 of the user terminal 2 receives the registration processing result via the communication unit 24 (SP8), whether the public parameter 36 has been successfully registered in the service providing server 3 based on the registration processing result. It is determined whether or not (SP9).
- the overall processing unit 30 executes a retransmission process for the public parameter 36 (SP4).
- the public parameter registration process ends.
- FIG. 6 shows a series of verification target data registration processing according to this embodiment.
- This verification target data registration process is a process of depositing the verification target data 40 in the service providing server 3 after generating a voucher 41 (FIG. 3) based on the verification target data 40.
- the user operates the input unit 22 of his / her user terminal 2 to select desired verification target data 40 from the verification target data 40 stored in the storage unit 21 of the user terminal 2. , And a registration instruction for the verification target data 40 to the service providing server 3 (hereinafter referred to as a verification target data registration instruction) is input.
- the entire processing unit 30 (FIG. 3) of the user terminal 2 firstly registers the data specified in the verification target data registration instruction.
- the data identifier 42 of the target verification target data 40 is generated, and the generated data identifier 42 is stored in the storage unit 21 (SP21).
- the overall processing unit 30 instructs the basic arithmetic unit 33 in the two private keys p and q stored in the storage unit 21 in step SP2 of the public parameter registration process (FIG. 5) and the verification target data registration instruction.
- An instruction is given to create a voucher 41 of the verification target data 40 using the specified verification target data 40.
- the basic operation unit 33 calculates the voucher 41 satisfying the following expression using Mi as the verification object data 40 to be registered and mi as the voucher 41 according to the instruction, and stores the calculated voucher 41 in the storage unit 21. (SP22).
- the expression (1) is a product (p ⁇ 1) (q ⁇ 1) of a value obtained by subtracting “1” from one secret key p and a value obtained by subtracting “1” from the other secret key q. This indicates that the remainder obtained by dividing the verification target data 40 is calculated as a voucher 41.
- the overall processing unit 30 transmits the verification target data 40 specified in the verification target data registration instruction and the data identifier 42 of the verification target data 40 generated in step SP21 via the communication unit 24 to the service providing server. 3 (SP23).
- the overall processing unit 60 (FIG. 4) of the service providing server 3 receives the verification target data 40 and the data identifier 42 via the communication unit 54 (SP24), as shown in FIG. 40 and the data identifier 42 are stored in association in the storage unit 51 (SP25).
- the overall processing unit 60 then sends a registration processing result indicating whether or not the verification target data 40 and the data identifier 42 have been normally registered (normally registered in the storage unit 51) via the communication unit 54. It transmits to the terminal 2 (SP26).
- the overall processing unit 30 of the user terminal 2 receives the registration processing result via the communication unit 24, the verification target data 40 and the data identifier 42 are successfully registered in the service providing server 3 based on the registration processing result. It is determined whether or not (SP27). If the overall processing unit 30 determines that the registration of the verification target data 40 and the data identifier 42 has failed, the overall processing unit 30 executes a retransmission process for the verification target data 40 and the data identifier 42 (SP23). On the other hand, if the overall processing unit 30 determines that the registration of the verification target data 40 and the data identifier 42 is successful, the verification target data registration process ends.
- FIG. 8 shows a series of verification target data holding verification processes according to the present embodiment.
- This verification target data holding verification process is performed without using the voucher 41 (FIG. 3) generated by the user terminal 2 before the service provision server 3 transmits the verification target data 40 (FIG. 4).
- 3 is a process of verifying whether or not the verification target data 40 is held.
- the user operates the input unit 22 of his / her user terminal 2 to specify the desired data identifier 42 (FIG. 3) of the verification target data 40 (FIG. 3), and the corresponding verification.
- This is started by inputting an instruction to verify whether or not the target data 40 is held in the service providing server 3 (hereinafter referred to as a verification target data holding verification instruction).
- the overall processing unit 30 of the user terminal 2 first generates a random number.
- An instruction is given to the unit 31 (FIG. 3) to generate a random number.
- the random number generation unit 31 generates a random number according to the instruction (SP31).
- the overall processing unit 30 transmits the random number generated by the random number generating unit 31 at this time and the data identifier 42 specified in the verification target data holding verification instruction to the service providing server 3 via the communication unit 24. (SP32).
- the entire processing unit 60 of the service providing server 3 receives the random number and the data identifier 42 (FIG. 4) via the communication unit 54, the random number and the data identifier 42 are stored in the storage unit 51 (SP33), Thereafter, based on the data identifier 42, verification target data 40 (FIG. 4) to be proved to be held by the service providing server 3 is specified (SP34).
- the overall processing unit 60 sends the random number received in step SP33, the verification target data 40 specified in step SP34, and the public parameter registration process (FIG. 5) to the basic calculation unit 61 (FIG. 4).
- the public parameter 36 (FIG. 4) stored in the storage unit 51 in SP6
- server-side evidence data the evidence data on the service providing server 3 side of the verification target data 40
- the basic operation unit 61 sets R as the random number received at step SP33, Mi as the verification target data identified at step SP34, and N as the public parameter stored in the storage unit 51 at step SP6 of the public parameter registration process. Then, server-side evidence data Si satisfying the following equation is calculated, and the calculated server-side evidence data Si is stored in the storage unit 51 (SP35).
- the expression (2) represents that the remainder obtained by dividing the random number R to the Mi power by the public parameter 36 is calculated as the server-side evidence data Si.
- the overall processing unit 60 transmits the above-described server-side evidence data Si stored in the storage unit 51 to the user terminal 2 via the communication unit 54 (SP36).
- the basic operation unit 33 calculates the user terminal side evidence data Ti satisfying the following equation, using the random number as R, the public parameter as N, and the voucher as mi, and the calculated user terminal side evidence data Ti is stored in the storage unit 21 (SP38).
- the basic operation unit 33 then compares the server-side evidence data Si received at step SP37 with the user terminal-side evidence data Ti calculated at step SP38, so that the service providing server 3 is the target at that time. It is determined whether or not the verification target data 40 is held.
- the basic arithmetic unit 33 sets k as an arbitrary integer and Is used to determine whether the server side evidence data Si and the user terminal side evidence data Ti are equal.
- the basic calculation unit 33 obtains a determination result that the server-side evidence data Si and the user terminal-side evidence data Ti are equal by the determination processing, the verification target data that the service providing server 3 is the target at that time If the server side evidence data Si and the user terminal side evidence data Ti are determined to be not equal (different), the service providing server 3 determines that the verification target data 40 is determined not to be held (SP39).
- the overall processing unit 30 displays the determination result of the basic calculation unit 33 on the output unit 23 (SP40), and thereafter ends this verification target data holding verification processing.
- the user terminal 2 side does not have the verification target data 40 (FIG. 4) transmitted from the service providing server 3. It is possible to verify whether or not the service providing server 3 holds the verification target data 40. Therefore, even when the verification target data 40 has an enormous data size, the service providing server 3 has a small communication volume (only data identifier 42 and random number transmission and server side evidence data Si reception). Whether or not the verification target data 40 is held can be verified.
- the calculation required in the service providing server 3 and the user terminal 2 when verifying whether the verification target data 40 is held by the service providing server 3 is expressed by the following equation (2) or ( 3) It is only the calculation of the equation, and it is possible to verify whether or not the service providing server 3 holds the verification target data 40 by a very simple calculation.
- the data holding verification method it is possible to verify whether or not the service providing server 3 holds the verification target data 40 that the user terminal 2 has deposited with the service providing server 3. Or it can be done in a computational amount.
- an electronic document storage service provider that provides a service for depositing electronic documents (data)
- the user can confirm that the deposited electronic document is not lost.
- the electronic document stored in the electronic document storage service provider is set as the verification target data 40, and the user creates the voucher 41 in advance so that the electronic document is managed by the electronic document storage service provider. Can be confirmed.
- the data retention verification method of the present embodiment is not intended for application only to electronic document storage service providers. For example, it can also be applied to a process for confirming that a local government or the like is surely storing a certain administrative document.
- the data retention verification method of the present embodiment can be applied to the confirmation of the storage status at the archive.
- the data retention verification method of the present embodiment can also be applied to an electronic notary service in a notary office.
- the notary public office keeps the official document at the request of the trustee, etc., but here again, the trustee etc. prepares the voucher of the official document to confirm whether the notary public office holds the official document. It becomes possible.
- Second Embodiment According to the data retention verification method of the first embodiment described above, it is logically possible to verify whether or not the service providing server 3 holds the verification target data 40 infinitely.
- the user terminal 2 or the service providing server 3 requires a power-residue calculation, and the user terminal 2 or the service providing server 3 having a poor calculation capability has a heavy load.
- the number of times that the service providing server 3 can verify whether or not the data to be verified is held is limited to a finite number of times, but the service providing server 3 can be verified with a small amount of calculation.
- a data holding verification method capable of verifying whether data is held will be described.
- reference numeral 70 denotes a cloud system according to the second embodiment as a whole.
- the cloud system 70 includes a user terminal 71 composed of, for example, a mobile phone or a personal computer, and a service provider server 72 of a cloud service provider, which are connected via the network 4. Since the hardware configurations of the user terminal 71 and the service providing server 72 are the same as those in the first embodiment, description thereof is omitted here.
- FIG. 9 in which the same reference numerals are assigned to corresponding parts as in FIG. 3, shows a logical configuration of the user terminal 71 according to the second embodiment.
- the user terminal 71 of the present embodiment is characterized in that the control unit 80 is provided with a unidirectional function unit 81 instead of the prime number generation unit 32 (FIG. 3),
- the configuration is the same as that of the user terminal 2 (FIG. 3) of the first embodiment except that the public parameter 36 (FIG. 3) is not stored in the unit 21.
- the one-way function unit 81 is a functional part that is realized when the CPU 11 (FIG. 2) of the user terminal 71 executes a corresponding program stored in the memory 12 (FIG. 2). In response to the instruction, a process using a one-way function for the verification target data 40 is performed.
- a one-way function is a function for which it is difficult to obtain an input value from the output value of the function.
- a cryptographic hash function or a public key encryption function (however, a secret key is secretly stored).
- the secret key encryption function (however, the secret key is kept secret).
- FIG. 10 in which the same reference numerals are assigned to corresponding parts to FIG. 4 shows a service providing server 72 according to the second embodiment.
- the service providing server 72 of the present embodiment includes a one-way function unit 91 provided in the control unit 90 instead of the basic calculation unit 33 (FIG. 4).
- the configuration is the same as that of the service providing server 3 of the first embodiment except that the public parameter 36 (FIG. 4) is not stored in the storage unit 51.
- the one-way function unit 91 is a functional part that is realized by the CPU 11 (FIG. 2) of the service providing server 72 executing a corresponding program stored in the memory 12 (FIG. 2).
- the same function as the one-way function unit 81 is provided.
- the data retention verification method includes a secret key registration process in which a plurality of secret keys are registered in the service providing server 72 in advance, and verification target data 40 This is realized by a verification target data registration process for entrusting the service provision server 72 to the service provision server 72 and a verification target data retention verification process for verifying that the verification target data 40 is retained in the service provision server 72.
- a secret key registration process for entrusting the service provision server 72 to the service provision server 72
- a verification target data retention verification process for verifying that the verification target data 40 is retained in the service provision server 72.
- (2-2-1) Secret Key Registration Process the user operates the input unit 22 of his / her user terminal 71 to input the secret key setting information and the number to be created, and the secret key service The process is started by inputting a registration instruction to the providing server 72 (hereinafter referred to as a secret key registration instruction).
- the secret key registration instruction is input via the input unit 22 to the entire processing unit 82 (FIG. 9) of the user terminal 71, the number specified in the secret key registration instruction to the random number generation unit 31. Instructs you to create a private key.
- the random number generation unit 31 generates a specified number of random numbers (k1 to kn) in accordance with the instruction.
- the overall processing unit stores these random numbers generated by the random number generation unit 31 in the storage unit 21 as the secret key 83 (FIG. 9).
- the verification target data registration process in the data holding verification method of the present embodiment includes the verification target data registration process according to the first embodiment described above with reference to FIG. This is the same except that the method for generating the voucher 41 is different.
- step SP22 of the verification target data registration process the overall processing unit 82 (FIG. 9) provides the verification target data registration instruction received in step SP20 to the basic arithmetic unit 33.
- An instruction is given to generate a voucher 41 of the specified verification target data 40.
- the other processing contents in the verification target data registration process are the same as the processing contents of the verification target data registration process according to the first embodiment described above with reference to FIG. Is omitted.
- FIG. 11 shows a series of verification target data retention verification processes according to this embodiment.
- This verification target data holding verification process is performed by the service providing server 72 using the voucher 41 (FIG. 9) previously generated by the user terminal 71 without causing the service providing server 72 to transmit the verification target data 40.
- the user operates the input unit 22 of his / her user terminal 71 to specify the desired data identifier 42 of the verification target data 40, and the corresponding verification target data 40 is sent to the service providing server 72. Is started by inputting an instruction (verification target data holding verification instruction) to verify whether or not it is held.
- the entire processing unit 82 (FIG. 9) of the user terminal 71 receives the verification target data holding verification instruction specifying the data identifier 42 of the verification target data 40 via the input unit 22 (SP50)
- the voucher 41 of the verification target data 40 is generated when the data identifier 42 specified in the verification target data holding verification instruction and the verification target data 40 corresponding to the data identifier 42 are registered in the service providing server 72
- the used secret key 83 is transmitted to the service providing server 72 via the communication unit 24 (SP51).
- the overall processing unit 92 (FIG. 10) of the service providing server 72 receives the data identifier 42 and the secret key 83 via the communication unit 54, it stores the data identifier 42 and the secret key 83 in the storage unit 51. (SP52) Thereafter, the verification target data 40 to be proved to be held by the service providing server 72 is specified based on the data identifier 42 (SP53).
- the overall processing unit 92 uses the secret key 83 received in step SP52 and the verification target data 40 specified in step SP53 to the one-way function unit 91, and provides a service for the verification target data 40.
- An instruction is given to generate evidence data (server-side evidence data) on the providing server 72 side.
- the one-way function unit 91 calculates server-side evidence data Si that satisfies the following equation, with the secret key 83 received at step SP52 as kj and the verification target data 40 specified at step SP53 as Mi, according to such an instruction.
- the calculated server side evidence data Si is stored in the storage unit 51 (SP54).
- the overall processing unit 92 transmits the server side evidence data Si stored in the storage unit 51 to the user terminal 71 via the communication unit 54 (SP55).
- the basic arithmetic unit 33 is inspected at this time. An instruction is given to compare the voucher 41 of the data 40 with the server-side evidence data Si received at step SP56.
- the basic operation unit 33 reads the voucher 41 from the storage unit 21, and uses the read voucher 41 as evidence data (user terminal side evidence data) Ti on the user terminal 71 side. The data Ti is compared with the server-side evidence data Si received at step SP56.
- the basic operation unit 33 determines that the service providing server 72 holds the verification target data 40 that is the target at that time, and the server If the side evidence data Si and the user terminal side evidence data Ti are not equal (different), it is determined that the service providing server 72 does not hold the verification target data 40 (SP57).
- the overall processing unit 82 displays the determination result of the basic arithmetic unit 33 on the output unit 23 (SP58), and thereafter ends the verification target data holding verification process.
- the verification target data 40 (FIG. 10) is transmitted from the service providing server 72 as in the first embodiment. Without the request, it is possible to verify whether or not the service providing server 3 holds the verification target data 40 on the user terminal 71 side.
- the calculation required in the user terminal 71 and the service providing server 72 when verifying whether the verification target data 40 is held by the service providing server 72 is expressed by Equation (5) or ( 6) It is only the calculation of the equation, and it is possible to verify whether or not the service providing server 72 holds the verification target data 40 by a very simple calculation.
- the data holding verification method it is possible to verify whether or not the service providing server 72 holds the verification target data 40 that the user terminal 71 has deposited with the service providing server 72. Or it can be done in a computational amount.
- the data retention verification method according to the present embodiment is significantly different from the data retention verification method according to the first embodiment.
- the service providing server 72 generates the server-side evidence data Si
- the user terminal 71 generates a random number. The point is whether to transmit or the secret key 83 is transmitted.
- the secret key 83 having a different value each time is used in the data holding verification method according to the present embodiment, as in the case of basically transmitting a different random number every time. It is necessary to transmit from the terminal 71 to the service providing server 72. Otherwise, even if the service providing server 72 does not hold the verification target data 40, the server-side evidence data Si can be reused and the user terminal 71 can falsely hold that the verification target data 40 is held. is there. Therefore, in the data holding verification method according to the present embodiment, it is possible to verify whether the service providing server 72 holds the verification target data 40 only for the number of secret keys 83 created by the secret key registration process. .
- the service providing servers 3 and 72 store the verification target data 40.
- the user terminal 2 or 71 needs to hold the voucher 41 for each verification target data 40. Therefore, in order to be able to verify whether or not the service providing servers 3 and 72 hold the same verification target data 40 from a plurality of user terminals 2 and 71, a plurality of user terminals 2 and 71 can be It is necessary to share the voucher 41.
- both the user terminals 2 and 71 and the service providing servers 3 and 72 are required to process a large amount of calculation called exponentiation multiplication with a high calculation load. .
- Non-Patent Document 1 A verification data holding verification method according to the third embodiment capable of verifying whether or not the service providing servers 3 and 72 hold the verification target data 40 by exponentiation modular multiplication will be described below.
- reference numeral 100 denotes a cloud system according to the third embodiment as a whole.
- the cloud system 100 includes a user terminal 101 composed of, for example, a mobile phone or a personal computer, and a service provider server 102 of a cloud service provider, which are connected via a network 4. Since the hardware configurations of the user terminal 101 and the service providing server 102 are the same as those in the first embodiment, description thereof is omitted here.
- FIG. 12 in which parts corresponding to those in FIG. 3 are assigned the same reference numerals, shows the logical configuration of the user terminal 101 according to the third embodiment.
- the user terminal 101 according to the present embodiment includes a point that the control unit 110 is provided with the one-way function unit 111 and the verification target data 40 stored in the service providing server 102. Except that the voucher 41 (FIG. 3) is not stored in the storage unit 21, the configuration is the same as the user terminal 2 (FIG. 3) of the first embodiment.
- the one-way function unit 111 is a functional part that is embodied when the CPU 11 (FIG. 2) of the user terminal 101 executes a corresponding program stored in the memory 12 (FIG. 2). Since this one-way function has the same function as the one-way function unit 81 of the second embodiment described above with reference to FIG. 9, the detailed description thereof is omitted.
- reference numeral 102 denotes a service providing server according to the third embodiment.
- This service providing server 102 is a service according to the first embodiment except that the processing contents of various processes executed by the overall processing unit 121 of the control unit 120 are different from those of the overall processing unit 60 of the first embodiment.
- the configuration is the same as that of the providing server 3.
- the overall processing unit 121 is a functional part that is realized when the CPU 11 (FIG. 2) of the service providing server 102 executes a corresponding program stored in the memory 12 (FIG. 2).
- the data retention verification method according to the present exemplary embodiment includes a public parameter registration process in which the public parameter 36 is registered in the service providing server 102 in advance, and verification target data 40.
- a verification target data registration process in which the service providing server 102 stores the verification target data and a verification target data holding verification process for verifying that the verification target data is stored in the service providing server 102 thereafter.
- the public parameter registration process, the verification target data registration process, and the verification target data holding verification process will be described.
- FIG. 13 shows a series of public parameter registration processing according to this embodiment.
- This public parameter registration process is performed between the user terminal 101 and the service providing server 102 so as to verify whether or not the verification target data 40 (FIG. 12) stored in the service providing server 102 is held by the service providing server 102. This process is performed in advance to share the public parameter 36 (FIG. 12).
- the user operates the input unit 22 of his / her user terminal 101 to input the secret key and the public parameter setting information, and the public parameter registration instruction (public parameter) to the service providing server 102. It starts by entering the registration instruction.
- the overall processing unit 112 (FIG. 12) of the user terminal 101 first generates a prime number for the prime number generation unit 32. Give instructions to do so.
- the prime number generation unit 32 generates two prime numbers (p and q) according to the instruction.
- the overall processing unit 112 instructs the basic operation unit 33 (FIG. 12) to calculate these two prime numbers p and q generated by the prime number generation unit 32 and an instruction to calculate the product of these two prime numbers p and q. give.
- the basic calculation unit 33 calculates the product of these two prime numbers p and q in accordance with such an instruction.
- the overall processing unit 112 stores the product of the two prime numbers p and q calculated by the basic calculation unit 33 in the storage unit 21 as the public parameter 36 (FIG. 12) (SP61).
- the overall processing unit 112 instructs the random number generation unit 31 (FIG. 12) to generate two random numbers of 0 or more and less than N, where N is the public parameter 36 generated in step SP61.
- the random number generation unit 31 generates two random numbers (referred to as g and d) according to the instruction.
- the overall processing unit 112 stores these two random numbers generated by the random number generation unit 31 in the storage unit 21 as the secret keys g and d, and The inverse element e of the secret key d satisfying the above condition is calculated, and the calculated inverse element e of the secret key d is stored in the storage unit 21. Further, the overall processing unit 112 gives an instruction to the random number generation unit 31 to generate a random number.
- the random number generation unit 31 generates one random number (referred to as k) in accordance with such an instruction. Then, the overall processing unit 112 stores the random number generated by the random number generation unit 31 in the storage unit 21 as the secret key k (SP62).
- the overall processing unit 112 transmits the public parameter 36 generated in step SP61 to the service providing server 102 via the communication unit 24 (FIG. 12) (SP63).
- the overall processing unit 121 (FIG. 4) of the service providing server 102 stores the public parameter 36 in the storage unit 51 (SP65).
- the overall processing unit 112 thereafter transmits a registration processing result indicating whether or not the public parameter 36 has been normally registered (normally stored in the storage unit 51) to the user terminal 101 via the communication unit 54. (SP66).
- the overall processing unit 112 of the user terminal 101 receives the registration processing result via the communication unit 24 (SP67), has the registration of the public parameter 36 to the service providing server 102 been successful based on the registration processing result? It is determined whether or not (SP68). If the overall processing unit 112 determines that the registration of the public parameter 36 has failed, it executes a retransmission process for the public parameter 36 (SP63). On the other hand, if the overall processing unit 112 determines that the registration of the public parameter 36 is successful, the public parameter registration process ends.
- FIG. 14 shows a series of verification target data registration processes according to this embodiment.
- This verification target data registration process generates a voucher for each verification target data 40 so that the user terminal 101 can later verify whether the service providing server 102 holds the verification target data 40 (FIG. 12).
- the user operates the input unit 22 of his / her user terminal 101 (FIG. 12) to make a request from the verification target data 40 stored in the storage unit 21 of the user terminal 101. This is started by designating the verification target data 40 and inputting a registration instruction (verification target data registration instruction) of the verification target data 40 to the service providing server 102.
- a registration instruction verification target data registration instruction
- the overall processing unit 112 (FIG. 12) of the user terminal 101 firstly performs the verification specified in the verification target data registration instruction.
- a data identifier 42 of the target data 40 is generated (SP71). Specifically, as shown in FIG. 15, the overall processing unit 112 divides the verification target data 40, which is a single document, for example, into predetermined units (for example, 4, 8, 32, or 64 [kbyte]). The data identifier 42A is generated for each divided data 40A of the verification target data 40 thus obtained. Then, the overall processing unit 112 stores the data identifier 42A of each divided data 40A of the verification target data 40 generated in this way in the storage unit 21 (FIG. 12) (SP71).
- the overall processing unit 112 sends the public parameter 36 (FIG. 12) stored in the storage unit 21 in step SP61 of the public parameter registration process (FIG. 13) to the basic arithmetic unit 33 (FIG. 12), and the disclosure.
- step SP62 of the parameter registration process the two secret keys g and d stored in the storage unit 21 and all the divided data 40A of the verification target data 40 to be registered are read from the storage unit 21.
- “mod” is an operator for calculating the remainder of division
- “Func” is a one-way function.
- is an operator that means a combination of the preceding and following numerical values. Therefore, “k
- the overall processing unit 112 obtains the verification target data 40, the data identifier 42A of each divided data 40A of the verification target data 40 obtained as described above, and the voucher 41 for each of the divided data 40A. It transmits to the service providing server 102 via the communication unit 24 (SP73).
- the overall processing unit 121 (FIG. 4) of the service providing server 102 obtains the verification target data 40, the data identifier 42A for each divided data 40A of the verification target data 40, and the voucher for each of the divided data 40A.
- these are stored in the storage unit 51 (FIG. 4) (SP75).
- the overall processing unit 121 associates each data identifier 42A with the corresponding voucher and stores it in the storage unit 51 (SP75).
- the overall processing unit 121 normally registers (normally stores) the verification target data 40, the data identifier 42A for each divided data 40A of the verification target data 40, and the voucher for each of the divided data 40A.
- the registration processing result indicating whether or not the registration has been completed is transmitted to the user terminal 101 via the communication unit 54 (FIG. 4) (SP76).
- the overall processing unit 112 (FIG. 12) of the user terminal 101 receives the registration processing result via the communication unit 24 (FIG. 12) (SP77), verification to the service providing server 102 is performed based on the registration processing result. It is determined whether or not the registration of the target data 40, the data identifier 42A for each divided data 40A of the verification target data 40, and the voucher for each divided data 40A is successful (SP78). If the overall processing unit 112 determines that the registration has failed, the verification target data 40, the data identifier 42A for each divided data 40A of the verification target data 40, and the voucher for each of the divided data 40A, The retransmission process is executed (SP73). If the overall processing unit 112 determines that the registration has been successful, the verification target data registration process ends.
- Non-Patent Document 1 the processing procedure for sharing public parameters and the processing for registering verification target data is almost the same as the public parameter registration processing and verification target data registration processing according to the present embodiment. Although it is the same, the creation method of the voucher (mi (j)) for each divided data 40A of the verification target data 40 executed in the verification target data registration process is different. Specifically, in such an existing technique, a voucher (mi (j)) for each divided data 40A of the verification target data 40 is generated by the following equation.
- FIG. 16 shows a series of verification target data retention verification processes according to this embodiment.
- This verification target data holding verification process provides service provision without causing the service providing server 102 to transmit the verification target data 40 using the voucher for each divided data 41A of the verification target data 40 generated by the user terminal 101 first. This is processing for verifying whether the server 102 holds the verification target data 40.
- the user operates the input unit 22 of his / her user terminal 101 (FIG. 12), specifies the data identifier 42 of the verification target data 40 desired, and the corresponding verification target data 40 is displayed.
- the process is started by inputting an instruction (verification target data holding verification finger) to verify whether or not the service providing server 102 holds it.
- the unidirectional function unit 111 is instructed to generate a data identifier 42A for each divided data 40A of the verification target data 40.
- the one-way function unit 111 uses the secret key k stored in the storage unit 21 in step SP62 of the public parameter registration process (FIG. 13) in accordance with such an instruction, and the data identifier for each divided data 40A of the verification target data 40.
- 42A as i (j)
- the data identifier 42A for each divided data 40A of the verification target data 40 is calculated by the following equation.
- the overall processing unit 112 gives an instruction to the random number generation unit 31 to generate a random number.
- the random number generation unit 31 generates a random number t that is greater than or equal to 0 and less than p, and generates a parameter h that satisfies the following equation (SP81).
- “p” is one of the random numbers generated by the random number generation unit 31 when generating the public parameter 36 (FIG. 12) in step SP61 of the public parameter registration process described above with reference to FIG. , (11), “g” is one of the random numbers generated by the random number generation unit 31 in step SP62 of the public parameter registration process, and “N” is generated in step SP61 of the public parameter registration process. This is the value of the public parameter 36.
- the overall processing unit 112 instructs the random number generation unit 31 to generate a random number for each divided data 40A of the verification target data 40.
- the overall processing unit 121 reads out the data identifiers 42A of the respective divided data 40A of the corresponding verification target data 40 from the storage unit 51 based on the data identifiers 42A received in step SP84, and reads these data identifiers. Based on 42A, each divided data 40A of the verification target data 40 to be verified that the service providing server 102 holds is specified (SP85).
- the overall processing unit 121 stores the divided data 40A of the verification target data 40 identified in step SP85 and the storage unit in step SP65 of the public parameter registration process (FIG. 13) with respect to the basic calculation unit 61 (FIG. 4).
- the public parameter 36 stored in 51 two pieces of evidence data on the service providing server 102 side of the verification target data 40 (hereinafter referred to as first and second server side evidence data, respectively) are calculated. Give instructions to do so.
- the basic calculation unit 61 sets Mi (1) to Mi (n) for the values of the divided data 40A of the verification target data 40, and sets i (1) to i for the data identifiers 42A of the divided data 40A, respectively.
- R (1) to R (n) are random numbers received by the service providing server 102 in step SP, and N is the public parameter 36 stored in the storage unit 51 in step SP65 of the public parameter registration process.
- First and second server-side evidence data Si and Ui satisfying the above are calculated, respectively, and the calculated first and second server-side evidence data Si and Ui are respectively stored in the storage unit 51 (SP86).
- the equation (13) the following equation
- the exponent part represented by is composed of multiplication and addition. Therefore, by calculating the exponent part first, the equation (13) can be expressed by one exponentiation and one n multiplications and additions. It can be calculated. In this case, since the calculation load of addition and multiplication is low, the actual calculation amount of the equation (13) is almost equal to one power-residue multiplication.
- the overall processing unit 121 reads the first and second server-side evidence data Si and Ui calculated as described above from the storage unit 51, and the read first and second server-side evidence data Si. , Ui are transmitted to the user terminal 101 via the communication unit 24 (SP87).
- step SP82 when the overall processing unit 112 of the user terminal 101 receives the first and second server-side evidence data Si and Ui via the communication unit 24 (SP88), the basic processing unit 33 is notified in step SP82.
- an instruction is given to generate evidence data on the user terminal 101 side (hereinafter referred to as user terminal side evidence data).
- the basic calculation unit 33 calculates the first user terminal side evidence data Ti that satisfies the following equation in accordance with such an instruction.
- Equation (15) the following equation The exponent part represented by is composed of multiplication and addition. Therefore, by calculating the exponent part first, Equation (15) can be expressed by one exponentiation and one-time multiplication and addition. It can be calculated. In this case, since the calculation load of addition and multiplication is low, the actual calculation amount of the equation (15) is almost equal to one power-residue multiplication.
- the first user terminal side evidence data Ti satisfies the following equation.
- the basic calculation unit 33 uses the random number t generated by the random number generation unit 31 in step SP81 and the secret key e (inverse element of the secret key d) generated in step SP62 of the public parameter registration process (FIG. 13).
- the second user terminal side evidence data Vi that is read from the storage unit 21 and satisfies the following equation is calculated, and the calculated second user terminal side evidence data Vi is stored in the storage unit 21 (SP89).
- the basic operation unit 33 compares the second user terminal side evidence data Vi calculated in this way with the first server side evidence data Si received in step SP88. And when these 2nd user terminal side evidence data Vi and 1st server side evidence data Si are equal, the basic calculating part 33 hold
- the overall processing unit 112 displays the determination result of the basic calculation unit 33 on the output unit 23, and thereafter ends the verification target data holding verification process.
- first and second user terminal side evidence data Ti and Vi are generated using multiplication using the public parameter 36 as a modulus.
- the first and second user terminal side evidence data Ti and Vi may be generated using addition (or subtraction).
- the server-side evidence data Ui is calculated based on the following equation in step SP86 of the verification target data holding verification process (FIG. 16).
- equation (19) is a combination of (n + 1) power-residue multiplications with different bases such as g R1Mi (1) +... + RnMi (n) , i (1) R1 , i (2) R2 ,. Therefore, the amount of calculation is about 100 times larger than the expression (14) that can be processed by a single power-residue multiplication.
- Non-Patent Document 1 has a high processing load on the user terminal 101.
- the user terminal 101 calculates the first user terminal side evidence data Ti by the following equation.
- the registration processing of the verification target data 40 and whether the service providing server 102 holds the verification target data 40 or not is verified that the service providing server 102 holds the verification target data 40 by a power-multiplication multiplication that is much smaller than the existing technique disclosed in Non-Patent Document 1. be able to.
- the verification target data is not transmitted from the service providing server 102 on the user terminal 101 side, as in the first exemplary embodiment. It can be verified whether the service providing server 102 holds the data 40.
- the data holding verification method it is possible to verify whether or not the service providing server 102 holds the verification target data 40 that the user terminal 101 has deposited with the service providing server 102. Or it can be done in a computational amount.
- the public parameter registration process, the verification target data registration process, and the data holding verification process are executed according to the processing procedure shown in FIG. 5, FIG. 6, or FIG.
- the data holding verification process is executed according to the processing procedure shown in FIG. 11, and in the third embodiment, the public parameter registration process, the verification target data registration process, and the data holding verification process are respectively shown in FIGS.
- the processing is executed according to the processing procedure shown in FIG. 15 has been described.
- the present invention is not limited to this, and if the essential processing content is the same, the processing procedure is changed and executed. May be.
- the data holding verification process for verifying whether or not the service providing servers 3, 72, 102 hold the data deposited from the user terminals 2, 71, 101 As the verification information to be used, the case where the random number is applied in the first embodiment, the secret key 83 is applied in the second embodiment, and the random number and the parameter h are applied in the third embodiment.
- the present invention is not limited to this, and various other information can be applied as the verification information.
- the service providing server 3 uses the public parameter 36 as a modulus and the random number R as an exponent of the value of the verification target data 40 as described above with respect to the expression (2).
- the server side evidence data Si is calculated by calculation, and the user terminal 2 should use the public parameter 36 as a modulus and the random number R as an exponent of the value of the first voucher 41 as described above for the expression (3).
- the user terminal side evidence data Ti is calculated by the calculation has been described, the present invention is not limited to this, for example, the server side evidence data Si and the user terminal using addition or subtraction modulo the public parameter 36 The side evidence data Ti may be calculated.
- the user terminal 71 uses the verification target data 40 and the secret key with the verification target data 40 as the upper level and the secret key 83 as the lower level.
- the voucher 41 (the user terminal side evidence data Ti) is generated as an output value of the one-way function with the value obtained by combining 83 as an input
- the service providing server 72 uses the verification target data as described above with respect to the equation (6).
- server-side evidence data Si is generated as an output value of a one-way function in which a value obtained by combining the verification target data 40 and the secret key 83 with the value 40 being the higher order and the secret key 83 being the lower order.
- the present invention is not limited to this, and other operations (addition / subtraction or multiplication) and output values of other functions may be input to the one-way function, and arbitrary operations are added to the output values of the one-way function. It may be so that.
- the present invention can be widely applied to, for example, systems having various configurations including a user terminal and a server apparatus that stores verification target data from the user terminal, in addition to a cloud system that performs a cloud service.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Power Engineering (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
Abstract
Description
(1-1)本実施の形態によるクラウドシステムの構成
図1において、1は全体として本実施の形態によるクラウドシステムを示す。このクラウドシステム1は、例えば携帯電話機やパーソナルコンピュータから構成されるユーザ端末2と、クラウドサービス事業者のサービス提供サーバ3とを有し、これらがネットワーク4を介して接続されている。
次に、本クラウドシステム1におけるデータ保持検証方式について図3~図8を参照して説明する。本データ保持検証方式は、予め公開パラメータ36(図3)をサービス提供サーバ3に登録しておく公開パラメータ登録処理と、ユーザ端末2内の検証対象データ40(図3)をサービス提供サーバ3に預ける検証対象データ登録処理と、この後、かかる検証対象データ40がサービス提供サーバ3に保持されていることを検証する検証対象データ保持検証処理とにより実現される。以下、これら公開パラメータ登録処理、検証対象データ登録処理及び検証対象データ保持検証処理について説明する。
図5は、本実施の形態による公開パラメータ登録処理の一連の流れを示す。この公開パラメータ登録処理は、クラウドサービス事業者に預けた検証対象データ40をサービス提供サーバ3が保持しているか否かを検証できるように、ユーザ端末2及びサービス提供サーバ3間で公開パラメータを共有するために事前に行われる処理である。
一方、図6は、本実施の形態による検証対象データ登録処理の一連の流れを示す。この検証対象データ登録処理は、検証対象データ40を、当該検証対象データ40に基づく証蹟41(図3)を生成してからサービス提供サーバ3に預ける処理である。
他方、図8は、本実施の形態による検証対象データ保持検証処理の一連の流れを示す。この検証対象データ保持検証処理は、ユーザ端末2が先に生成した証蹟41(図3)を用いて、サービス提供サーバ3に検証対象データ40(図4)を送信させることなく、サービス提供サーバ3が検証対象データ40を保持しているか否かを検証する処理である。
以上のように本実施の形態のクラウドシステム1では、サービス提供サーバ3から検証対象データ40(図4)を送信してもらうことなく、ユーザ端末2側において、当該検証対象データ40をサービス提供サーバ3が保持しているか否かを検証することができる。従って、検証対象データ40が膨大なデータサイズである場合にも、ユーザ端末2が少ない通信量(データ識別子42及び乱数の送信と、サーバ側証拠データSiの受信のみ)で、サービス提供サーバ3が検証対象データ40を保持しているか否かを検証することができる。
第1の実施の形態のデータ保持検証方式によれば、例えば、電子文書(データ)を預かるサービスを提供する電子文書保管サービス事業者が、預けた電子文書を紛失していないことをユーザが確認できる。すなわち、電子文書保管サービス事業者に預ける電子文書を検証対象データ40とし、この証蹟41をユーザが事前に作成することにより、電子文書が電子文書保管サービス事業者に管理されていることをユーザが確認することができる。
上述した第1の実施の形態のデータ保持検証方法によれば、論理的にはサービス提供サーバ3が検証対象データ40を保持しているか否かの検証を無限に行うことができるものの、ユーザ端末2やサービス提供サーバ3においてべき乗剰余演算が必要となり、計算能力が乏しいユーザ端末2又はサービス提供サーバ3には負荷が大きい。
図1において、70は全体として第2の実施の形態によるクラウドシステムを示す。このクラウドシステム70は、例えば携帯電話機やパーソナルコンピュータから構成されるユーザ端末71と、クラウドサービス事業者のサービス提供サーバ72とを有し、これらがネットワーク4を介して接続されている。ユーザ端末71及びサービス提供サーバ72のハードウェア構成は、第1の実施の形態と同様であるため、ここでの説明は省略する。
本実施の形態によるデータ保持検証方式は、予め複数の秘密鍵をサービス提供サーバ72に登録しておく秘密鍵登録処理と、検証対象データ40をサービス提供サーバ72に預ける検証対象データ登録処理と、この後、かかる検証対象データ40がサービス提供サーバ72に保持されていることを検証する検証対象データ保持検証処理とにより実現される。以下、これら公開パラメータ登録処理、検証対象データ登録処理及び検証対象データ保持検証処理について説明する。
秘密鍵登録処理は、ユーザが自己のユーザ端末71の入力部22を操作して、秘密鍵の設定情報及び作成個数を入力すると共に、秘密鍵のサービス提供サーバ72への登録指示(以下、これを秘密鍵登録指示と呼ぶ)を入力することにより開始される。
本実施の形態のデータ保持検証方式における検証対象データ登録処理は、図6について上述した第1の実施の形態による検証対象データ登録処理と、ステップSP22における証蹟41の生成方法が異なる点を除いて同様である。
図11は、本実施の形態による検証対象データ保持検証処理の一連の流れを示す。この検証対象データ保持検証処理は、ユーザ端末71が先に生成した証蹟41(図9)を用いて、サービス提供サーバ72に検証対象データ40を送信させることなく、サービス提供サーバ72が検証対象データ40を保持しているか否かを検証する処理である。
以上のように本実施の形態によるクラウドシステム70では、第1の実施の形態と同様に、サービス提供サーバ72から検証対象データ40(図10)を送信してもらうことなく、ユーザ端末71側において、当該検証対象データ40をサービス提供サーバ3が保持しているか否かを検証することができる。
第1の実施の形態による検証対象データ保持検証方式や第2の実施の形態による検証対象データ保持検証方式では、サービス提供サーバ3,72が検証対象データ40を保持しているか否かを検証するために、検証対象データ40ごとにユーザ端末2,71が証蹟41を保持する必要がある。そのため、複数のユーザ端末2,71からサービス提供サーバ3,72が同一の検証対象データ40を保持しているか否かを検証し得るようにするためには、複数のユーザ端末2,71間で証蹟41を共有する必要がある。
図1において、100は全体として第3の実施の形態によるクラウドシステムを示す。このクラウドシステム100は、例えば携帯電話機やパーソナルコンピュータから構成されるユーザ端末101と、クラウドサービス事業者のサービス提供サーバ102とを有し、これらがネットワーク4を介して接続されている。ユーザ端末101及びサービス提供サーバ102のハードウェア構成は第1の実施の形態と同様であるため、ここでの説明は省略する。
次に、本実施の形態によるデータ保持検証方式について説明する。本実施の形態によるデータ保持検証方式は、第1の実施の形態によるデータ保持検証方式と同様に、予め公開パラメータ36をサービス提供サーバ102に登録しておく公開パラメータ登録処理と、検証対象データ40をサービス提供サーバ102に預ける検証対象データ登録処理と、この後、かかる検証対象データがサービス提供サーバ102に保持されていることを検証する検証対象データ保持検証処理とにより実現される。以下、これら公開パラメータ登録処理、検証対象データ登録処理及び検証対象データ保持検証処理について説明する。
図13は、本実施の形態による公開パラメータ登録処理の一連の流れを示す。この公開パラメータ登録処理は、サービス提供サーバ102に預けた検証対象データ40(図12)を当該サービス提供サーバ102が保持しているか否かを検証できるように、ユーザ端末101及びサービス提供サーバ102間で公開パラメータ36(図12)を共有するために事前に行われる処理である。
一方、図14は、本実施の形態による検証対象データ登録処理の一連の流れを示す。この検証対象データ登録処理は、ユーザ端末101が後にサービス提供サーバ102が検証対象データ40(図12)を保持しているか否かを検証できるように、検証対象データ40ごとに証蹟をそれぞれ生成し、生成した証蹟を検証対象データ40と共にサービス提供サーバ3に預ける処理である。
他方、図16は、本実施の形態による検証対象データ保持検証処理の一連の流れを示す。この検証対象データ保持検証処理は、ユーザ端末101が先に生成した検証対象データ40の分割データ41Aごとの証蹟を用いて、サービス提供サーバ102に検証対象データ40を送信させることなく、サービス提供サーバ102が検証対象データ40を保持しているか否かを検証する処理である。
上述した非特許文献1に開示された既存技術では、サービス提供サーバ102が検証対象データ40を保持しているか否かの検証処理の処理手順が本実施の形態の検証対象データ保持検証処理と類似するが、検証対象データ登録処理(図14)のステップSP72において(9)式でなく(8)式に基づいて証蹟を生成するため処理内容が一部異なる。
なお上述の第1~第3の実施の形態においては、本発明を図1のように構成されたクラウドシステムに適用するようにした場合について述べたが、本発明はこれに限らず、この他種々の構成のシステムに広く適用することができる。
Claims (14)
- ユーザ端末がサーバ装置に預けた検証対象データを前記サーバ装置が保持しているか否かを検証するデータ保持検証システムにおいて、
前記ユーザ端末から前記サーバ装置に所定の検証用情報を送信し、前記サーバ装置において、保持している前記検証対象データと、前記検証用情報とを用いて当該検証対象データに固有かつ当該検証対象データよりも小さいデータサイズのサーバ側証拠データを算出し、算出した前記サーバ側証拠データを前記ユーザ端末に送信し、
前記ユーザ端末側において、前記検証用情報に基づくユーザ端末側証拠データと、前記サーバ装置から送信された前記サーバ側証拠データとを比較し、比較結果に基づいて、前記サーバ装置が前記検証対象データを保持しているか否かを判定する
ことを特徴とするデータ保持検証システム。 - 前記ユーザ端末は、予め前記サーバ装置に公開パラメータを登録すると共に、前記検証対象データを前記サーバ装置に預ける際に、当該検証対象データに基づく第1の証蹟を第1の秘密鍵を用いて生成し、
前記ユーザ端末は、前記検証用情報として乱数を前記サーバ装置に送信し、
前記サーバ装置は、前記検証対象データ、前記乱数及び前記公開パラメータを用いてサーバ側証拠データを算出し、算出した前記サーバ側証拠データを前記ユーザ端末に送信し、
前記ユーザ端末は、前記乱数及び前記第1の証蹟に基づいて前記ユーザ端末側証拠データを算出する
ことを特徴とする請求項1に記載のデータ保持検証システム。 - 前記第1の秘密鍵は、2つの素数から構成され、
前記ユーザ端末は、前記2つの素数の積として前記公開パラメータを算出する
ことを特徴とする請求項2に記載のデータ保持検証システム。 - 前記ユーザ端末は、
前記2つの素数からそれぞれ1を減算した値の積を法とし、前記検証対象データの値の指数を1とするべき乗剰余演算により前記第1の証蹟を算出し、
前記サーバ装置は、
前記公開パラメータを法とし、前記乱数を前記検証対象データの値の指数とするべき乗剰余演算により前記サーバ側証拠データを算出し、
前記ユーザ端末は、
前記公開パラメータを法とし、前記乱数を前記第1の証蹟の値の指数とするべき乗剰余演算により前記ユーザ端末側証拠データを算出する
ことを特徴とする請求項3に記載のデータ保持検証システム。 - 前記ユーザ端末は、
複数の第2の秘密鍵を生成し、
前記検証対象データを前記サーバ装置に預ける際に、複数の前記第2の秘密鍵の中から1つの前記第2の秘密鍵を用いて前記第1の証蹟を生成し、
前記第1の証蹟を生成する際に利用した前記第2の秘密鍵を前記検証用情報として前記サーバ装置に送信し、
前記第1の証蹟を前記ユーザ端末側証拠データとして、当該ユーザ端末側証拠データと、前記サーバ装置から送信される前記サーバ側証拠データとを比較する
ことを特徴とする請求項1に記載のデータ保持検証システム。 - 前記ユーザ端末は、
前記検証対象データを上位、前記第2の秘密鍵の値を下位とする前記検証対象データ及び前記第2の秘密鍵を結合した値を入力とした一方向関数の出力値として前記第1の証蹟を生成し、
前記サーバ装置は、
前記検証対象データを上位、前記第2の秘密鍵の値を下位とする前記検証対象データ及び前記第2の秘密鍵を結合した値を入力とした一方向関数の出力値として前記サーバ側証拠データを生成し、
前記ユーザ端末は、
前記ユーザ端末側証拠データ及び前記サーバ側証拠データが同一である場合に、前記サーバ装置が前記検証対象データを保持していると判定する
ことを特徴とする請求項5に記載のデータ保持検証システム。 - 前記ユーザ端末から前記サーバ装置に予め公開パラメータが登録され、
前記ユーザ端末は、前記検証対象データを前記サーバ装置に預ける際に、当該検証対象データを複数の分割データに分割し、前記分割データごとに当該分割データに基づく第2の証蹟をそれぞれ生成し、生成した前記分割データごとの前記第2の証蹟を前記検証対象データと共に前記サーバ装置に送信し、
前記ユーザ端末は、前記検証用情報として、第3の秘密鍵を用いて生成したパラメータと、前記検証対象データの前記分割データごとの乱数とを前記サーバ装置に送信し、
前記サーバ装置は、前記パラメータと、前記検証対象データの各前記分割データと、前記検証対象データの前記分割データごとの前記乱数と、前記公開パラメータとを用いて前記サーバ側証拠データを算出し、
前記ユーザ端末は、前記第3の秘密鍵と、前記検証対象データの前記分割データごとの前記乱数とを用いて前記ユーザ端末側証拠データを算出する
ことを特徴とする請求項1に記載のデータ保持検証システム。 - ユーザ端末がサーバ装置に預けた検証対象データを前記サーバ装置が保持しているか否かを検証するデータ保持検証方法において、
前記ユーザ端末から前記サーバ装置に所定の検証用情報を送信し、前記サーバ装置において、保持している前記検証対象データと、前記検証用情報とを用いて当該検証対象データに固有かつ当該検証対象データよりも小さいデータサイズのサーバ側証拠データを算出し、算出した前記サーバ側証拠データを前記ユーザ端末に送信する第1のステップと、
前記ユーザ端末側において、前記検証用情報に基づくユーザ端末側証拠データと、前記サーバ装置から送信された前記サーバ側証拠データとを比較し、比較結果に基づいて、前記サーバ装置が前記検証対象データを保持しているか否かを判定する第2のステップと
を備えることを特徴とするデータ保持検証方法。 - 前記ユーザ端末は、予め前記サーバ装置に公開パラメータを登録すると共に、前記検証対象データを前記サーバ装置に預ける際に、当該検証対象データに基づく第1の証蹟を第1の秘密鍵を用いて生成し、
前記ユーザ端末は、前記検証用情報として乱数を前記サーバ装置に送信し、
前記サーバ装置は、前記検証対象データ、前記乱数及び前記公開パラメータを用いてサーバ側証拠データを算出し、算出した前記サーバ側証拠データを前記ユーザ端末に送信し、
前記ユーザ端末は、前記乱数及び前記第1の証蹟に基づいて前記ユーザ端末側証拠データを算出する
ことを特徴とする請求項8に記載のデータ保持検証方法。 - 前記第1の秘密鍵は、2つの素数から構成され、
前記ユーザ端末は、前記2つの素数の積として前記公開パラメータを算出する
ことを特徴とする請求項9に記載のデータ保持検証方法。 - 前記ユーザ端末は、
前記2つの素数からそれぞれ1を減算した値の積を法とし、前記検証対象データの値の指数を1とするべき乗剰余演算により前記第1の証蹟を算出し、
前記サーバ装置は、
前記公開パラメータを法とし、前記乱数を前記検証対象データの値の指数とするべき乗剰余演算により前記サーバ側証拠データを算出し、
前記ユーザ端末は、
前記公開パラメータを法とし、前記乱数を前記第1の証蹟の値の指数とするべき乗剰余演算により前記ユーザ端末側証拠データを算出する
ことを特徴とする請求項10に記載のデータ保持検証方法。 - 前記ユーザ端末は、
複数の第2の秘密鍵を生成し、
前記検証対象データを前記サーバ装置に預ける際に、複数の前記第2の秘密鍵の中から1つの前記第2の秘密鍵を用いて前記第1の証蹟を生成し、
前記第1の証蹟を生成する際に利用した前記第2の秘密鍵を前記検証用情報として前記サーバ装置に送信し、
前記第1の証蹟を前記ユーザ端末側証拠データとして、当該ユーザ端末側証拠データと、前記サーバ装置から送信される前記サーバ側証拠データとを比較する
ことを特徴とする請求項8に記載のデータ保持検証方法。 - 前記ユーザ端末は、
前記検証対象データを上位、前記第2の秘密鍵の値を下位とする前記検証対象データ及び前記第2の秘密鍵を結合した値を入力とした一方向関数の出力値として前記第1の証蹟を生成し、
前記サーバ装置は、
前記検証対象データを上位、前記第2の秘密鍵の値を下位とする前記検証対象データ及び前記第2の秘密鍵を結合した値を入力とした一方向関数の出力値として前記サーバ側証拠データを生成し、
前記ユーザ端末は、
前記ユーザ端末側証拠データ及び前記サーバ側証拠データが同一である場合に、前記サーバ装置が前記検証対象データを保持していると判定する
ことを特徴とする請求項12に記載のデータ保持検証方法。 - 前記ユーザ端末から前記サーバ装置に予め公開パラメータが登録され、
前記ユーザ端末は、前記検証対象データを前記サーバ装置に預ける際に、当該検証対象データを複数の分割データに分割し、前記分割データごとに当該分割データに基づく第2の証蹟をそれぞれ生成し、生成した前記分割データごとの前記第2の証蹟を前記検証対象データと共に前記サーバ装置に送信し、
前記ユーザ端末は、前記検証用情報として、第3の秘密鍵を用いて生成したパラメータと、前記検証対象データの前記分割データごとの乱数とを前記サーバ装置に送信し、
前記サーバ装置は、前記パラメータと、前記検証対象データの各前記分割データと、前記検証対象データの前記分割データごとの前記乱数と、前記公開パラメータとを用いて前記サーバ側証拠データを算出し、
前記ユーザ端末は、前記第3の秘密鍵と、前記検証対象データの前記分割データごとの前記乱数とを用いて前記ユーザ端末側証拠データを算出する
ことを特徴とする請求項1に記載のデータ保持検証システム。
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US14/438,698 US20150288703A1 (en) | 2012-10-31 | 2012-10-31 | Data possession verification system and method |
EP12887668.7A EP2916482A4 (en) | 2012-10-31 | 2012-10-31 | SYSTEM AND METHOD FOR VERIFYING STORAGE OF DATA |
JP2014544148A JP5876937B2 (ja) | 2012-10-31 | 2012-10-31 | データ保持検証システム及び方法 |
PCT/JP2012/078249 WO2014068734A1 (ja) | 2012-10-31 | 2012-10-31 | データ保持検証システム及び方法 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/JP2012/078249 WO2014068734A1 (ja) | 2012-10-31 | 2012-10-31 | データ保持検証システム及び方法 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2014068734A1 true WO2014068734A1 (ja) | 2014-05-08 |
Family
ID=50626700
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2012/078249 WO2014068734A1 (ja) | 2012-10-31 | 2012-10-31 | データ保持検証システム及び方法 |
Country Status (4)
Country | Link |
---|---|
US (1) | US20150288703A1 (ja) |
EP (1) | EP2916482A4 (ja) |
JP (1) | JP5876937B2 (ja) |
WO (1) | WO2014068734A1 (ja) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2016031033A1 (ja) * | 2014-08-29 | 2016-03-03 | 株式会社日立製作所 | データ保持確認方法、装置 |
CN116383239A (zh) * | 2023-06-06 | 2023-07-04 | 中国人民解放军国防科技大学 | 一种基于混合证据的事实验证方法、系统及存储介质 |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
IN2013CH05992A (ja) * | 2013-12-20 | 2015-06-26 | Infosys Ltd | |
US10498819B2 (en) | 2015-05-13 | 2019-12-03 | Nec Corporation | Method for storing data in a cloud and network for carrying out the method |
KR102415626B1 (ko) * | 2016-01-04 | 2022-07-01 | 한국전자통신연구원 | 데이터 소유권 검증 방법 및 장치 |
US11895240B2 (en) * | 2016-12-15 | 2024-02-06 | Nec Corporation | System, apparatus, method and program for preventing illegal distribution of an access token |
CN111865596B (zh) * | 2019-04-29 | 2022-01-04 | 华控清交信息科技(北京)有限公司 | 面向数据传输的验证方法及系统 |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080134321A1 (en) * | 2006-12-05 | 2008-06-05 | Priya Rajagopal | Tamper-resistant method and apparatus for verification and measurement of host agent dynamic data updates |
US7913086B2 (en) * | 2007-06-20 | 2011-03-22 | Nokia Corporation | Method for remote message attestation in a communication system |
TWI424321B (zh) * | 2010-05-14 | 2014-01-21 | Chunghwa Telecom Co Ltd | 雲端儲存系統及方法 |
US9253199B2 (en) * | 2010-09-09 | 2016-02-02 | Red Hat, Inc. | Verifying authenticity of a sender of an electronic message sent to a recipient using message salt |
-
2012
- 2012-10-31 US US14/438,698 patent/US20150288703A1/en not_active Abandoned
- 2012-10-31 WO PCT/JP2012/078249 patent/WO2014068734A1/ja active Application Filing
- 2012-10-31 JP JP2014544148A patent/JP5876937B2/ja not_active Expired - Fee Related
- 2012-10-31 EP EP12887668.7A patent/EP2916482A4/en not_active Withdrawn
Non-Patent Citations (5)
Title |
---|
AYAD F. BARSOUM ET AL.: "Provable Possession and Replication of Data over Cloud Servers", TECHNICAL REPORTS, 2010, UNIVERSITY OF WATERLOO, XP055240428, Retrieved from the Internet <URL:http://cacr.uwaterloo.ca/techreports/2010/cacr2010-32.pdf> [retrieved on 20121130] * |
GIUSEPPE ATENIESE; RANDAL BURNS; REZA CURTMOLA; JOSEPH HERRING; LEA KISSNER; ZACHARY PETERSON; DAWN SONG, PROVABLE DATA POSSESSION AT UNTRUSTED STORES. PROCEEDINGS OF 14TH ACM CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2007 |
GIUSEPPE ATENIESE; RANDAL BURNS; REZA CURTMOLA; JOSEPH HERRING; LEA KISSNER; ZACHARY PETERSON; DAWN SONG: "Provable Data Possession at Untrusted Stores", PROCEEDINGS OF 14TH ACM CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2007 |
See also references of EP2916482A4 |
SRAVAN KUMAR R ET AL.: "Data Integrity Proofs in Cloud Storage", PROCEEDINGS OF 2011 THIRD INTERNATIONAL CONFERENCE ON COMMUNICATION SYSTEMS AND NETWORKS, 2011, XP031979807, Retrieved from the Internet <URL:http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=5716422> [retrieved on 20121130] * |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2016031033A1 (ja) * | 2014-08-29 | 2016-03-03 | 株式会社日立製作所 | データ保持確認方法、装置 |
CN116383239A (zh) * | 2023-06-06 | 2023-07-04 | 中国人民解放军国防科技大学 | 一种基于混合证据的事实验证方法、系统及存储介质 |
CN116383239B (zh) * | 2023-06-06 | 2023-08-15 | 中国人民解放军国防科技大学 | 一种基于混合证据的事实验证方法、系统及存储介质 |
Also Published As
Publication number | Publication date |
---|---|
EP2916482A4 (en) | 2016-05-25 |
JPWO2014068734A1 (ja) | 2016-09-08 |
EP2916482A1 (en) | 2015-09-09 |
JP5876937B2 (ja) | 2016-03-02 |
US20150288703A1 (en) | 2015-10-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP5876937B2 (ja) | データ保持検証システム及び方法 | |
US11170092B1 (en) | Document authentication certification with blockchain and distributed ledger techniques | |
Liu et al. | Blockchain based data integrity service framework for IoT data | |
KR102472231B1 (ko) | 블록체인 구현 방법 및 시스템 | |
Armknecht et al. | Transparent data deduplication in the cloud | |
EP2791817B1 (en) | Cryptographic certification of secure hosted execution environments | |
US8667263B2 (en) | System and method for measuring staleness of attestation during booting between a first and second device by generating a first and second time and calculating a difference between the first and second time to measure the staleness | |
KR101791768B1 (ko) | 신뢰된 제공자에 의한 구성 및 검증 | |
AU2017423496B2 (en) | Secure token passing via blockchains | |
CN111133733B (zh) | 用于基于云平台的自动区块链部署的方法和系统 | |
US20170244568A1 (en) | Provisioning authentication keys in computer processor | |
EP3605944A1 (en) | Documenting timestamps within a blockchain | |
JP2009003854A (ja) | 情報セキュリティ装置および情報セキュリティシステム | |
CN110199285A (zh) | 从属包围区二进制文件 | |
CN110214321A (zh) | 嵌套包围区身份 | |
Ponnuramu et al. | Data integrity proof and secure computation in cloud computing | |
JP6939313B2 (ja) | 分散認証システム | |
CN113051622B (zh) | 索引构建方法、装置、设备和存储介质 | |
CN111769956B (zh) | 业务处理方法、装置、设备及介质 | |
US11356276B2 (en) | Digital data management | |
CN114866409B (zh) | 基于密码加速硬件的密码加速方法及装置 | |
US11435907B2 (en) | Ensuring data authenticity using notary as a service | |
Lokre et al. | Addressing Security and Privacy in Cloud Computing: Blockchain as a Service | |
Korlapati et al. | SIOCEN: Secure Integrity Verification of Outsourced Data in Cloud Storage using Blockchain | |
Almarwani et al. | A novel approach to data integrity auditing in PCS: Minimising any Trust on Third Parties (DIA-MTTP) |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 12887668 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 2014544148 Country of ref document: JP Kind code of ref document: A |
|
WWE | Wipo information: entry into national phase |
Ref document number: 14438698 Country of ref document: US |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2012887668 Country of ref document: EP |
|
NENP | Non-entry into the national phase |
Ref country code: DE |