CN102710661B

CN102710661B - Cloud storage and aggregation architecture and data storage and aggregation method by using same

Info

Publication number: CN102710661B
Application number: CN201210211611.1A
Authority: CN
Inventors: 朱浩瑾; 曹珍富; 肖承欣; 贾巍巍
Original assignee: Shanghai Jiao Tong University
Current assignee: Shanghai Jiao Tong University
Priority date: 2012-06-25
Filing date: 2012-06-25
Publication date: 2014-10-15
Anticipated expiration: 2032-06-25
Also published as: CN102710661A

Abstract

A cloud storage and aggregation architecture and a data storage and aggregation method thereof, comprising: a user for dividing data or encrypting data through an aggregation server, a mutually independent storage cloud for storing and locally aggregating data, A third-party trusted server for key distribution to storage clouds, a data aggregation server for total aggregation of received data and decryption results, and a data storage and aggregation method thereof. The present invention guarantees the security of the data stored in the cloud while ensuring that the user cannot know the data situation stored in the cloud when the aggregation server aggregates the data.

Description

Cloud storage and aggregation architecture and its data storage and aggregation method

技术领域 technical field

本发明属于计算机领域，涉及网络数据存在技术，具体是涉及一种云存储与聚合架构及其数据存储与聚合方法。The invention belongs to the field of computers and relates to network data storage technology, in particular to a cloud storage and aggregation architecture and a data storage and aggregation method thereof.

背景技术 Background technique

目前，数据的云存储与数据聚合技术在科研与实际应用中都变得越来越重要。而在数据云存储应用中，不可避免的会遇到隐私泄露问题的挑战。传统上，当个人用户在本地服务器上存储敏感信息时，个人用户必须相信服务器的硬件和软件是安全可靠的。在保护数据安全方面，已经存在着许多成熟的技术，比如访问控制，入侵检测和数据访问策略等等。然而，目前存在的这些技术都不能够保证数据库的绝对安全和入侵的免疫。比如Google Docs所暴露的越权限访问文档问题。At present, data cloud storage and data aggregation technologies are becoming more and more important in scientific research and practical applications. In data cloud storage applications, it is inevitable to encounter the challenge of privacy leakage. Traditionally, when an individual user stores sensitive information on a local server, the individual user must trust that the server's hardware and software are safe and reliable. In terms of data security protection, there are already many mature technologies, such as access control, intrusion detection and data access policy and so on. However, none of these existing technologies can guarantee the absolute security and intrusion immunity of the database. For example, the problem of unauthorized access to documents exposed by Google Docs.

发明内容 Contents of the invention

为了解决上述对数据安全保护和数据聚合技术的不足，本发明提供了一种云存储与聚合架构及其数据存储与聚合方法，不仅能保证数据的安全和用户的隐私，而且能方便的让数据聚合服务器能够通过存储云来进行数据聚合。In order to solve the above-mentioned deficiencies in data security protection and data aggregation technology, the present invention provides a cloud storage and aggregation architecture and its data storage and aggregation method, which can not only ensure data security and user privacy, but also allow data The aggregation server can perform data aggregation through the storage cloud.

本发明的技术解决方案如下：Technical solution of the present invention is as follows:

一种云存储与聚合架构，其特点是，包括：用户、多个互相独立的存储云、第三方可信服务器和数据聚合服务器，其中：A cloud storage and aggregation architecture, characterized by including: users, multiple independent storage clouds, third-party trusted servers, and data aggregation servers, wherein:

所述的用户，用于对数据进行分割或者通过聚合服务器对数据进行加密；The user is used to divide the data or encrypt the data through the aggregation server;

所述的存储云，用于对数据进行存储和本地聚合；The storage cloud is used for storing and locally aggregating data;

所述的第三方可信服务器，用于对存储云进行密钥分配；和The third-party trusted server is used for key distribution to the storage cloud; and

所述的聚合服务器，用于对接收到的数据进行总聚合和/或对数据进行加密。The aggregation server is configured to aggregate the received data and/or encrypt the data.

一种利用云存储与聚合架构的数据存储与聚合方法，其特点是，该方法包括如下步骤：A data storage and aggregation method using cloud storage and aggregation architecture, characterized in that the method includes the following steps:

第三方可信服务器对存储云进行密钥分配，每个存储云获得一个密钥，所有的密钥加起来和为零；The third-party trusted server distributes the key to the storage cloud, and each storage cloud obtains a key, and the sum of all the keys is zero;

在存储数据时，用户将数据分割成多个数据块，并将数据块分别存储在不同的存储云上；各存储云获得每一用户的一个数据块；各个存储云彼此相互独立，不允许互相通信合谋探测用户的数据信息，因此各个云端都无法得知完整的用户数据。When storing data, the user divides the data into multiple data blocks and stores the data blocks on different storage clouds; each storage cloud obtains one data block for each user; each storage cloud is independent of each other and does not allow each other The communication colludes to detect the user's data information, so each cloud cannot know the complete user data.

在聚合数据时，聚合服务器发送请求给每个存储云，同时聚合服务器产生满秩矩阵，并发送给每个存储云；When aggregating data, the aggregation server sends a request to each storage cloud, and at the same time, the aggregation server generates a full-rank matrix and sends it to each storage cloud;

存储云在本地聚合所有需要聚合用户的数据块，然后对本地聚合结果通过满秩矩阵进行数据变换后，发送给聚合服务器；The storage cloud aggregates all the data blocks that need to be aggregated locally, and then performs data transformation on the local aggregation result through a full-rank matrix, and then sends it to the aggregation server;

聚合服务器将接收到的数据进行的总聚合。The total aggregation of the data received by the aggregation server.

在存储数据时，用户通过聚合服务器的公钥对数据进行同态加密，然后存储在任意一个存储云上；存储云无法知道聚合服务器的私钥，所以无法得知用户的明文数据。When storing data, the user performs homomorphic encryption on the data through the public key of the aggregation server, and then stores it on any storage cloud; the storage cloud cannot know the private key of the aggregation server, so it cannot know the user's plaintext data.

在聚合数据时，聚合服务器发送请求给每个存储云；When aggregating data, the aggregation server sends a request to each storage cloud;

存储云对所有需要聚合用户的数据块进行本地连乘操作，并将本地连乘操作结果发送给聚合服务器；The storage cloud performs local multiplication operations on all data blocks that need to be aggregated, and sends the local multiplication operation results to the aggregation server;

聚合服务器对接收到的数据进行连乘聚合，然后就对连乘聚合结果解密。The aggregation server performs multiplication and aggregation on the received data, and then decrypts the multiplication and aggregation results.

与现有技术相比，本发明的有益效果是保证用户在存储云的数据安全的同时，又可以保证在聚合服务器对数据进行聚合的时候无法得知存储云端的数据情况。Compared with the prior art, the beneficial effect of the present invention is that while ensuring the security of the data stored in the cloud, the user can also ensure that the aggregation server cannot know the status of the data stored in the cloud when the aggregation server aggregates the data.

附图说明 Description of drawings

图1是本发明云存储与聚合架构的结构示意图。FIG. 1 is a schematic structural diagram of the cloud storage and aggregation architecture of the present invention.

具体实施方式 Detailed ways

下面结合附图和实施例对本发明进一步说明，但不应以此限制本发明的保护范围。The present invention will be further described below in conjunction with the accompanying drawings and embodiments, but the protection scope of the present invention should not be limited thereby.

第一种方案：在图1中，左边的用户把用户的数据经过用户分割后存储在多个不同的存储云端（中间部分）。每个存储云获得一个用户的数据块。各个存储云彼此相互独立，不允许互相通信合谋探测用户的数据信息，因此各个云端都无法得知完整的用户数据。The first solution: In Figure 1, the user on the left stores the user's data in multiple different storage clouds (the middle part) after being divided by the user. Each storage cloud gets a user's data block. Each storage cloud is independent of each other, and it is not allowed to communicate with each other to conspire to detect user data information, so each cloud cannot know the complete user data.

在数据聚合方面：在这种架构中有一个独立可信的第三方服务器（右边部分）为各个存储云端分配密钥（r₁，r₂，...，r_n）。每个存储云获得一个密钥，所有的密钥加起来的和为零，用c_im来表示各个私钥。In terms of data aggregation: In this architecture, there is an independent and trusted third-party server (right part) that distributes keys (r ₁ , r ₂ , ..., r _n ) for each storage cloud. Each storage cloud obtains a key, and the sum of all keys is zero, and c _im is used to represent each private key.

${Σ Σ}_{i i = = 11}^{n no} {r r}_{i i} = = 00$ ${Σ Σ}_{i i = = 11}^{n no} {c c}_{im im} = = 00$

其中n表示存储云的个数。Where n represents the number of storage clouds.

第一步：在聚合服务器需要聚合的时候，发送一个请求给各个存储云，并且数据聚合服务器产生一个满秩矩阵，维数为m，x_ij为矩阵的元素。Step 1: When the aggregation server needs to aggregate, it sends a request to each storage cloud, and the data aggregation server generates a full-rank matrix with dimension m, and x _ij is the element of the matrix.

$(\begin{matrix} {x x}_{1111} {x x}_{1212} . . . . . . {x x}_{11 m m} \\ {x x}_{21 twenty one} {x x}_{22 twenty two} . . . . . . {x x}_{22 m m} \\ . . . . . . \\ {x x}_{m m 11} {x x}_{m m 22} . . . . . . {x x}_{mm mm} \end{matrix})$

然后发给各个存储云，存储云先在本地聚合所有参与聚合的用户数据块。Then it is sent to each storage cloud, and the storage cloud first aggregates all user data blocks participating in the aggregation locally.

${R R}_{i i} = = {Σ Σ}_{i i = = 11}^{k k} {u u}_{i i}$

其中k是参与聚合的本地用户个数，u_i是用户的数据。Among them, k is the number of local users participating in the aggregation, and u _i is the user's data.

然后存储云把本地聚合的数据结果R_i分解成m+1分。Then the storage cloud decomposes the locally aggregated data result R _i into m+1 points.

c_i0+c_i1+c_i2+…+c_im ←R_i c _i0 +c _i1 +c _i2 +…+c _im ←R _i

然后把本地聚合结果通过满秩矩阵对数据进行变换。Then the local aggregation results are transformed through the full-rank matrix to the data.

$\{\begin{matrix} {y the y}_{i i 11} = = {c c}_{i i 00} + + {c c}_{i i 11} + + {x x}_{1111} + + {c c}_{i i 22} {x x}_{1212} + + . . . . . . + + {c c}_{im im} {x x}_{11 m m} \\ {y the y}_{i i 22} = = {c c}_{i i 00} + + {c c}_{i i 11} {x x}_{21 twenty one} + + {c c}_{i i 22} {x x}_{22 twenty two} + + . . . . . . + + {c c}_{im im} {x x}_{22 m m} \\ . . . . . . \\ {y the y}_{im im} = = {c c}_{i i 00} + + {c c}_{i i 11} {x x}_{m m 11} + + {c c}_{i i 22} {x x}_{m m 22} + + . . . . . . + + {c c}_{im im} {x x}_{mm mm} \end{matrix}$

再把变换后的数据y_i1，y_i2，…，y_im发送给数据聚合服务器，最后数据聚合服务器把所有的变换后数据加和：Then send the transformed data y _i1 , y _i2 , ..., y _im to the data aggregation server, and finally the data aggregation server adds up all the transformed data:

$\{\begin{matrix} {Σ Σ}_{i i = = 11}^{n no} {y the y}_{i i 11} = = {Σ Σ}_{i i = = 11}^{n no} {c c}_{i i 00} + + {Σ Σ}_{i i = = 11}^{n no} {c c}_{i i 11} {x x}_{1111} + + {Σ Σ}_{i i = = 11}^{n no} {c c}_{i i 22} {x x}_{1212} + + . . . . . . + + {Σ Σ}_{i i = = 11}^{n no} {c c}_{im im} {x x}_{11 m m} \\ {Σ Σ}_{i i = = 11}^{n no} {y the y}_{i i 22} = = {Σ Σ}_{i i = = 11}^{n no} {c c}_{i i 00} + + {Σ Σ}_{i i = = 11}^{n no} {c c}_{i i 11} {x x}_{21 twenty one} + + {Σ Σ}_{i i = = 11}^{n no} {c c}_{i i 22} {x x}_{22 twenty two} + + . . . . . . + + {Σ Σ}_{i i = = 11}^{n no} {c c}_{im im} {x x}_{22 m m} \\ {Σ Σ}_{i i = = 11}^{n no} {y the y}_{im im} = = {Σ Σ}_{i i = = 11}^{n no} {c c}_{i i 00} + + {Σ Σ}_{i i = = 11}^{n no} {c c}_{i i 11} {x x}_{m m 11} + + {Σ Σ}_{i i = = 11}^{n no} {c c}_{i i 22} {x x}_{m m 22} + + . . . . . . + + {Σ Σ}_{i i = = 11}^{n no} {c c}_{im im} {x x}_{mm mm} \end{matrix}$

因为所以以上公式的最后一项可以消去，正好m个方程m个未知数。because Therefore, the last term of the above formula can be eliminated, exactly m equations and m unknowns.

通过解方程组获得把所有的解加起来得到最后的聚合结果就是在这个过程中数据聚合服务器无法探测个人数据。Obtained by solving the system of equations Adding up all the solutions to get the final aggregated result is The data aggregation server cannot detect personal data during this process.

第二种方案：在图1中，用户的数据不进行分割，而是通过聚合服务器的公钥进行加密，加密算法是Paillier同态加密。加密之后存储到任意一个存储云，存储云无法知道聚合服务器的私钥，所以无法得知用户的明文数据。用户的加密数据记为P(u_i)。其中u_i为每个用户的明文数据。The second solution: In Figure 1, the user's data is not divided, but encrypted with the public key of the aggregation server, and the encryption algorithm is Paillier homomorphic encryption. After encryption, it is stored in any storage cloud. The storage cloud cannot know the private key of the aggregation server, so it cannot know the user's plaintext data. The user's encrypted data is denoted as P(u _i ). Where u _i is the plaintext data of each user.

在数据聚合方面：在这种架构中有一个独立可信的第三方服务器（右边部分）为各个存储云分配密钥（sk₁，sk₂，...，sk_n）。每个存储云获得一个密钥，所有的密钥加起来的和为零。In terms of data aggregation: In this architecture, there is an independent and trusted third-party server (right part) that distributes keys (sk ₁ , sk ₂ , ..., sk _n ) for each storage cloud. Each storage cloud gets a key, and the sum of all keys is zero.

${Σ Σ}_{i i = = 11}^{n no} {sk sk}_{i i} = = 00$

其中n为存储云的个数。Where n is the number of storage clouds.

当聚合服务器进行聚合时，发送一个请求给所有的存储云，每个存储云在接收到聚合服务器发送的请求之后，先对参与聚合运算的用户进行本地连乘操作。操作结果记为A_I When the aggregation server performs aggregation, it sends a request to all storage clouds. After each storage cloud receives the request sent by the aggregation server, it first performs a local multiplication operation for the users participating in the aggregation operation. The result of the operation is recorded as A _I

${R R}_{i i} = = {Π Π}_{i i = = 11}^{k k} P P (({u u}_{i i}))$

${A A}_{i i} = = {R R}_{i i} H h {((t t))}^{{sk sk}_{i i}}$

其中k为参与运算的本地用户个数，H为哈希函数，t为当前的时间戳，R_i为连乘结果，A_i为加入时间戳后的存储云加密结果。Where k is the number of local users participating in the operation, H is the hash function, t is the current timestamp, R _i is the multiplication result, and A _i is the storage cloud encryption result after adding the timestamp.

然后存储云把A_i发送给聚合服务器，当聚合服务器收到所有存储云发来的A_i之后，聚合服务器进行以下连乘聚合：Then the storage cloud sends A _i to the aggregation server. After the aggregation server receives A _i from all the storage clouds, the aggregation server performs the following multiplication and aggregation:

${Res Res}^{' '} = = {Π Π}_{i i = = 11}^{n no} {A A}_{i i} = = {Π Π}_{i i = = 11}^{n no} {R R}_{i i} H h {((t t))}^{{sk sk}_{11} + + {sk sk}_{22} + + . . . . . . + + {sk sk}_{n no}}$

因为sk₁+sk₂+…+sk_n=0，所以中间结果 Since sk ₁ +sk ₂ +…+sk _n = 0, the intermediate result

因为操作过程是Paillier同态加密，所以聚合服务器直接对Res′解密得到最后的结果：Because the operation process is Paillier homomorphic encryption, the aggregation server directly decrypts Res' to get the final result:

$Res Res = = D D. (({Res Res}^{' '})) = = D D. (({Π Π}_{i i = = 11}^{n no} {R R}_{i i})) = = {Σ Σ}_{j j = = 11}^{m m} {u u}_{j j}$

其中m为所有参与聚合运算的用户数，Res为最终聚合结果。Among them, m is the number of users participating in the aggregation operation, and Res is the final aggregation result.

Claims

1. one kind is utilized cloud storage and the data of polymerization framework to store and polymerization, this cloud storage comprises with polymerization framework: user, a plurality of cloud, third party's trusted servers and aggregate server of independently storing mutually, wherein: described user, for data being cut apart or by aggregate server, data being encrypted; Described storage cloud, for storing data and local polymerization; Described third party's trusted servers, for carrying out encryption key distribution to storage cloud; Described aggregate server, for carrying out total polymerization and result being decrypted to the data that receive; It is characterized in that, the method comprises the steps:

Third party's trusted servers is carried out encryption key distribution to storage cloud, and each storage cloud obtains a key, and all keys are added up and are zero;

When storage data, user becomes a plurality of data blocks by Data Segmentation, and data block is stored in respectively on different storage clouds;

Each stores the data block that cloud obtains each user;

When aggregated data, aggregate server sends request to each storage cloud, and aggregate server produces non-singular matrix simultaneously, and sends to each storage cloud;

Storage cloud, in all data blocks that need syndication users of local polymerization, is then undertaken, after data transformation, sending to aggregate server by non-singular matrix to local polymerization result;

The total polymerization that aggregate server is carried out the data that receive.

2. one kind is utilized cloud storage and the data of polymerization framework to store and polymerization, this cloud storage comprises with polymerization framework: user, a plurality of cloud, third party's trusted servers and aggregate server of independently storing mutually, wherein: described user, for data being cut apart or by aggregate server, data being encrypted; Described storage cloud, for storing data and local polymerization; Described third party's trusted servers, for carrying out encryption key distribution to storage cloud; Described aggregate server, for carrying out total polymerization and result being decrypted to the data that receive; It is characterized in that, the method comprises the steps:

When storage data, user carries out homomorphic cryptography by the PKI of aggregate server to data, is then stored on any one storage cloud;

When aggregated data, aggregate server sends request to each storage cloud;

Storage cloud carries out this locality to all data blocks that need syndication users and connects and take advantage of operation, and takes advantage of operating result to send to aggregate server this locality company;

Aggregate server connects and takes advantage of polymerization the data that receive, and then just to connecting, takes advantage of polymerization result deciphering.