[go: up one dir, main page]

CN105978695A - Batch self-auditing method for cloud storage data - Google Patents

Batch self-auditing method for cloud storage data Download PDF

Info

Publication number
CN105978695A
CN105978695A CN201610286449.8A CN201610286449A CN105978695A CN 105978695 A CN105978695 A CN 105978695A CN 201610286449 A CN201610286449 A CN 201610286449A CN 105978695 A CN105978695 A CN 105978695A
Authority
CN
China
Prior art keywords
cloud
audit
data
cloud server
digital signature
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610286449.8A
Other languages
Chinese (zh)
Inventor
张晓均
张新鹏
唐亮
何小曼
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Southwest Petroleum University
Original Assignee
Southwest Petroleum University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Southwest Petroleum University filed Critical Southwest Petroleum University
Priority to CN201610286449.8A priority Critical patent/CN105978695A/en
Publication of CN105978695A publication Critical patent/CN105978695A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/045Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3252Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using DSA or related signature schemes, e.g. elliptic based signatures, ElGamal or Schnorr schemes

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

本发明属于信息安全技术领域,具体涉及一种用于云存储数据的批量自审计方法。本发明的方法主要包括:生成基于椭圆曲线的数字签名算法的公私钥对,轻量级的签名算法的公私钥对,以及轻量级对称加密算法:计算多个数据文件的数字签名、数据文件标签、数据文件的密文,并发送到云服务器;云用户产生审计挑战信息发送到云服务器;云服务器产将聚合的审计证明响应信息返回给云用户;云用户根据接收到的聚合的审计证明响应信息,利用基于椭圆曲线的数字签名算法以及对称加密算法检验聚合的审计证明响应的合法性。本发明的有益效果为,解决了云存储数据批量完整性验证的问题,使得用户能够有效地对多个数据文件的完整性同时进行验证。The invention belongs to the technical field of information security, and in particular relates to a batch self-auditing method for cloud storage data. The method of the present invention mainly includes: generating a public-private key pair based on an elliptic curve digital signature algorithm, a public-private key pair of a lightweight signature algorithm, and a lightweight symmetric encryption algorithm: calculating digital signatures of multiple data files, data files Tags and ciphertexts of data files are sent to the cloud server; cloud users generate audit challenge information and send it to the cloud server; the cloud server returns the aggregated audit proof response information to the cloud user; cloud users For the response information, use the digital signature algorithm based on the elliptic curve and the symmetric encryption algorithm to verify the legitimacy of the aggregated audit proof response. The invention has the beneficial effects of solving the problem of verifying the integrity of cloud storage data in batches, enabling users to effectively verify the integrity of multiple data files at the same time.

Description

一种用于云存储数据的批量自审计方法A Batch Self-Audit Method for Cloud Storage Data

技术领域technical field

本发明属于信息安全技术领域,具体涉及一种用于云存储数据的批量自审计方法。The invention belongs to the technical field of information security, and in particular relates to a batch self-auditing method for cloud storage data.

背景技术Background technique

云存储作为云计算的一种重要服务模式已日益盛行,将数据外包存储在云服务器上相比传统存储模式有着极大的优势,但同时也让用户对存储在云服务器的数据的安全隐私问题担忧。首先,云用户担心他们存储在云服务器上的数据可能被未认证用户访问并滥用,因为一旦数据被存储到云服务器上,云用户就放弃了数据的物理上的控制权。其次,云用户担心他们存储在云服务器上的数据可能被丢失。因为不管云服务提供商采用可靠程度多么高的方法,都有可能导致云存储设备上的数据丢失或损坏。再次,云服务提供商由于一些经济利益往往会删除一些很少被用户访问的数据,从而节省存储空间,并且他们也不会及时地向被删除的这些数据的主人反应真实情况。因此,为了确保云存储数据的真实性和完整性,云用户需要对存储在云服务器上的数据进行完整性验证。As an important service model of cloud computing, cloud storage has become increasingly popular. Outsourcing data storage on cloud servers has great advantages over traditional storage models, but at the same time, it also makes users worry about the security and privacy of data stored on cloud servers. worry. First of all, cloud users worry that their data stored on cloud servers may be accessed and abused by unauthorized users, because once the data is stored on cloud servers, cloud users give up the physical control of the data. Second, cloud users worry that their data stored on cloud servers may be lost. Because no matter how reliable the cloud service provider is, it may cause data loss or damage on the cloud storage device. Thirdly, due to some economic interests, cloud service providers often delete some data that is rarely accessed by users to save storage space, and they will not promptly report the real situation to the owner of the deleted data. Therefore, in order to ensure the authenticity and integrity of cloud storage data, cloud users need to verify the integrity of the data stored on the cloud server.

在大多数情况下,为了确保数据的机密性,用户的数据都是先经过加密再存储在云服务器上。即便是这样,在对用户的存储在云服务器上的敏感数据进行完整性验证的过程中,用户也不希望委托第三方审计者帮助其审计数据的完整性。这是因为存储在云服务器上的部分公共数据会被第三方审计者掌握,进而导致云用户敏感而重要的数据出现泄露的威胁。此外,当前绝大部分支持第三方审计的云存储数据完整性审计方法都是利用基于双线性对的聚合数字签名算法设计得到的,然而这需要计算开销较大的模指数与双线性对运算。而基于椭圆曲线构造的数字签名算法其安全性依赖于椭圆曲线有限群上的离散对数问题,具有签名长度短,存储空间小,计算速度快的特性,特别适用于需要轻量级计算量,存储空间有限,需要高效实现的场合。因此,针对适用于无线通信环境的应用场景,设计具有更高隐私保护的基于椭圆曲线的云存储数据批量自审计方法具有重要的应用价值。In most cases, in order to ensure the confidentiality of the data, the user's data is first encrypted and then stored on the cloud server. Even so, in the process of verifying the integrity of the user's sensitive data stored on the cloud server, the user does not want to entrust a third-party auditor to help him audit the integrity of the data. This is because some public data stored on cloud servers will be mastered by third-party auditors, which will lead to the threat of leakage of sensitive and important data of cloud users. In addition, most of the current cloud storage data integrity audit methods that support third-party audits are designed using the aggregate digital signature algorithm based on bilinear pairings. However, this requires computationally expensive modular exponents and bilinear pairings operation. The security of the digital signature algorithm based on elliptic curve construction depends on the discrete logarithm problem on the elliptic curve finite group. It has the characteristics of short signature length, small storage space, and fast calculation speed. It is especially suitable for lightweight calculations. The storage space is limited and efficient implementation is required. Therefore, for the application scenarios applicable to the wireless communication environment, it is of great application value to design an elliptic curve-based cloud storage data batch self-audit method with higher privacy protection.

发明内容Contents of the invention

本发明的目的是为了解决上述问题,提供一种基于椭圆曲线的用于云存储数据的批量自审计方法。The object of the present invention is to solve the above problems, and provide a batch self-audit method for cloud storage data based on elliptic curves.

本发明的技术方案为:一种用于云存储数据的批量自审计方法,其特征在于,包括以下步骤:The technical solution of the present invention is: a batch self-audit method for cloud storage data, characterized in that it comprises the following steps:

a.系统初始化,具体包括:生成一个基于椭圆曲线的数字签名算法的公私钥对,一个用于对文件名称进行轻量级签名的签名算法的公私钥对,以及一个轻量级对称加密算法:a. System initialization, specifically including: generating a public-private key pair based on an elliptic curve-based digital signature algorithm, a public-private key pair for a lightweight signature algorithm for file names, and a lightweight symmetric encryption algorithm:

b.签名产生,具体包括:b. Signature generation, including:

b1.利用步骤a中所述的基于椭圆曲线的数字签名算法,分别计算多个数据文件的数字签名;b1. Using the digital signature algorithm based on the elliptic curve described in step a to calculate the digital signatures of multiple data files respectively;

b2.利用步骤a中所述的签名算法分别对不同的数据文件名称进行数字签名产生数据文件标签,并利用步骤a中所述的对称加密算法将每一个数据文件进行加密获得数据文件的密文;b2. Use the signature algorithm described in step a to digitally sign different data file names to generate data file labels, and use the symmetric encryption algorithm described in step a to encrypt each data file to obtain the ciphertext of the data file ;

b3.将步骤b1中产生的数字签名和步骤b2中产生的数据文件标签及数据文件的密文发送到云服务器;b3. The digital signature generated in step b1 and the data file label generated in step b2 and the ciphertext of the data file are sent to the cloud server;

c.审计证明产生,具体包括:c. Generation of audit certificates, including:

c1.云用户产生审计挑战信息发送到云服务器;c1. Cloud users generate audit challenge information and send it to the cloud server;

c2.云服务器根据审计挑战信息产生多个数据文件的聚合的审计证明响应信息,并将聚合的审计证明响应信息返回给云用户;c2. The cloud server generates aggregated audit proof response information of multiple data files according to the audit challenge information, and returns the aggregated audit proof response information to the cloud user;

d.审计证明验证,具体包括:云用户根据接收到的聚合的审计证明响应信息,利用基于椭圆曲线的数字签名算法以及对称加密算法检验聚合的审计证明响应信息的合法性。d. Audit proof verification, specifically including: the cloud user uses the digital signature algorithm based on elliptic curve and symmetric encryption algorithm to verify the legitimacy of the aggregated audit proof response information according to the received aggregated audit proof response information.

进一步的,所述步骤a的具体方法为:Further, the specific method of the step a is:

a1.定义一个在ZP(模p剩余类环)上的椭圆曲线E,设置V是E上阶为素数q的一个点,V是循环群<V>的生成元,p是大素数;a1. Define an elliptic curve E on Z P (modulus p residual class ring), set V to be a point whose upper order is a prime number q, V is the generator of the cyclic group <V>, and p is a large prime number;

a2.设置一个安全的轻量级对称加密算法秘密密钥为t;同时产生一个轻量级数字签名算法的公私钥对(rpk,rsk);a2. Set up a secure lightweight symmetric encryption algorithm The secret key is t; at the same time, a public-private key pair (rpk, rsk) of a lightweight digital signature algorithm is generated;

a3.从Zq中随机选取一个值z,生成基于椭圆曲线的签名算法的公钥K={q,E,V,U},U=zV为实际签名公钥,签名私钥为z,Zq是模q剩余类环。a3. Randomly select a value z from Z q to generate the public key K={q,E,V,U} based on the elliptic curve signature algorithm, U=zV is the actual signature public key, and the signature private key is z, Z q is a remainder class ring modulo q.

进一步的,所述步骤b的具体方法为:Further, the specific method of step b is:

对于1≤l≤L,设每一个数据文件位文件名称为namel,则:For 1≤l≤L, set each data file bit The file name is name l , then:

步骤b1具体为:选取随机数kl,i∈Zq,分别产生每一个数据文件fl,i的数字签名为:δl,i=(Wl,i,rl,il,i)其中,Wl,i=kl,iV=(ul,i,vl,i),rl,i=ul,i mod q,τl,i=(rl,ikl,i+fl,iz)modq,定义这些签名的集合为 Step b1 is specifically: select random numbers k l,i ∈ Z q , and generate digital signatures for each data file f l,i respectively: δ l,i = (W l,i ,r l,il, i ) Among them, W l,i =k l,i V=(u l,i ,v l,i ), r l,i =u l,i mod q, τ l,i =(r l,i k l, i +f l,i z)modq, defining the set of these signatures as

步骤b2具体为:调用一个轻量级数字签名算法计算文件名称namel的标签σl=namel||SSigrsk(namel);调用对称加密算法将每一个数据块fl,i加密为即将加密为 Step b2 is specifically: calling a lightweight digital signature algorithm to calculate the label σ l of the file name name l = name l ||SSig rsk (name l ); calling a symmetric encryption algorithm Encrypt each data block f l,i as about to encrypted as

步骤b3具体为:云用户发送给云服务器。Step b3 is specifically: the cloud user sends to the cloud server.

进一步的,所述步骤c1中云用户产生的审计挑战信息为:从中随机选取一个含有c个元素的子集C={l1,…,lc};对于每一个j∈C,用户产生相应的随机值νj,最后云用户发送审计挑战信息chal={j,νj}j∈C给云服务器;Further, the audit challenge information generated by the cloud user in the step c1 is: from Randomly select a subset C={l 1 ,…,l c } containing c elements; for each j∈C, the user generates a corresponding random value ν j , and finally the cloud user sends an audit challenge message chal={j ,ν j } j∈C to the cloud server;

则步骤c2中:云服务器计算组合信息块以及聚合签名最后,云服务器发送(W,τ,{fl}1≤l≤L,{namel}1≤l≤L)作为审计证明响应信息给云用户。Then in step c2: the cloud server calculates the combined information block and the aggregated signature Finally, the cloud server sends (W,τ,{f l } 1≤l≤L ,{name l } 1≤l≤L ) as the audit proof response information to the cloud user.

进一步的,所述步骤d的具体方法为:Further, the specific method of step d is:

验证方程是否成立,若成立,则审计证明响应信息有效,若不成立,则审计证明响应信息无效;其中, Verification equation Whether it is established, if established, the audit proves that the response information is valid, if not established, the audit proves that the response information is invalid; among them,

本发明的有益效果为,解决了云存储数据批量完整性验证的问题。该发明方法要求用户的原始数据以密文形式存储在云服务器,能够有效确保数据的机密性。该方法利用椭圆曲线数字签名算法构造了同态线性认证器,使得用户能够有效地对多个数据文件的完整性同时进行验证,并且设计的方法所需要的计算量和存储量都是轻量级的,能够有效应用于无线通信网络环境。The invention has the beneficial effects of solving the problem of batch integrity verification of cloud storage data. The inventive method requires the user's original data to be stored in the cloud server in the form of ciphertext, which can effectively ensure the confidentiality of the data. This method uses the elliptic curve digital signature algorithm to construct a homomorphic linear authenticator, which enables users to effectively verify the integrity of multiple data files at the same time, and the amount of calculation and storage required by the designed method are both lightweight It can be effectively applied to the wireless communication network environment.

具体实施方式detailed description

下面详细描述本发明的技术方案:Describe technical scheme of the present invention in detail below:

本发明的步骤分为四个部分:The steps of the present invention are divided into four parts:

系统初始化:系统生成一个基于椭圆曲线的数字签名算法的公私钥对,一个用于对文件名称进行轻量级签名的公私钥对,以及一个安全的轻量级对称加密算法。System initialization: The system generates a public-private key pair based on an elliptic curve digital signature algorithm, a public-private key pair for lightweight signatures on file names, and a secure lightweight symmetric encryption algorithm.

签名产生步骤:用户分别对多个数据文件利用改进的椭圆曲线签名算法(ECDSA)计算其数字签名,同时分别对不同的数据文件名称进行数字签名产生数据文件标签,并将这多个敏感数据文件进行对称加密。最后将这些签名以及数据文件的密文发送到云服务器,并在本地客户端删除这些数据。Signature generation steps: the user uses the improved Elliptic Curve Signature Algorithm (ECDSA) to calculate their digital signatures for multiple data files, and at the same time digitally signs different data file names to generate data file labels, and stores these multiple sensitive data files Perform symmetric encryption. Finally, these signatures and the ciphertext of the data file are sent to the cloud server, and these data are deleted on the local client.

审计证明产生步骤:为了能够同时批量审计外包存储在云服务器上的数据完整性,云用户产生一个审计挑战信息,并将挑战信息发送给云服务器。云服务器收到挑战信息后,产生这多个数据文件的聚合的审计证明响应信息,并返回给云用户。Audit proof generation steps: In order to batch audit the integrity of the outsourced data stored on the cloud server at the same time, the cloud user generates an audit challenge message and sends the challenge message to the cloud server. After the cloud server receives the challenge information, it generates the aggregated audit proof response information of the multiple data files, and returns it to the cloud user.

审计证明验证步骤:用户得到这个聚合的审计证明响应信息之后,利用椭圆曲线签名算法的私钥以及对称加密算法的秘密密钥检验这个聚合的审计证明响应信息的合法性。Audit proof verification step: After the user obtains the aggregated audit proof response information, use the private key of the elliptic curve signature algorithm and the secret key of the symmetric encryption algorithm to verify the legitimacy of the aggregate audit proof response information.

以下给出一个具体实例说明:A specific example is given below:

基于椭圆曲线的云存储数据批量自审计方法包括以下基本步骤:Setup,SigGen,ProofGen,VerifyProof。The batch self-audit method of cloud storage data based on elliptic curve includes the following basic steps: Setup, SigGen, ProofGen, VerifyProof.

系统初始化:包括以下三个子步骤:System initialization: includes the following three sub-steps:

(1)定义一个在ZP(模p剩余类环,是大素数)上的椭圆曲线E,设置V是E上阶为素数q的一个点,V是循环群<V>的生成元,且在<V>上的离散对数问题是难处理的。(1) Define an elliptic curve E on Z P (modulo p residual class ring, which is a large prime number), set V to be a point whose upper order of E is a prime number q, and V is the generator of the cyclic group <V>, and The discrete logarithm problem on <V> is intractable.

(2)设置一个安全的轻量级对称加密算法秘密密钥为t。同时系统产生一个轻量级数字签名算法的公私钥对(rpk,rsk)。(2) Set a secure lightweight symmetric encryption algorithm The secret key is t. At the same time, the system generates a public-private key pair (rpk, rsk) of a lightweight digital signature algorithm.

(3)从Zq中随机选取一个值z,并计算实际签名公钥U=zV,生成基于椭圆曲线的签名算法的公钥K={q,E,V,U},签名私钥为z。(3) Randomly select a value z from Z q , and calculate the actual signature public key U=zV, generate the public key K={q,E,V,U} of the signature algorithm based on the elliptic curve, and the signature private key is z .

签名产生步骤:云用户同时产生L个数据文件及其名称的数字签名,以及产生这L个数据文件的密文如下:Signature generation step: the cloud user simultaneously generates digital signatures of L data files and their names, and generates the ciphertext of these L data files as follows:

(1)对于1≤l≤L,给定每一个数据文件文件名称为namel,为了确保数据文件名称的唯一性,云用户调用一个轻量级数字签名算法计算文件名称namel的标签σl=namel||SSigrsk(namel)。(1) For 1≤l≤L, given each data file The file name is name l . In order to ensure the uniqueness of the data file name, the cloud user invokes a lightweight digital signature algorithm to calculate the label σ l of the file name name l = name l ||SSig rsk (name l ).

(2)云用户利用椭圆曲线签名算法的私钥z产生每一个数据块fl,i的签名如下:选取随机数kl,i∈Zq,计算Wl,i=kl,iV=(ul,i,vl,i),rl,i=ul,imodq,τl,i=(rl,ikl,i+fl,iz)modq,产生每一个fl,i得数字签名δl,i=(Wl,i,rl,il,i)定义这些签名的集合为 (2) The cloud user uses the private key z of the elliptic curve signature algorithm to generate the signature of each data block f l,i as follows: select a random number k l,i ∈ Z q , calculate W l,i = k l,i V = (u l,i ,v l,i ), r l,i =u l,i modq,τ l,i =(r l,i k l,i +f l,i z)modq, generating each f l,i get the digital signature δ l,i =(W l,i ,r l,il,i ) Define the set of these signatures as

(3)对于1≤l≤L,给定每一个数据文件为了确保云用户数据文件的机密性,云用户调用对称加密算法将每一个数据块fl,i加密为这样加密为 (3) For 1≤l≤L, given each data file In order to ensure the confidentiality of cloud user data files, cloud users use symmetric encryption algorithms Encrypt each data block f l,i as so encrypted as

最后,云用户发送给云服务器,并在客户本地端删除这些信息。Finally, the cloud user sends to the cloud server and delete the information on the client's local side.

审计证明产生步骤:云用户首先取回每一个数据文件标签σl,并验证签名SSigrsk(namel)的有效性。当验证完标签的有效性之后,云用户产生审计挑战信息如下:从中随机选取一个含有c个元素的子集C={l1,…,lc};对于每一个j∈C,用户产生相应的随机值νj,最后云用户发送chal={j,νj}j∈C给云服务器。Audit proof generation steps: the cloud user first retrieves the label σ l of each data file, and verifies the validity of the signature SSig rsk (name l ). After verifying the validity of the tag, the cloud user generates audit challenge information as follows: from Randomly select a subset C={l 1 ,…,l c } containing c elements; for each j∈C, the user generates a corresponding random value ν j , and finally the cloud user sends chal={j,ν j } j∈C to the cloud server.

一旦接收到审计挑战信息chal={j,νj}j∈C,云服务器计算组合信息块以及聚合签名最后,云服务器发送(W,τ,{fl}1≤l≤L,{namel}1≤l≤L)作为审计证明响应信息给云用户。Once the audit challenge information chal={j,ν j } j∈C is received, the cloud server calculates the combined information block and the aggregated signature Finally, the cloud server sends (W,τ,{f l } 1≤l≤L ,{name l } 1≤l≤L ) as the audit proof response information to the cloud user.

审计证明验证步骤:云用户按照如下步骤验证审计证明响应信息的有效性:Audit proof verification steps: The cloud user verifies the validity of the audit proof response information according to the following steps:

(1)对于每一个1≤l≤L,计算 (1) For each 1≤l≤L, calculate

(2)验证方程是否成立。(2) Verification equation Whether it is established.

审计证明验证过程正确性如下:The audit proof verifies the correctness of the process as follows:

这样方程成立。such equation established.

本发明提供基于椭圆曲线的云存储数据批量自审计方法。该审计方法利用基于椭圆曲线构造的聚合数字签名算法设计而成,其安全性基于离散对数困难问题,能够确保恶意云服务器不能产生伪造的审计证明响应信息欺骗云用户通过审计验证过程。在审计方法中,云用户利用椭圆曲线聚合数字签名构造同态线性认器,可以同时批量审计多个数据文件的完整性,并且审计过程只需计算有限的倍点运算就能成功验证存储在云服务器上的数据完整性,并不需要计算开销较大的模指数运算和双线性对运算,特别适用于需要轻量级计算量,存储空间有限,需要高效实现无线传感器网络应用场景。The invention provides a batch self-auditing method for cloud storage data based on elliptic curves. The audit method is designed using an aggregate digital signature algorithm based on elliptic curve construction. Its security is based on the discrete logarithm problem, which can ensure that malicious cloud servers cannot generate fake audit proof response information to deceive cloud users through the audit verification process. In the audit method, cloud users use elliptic curve aggregation digital signatures to construct a homomorphic linear authenticator, which can audit the integrity of multiple data files in batches at the same time, and the audit process can successfully verify the data stored in the cloud with only a limited number of calculations. The data integrity on the server does not require the computationally expensive modular exponent operation and bilinear pairing operation. It is especially suitable for application scenarios that require lightweight calculations, limited storage space, and need to efficiently implement wireless sensor networks.

Claims (5)

1. A batch self-auditing method for cloud storage data is characterized by comprising the following steps:
a. the system initialization specifically comprises the following steps: generating a public and private key pair of a digital signature algorithm based on an elliptic curve, a public and private key pair of a signature algorithm for carrying out lightweight signature on a file name, and a lightweight symmetric encryption algorithm:
b. the signature generation specifically comprises:
b1. respectively calculating the digital signatures of a plurality of data files by using the digital signature algorithm based on the elliptic curve in the step a;
b2. respectively carrying out digital signature on different data file names by using the signature algorithm in the step a to generate data file labels, and encrypting each data file by using the symmetric encryption algorithm in the step a to obtain a ciphertext of the data file;
b3. transmitting the digital signature generated in the step b1, the data file label generated in the step b2 and the ciphertext of the data file to a cloud server;
c. and generating an audit certification, specifically comprising:
c1. the cloud user generates audit challenge information and sends the audit challenge information to the cloud server;
c2. the cloud server generates aggregated audit certification response information of the multiple data files according to the audit challenge information and returns the aggregated audit certification response information to the cloud user;
d. the audit certification verification specifically comprises the following steps: and the cloud user verifies the validity of the aggregated audit certificate response information by using a digital signature algorithm and a symmetric encryption algorithm based on an elliptic curve according to the received aggregated audit certificate response information.
2. The batch self-auditing method for cloud storage data according to claim 1, characterized in that the specific method of step a is as follows:
a1. is defined as one in ZPAn elliptic curve E on (modulo p residual class ring) with V being a point of prime q on the order of E and V being a cyclic group<V>P is a large prime number;
a2. setting a safe lightweight symmetric encryption algorithmThe secret key is t; simultaneously generating a public and private key pair (rpk, rsk) of a lightweight digital signature algorithm;
a3. from ZqRandomly selecting a value Z, generating a public key K ═ { q, E, V, U } of a signature algorithm based on an elliptic curve, taking U ═ zV as a signature public key, and taking a signature private key Z, Z as a signature private keyqIs a modulo-q residual class ring.
3. The batch self-auditing method for cloud storage data according to claim 2, characterized in that the specific method of step b is as follows:
for L is more than or equal to 1 and less than or equal to L, each data file is set asThe name of the file is namelAnd then:
the step b1 is specifically as follows: selecting a random number kl,i∈ZqGenerating each data file f separatelyl,iThe digital signature of (a) is:wherein, Wl,i=kl,iV=(ul,i,vl,i),rl,i=ul,imod q,τl,i=(rl, ikl,i+fl,iz) modq, defining the set of these signatures as
The step b2 is specifically as follows: calling a lightweight digital signature algorithm to calculate the name of the filelTag sigma ofl=namel||SSigrsk(namel) (ii) a Invoking symmetric encryption algorithmsEach data block fl,iIs encrypted asThat is to say, theIs encrypted as
The step b3 is specifically as follows: cloud user deliveryTo the cloud server.
4. The batch self-auditing method for cloud storage data according to claim 3, wherein the auditing challenge information generated by the cloud user in step c1 is: fromIn which a subset C containing C elements is randomly chosen, { l ═1,…,lcFor each j ∈ C, the user generates a corresponding random value vjFinally, the cloud user sends audit challenge information chal ═ j, vj}j∈CSending the data to a cloud server;
then in step c 2: cloud server computing combined information blockAnd aggregate signaturesFinally, the cloud server sends (W, τ, { f)l}1≤l≤L,{namel}1≤l≤L) And sending the audit certification response information to the cloud user.
5. The batch self-auditing method for cloud storage data according to claim 4, characterized in that the specific method of step d is as follows:
validation equationWhether the information is established or not, if so, the audit certification response information is valid, and if not, the audit certification response information is invalid; wherein,
CN201610286449.8A 2016-05-03 2016-05-03 Batch self-auditing method for cloud storage data Pending CN105978695A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610286449.8A CN105978695A (en) 2016-05-03 2016-05-03 Batch self-auditing method for cloud storage data

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610286449.8A CN105978695A (en) 2016-05-03 2016-05-03 Batch self-auditing method for cloud storage data

Publications (1)

Publication Number Publication Date
CN105978695A true CN105978695A (en) 2016-09-28

Family

ID=56994517

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610286449.8A Pending CN105978695A (en) 2016-05-03 2016-05-03 Batch self-auditing method for cloud storage data

Country Status (1)

Country Link
CN (1) CN105978695A (en)

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106789082A (en) * 2017-01-11 2017-05-31 西南石油大学 Cloud storage medical data based on wireless body area network is in batches from auditing method
CN107483585A (en) * 2017-08-18 2017-12-15 西安电子科技大学 Efficient data integrity audit system and method supporting secure deduplication in cloud environment
CN107592311A (en) * 2017-09-18 2018-01-16 西南石油大学 Towards the cloud storage medical treatment big data lightweight batch auditing method of wireless body area network
CN109088850A (en) * 2018-06-22 2018-12-25 陕西师范大学 Batch cloud auditing method based on Lucas sequence positioning wrong file
CN109688103A (en) * 2018-11-09 2019-04-26 杭州安恒信息技术股份有限公司 The auditable encryption storage method of one kind and system
CN109784094A (en) * 2019-01-21 2019-05-21 桂林电子科技大学 A batch outsourcing data integrity audit method and system supporting preprocessing
CN110677487A (en) * 2019-09-30 2020-01-10 陕西师范大学 An Outsourced Data Deduplication Cloud Storage Method Supporting Privacy and Integrity Protection
CN111611626A (en) * 2020-05-26 2020-09-01 福建师范大学 A public audit method for cloud storage data integrity that supports rapid private verification
CN111935091A (en) * 2020-07-08 2020-11-13 山东大学 Anti-leakage forward security cloud data integrity remote verification method and system
CN114244504A (en) * 2021-12-01 2022-03-25 福建师范大学 Outsourced decryption and multi-ciphertext batch audit method based on Twin-SM9 key encapsulation mechanism
CN115333857A (en) * 2022-10-11 2022-11-11 晨越建设项目管理集团股份有限公司 Detection method for preventing data from being tampered based on smart city system cloud platform
CN116108497A (en) * 2023-04-17 2023-05-12 武汉盛博汇信息技术有限公司 Medical data lightweight cloud storage method and device based on identity anonymity
CN117592120A (en) * 2023-11-29 2024-02-23 西南石油大学 Data tamper-proof integrity detection method based on industrial cloud storage system
CN117640082A (en) * 2023-12-06 2024-03-01 西华大学 A batch ciphertext equivalence test method and device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010009026A1 (en) * 1997-08-05 2001-07-19 Fuji Xerox Co., Ltd. Device and method for authenticating user's access rights to resources
CN102611749A (en) * 2012-01-12 2012-07-25 电子科技大学 Cloud-storage data safety auditing method
CN104023044A (en) * 2014-01-01 2014-09-03 电子科技大学 Cloud-storage data lightweight-level public auditing method with privacy protection
CN104994110A (en) * 2015-07-16 2015-10-21 电子科技大学 Method for assigning verifier for auditing cloud storage data
CN104993937A (en) * 2015-07-07 2015-10-21 电子科技大学 Method for testing integrity of cloud storage data

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010009026A1 (en) * 1997-08-05 2001-07-19 Fuji Xerox Co., Ltd. Device and method for authenticating user's access rights to resources
CN102611749A (en) * 2012-01-12 2012-07-25 电子科技大学 Cloud-storage data safety auditing method
CN104023044A (en) * 2014-01-01 2014-09-03 电子科技大学 Cloud-storage data lightweight-level public auditing method with privacy protection
CN104993937A (en) * 2015-07-07 2015-10-21 电子科技大学 Method for testing integrity of cloud storage data
CN104994110A (en) * 2015-07-16 2015-10-21 电子科技大学 Method for assigning verifier for auditing cloud storage data

Cited By (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106789082A (en) * 2017-01-11 2017-05-31 西南石油大学 Cloud storage medical data based on wireless body area network is in batches from auditing method
CN107483585A (en) * 2017-08-18 2017-12-15 西安电子科技大学 Efficient data integrity audit system and method supporting secure deduplication in cloud environment
CN107483585B (en) * 2017-08-18 2020-03-10 西安电子科技大学 Efficient data integrity auditing system and method supporting safe deduplication in cloud environment
CN107592311A (en) * 2017-09-18 2018-01-16 西南石油大学 Towards the cloud storage medical treatment big data lightweight batch auditing method of wireless body area network
CN109088850B (en) * 2018-06-22 2021-06-15 陕西师范大学 Batch cloud auditing method based on Lucas sequence to locate wrong files
CN109088850A (en) * 2018-06-22 2018-12-25 陕西师范大学 Batch cloud auditing method based on Lucas sequence positioning wrong file
CN109688103A (en) * 2018-11-09 2019-04-26 杭州安恒信息技术股份有限公司 The auditable encryption storage method of one kind and system
CN109688103B (en) * 2018-11-09 2021-07-16 杭州安恒信息技术股份有限公司 An auditable encrypted storage method
CN109784094A (en) * 2019-01-21 2019-05-21 桂林电子科技大学 A batch outsourcing data integrity audit method and system supporting preprocessing
CN109784094B (en) * 2019-01-21 2023-05-30 桂林电子科技大学 A batch outsourcing data integrity audit method and system supporting preprocessing
CN110677487A (en) * 2019-09-30 2020-01-10 陕西师范大学 An Outsourced Data Deduplication Cloud Storage Method Supporting Privacy and Integrity Protection
CN111611626A (en) * 2020-05-26 2020-09-01 福建师范大学 A public audit method for cloud storage data integrity that supports rapid private verification
CN111611626B (en) * 2020-05-26 2023-08-18 福建师范大学 A public audit method for cloud storage data integrity supporting fast private verification
CN111935091A (en) * 2020-07-08 2020-11-13 山东大学 Anti-leakage forward security cloud data integrity remote verification method and system
CN114244504A (en) * 2021-12-01 2022-03-25 福建师范大学 Outsourced decryption and multi-ciphertext batch audit method based on Twin-SM9 key encapsulation mechanism
CN114244504B (en) * 2021-12-01 2023-05-05 福建师范大学 Outsourcing decryption and multi-ciphertext batch auditing method based on Tain-SM 9 key packaging mechanism
CN115333857A (en) * 2022-10-11 2022-11-11 晨越建设项目管理集团股份有限公司 Detection method for preventing data from being tampered based on smart city system cloud platform
CN115333857B (en) * 2022-10-11 2023-03-07 晨越建设项目管理集团股份有限公司 Detection method for preventing data from being tampered based on smart city system cloud platform
CN116108497A (en) * 2023-04-17 2023-05-12 武汉盛博汇信息技术有限公司 Medical data lightweight cloud storage method and device based on identity anonymity
CN117592120A (en) * 2023-11-29 2024-02-23 西南石油大学 Data tamper-proof integrity detection method based on industrial cloud storage system
CN117640082A (en) * 2023-12-06 2024-03-01 西华大学 A batch ciphertext equivalence test method and device

Similar Documents

Publication Publication Date Title
CN105978695A (en) Batch self-auditing method for cloud storage data
CN108292402B (en) Determination of a common secret and hierarchical deterministic keys for the secure exchange of information
CN112822014B (en) Data processing method and device, electronic equipment and storage medium
US20210036841A1 (en) Systems and methods for generating signatures
CN107634836B (en) SM2 digital signature generation method and system
CN114036539B (en) Secure and auditable IoT data sharing system and method based on blockchain
CN104270249B (en) It is a kind of from the label decryption method without certificate environment to identity-based environment
CN107483191B (en) A SM2 algorithm key segmentation signature system and method
CN113364600A (en) Certificateless public auditing method for integrity of cloud storage data
US9531540B2 (en) Secure token-based signature schemes using look-up tables
CN107579819A (en) A kind of SM9 digital signature generation method and system
CN104301108B (en) It is a kind of from identity-based environment to the label decryption method without certificate environment
CN106487506B (en) Multi-mechanism KP-ABE method supporting pre-encryption and outsourcing decryption
CN108712259B (en) An efficient audit method for cloud storage based on identity-based proxy upload data
CN102611749A (en) Cloud-storage data safety auditing method
US20150288527A1 (en) Verifiable Implicit Certificates
EP2807773A1 (en) System and method for securing private keys issued from distributed private key generator (d-pkg) nodes
CN103414559B (en) A kind of identity identifying method of based on class IBE system under cloud computing environment
CN110138567A (en) A kind of collaboration endorsement method based on ECDSA
CN106487786B (en) Cloud data integrity verification method and system based on biological characteristics
CN106878322B (en) A kind of encryption and decryption method of fixed length ciphertext and key based on attribute
CN110784300B (en) A Key Synthesis Method Based on Multiplicative Homomorphic Encryption
CN106411999A (en) Cloud storage key generation method, cloud data storage method and auditing methods
Huszti et al. A simple authentication scheme for clouds
WO2023184858A1 (en) Timestamp generation method and apparatus, and electronic device and storage medium

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20160928

WD01 Invention patent application deemed withdrawn after publication