CN104811300A - Secret key updating method for cloud storage and implementation method of cloud data auditing system - Google Patents
Secret key updating method for cloud storage and implementation method of cloud data auditing system Download PDFInfo
- Publication number
- CN104811300A CN104811300A CN201510192375.7A CN201510192375A CN104811300A CN 104811300 A CN104811300 A CN 104811300A CN 201510192375 A CN201510192375 A CN 201510192375A CN 104811300 A CN104811300 A CN 104811300A
- Authority
- CN
- China
- Prior art keywords
- label
- file
- cloud
- data block
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses a secret key updating method for cloud storage and an implementation method of a cloud data auditing system, and belongs to the technical field of network security. The secret key updating method for cloud storage comprises the steps that when a cloud user needs to update a secret key, a CA server is requested to generate a new secret key, and a new file label and a new data block label are generated based on a file label and a data block label downloaded from a cloud server, the old secret key and the new secret key at present, are uploaded to the cloud server, and are used for replacing the corresponding old file label and the corresponding old data block label in the cloud server. Meanwhile, the invention further discloses the implementation method of the cloud data auditing system on the basis of zero-knowledge verification. When the cloud user needs to update the secret key, the corresponding file label and the corresponding data block label on the cloud server are updated based on the secret key updating method for cloud storage. The secret key updating method for cloud storage and the implementation method of the cloud data auditing system are used in a cloud network, the communication cost, caused by changing of the secret key, between the cloud server and the cloud user can be remarkably reduced, the calculation cost of the operation that the cloud user calculates the labels again is reduced, and the data privacy can be effectively protected in the auditing process.
Description
Technical field
The invention belongs to technical field of network security, be specifically related to the implementation method of the key updating method of a kind of cloud storage and the cloud data accountability system based on it.
Background technology
The product that cloud computing is Distributed Calculation, grid computing, parallel computation, distributed storage, the traditional calculations machine technology such as virtual and network technical development merge, achieve the hope of " using calculating as a kind of facility " that people for a long time dream of, be an important innovation of information technology, Ye Shi China IT industry realizes the strategic opportunity of strategic structural, great-leap-forward development.
Cloud computing brings superpower computing capability and huge economic benefit, and its advantage is unquestionable, but safety problem becomes the key factor of " obstacle " and the restriction cloud computing fast development promoting cloud computing.In April, 2010, the survey report of high Dana Corporation is pointed out: the fail safe of cloud data and privacy are the main concerns that people use cloud service.And in the recent period, the security incident in a series of cloud computing such as search dog browser customer data leakage event, Chinese Railway official ticket reselling website 12306 reveal the worry that user profile event etc. more exacerbates people.
It is the essential service that cloud computing provides that outsourcing data store (cloud storage).Foreign aid's stores service that cloud stores and provides scalable to cloud user, position has nothing to do, low price, application are transparent, have the high scalability of memory capacity and performance, geographical position without restrictive and by features such as use payings, to have become in cloud computing a profit growth point faster.But cloud service provider is not completely believable, because interests are ordered about, cloud service provider may be deleted not accessed or be accessed less data, and the space of saving is leased to other users but still charge; Or, due to server failure, managerial competency or under attack, cause the loss of data of cloud User Part, but cloud service provider is in order to safeguard the reputation of oneself, deliberately conceals or obfuscated data loss event.So in cloud storage environment, the right of cloud service provider data management must be put in the cage of " audit ".
In cloud storage environment, tenant (cloud user) loses the control to data and environment, and this is the primary safety problem that cloud computing faces.Due to the huge communication cost that mass data is brought, traditional data integrity validation technology is directly utilized to carry out the method for integrity detection unworkable.Therefore, the basic demand that outsourcing cloud data integrity detects is that client only need fetch low volume data, by knowledge probative agreement and probability analysis means, can be kept at Cloud Server in good condition with very large probability phase letter data.Cloud Data Audit agreement is whether inspection Cloud Server correctly preserves the new technique of data, prevents that Cloud Server from deleting, Update Table, and guarantee to store data return getting property.At present, cloud Data Audit agreement mainly comprise data have prove PDP (ProvableData Possession) and data can return collect evidence bright PoR (Proof of Retrievability).
On information security top-level meeting CCS 2007, Ateniese etc. propose data first and have the concept and security model that prove PDP, and meanwhile, he also proposed the PDP scheme of two efficient provable securities.PDP agreement makes user when not fetching file, can verify the integrality of the file be stored on insincere server, save communication bandwidth greatly.Meanwhile, Juels etc. propose the concept can returning the bright PoR that collects evidence, and guarantee that server have properly stored data, and user can fetch data when needs data based on error correcting code and random sampling technology.As the representative of PoR agreement, 2008, Shacham and Waters utilized correcting and eleting codes to devise two efficient and PoR schemes of compacting, and has carried out strict Safety Argumentation under the security model of Juels etc.The structure of the first string based on BLS short signature, the challenge of client and the response length of server all very short, and meet openly can verify, its fail safe is provable under random oracle; The design of second scheme, based on pseudo-random function PRF, can carry out Security Proof, and the length of the response message of server is shorter, but only supports secret Authentication under master pattern.These two schemes also all make use of homomorphism can verify that response proof is aggregated into an authentication value by label technique, reduces communication cost.
In cloud auditing system, public key cryptography basis is that the design and implimentation of these algorithms and agreement provides powerful theory support, and these all need the participation of PKI technology.But in a PKI system, key updating is again a problem that can not be ignored: cloud user key too much leakage may occur due to access times or key can not continue to use due to expiring of digital certificate.And traditional way, when after key updating, cloud user then needs to download all files from Cloud Server, again with new key calculated data block label, file label signing to it, and then data and signature is uploaded.After although this processing mode can complete key updating, to the renewal of corresponding document on Cloud Server, but this not only considerably increases the computation burden of cloud user, simultaneously more new key each time, cloud user needs to download mass data from Cloud Server, this all needs great data bandwidth, also can increase the communication cost between Cloud Server and cloud user.
Summary of the invention
Goal of the invention of the present invention is: for problems such as the Key Exposure that may exist in cloud storage, digital certificate expire, propose the key updating method that a kind of cloud stores, to ensure after cloud user more new key, without the need to downloading whole file from Cloud Server, and the file label only need downloaded corresponding to each file and data block label, upgrade these label substances, just key updating can be completed, to reduce the communication cost between Cloud Server and cloud user brought due to key updating, reduce the computational complexity of cloud user.
The key updating method that cloud of the present invention stores comprises following name step:
Step 1: file is stored into Cloud Server by the key that cloud user generates based on CA server:
Cloud user arranges filename for file to be uploaded, and generates corresponding file label f:f=t based on the file label private key of current key
0|| t, wherein t
0=F||n, F represent filename, and n represents the data block block count of file F, and symbol " || " represents additional operation; Parametric t=(H
0(t
0))
ssk, wherein H
0for being mapped to the impact resistant hash function of p rank addition cyclic group G from the bit sequence collection of 0 and 1 composition, parameter p is for system is based on the Big prime selected by preset security parameter, and ssk represents the file label private key of current key; Cloud user treats upload file and encodes, and the file after coding is divided into n data block, generates data block label σ based on current data block label private key
i; Cloud user is by the current file label f of each file, data block and data block label σ
ibe uploaded to Cloud Server;
Step 2: cloud user generates new file label and new data block label based on new key, Cloud Server upgrades file label and the data block label of respective file:
Cloud user sends key updating request to CA server, and CA server generates new key and is sent to cloud user;
Cloud user sends to Cloud Server and upgrades label request, and after the reply receiving Cloud Server, cloud user is from Cloud Server downloading files label f and data block label σ
i, subscript i is the data block identifier of each file; Cloud user generates new file label f ' and new data block label σ '
iand be uploaded to Cloud Server: extract the parametric t in the file label f downloaded
0and t, generate new file label f '=t based on current new and old key (the current original cipher key of old key and cloud user)
0|| t ', wherein t '=t
ssk '/ssk, ssk ' represents the file label private key of current new key; Based on the data block label σ downloaded
iwith current new and old secret generating new data block label σ '
i=σ
i α '/α, wherein α ' and α represents the data block label private key of current new and old key respectively; The file label of respective file and data label are updated to new file label f ' and new data block label σ ' by Cloud Server
i.
Meanwhile, the invention also discloses the implementation procedure that a kind of cloud based on " zero knowledge proof " examines system, protected the privacy of cloud user by any information making audit server cannot obtain cloud user.The implementation method of cloud data accountability system of the present invention, comprises cloud user, CA server, Cloud Server and cloud audit server, realizes through the following steps:
Step S1: cloud user is to CA server application key:
Step S101: cloud user sends key application to CA server;
Step S102:CA server generates key and is sent to cloud user, and described key comprises file label PKI spk and data block label PKI v, file label private key ssk and data block label private key cc;
Step S2: cloud user is to Cloud Server uploading data:
Step S201: cloud user arranges filename for file to be uploaded, and generate corresponding file label f=t based on current file label private key ssk
0|| t, wherein t
0=F||n, F represent filename, and n represents the data block block count of file F, and symbol " || " represents additional operation; Parametric t=(H
0(t
0))
ssk, wherein H
0for being mapped to the impact resistant hash function of p rank addition cyclic group G from the bit sequence collection of 0 and 1 composition, parameter p is for system is based on the Big prime selected by preset security parameter;
Step S202: cloud user treats upload file and encodes, and the file after coding is divided into n data block, more each data block is divided into s sub-block, use m
ijrepresent each sub-block of different pieces of information block, wherein 1≤i≤n, 1≤j≤s; Data block label σ is generated based on current data block label private key
i;
Step S203: cloud user is by current file label f, m of each file
ijwith data block label σ
icloud Server is uploaded to after series connection;
Step S3: audit server is to the audit of Cloud Server:
Step S301: cloud user sends audit request to audit server, comprises file identifier information, Cloud Server identification information and current file label PKI, data block label PKI;
Step S302: whether audit server checking step described audit request is effective, if, then random selecting two random values k, ψ, then generate commitment value and challenging value based on the file identifier information in audit request and be sent to Cloud Server corresponding in audit request; Otherwise, refuse described audit request;
Step S303: after challenging value described in cloud server and commitment value, generate randomized responsive tags and be sent to audit server;
Step S304: random value k, ψ are sent to Cloud Server by audit server;
Step S305: whether Cloud Server promises to undertake effective according to random value k, ψ checking, if so, then refusal audit request; Otherwise calculate corresponding response and send to audit server;
Step S306: audit server is based on the validity of described response and challenging value, current file label PKI, data block label public key verifications response;
Step S307: audit server sends Audit Report according to the result of step S6 to cloud user, if be proved to be successful, then send and audits successfully; Otherwise, send and audit unsuccessfully;
Step S4: cloud user generates new file label and new data block label based on new key, Cloud Server upgrades file label and the data block label of respective file:
Step S401: cloud user sends key updating request to CA server;
Step S402:CA server generates new key and is sent to cloud user;
Step S403: cloud user sends to Cloud Server and upgrades label request, and after the reply receiving Cloud Server, cloud user is from Cloud Server downloading files label f and data block label σ
i, subscript i is the data block identifier of each file;
Step S404: cloud user generates new file label f ' and new data block label σ ' i and is uploaded to Cloud Server:
Extract the parametric t in the file label f downloaded
0and t, generate new file label f '=t
0|| t ', wherein t '=t
ssk '/ssk, ssk ' represents the file label private key of current new key;
Generate new data block label σ '
i=σ
i α '/α, wherein α ' and α represents the data block label private key of current new and old key respectively;
Step S504: the file label of respective file and data label are updated to new file label f ' and new data block label σ ' by Cloud Server
i.
To sum up, owing to have employed technique scheme, the invention has the beneficial effects as follows:
(1) the required network bandwidth is little: the present invention is after more new key, cloud user is without the need to downloading whole files and data block from Cloud Server, instead be file label and the data block label of some lightweights, therefore cloud user and the Cloud Server traffic less, thus whole reciprocal process is also without the need to consuming a large amount of network bandwidths;
(2) calculation cost is low: the present invention is after more new key, cloud user is without the need to recalculating file label, to operations such as deblockings according to whole file content, and just carrying out a small amount of calculating to old file label and data block label just can obtain new file label and new data block label, greatly reduce the computation burden of cloud user.
(3) privacy of user is protected: the present invention is based on the reciprocal process that " zero knowledge proof " realizes audit server and Cloud Server, protected the data-privacy of cloud user by any information making audit server cannot obtain cloud user.
Accompanying drawing explanation
Fig. 1 is in embodiment, the reciprocal process schematic diagram of cloud data accountability system of the present invention;
Fig. 2 is in embodiment, cloud user when uploading data to the processing procedure schematic diagram of file;
Fig. 3 is in embodiment, and audit server is to the audit process schematic diagram of Cloud Server;
Fig. 4 is in embodiment, cloud user and Cloud Server reciprocal process schematic diagram;
Fig. 5 is in embodiment, cloud user and CA server interaction process schematic.
Embodiment
For making the object, technical solutions and advantages of the present invention clearly, below in conjunction with execution mode and accompanying drawing, the present invention is described in further detail.
The present invention, based on cryptography theory, provides a kind of implementation method with the cloud Data Audit of key updating and data-privacy defencive function.First the cryptography theory that the present invention applies simply is introduced:
(1) PKIX PKI (public key infrastructure)
PKI technology is a kind of key management platform following written standards, and it can provide encryption and the cryptographic service such as digital signature and necessary key and certificate management system for all-network application.In simple terms, PKI is exactly the infrastructure providing security service utilizing PKI theory and technology to set up.PKI, as a kind of safe practice, has been deep into the every aspect of network, and PKI technology is the core of information security technology, is also key and the basic technology of ecommerce.Complete PKI system must have the basic comprising parts such as authenticating authority center (CA), digital certificate storehouse, cipher key backup and recovery system, certificate calcellation system, application interface (API).Wherein authentication center CA is as the core of PKI, achieves some very important functions in PKI, specifically describes as follows:
A) application of certificate: the application of Receipt Validation customer digital certificate.
B) examination & approval of certificate: examination & verification user identity, and determine whether user has the qualification of application certificate.
C) granting of certificate: produce public private key pair, and issue digital certificate to applicant.
D) renewal of certificate: the updating digital certificate request receiving, process user.
E) inquiry of certificate: the inquiry request receiving, process customer digital certificate.
F) the cancelling of certificate: produce and issue certification revocation list (CRL).
In the present invention, cloud user sends the request of certificate request to CA server, after CA server examination & verification user identity, for it produces public private key pair, issues digital certificate simultaneously, and certificate is added digital certificate storehouse, with user friendly inquiry.User need more new key time, cloud user proposes certificate update request to CA server, CA server is by after examination & verification, former certificate is added certification revocation list (CRL), and produce new public private key pair for user, issue new digital certificate, new authentication is added digital certificate storehouse simultaneously.
(2) Hash (Hash) function
Hash function is also called hash, hash function, and exactly input message transformation long is arbitrarily become a kind of function of the output message of fixed length, this output valve is called the hash value of this message.It is commonly used to short " fingerprint " that produce message, data block and file, is mainly used in the validity of completeness check and raising digital signature.The Hash function of a safety should at least meet following condition;
A) computability: given an input string x, H (x) can be | calculate in the lower order polynomial expressions time of x|.
B) one-way: for any given hash value h, wants to find an input string x, makes h=H (x) be computationally infeasible;
C) hash: for an input string x, H (x) and interval [0,2
n] on equally distributed message string be calculate upper undistinguishable;
D) anti-weak collision: for any given input string x, wants to find another input string x ≠ y, makes H (x) ≠ H (y) be computationally infeasible;
E) anti-strong collision: find arbitrary x, y, wherein x ≠ y, makes H (x)=H (y)) be computationally infeasible;
In the present invention, two involved crash-resistant Hash function H
0, H
1: { 0,1}
*→ G is from the 0 and 1 bit sequence compound mapping formed to the addition cyclic group G elliptic curve.
(3) Bilinear map
Suppose G and G
ttwo addition cyclic groups of to be rank be p, g is the generator of addition cyclic group G.If map e:G × G=G
tmeet following three conditions, be then called Bilinear map.
The calculating of a) computability: e is effective.
B) bilinearity: for arbitrary a, b ∈ Z
q, be called e (g
a, g
b)=e (g, g)
ab;
C) non-degeneracy: for the generator g in G, meet e (g, g) ≠ 1;
Bilinear map involved in the present invention is all the Bilinear map meeting above-mentioned character, and such Bilinear map can by Tate or Weil of the super unusual elliptic curve in finite field and super unusual elliptic curve to constructing.
(4) zero-knowledge proof
Zero-knowledge proof (zero-knowledge proof) is proposed in early 1980s by people such as Goldwasser.It refers to certifier can when not revealing any useful information to verifier, and verifier is believed, and certain judgement is correct.Zero-knowledge proof is in fact a kind of agreement relating to two sides or more side, namely two sides or more side accomplish a task needed for the series of steps taked.Certifier proves and makes it believe oneself to know or have a certain message to verifier, but proof procedure can not leak any information about being proved to be message to verifier.Its general step is, certifier sends a promise (commitment) to identifier, verifier sends series of challenges value (challenge) to certifier, now certifier sends to verifier by one's own message and challenging value calculated response value (response), finally, the validity of verifier's auth response value, if response is effective, then verifier believes that certifier has this message really.
In the present invention; the privacy of zero-knowledge proof protection cloud user is make use of in the audit process of audit server to Cloud Server; Cloud Server proves that to audit server being kept at of the data integrity of cloud user Cloud Server is not tampered or deletes; and the data message of any cloud user can not be revealed to audit server, even audit server selects two isometric file F
0=(m
0,1, m
0,2..., m
0, n) and F
1=(m
1,1, m
1,2..., m
1, n), and select a series of metadata and the mutual of some necessity to audit to server, after audit terminates, audit server still can not judge that the file of this user is F
0or F
1.
With reference to Fig. 1, the specific implementation process that the key updating method that just cloud of the present invention stores below is applied to cloud data accountability system of the present invention is described:
The initialization of step S100. system parameters:
In this embodiment, select the parameter initialization of Cloud Server executive system, certainly, can be also CA server, audit server etc., the present invention be not construed as limiting.
Cloud Server operational system initialization: based on the security parameter l preset, can calculate addition cyclic group G and GT that Big prime p and two an of safety take p as rank, and g is a generator of crowd G, e:G × G → G
tit is a bilinear map.Stochastic choice h, u
1, u
2u
s∈ G, calculates η=e (g, h).H
0and H
1two crash-resistant Hash functions, wherein H
0: { 0,1}
*→ G, H
1: { 0,1}
*→ G.Thus obtain system parameters string crs=(l, p, G, G
t, g, e, h, u
1, u
2u
s, η, H
0, H
1).
Step S200. cloud user is to CA server application key:
Cloud user proposes key to CA server and (comprises file label PKI spk and data block label PKI v, file label private key ssk and data block label private key cc,) application, there is provided proof of identification to CA simultaneously, to prove the identity of oneself, after CA checking, if meet application condition, then for it generates public private key pair, and issue digital certificate.Otherwise, refusal request.With reference to Fig. 5, being implemented as follows of this process:
Step S201: the application request Concurrency of the user generated word certificate of cloud delivers to CA server, the proof of identification of carrying system parameter (p, g), cloud user in this application request;
After step S202:CA server receives, examination & verification proof of identification, if pass through, then for applied for cloud user generates private a pair signature key (ssk, spk), makes spk=g
ssk; Then appoint and get α ∈ Z
p, calculate v=g
α.Final PKI is (spk, v), and private key is (ssk, α), wherein Z
pfor the addition cyclic group of mould p.Again the digital certificate of generation is sent to cloud user.
Step S300. cloud user uploading data is to server:
Cloud user selects a filename for file to be stored from a territory, and calculates a file label, as the unique identifier of file for this file; Then file data is carried out encoding, piecemeal, and calculate a label value for each data block, finally data be uploaded to Cloud Server together with label, simultaneously Delete Local File.With reference to Fig. 2,4, being implemented as follows of this process:
First, cloud user treats upload file (file to be stored) based on system parameters and carries out preliminary treatment:
Step S301: for a filename F selected by the file that will upload; Make t
0=F||n, and calculate t=(H
0(t
0))
ssk, final spanned file label f=t
0|| t, wherein n represents the preset data block block count of file F, and symbol " || " represents additional operation;
Step S302: coding is carried out to file F and obtains file F'(arbitrary usual coded system can be adopted to complete coding, in this embodiment, adopt RS (Reed-Solomon codes) code, and then the file F' after coding is divided into n data block, again each data block is divided into s sub-block, obtains file { m
ij}
1≤i≤n, 1≤j≤s;
Step S303: for each data block calculates a label
Then, the blocks of files obtained after preliminary treatment, file label and data block label are uploaded to Cloud Server by cloud user:
Step S304: by filename, data block, label cascade, generates upload file F
*=f
t|| { m
ij}
1≤i≤n, 1≤j≤s|| { σ
i}
1≤i≤n, and by upload file F
*be uploaded to Cloud Server, simultaneously all data of local deletion.
Step S400. audit server is to the audit process of Cloud Server:
Cloud user generates an audit request and sends to audit server, after audit server receives the audit request of cloud user, generates a challenging value and sends to Cloud Server; Cloud Server receives the calculated response value such as corresponding document content, label information according to challenging value and preservation after challenging value, sends to audit server; The validity of last audit server auth response value, and then determine that whether the source file of cloud user complete and be kept on Cloud Server, and generate Audit Report: auditing successfully or auditing unsuccessfully feeds back to cloud user.With reference to Fig. 3, being implemented as follows of this process:
Step S401: cloud user generates an audit request req=IP
audit|| Cert||f, sends to audit server, request audit Cloud Server.In audit request req, IP
auditcloud Server ip address, in order to identify Cloud Server; Cert is the public key certificate of cloud user, and f is the file label treating audit document, treats audit document in order to mark;
Step S402: audit server first verifies the validity of request after receiving audit request, if invalid, then refuses request; Otherwise, extract the effective information (IP in audit request
audit, f), and random selecting integer c (c≤n) and random value k, ψ, calculate commitment value Ψ=g
kh
ψ; A random element v is selected to each i (1≤i≤c)
i∈ Z
p; Final generation commitment value Ψ and challenging value chal=f||{ (i, v
i)
1≤i≤c, and (chal, Ψ) is sent to the Cloud Server of corresponding ip address;
Step S403: after Cloud Server receives (chal, Ψ), carries out label randomization: first Cloud Server calculates η=e (g, h), η
1=e (u
1, v) ..., η
s=e (u
s, v), then Stochastic choice r, ρ
r, ρ
1... ρ
s∈ Z
p, calculate
and randomized responsive tags (Τ, Π) is issued audit server;
Step S404: random value (k, ψ) selected before audit server sends is to Cloud Server;
Step S405: Cloud Server calculates Ψ=g
kh
ψwhether set up, if not, then refusal audit request; If so, then calculated response value (z
r, z
1..., z
s), wherein z
r=ρ
r-kr, z
j=ρ
j-k μ
j,
1≤j≤s.Cloud Server is by response (z
r, z
1..., z
s) send to audit server;
Step S406: after audit server receives the response that Cloud Server sends, according to challenging value chal, response (z that oneself sends
r, z
1..., z
s), and the PKI of cloud user verifies the validity of received response:
First equation e (g, t)=e (spk, H is checked
0(t
0)) whether set up, if not, then export authentication failed; If so, checking equation is then continued
Whether set up, if not, then export authentication failed; If so, be then proved to be successful, illustrate the file of cloud user complete be kept on Cloud Server;
Step S407: audit server sends Audit Report according to the result of previous step to cloud user, if be proved to be successful, then send and audits successfully; Otherwise, send and audit unsuccessfully.
The reciprocal process of cloud user and CA server and Cloud Server during step S500. key updating:
When cloud user need more new key time, first cloud user sends one to CA server and upgrades key request, and old digital certificate is put into CRL table by CA server, is its generation new key simultaneously, and issues digital certificate; After key updating, cloud user sends to Cloud Server and upgrades label request, and download corresponding file label and data block label from Cloud Server, and regenerate effective file label and data block label with new key and old label information, and new label is uploaded to Cloud Server again.With reference to Fig. 5, being implemented as follows of this process:
Step S501: cloud user generated word certificate update request Concurrency delivers to CA server, the proof of identification of carrying system parameter (p, g), cloud user in this application request;
After step S502:CA server receives, examination & verification proof of identification, if pass through, puts into CRL table, and generates new signature key for it: generate new ssk', α ' ∈ Z by old digital certificate
p, calculate spk'=g
ssk', v'=g
α ', then new PKI pk'=(spk', v'), new private key is sk'=(ssk', α '), the newer digital certificate generated is sent to cloud user.
Step S503: cloud user sends to Cloud Server and upgrades label request, and after the reply receiving Cloud Server, cloud user is from Cloud Server downloading files label and data block label f||{ σ
i}
1≤i≤n;
Step S504: cloud user recalculates parameter by new key
then new file label is f '=t
0|| t'; New data block label is calculated by new key
then by new effective file label and data block label f ' || { σ
i'
1≤i≤nagain Cloud Server is uploaded to;
Step S505: the file label of respective file and data label are updated to new file label and new data block label f ' by Cloud Server || { σ
i'
1≤i≤n;
Step S506: whenever cloud user need more new key time, repeat above-mentioned steps S501-S505.
The above, be only the specific embodiment of the present invention, arbitrary feature disclosed in this specification, unless specifically stated otherwise, all can be replaced by other equivalences or the alternative features with similar object; Step in disclosed all features or all methods or process, except mutually exclusive feature and/or step, all can be combined in any way.
Claims (10)
1. the key updating method of cloud storage, is characterized in that comprising following name step:
Step 1: file is stored into Cloud Server by the key that cloud user generates based on CA server:
Cloud user arranges filename for file to be uploaded, and generates corresponding file label f:f=t based on the file label private key of current key
0|| t, wherein t
0=F||n, F represent filename, and n represents the data block block count of file F, and symbol " || " represents additional operation; Parametric t=(H
0(t
0))
ssk, wherein H
0for being mapped to the impact resistant hash function of p rank addition cyclic group G from the bit sequence collection of 0 and 1 composition, parameter p is for system is based on the Big prime selected by preset security parameter, and ssk represents the file label private key of current key;
Cloud user treats upload file and encodes, and the file after coding is divided into n data block, generates data block label σ based on current data block label private key
i;
Cloud user is by the current file label f of each file, data block and data block label σ
ibe uploaded to Cloud Server;
Step 2: cloud user generates new file label and new data block label based on new key, Cloud Server upgrades file label and the data block label of respective file:
Cloud user sends key updating request to CA server, and CA server generates new key and is sent to cloud user;
Cloud user sends to Cloud Server and upgrades label request, and after the reply receiving Cloud Server, cloud user is from Cloud Server downloading files label f and data block label σ
i, subscript i is the data block identifier of each file;
Cloud user generates new file label f ' and new data block label σ '
iand be uploaded to Cloud Server: extract the parametric t in the file label f downloaded
0and t, based on the new file label f '=t of current new and old secret generating
0|| t ', wherein t '=t
ssk '/ssk, ssk ' represents the file label private key of current new key; Based on the data block label σ downloaded
iwith current new and old secret generating new data block label σ '
i=σ
i α '/α, wherein α ' and α represents the data block label private key of current new and old key respectively;
The file label of respective file and data label are updated to new file label f ' and new data block label σ ' by Cloud Server
i.
2. the method for claim 1, is characterized in that, the key that CA server generates comprises file label PKI spk and data block label PKI v, file label private key ssk and data block label private key cc, wherein spk=g
ssk, systemic presupposition parameter g is the generator of addition cyclic group G, appoints and gets α ∈ Z
p, according to v=g
αcalculate blocks of files label PKI v, wherein Z
pfor the addition cyclic group of mould p.
3. method as claimed in claim 1 or 2, is characterized in that, in step 1, described based on current data block label private key generation data block label σ
ifor:
Each data block is divided into s sub-block, with using m
ijrepresent each sub-block of different pieces of information block, wherein 1≤i≤n, 1≤j≤s, then data block label
wherein H
1for being mapped to the impact resistant hash function of addition cyclic group G from the bit sequence collection of 0 and 1 composition, u
jfor the Arbitrary Digit of addition cyclic group G.
4. the implementation method of cloud data accountability system, comprises cloud user, CA server, Cloud Server and cloud audit server, it is characterized in that, comprise the following steps:
Step S1: cloud user is to CA server application key:
Step S101: cloud user sends key application to CA server;
Step S102:CA server generates key and is sent to cloud user, and described key comprises file label PKI spk and data block label PKI v, file label private key ssk and data block label private key cc;
Step S2: cloud user is to Cloud Server uploading data:
Step S201: cloud user arranges filename for file to be uploaded, and generate corresponding file label f=t based on current file label private key ssk
0|| t, wherein t
0=F||n, F represent filename, and n represents the data block block count of file F, and symbol " || " represents additional operation; Parametric t=(H
0(t
0))
ssk, wherein H
0for being mapped to the impact resistant hash function of p rank addition cyclic group G from the bit sequence collection of 0 and 1 composition, parameter p is for system is based on the Big prime selected by preset security parameter;
Step S202: cloud user treats upload file and encodes, and the file after coding is divided into n data block, more each data block is divided into s sub-block, use m
ijrepresent each sub-block of different pieces of information block, wherein 1≤i≤n, 1≤j≤s; Data block label σ is generated based on current data block label private key
i;
Step S203: cloud user is by current file label f, m of each file
ijwith data block label σ
icloud Server is uploaded to after series connection;
Step S3: audit server is to the audit of Cloud Server:
Step S301: cloud user sends audit request to audit server, comprises file identifier information, Cloud Server identification information and current file label PKI, data block label PKI;
Step S302: whether audit server checking step described audit request is effective, if, then random selecting two random values k, ψ, then generate commitment value and challenging value based on the file identifier information in audit request and be sent to Cloud Server corresponding in audit request; Otherwise, refuse described audit request;
Step S303: after challenging value described in cloud server and commitment value, generate randomized responsive tags and be sent to audit server;
Step S304: random value k, ψ are sent to Cloud Server by audit server;
Step S305: whether Cloud Server promises to undertake effective according to random value k, ψ checking, if so, then refusal audit request; Otherwise calculate corresponding response and send to audit server;
Step S306: audit server is based on the validity of described response and challenging value, current file label PKI, data block label public key verifications response;
Step S307: audit server sends Audit Report according to the result of step S6 to cloud user, if be proved to be successful, then send and audits successfully; Otherwise, send and audit unsuccessfully;
Step S4: cloud user generates new file label and new data block label based on new key, Cloud Server upgrades file label and the data block label of respective file:
Step S401: cloud user sends key updating request to CA server;
Step S402:CA server generates new key and is sent to cloud user;
Step S403: cloud user sends to Cloud Server and upgrades label request, and after the reply receiving Cloud Server, cloud user is from Cloud Server downloading files label f and data block label σ
i, subscript i is the data block identifier of each file;
Step S404: cloud user generates new file label f ' and new data block label σ '
iand be uploaded to Cloud Server:
Extract the parametric t in the file label f downloaded
0and t, generate new file label f '=t
0|| t ', wherein t '=t
ssk '/ssk, ssk ' represents the file label private key of current new key;
Generate new data block label σ '
i=σ
i α '/α, wherein α ' and α represents the data block label private key of current new and old key respectively;
Step S504: the file label of respective file and data label are updated to new file label f ' and new data block label σ ' by Cloud Server
i.
5. method as claimed in claim 4, is characterized in that, CA server generates key and is:
Select File double secret key (spk, ssk), and spk=g
ssk, wherein spk represents file label PKI, and systemic presupposition parameter g is the generator of p rank addition cyclic group G, and parameter p is for system is based on the Big prime selected by preset security parameter; Appoint and get α ∈ Z
p, according to v=g
αcalculate blocks of files label PKI v, wherein Z
pfor the addition cyclic group of mould p.
6. method as claimed in claim 4, is characterized in that, in step S202, generates data block label σ
ifor:
wherein H
1for being mapped to the impact resistant hash function of addition cyclic group G from the bit sequence collection of 0 and 1 composition, u
jfor the Arbitrary Digit of addition cyclic group G.
7. the method as described in claim 4,5 or 6, is characterized in that, in step S301, file identifier information is treat the current file label of audit document;
In step S302, described commitment value Ψ is: Ψ=g
kh
ψ, systemic presupposition parameter g is the generator of p rank addition cyclic group G, and parameter p is for system is based on the Big prime selected by preset security parameter, and parameter h is the random number in addition cyclic group G;
Described challenging value chal is: chal=current file label || { (i, v
i), wherein v
i∈ Z
p, 1≤i≤c, c ∈ Z
pand c≤n, Z
pfor the addition cyclic group of mould p.
8. method as claimed in claim 7, is characterized in that, in step S303, generate randomized responsive tags (T, Π) and be specially:
Calculating parameter η=e (g, h), wherein e is G × G → G
tbilinear map, G, G
tfor p rank addition cyclic group;
Calculating parameter η
j=e (u
j, v), wherein 1≤j≤s, v represents current data block label PKI;
Stochastic choice parameter r, ρ
r, ρ
1... ρ
s∈ Z
p, calculating parameter
and parameter
wherein σ
irepresent the data block label of current file.
9. method as claimed in claim 8, it is characterized in that, in step S305, described response is (z
r, z
1, z
2..., z
s), wherein z
r=ρ
r-kr, z
j=ρ
j-k μ
j, parameter
1≤j≤s.
10. method as claimed in claim 9, it is characterized in that, in step S306, the validity of auth response value is:
Inspection equation e (g, t)=e (spk, H
0(t
0)) whether set up, wherein parametric t=(H
0(t
0))
ssk, and t
0=F||n, H
0for the impact resistant hash function of systemic presupposition, spk represents the file label PKI of current key, and F represents filename, and symbol " || " represents additional operation;
If not, then authentication failed is exported;
If so, checking equation is then continued
Whether set up, if so, then export and be proved to be successful; If not, then export authentication failed, wherein H
1for being mapped to the impact resistant hash function of addition cyclic group G from the bit sequence collection of 0 and 1 composition, u
1, u
2..., u
sfor the random number in addition cyclic group G.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510192375.7A CN104811300B (en) | 2015-04-22 | 2015-04-22 | The key updating method of cloud storage and the implementation method of cloud data accountability system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510192375.7A CN104811300B (en) | 2015-04-22 | 2015-04-22 | The key updating method of cloud storage and the implementation method of cloud data accountability system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104811300A true CN104811300A (en) | 2015-07-29 |
| CN104811300B CN104811300B (en) | 2017-11-17 |
Family
ID=53695819
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510192375.7A Expired - Fee Related CN104811300B (en) | 2015-04-22 | 2015-04-22 | The key updating method of cloud storage and the implementation method of cloud data accountability system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104811300B (en) |
Cited By (22)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104902027A (en) * | 2015-06-12 | 2015-09-09 | 电子科技大学 | Cloud storage service-oriented dynamic data integrity auditing program |
| CN105791321A (en) * | 2016-05-03 | 2016-07-20 | 西南石油大学 | Cloud storage data common auditing method possessing secret key leakage resistance characteristic |
| CN106254374A (en) * | 2016-09-05 | 2016-12-21 | 电子科技大学 | A kind of cloud data public audit method possessing duplicate removal function |
| CN107124389A (en) * | 2016-02-25 | 2017-09-01 | 北京骄阳星天纪网络科技有限公司 | A kind of cloud data encryption analysis and processing method |
| CN107426165A (en) * | 2017-05-16 | 2017-12-01 | 安徽大学 | Bidirectional secure cloud storage data integrity detection method supporting key updating |
| CN107483585A (en) * | 2017-08-18 | 2017-12-15 | 西安电子科技大学 | The efficient data integrality auditing system and method for safe duplicate removal are supported in cloud environment |
| CN107566374A (en) * | 2017-09-07 | 2018-01-09 | 山东超越数控电子有限公司 | A kind of cloud storage data guard method and system based on user isolation storage |
| CN108600201A (en) * | 2018-04-09 | 2018-09-28 | 东华大学 | A kind of telesecurity replacing options of the data label of cloud storage integrity verification |
| WO2018184441A1 (en) * | 2017-04-07 | 2018-10-11 | 华为技术有限公司 | Method and device for processing user information |
| CN109040058A (en) * | 2018-08-01 | 2018-12-18 | 安徽大学 | Security cloud auditing method and system with updatable verification tag |
| CN109286490A (en) * | 2018-08-27 | 2019-01-29 | 西安电子科技大学 | Support close state data deduplication and integrity verification method and system |
| CN109859371A (en) * | 2018-12-25 | 2019-06-07 | 航天信息股份有限公司 | A kind of non-tax bill based on two dimensional code generates, anti-fake method and system |
| CN110011998A (en) * | 2019-03-29 | 2019-07-12 | 福建师范大学 | A kind of prepare more part teledata of identity-based holds verification method |
| CN110381077A (en) * | 2019-07-26 | 2019-10-25 | 中国工商银行股份有限公司 | For the treating method and apparatus of digital certificate |
| CN110650152A (en) * | 2019-10-14 | 2020-01-03 | 重庆第二师范学院 | Cloud data integrity verification method supporting dynamic key updating |
| CN110995734A (en) * | 2019-12-12 | 2020-04-10 | 深圳大学 | Cloud storage auditing method and system based on error correcting code and computer equipment |
| CN111176673A (en) * | 2018-11-12 | 2020-05-19 | 商派软件有限公司 | Method for upgrading payment interface on line |
| CN111931201A (en) * | 2020-07-15 | 2020-11-13 | 重庆第二师范学院 | Secure cloud storage system based on symmetric key |
| CN112560095A (en) * | 2020-12-18 | 2021-03-26 | 湖南科技学院 | Secret key updating method for cloud storage and implementation method for cloud data auditing system |
| CN114041275A (en) * | 2019-06-26 | 2022-02-11 | 微软技术许可有限责任公司 | Confidential lifecycle management on a serverless platform |
| CN114978753A (en) * | 2022-06-21 | 2022-08-30 | 金陵科技学院 | Secret key leakage resistant cloud storage data integrity verification method |
| CN116707805A (en) * | 2023-08-07 | 2023-09-05 | 北京云驰未来科技有限公司 | Cloud-based method and system for replacing IOT equipment key |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102075542A (en) * | 2011-01-26 | 2011-05-25 | 中国科学院软件研究所 | Cloud computing data security supporting platform |
| CN103002040A (en) * | 2012-12-14 | 2013-03-27 | 南京邮电大学 | Method for checking cloud computation user data |
| CN103268460A (en) * | 2013-06-20 | 2013-08-28 | 北京航空航天大学 | Integrity verification method of cloud storage data |
| CN103944874A (en) * | 2014-02-18 | 2014-07-23 | 国家超级计算深圳中心 | Highly reusable cloud storage data storage verification method and system |
-
2015
- 2015-04-22 CN CN201510192375.7A patent/CN104811300B/en not_active Expired - Fee Related
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102075542A (en) * | 2011-01-26 | 2011-05-25 | 中国科学院软件研究所 | Cloud computing data security supporting platform |
| CN103002040A (en) * | 2012-12-14 | 2013-03-27 | 南京邮电大学 | Method for checking cloud computation user data |
| CN103268460A (en) * | 2013-06-20 | 2013-08-28 | 北京航空航天大学 | Integrity verification method of cloud storage data |
| CN103944874A (en) * | 2014-02-18 | 2014-07-23 | 国家超级计算深圳中心 | Highly reusable cloud storage data storage verification method and system |
Non-Patent Citations (1)
| Title |
|---|
| CHUN-HSIN WU等: ""Secure multi-key file-sharing for cloud storage with erasure coding"", 《COMPUTER, INFORMATION AND TELECOMMUNICATION SYSTEMS (CITS), 2014 INTERNATIONAL CONFERENCE ON》 * |
Cited By (31)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104902027A (en) * | 2015-06-12 | 2015-09-09 | 电子科技大学 | Cloud storage service-oriented dynamic data integrity auditing program |
| CN107124389A (en) * | 2016-02-25 | 2017-09-01 | 北京骄阳星天纪网络科技有限公司 | A kind of cloud data encryption analysis and processing method |
| CN105791321A (en) * | 2016-05-03 | 2016-07-20 | 西南石油大学 | Cloud storage data common auditing method possessing secret key leakage resistance characteristic |
| CN106254374A (en) * | 2016-09-05 | 2016-12-21 | 电子科技大学 | A kind of cloud data public audit method possessing duplicate removal function |
| CN106254374B (en) * | 2016-09-05 | 2019-10-01 | 电子科技大学 | A kind of cloud data public audit method having duplicate removal function |
| WO2018184441A1 (en) * | 2017-04-07 | 2018-10-11 | 华为技术有限公司 | Method and device for processing user information |
| CN107426165A (en) * | 2017-05-16 | 2017-12-01 | 安徽大学 | Bidirectional secure cloud storage data integrity detection method supporting key updating |
| CN107483585A (en) * | 2017-08-18 | 2017-12-15 | 西安电子科技大学 | The efficient data integrality auditing system and method for safe duplicate removal are supported in cloud environment |
| CN107483585B (en) * | 2017-08-18 | 2020-03-10 | 西安电子科技大学 | Efficient data integrity auditing system and method supporting safe deduplication in cloud environment |
| CN107566374A (en) * | 2017-09-07 | 2018-01-09 | 山东超越数控电子有限公司 | A kind of cloud storage data guard method and system based on user isolation storage |
| CN108600201A (en) * | 2018-04-09 | 2018-09-28 | 东华大学 | A kind of telesecurity replacing options of the data label of cloud storage integrity verification |
| CN109040058A (en) * | 2018-08-01 | 2018-12-18 | 安徽大学 | Security cloud auditing method and system with updatable verification tag |
| CN109040058B (en) * | 2018-08-01 | 2020-12-11 | 安徽大学 | Security cloud auditing method and system with updatable verification tag |
| CN109286490A (en) * | 2018-08-27 | 2019-01-29 | 西安电子科技大学 | Support close state data deduplication and integrity verification method and system |
| CN111176673B (en) * | 2018-11-12 | 2021-02-23 | 商派软件有限公司 | Method for upgrading payment interface on line |
| CN111176673A (en) * | 2018-11-12 | 2020-05-19 | 商派软件有限公司 | Method for upgrading payment interface on line |
| CN109859371A (en) * | 2018-12-25 | 2019-06-07 | 航天信息股份有限公司 | A kind of non-tax bill based on two dimensional code generates, anti-fake method and system |
| CN110011998A (en) * | 2019-03-29 | 2019-07-12 | 福建师范大学 | A kind of prepare more part teledata of identity-based holds verification method |
| CN110011998B (en) * | 2019-03-29 | 2021-07-27 | 福建师范大学 | Identity-based multi-backup remote data holding verification method |
| CN114041275A (en) * | 2019-06-26 | 2022-02-11 | 微软技术许可有限责任公司 | Confidential lifecycle management on a serverless platform |
| CN114041275B (en) * | 2019-06-26 | 2024-02-23 | 微软技术许可有限责任公司 | Confidential lifecycle management on a serverless platform |
| CN110381077A (en) * | 2019-07-26 | 2019-10-25 | 中国工商银行股份有限公司 | For the treating method and apparatus of digital certificate |
| CN110650152A (en) * | 2019-10-14 | 2020-01-03 | 重庆第二师范学院 | Cloud data integrity verification method supporting dynamic key updating |
| CN110995734A (en) * | 2019-12-12 | 2020-04-10 | 深圳大学 | Cloud storage auditing method and system based on error correcting code and computer equipment |
| CN111931201A (en) * | 2020-07-15 | 2020-11-13 | 重庆第二师范学院 | Secure cloud storage system based on symmetric key |
| CN111931201B (en) * | 2020-07-15 | 2023-06-16 | 重庆第二师范学院 | Secure cloud storage system based on symmetric key |
| CN112560095A (en) * | 2020-12-18 | 2021-03-26 | 湖南科技学院 | Secret key updating method for cloud storage and implementation method for cloud data auditing system |
| CN114978753A (en) * | 2022-06-21 | 2022-08-30 | 金陵科技学院 | Secret key leakage resistant cloud storage data integrity verification method |
| CN114978753B (en) * | 2022-06-21 | 2023-05-05 | 金陵科技学院 | Cloud storage data integrity verification method for resisting key leakage |
| CN116707805A (en) * | 2023-08-07 | 2023-09-05 | 北京云驰未来科技有限公司 | Cloud-based method and system for replacing IOT equipment key |
| CN116707805B (en) * | 2023-08-07 | 2023-10-20 | 北京云驰未来科技有限公司 | Cloud-based method and system for replacing IOT equipment key |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104811300B (en) | 2017-11-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104811300A (en) | Secret key updating method for cloud storage and implementation method of cloud data auditing system | |
| Yang et al. | Blockchain-based publicly verifiable data deletion scheme for cloud storage | |
| CN106254374B (en) | A kind of cloud data public audit method having duplicate removal function | |
| CN104811450B (en) | The date storage method and integrity verification method of a kind of identity-based in cloud computing | |
| Barsoum et al. | On verifying dynamic multiple data copies over cloud servers | |
| CN101039182B (en) | Authentication system and method for issuing user identification certificate | |
| Yang et al. | Provable data possession of resource-constrained mobile devices in cloud computing | |
| CN103501352B (en) | A kind of cloud storage data method for auditing safely allowing group user identity to cancel | |
| Feng et al. | An efficient privacy-preserving authentication model based on blockchain for VANETs | |
| Lyu et al. | A secure decentralized trustless E-voting system based on smart contract | |
| CN106789090A (en) | Public key infrastructure system and semi-random participating certificate endorsement method based on block chain | |
| CN104601605A (en) | Efficient privacy protection auditing scheme based on chameleon hash function in cloud storage | |
| CN107172071A (en) | A kind of cloud Data Audit method and system based on attribute | |
| CN105721158A (en) | Cloud safety privacy and integrity protection method and cloud safety privacy and integrity protection system | |
| CN104978239A (en) | Method, device and system for realizing multi-backup-data dynamic updating | |
| CN104994110A (en) | Method for assigning verifier for auditing cloud storage data | |
| CN103986732A (en) | Cloud storage data auditing method for preventing secret key from being revealed | |
| CN102891856B (en) | Safe access method between plural entity and plural entity identity relaying party | |
| CN104717217B (en) | The provable security data property held verification method based on section entitlement in a kind of cloud storage | |
| CN106487786A (en) | A kind of cloud data integrity verification method based on biological characteristic and system | |
| CN104954390A (en) | Cloud storage integrity detection method for recovering lost secret keys and system applying cloud storage integrity detection method | |
| US20220020008A1 (en) | Smart Contract-Based Electronic Contract Preservation System | |
| CN108712259B (en) | Identity-based cloud storage efficient auditing method capable of uploading data by proxy | |
| CN105227317A (en) | A kind of cloud data integrity detection method and system supporting authenticator privacy | |
| CN111815321A (en) | Transaction proposal processing method, device, system, storage medium and electronic device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| EXSB | Decision made by sipo to initiate substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20171117 Termination date: 20200422 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |