CN104994110B - A kind of method audited for designated-verifier to cloud storage data - Google Patents
A kind of method audited for designated-verifier to cloud storage data Download PDFInfo
- Publication number
- CN104994110B CN104994110B CN201510419271.5A CN201510419271A CN104994110B CN 104994110 B CN104994110 B CN 104994110B CN 201510419271 A CN201510419271 A CN 201510419271A CN 104994110 B CN104994110 B CN 104994110B
- Authority
- CN
- China
- Prior art keywords
- verifier
- designated
- cloud
- signature
- lattice
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0884—Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention belongs to field of communication technology, particularly relates to a kind of method audited for designated-verifier to cloud storage data.The present invention method be mainly:System carries out piecemeal processing to data file first, produces the public private key pair of cloud user and Cloud Server respectively, and cloud user produces the signature and data file label of data block, the signature set, data file and its label of data block are sent to Cloud Server;Then cloud user calls lattice agent algorithms to calculate its public private key pair according to the identity of designated-verifier, and is safely sent to designated-verifier;Last designated-verifier produces audit challenge information to Cloud Server, and Cloud Server is according to audit challenge information, and audit response proves and is sent to designated-verifier for acquisition, and designated-verifier verifies that this audit response proves according to lattice signature verification method.
Description
Technical field
The invention belongs to field of communication technology, particularly relate to it is a kind of be used for designated-verifier to cloud storage data into
The method of row audit.
Background technology
With the development of network technology and continuing to increase for storage demand amount, cloud storage is being used as memory module of new generation
Progressively occur and rise.Although cloud storage brings many facilities to user, in terms of it is also proposed some security privacies at the same time
Challenge.Although cloud service provider is capable of providing the storage device of security higher, the data of magnanimity are stored in cloud clothes
It is engaged on device so that data are easier the active attack by attacker.For cloud service provider, due to some interests reasons,
They may not truly react the storage condition to user data.Such as:Cloud service provider may be because interests reason
Delete the data that some users seldom access, or cloud service provider has concealed the loss of the user data caused by him to tie up
Protect his reputation.It can therefore be seen that although cloud storage can bring many advantages and facility, it does not ensure that user deposits
Store up the authenticity and integrity of data.
In order to solve the safety problem of cloud storage data above-mentioned, it would be desirable to which the data being stored on cloud are carried out
Audit, this scheme that can be audited to the data stored on cloud we be known as cloud storage Data Audit agreement.Work as user
After storing data into Cloud Server, user just loses the control to data.Auditable cloud storage data be user or
The trusted third party of user's commission carries out regular audit to the data of cloud storage.By audit, user being capable of real-time confirmation
He is stored in the authenticity and integrity of the data on Cloud Server.Even if there is such cloud storage Data Audit service, to
For family, the executor for selecting audit task is also problem needed to be considered.Such as in public audit program, as long as holding
Effective certificate parameter, anyone can verify the data integrity of user.So, the private data of user or secret
Confidential information may be obtained than unauthorized parties.So user needs to specify a special identifier come the task of auditing, with
Ensure the privacy of data.
Cloud storage Data Audit method is all based on classical cryptosystem at present, and such issues that be all quantum computer
It can easily crack, be unsafe under quantum environment.It will be designed in view of big data in quantum epoch long-term existence
The Designated-Verifier Data Audit scheme that quantum attack can be resisted just has great importance..
The content of the invention
It is to be solved by this invention, aiming at the above problem, propose a kind of being tested for specifying based on lattice difficult problem
The method that witness audits cloud storage data, the method can be effective against the attack of quantum computer.
To achieve the above object, the present invention adopts the following technical scheme that:
A kind of method audited for designated-verifier to cloud storage data, it is characterised in that comprise the following steps:
A. system initialization, specifically includes:
A1. piecemeal processing is carried out to data file, the security parameter of lattice cryptographic algorithm and the hash function of safety is set;
A2. the public private key pair of cloud user and Cloud Server is produced respectively by lattice threshold generation algorithm, cloud user is secret
Select signature key;
A3. cloud user produces the signature set of data block by the linear homomorphism signature algorithm on lattice, and is calculated by signing
Method obtains data file label, and the signature set of data block, data file and data file label are sent to Cloud Server;
B. audit devolution, specifically include:
B1. cloud user designated-verifier, and call lattice agent algorithms to calculate specified test according to the identity of designated-verifier
The public private key pair of the designated-verifier of acquisition, is sent to the identifier specified by the public private key pair of witness;
B2. cloud user is by user identity, and the identity of designated-verifier and the public key of designated-verifier are on Cloud Server
Registration;
C. audit challenge response, specifically include:
C1. designated-verifier produces audit challenge information and is sent to Cloud Server;
C2. Cloud Server is calculated according to audit challenge information using preimage sampling algorithm on lattice and noise learning method
Audit response proves to be sent to designated-verifier;
C3. designated-verifier verification audit response proves whether correctly.
Further, the specific method of the step a1 is:
A11. data file F is divided into l data block F={ m1,m2,…,ml, wherein1≤i≤l;
A12., the line number n of safe Gaussian parameter σ, δ and matrix is set, common parameter set is setWherein q=poly (n) is the prime number on the polynomial complexity of matrix line number n, m >=
2nlogq is matrix column number,For the upper bound of matrix norm in scheme,
For the distribution of digital signature in scheme, χ is Gaussian noise distribution;Wherein e is digital signature,It is the m dimensional vectors on mould q, O
It is the complexity on matrix line number n.
A13., first secure hash function is setSecond secure hash function3rd secure hash function4th secure hash functionThe
Five secure hash functionsWherein, the 3rd hash function H3Value export in Dm×mIn distribution,It is
N × m dimension matrixes on mould q,It is the n-dimensional vector on mould q, Zm×mIt is the low norm matrix of dimension of m m, ZqIt is mould q residual class rings,
Subscript m is matrix columns, and subscript n is matrix line number, and subscript q is prime number, Dm×mIt is low norm m × m only matrix distributions.
Further, the specific method of the step a2 is:
A21. cloud user produces public private key pair using lattice threshold generation algorithm, is specially:
Pass through lattice threshold generation algorithm TrapGen (1n,1m, q) and produce homogeneous matrixTo pass's
Base TASo thatThe public private key pair for obtaining cloud user is (A, TA), cloud user select signature public private key pair for (spk,
ssk);
A22. Cloud Server produces public private key pair using lattice threshold generation algorithm, is specially:
Pass through lattice threshold generation algorithm TrapGen (1n,1m, q) and produce uniform matrixTo passBase TcloudSo thatThe public private key pair for obtaining Cloud Server is (B, Tcloud)。
Further, the specific method of the step a3 is:
Assuming that data file F={ m1,m2,…,mlIdentity id ∈ { 0,1 }*, for each data blockUsing public private key pair (A, the T of cloud userA) and Cloud Server public key B, for each data block produce signature,
Specific method is:
A31. formula is passed through(wherein 1≤j≤n) obtains n vector β1,β2,…βn。
A32. for each data block mi, 1≤i≤l, passes through formulaObtain μi, adopt
Use μiAnd βjDirect product h in acquisitioni,j=<μi,βj>, 1≤j≤n, 1≤i≤l, are set
A33. preimage sampling algorithm SamplePre (A, T on lattice is passed through for each i ∈ { 1 ..., l }, cloud userA,hi,
σ) produce signature θi;
A44. it is Ψ={ θ to define signature seti}1≤i≤l, while cloud user passes through formula τ=id ‖ SSigssk(id) obtain
The label τ of data file F, wherein SSigssk(id) be identity id signature, finally, cloud user send { F, τ, Ψ } give cloud
User.
Further, the specific method of the step b1 is:
Cloud User ID sends audit request information and gives designated-verifier TPA, utilizes the identity ID of designated-verifierTPA, Yun Yong
Family ID passes through formulaObtainPass through formulaObtain specific authentication
The public key of peopleAnd by lattice agent algorithms NewBasisDel (A,TA, δ) and produce corresponding private keyIts
InIt is the short base of latticeThe public private key pair for obtaining designated-verifier TPA is
Further, the specific method of the step c1 is:
C11. cloud user sends audit request information and is believed to designated-verifier TPA, designated-verifier TPA according to audit request
Breath fetches the label τ of corresponding data file F, and designated-verifier TPA utilizes open signature verification public key spk verification signatures SSigssk
(id) whether effectively, if so, c12 is then entered step, if it is not, then exiting;
C12. the designated-verifier TPA subsets of random selection containing c element from set { 1,2 ..., l }
C13. designated-verifier TPA produces Bit String uniformly at randomForm audit challenge
Information chal is
Further, the specific method of the step c2 is:
C21. cloud server to audit challenge informationAfterwards, corresponding specify is searched for test
The public private key pair of witness TPAIDTPA), while obtain aggregate signatureIn order to blind group
Information ν is closed, cloud user selects random vectorThen preimage sampling algorithm SamplePre (B, T on lattice is passed throughcloud,w,
σ) produce random vectorSignature γ;
C22. calculate on combined informationBlind value ν '=γ+H4(w)ν;
C23. new vector is randomly choosedAnd calculate
C24. according to Gaussian noise distribution χ, noise vector is selectedAnd calculate e=θ+H5(ν ' ‖ ξ '),Obtaining proves that response message P={ ν ', w, e, ξ } gives designated-verifier TPA.
Further, the specific method of the step c3 is:
C31. formula is passed through(wherein 1≤j≤n) obtains n vector β1,β2,…βn;
C32. formula is passed throughObtain λ;
C33. β is usedjWith direct product in λ acquisitionsWherein 1≤j≤n, is set
C34. decisive equationAnd inequalityWhether set up, if so, then judging
Audit response is justified, if it is not, then judging that audit response proves mistake;Wherein, θ=e-H5(ν ' ‖ ξ ') is above-mentioned
Aggregate signature, ξ ' be mould q on n tie up random vector, for participating in the ciphering process on θ.
Beneficial effects of the present invention are, it can be ensured that except designated-verifier TPA, either party is not able to verify that and is stored in
Data integrity on Cloud Server.
Embodiment
Technical scheme is described below in detail:
The invention mainly includes steps:
A. system initialization, specifically includes:
A1. piecemeal processing is carried out to data file, the security parameter of lattice cryptographic algorithm and the hash function of safety is set;
A2. the public private key pair of cloud user and Cloud Server is produced respectively by lattice threshold generation algorithm, cloud user is secret
Select signature key;
A3. cloud user produces the signature set of data block by the linear homomorphism signature algorithm on lattice, and is calculated by signing
Method obtains data file label, and the signature set of data block, data file and data file label are sent to Cloud Server;
B. audit devolution, specifically include:
B1. cloud user designated-verifier, and call lattice agent algorithms to calculate specified test according to the identity of designated-verifier
The public private key pair of the designated-verifier of acquisition, is sent to the identifier specified by the public private key pair of witness;
B2. cloud user is by user identity, and the identity of designated-verifier and the public key of designated-verifier are on Cloud Server
Registration;
C. audit challenge response, specifically include:
C1. designated-verifier produces audit challenge information and is sent to Cloud Server;
C2. Cloud Server is calculated according to audit challenge information using preimage sampling algorithm on lattice and noise learning method
Audit response proves to be sent to designated-verifier;
C3. designated-verifier verification audit response proves whether correctly.
Further, the specific method of the step a1 is:
A11. data file F is divided into l data block F={ m1,m2,…,ml, wherein1≤i≤l;
A12. it is n matrix to set safe Gaussian parameter σ, δ and line number, sets common parameter setWherein q=poly (n) is the prime number on the polynomial complexity of matrix line number n, m >=
2nlogq is matrix column number,For the upper bound of matrix norm in scheme,
For the distribution of digital signature in scheme, χ is Gaussian noise distribution;Wherein e is digital signature,It is the m dimensional vectors on mould q, O
It is the complexity on matrix line number n.
A13., first secure hash function is setSecond secure hash function3rd secure hash function4th secure hash functionThe
Five secure hash functionsWherein, the 3rd hash function H3Value export in Dm×mIn distribution,It is
N × m dimension matrixes on mould q,It is the n-dimensional vector on mould q, Zm×mIt is the low norm matrix of dimension of m m, ZqIt is mould q residual class rings,
Subscript m is matrix columns, and subscript n is matrix line number, and subscript q is prime number, Dm×mIt is low norm m × m only matrix distributions.
Further, the specific method of the step a2 is:
A21. cloud user produces public private key pair using lattice threshold generation algorithm, is specially:
Pass through lattice threshold generation algorithm TrapGen (1n,1m, q) and produce homogeneous matrixTo pass's
Base TASo thatThe public private key pair for obtaining cloud user is (A, TA), cloud user select signature public private key pair for (spk,
ssk);
A22. Cloud Server produces public private key pair using lattice threshold generation algorithm, is specially:
Pass through lattice threshold generation algorithm TrapGen (1n,1m, q) and produce uniform matrixTo passBase TcloudSo thatThe public private key pair for obtaining Cloud Server is (B, Tcloud)。
Further, the specific method of the step a3 is:
Assuming that data file F={ m1,m2,…,mlIdentity id ∈ { 0,1 }*, for each data blockUsing public private key pair (A, the T of cloud userA) and Cloud Server public key B, for each data block produce signature,
Specific method is:
A31. formula is passed through(wherein 1≤j≤n) obtains n vector β1,β2,…βn。
A32. for each data block mi, 1≤i≤l, passes through formulaObtain μi, adopt
Use μiAnd βjDirect product h in acquisitioni,j=<μi,βj>, 1≤j≤n, 1≤i≤l, are set
A33. preimage sampling algorithm SamplePre (A, T on lattice is passed through for each i ∈ { 1 ..., l }, cloud userA,hi,
σ) produce signature θi;
A44. it is Ψ={ θ to define signature seti}1≤i≤l, while cloud user passes through formula τ=id ‖ SSigssk(id) obtain
The label τ of data file F, wherein SSigssk(id) be identity id signature, finally, cloud user send { F, τ, Ψ } give cloud
User.
Further, the specific method of the step b1 is:
Cloud User ID sends audit request information and gives designated-verifier TPA, utilizes the identity ID of designated-verifierTPA, Yun Yong
Family ID passes through formulaObtainPass through formulaObtain specific authentication
The public key of peopleAnd by lattice agent algorithms NewBasisDel (A,TA, δ) and produce corresponding private keyIts
InIt is the short base of latticeThe public private key pair for obtaining designated-verifier TPA is
Further, the specific method of the step c1 is:
C11. cloud user sends audit request information and is believed to designated-verifier TPA, designated-verifier TPA according to audit request
Breath fetches the label τ of corresponding data file F, and designated-verifier TPA utilizes open signature verification public key spk verification signatures SSigssk
(id) whether effectively, if so, c12 is then entered step, if it is not, then exiting;
C12. the designated-verifier TPA subsets of random selection containing c element from set { 1,2 ..., l }
C13. designated-verifier TPA produces Bit String uniformly at randomForm audit challenge
Information chal is
Further, the specific method of the step c2 is:
C21. cloud server to audit challenge informationAfterwards, corresponding specify is searched for test
Witness TPA public private key pair (IDTPA), while obtain aggregate signatureIn order to blind group
Information ν is closed, cloud user selects random vectorThen preimage sampling algorithm SamplePre (B, T on lattice is passed throughcloud,w,
σ) produce random vectorSignature γ;
C22. calculate on combined informationBlind value ν '=γ+H4(w)ν;
C23. new vector is randomly choosedAnd calculate
C24. according to Gaussian noise distribution χ, noise vector is selectedAnd calculate e=θ+H5(ν ' ‖ ξ '),Obtaining proves that response message P={ ν ', w, e, ξ } gives designated-verifier TPA.
Further, the specific method of the step c3 is:
C31. formula is passed through(wherein 1≤j≤n) obtains n vector β1,β2,…βn;
C32. formula is passed throughObtain λ;
C33. β is usedjWith direct product in λ acquisitionsWherein 1≤j≤n, is set
C34. decisive equationAnd inequalityWhether set up, if so, then judging
Audit response is justified, if it is not, then judging that audit response proves mistake;Wherein, θ=e-H5(ν ' ‖ ξ ') is above-mentioned
Aggregate signature, ξ ' be mould q on n tie up random vector, for participating in the ciphering process on θ.
This auditing method is able to ensure that, except specified TPA, either party is not able to verify that and is stored on Cloud Server
Data integrity.And based on non-difficult sex chromosome mosaicism of secondly small integer solution (ISIS) on lattice, it was demonstrated that malice Cloud Server cannot
Produce the signature forged so that produce the audit certification response message of forgery and cannot cheat the TPA specified and pass through auditing verification
Process.This method realizes the random construction for covering up code using preimage sampling function technology on lattice, so that it is guaranteed that curious TPA, it
It is that calculating is infeasible to want the initial data block message that cloud user is recovered from data file.In addition, the method for the present invention is not
The module exponent computing and Bilinear map computing that cost is larger are needed, for specified TPA, it only need to calculate limited line for this
Property equation just can good authentication be stored in data integrity on Cloud Server.Therefore the solution of the present invention in terms of calculation amount more
Be conducive to the TPA specified, there is very big application value in rear quantum communications environment.
Claims (1)
- A kind of 1. method audited for designated-verifier to cloud storage data, it is characterised in that comprise the following steps:A. system initialization, specifically includes:A1. piecemeal processing is carried out to data file, the security parameter of lattice cryptographic algorithm and the hash function of safety is set;Specific side Method is:A11. data file F is divided into l data block, i.e. F={ m1,m2,…,ml, wherein1≤i≤l;A12., the matrix of safe Gaussian parameter σ, δ and line number for n is set, common parameter set is setWherein q=poly (n) is the prime number on the polynomial complexity of matrix line number n, and m is square The columns and m >=2nlogq of battle array,For the upper bound of matrix norm,For The distribution of digital signature, χ are Gaussian noise distributions, and e is digital signature,It is the m dimensional vectors on mould q, O is on matrix line number The complexity of n;A13., first secure hash function H is set1:Second secure hash function H2:The Three secure hash function H3:{0,1}*→Zm×m, the 4th secure hash function H4:5th secure hash function H5:Wherein, { 0,1 }*For the Bit String of random length, the 3rd hash function H3Value export in Dm×mIn distribution,It is n × m dimension matrixes on mould q,It is the n-dimensional vector on mould q, Zm×mIt is the low norm matrix of dimension of m m, ZqIt is mould q residues Class ring, subscript m are matrix columns, and subscript n is matrix line number, and subscript q is prime number, Dm×mIt is low norm m × m only matrix distributions;A2. the public private key pair of cloud user and Cloud Server, the secret selection of cloud user are produced respectively by lattice threshold generation algorithm Signature key;Specific method is:A21. cloud user produces public private key pair using lattice threshold generation algorithm, is specially:Pass through lattice threshold generation algorithm TrapGen (1n,1m, q) and produce homogeneous matrixTo passBase TA So thatThe public private key pair for obtaining cloud user is (A, TA), wherein A be cloud user public key, TAFor the private key of cloud user,It is lattice TANorm;Cloud user selects signature key to being open signature verification public key for (spk, ssk), wherein spk, Ssk is the signature private key of secrecy;A22. Cloud Server produces public private key pair using lattice threshold generation algorithm, is specially:Pass through lattice threshold generation algorithm TrapGen (1n,1m, q) and produce uniform matrixTo passBase TcloudSo thatThe public private key pair for obtaining Cloud Server is (B, Tcloud), wherein B is the public key of Cloud Server, TcloudFor the private key of Cloud Server,It is lattice TcloudNorm;A3. cloud user produces the signature set of data block by the linear homomorphism signature algorithm on lattice, and is obtained by signature algorithm Data file label is obtained, the signature set of data block, data file and data file label are sent to Cloud Server;Specific side Method is:Assuming that data file F={ m1,m2,…,mlIdentity id ∈ { 0,1 }*, for each data blockAdopt With public private key pair (A, the T of cloud userA) and Cloud Server public key B, for each data block produce signature, specific method For:A31. formula is passed through(wherein 1≤j≤n) obtains n vector β1,β2,…βn;A32. for each data block mi, 1≤i≤l, passes through formulaObtain μi, using μiWith βjDirect product h in acquisitioni,j=<μi,βj>, 1≤j≤n, 1≤i≤l, are setA33. preimage sampling algorithm SamplePre (A, T on lattice is passed through for each i ∈ { 1 ..., l }, cloud userA,hi, σ) and production Raw signature θi;A44. it is Ψ={ θ to define signature seti}1≤i≤l, while cloud user passes through formula τ=id ‖ SSigssk(id) data are obtained The label τ of file F, wherein SSigssk(id) be identity id signature, finally, cloud user send { F, τ, Ψ } give cloud service Device;B. audit devolution, specifically include:B1. cloud user designated-verifier, and call lattice agent algorithms to calculate designated-verifier according to the identity of designated-verifier Public private key pair, the public private key pair of the designated-verifier of acquisition is sent to the identifier specified;Specific method is:Cloud User ID sends audit request information and gives designated-verifier TPA, utilizes the identity ID of designated-verifierTPA, cloud User ID Pass through formulaObtainIt is the hash function value on the identity of audit person TPA, Pass through formulaObtain the public key of designated-verifierAnd pass through lattice agent algorithmsProduce corresponding private keyWhereinIt is the short base of latticeReferred to The public private key pair for determining identifier TPA isB2. cloud user registers user identity, the identity of designated-verifier and the public key of designated-verifier on Cloud Server Registration;C. audit challenge response, specifically include:C1. designated-verifier produces audit challenge information and is sent to Cloud Server;Specific method is:C11. cloud user sends audit request information and is taken to designated-verifier TPA, designated-verifier TPA according to audit request information The label τ of corresponding data file F is returned, designated-verifier TPA utilizes open signature verification public key spk verification signatures SSigssk(id) Whether effectively, if so, c12 is then entered step, if it is not, then exiting;C12. the designated-verifier TPA subsets of random selection containing c element from set { 1,2 ..., l }C13. designated-verifier TPA produces Bit String uniformly at randomForm audit challenge information Chal isC2. Cloud Server calculates audit according to audit challenge information using preimage sampling algorithm on lattice and noise learning method Response proof is sent to designated-verifier;Specific method is:C21. cloud server to audit challenge informationAfterwards, corresponding designated-verifier is searched for The public private key pair of TPAObtain aggregate signature at the same timeCombined informationIn order to blind Combined information ν, cloud user select random vectorThen preimage sampling algorithm SamplePre (B, T on lattice is passed throughcloud, W, σ) produce random vectorSignature γ;C22. calculate on combined informationBlind value ν '=γ+H4(w)ν;C23. new vector is randomly choosedAnd calculateC24. according to Gaussian noise distribution χ, noise vector is selectedAnd calculate e=θ+H5(ν ' ‖ ξ '),Vectorial ξ is the cyphertext vector of vectorial ξ ';Obtaining proves that response message P={ ν ', w, e, ξ } gives specific authentication People TPA;C3. designated-verifier verification audit response proves whether that correctly, specific method is:C31. formula is passed through1≤j≤n, obtains n vector β1,β2,…βn;βjFor on A | | id | | the hash function value of j;C32. formula is passed throughObtain n-dimensional vector λ;C33. β is usedjWith direct product in λ acquisitionsWherein 1≤j≤n, sets n-dimensional vectorC34. decisive equationAnd inequalityWhether set up, if so, then judging audit Response is justified, if it is not, then judging that audit response proves mistake;Wherein, θ=e-H5(ν ' ‖ ξ ') is aggregate signature, and ξ ' is mould N dimension random vectors on q.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510419271.5A CN104994110B (en) | 2015-07-16 | 2015-07-16 | A kind of method audited for designated-verifier to cloud storage data |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510419271.5A CN104994110B (en) | 2015-07-16 | 2015-07-16 | A kind of method audited for designated-verifier to cloud storage data |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104994110A CN104994110A (en) | 2015-10-21 |
CN104994110B true CN104994110B (en) | 2018-04-13 |
Family
ID=54305862
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510419271.5A Expired - Fee Related CN104994110B (en) | 2015-07-16 | 2015-07-16 | A kind of method audited for designated-verifier to cloud storage data |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104994110B (en) |
Families Citing this family (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105787390B (en) * | 2016-03-02 | 2018-11-27 | 深圳大学 | A kind of verification method and its system of data integrity |
CN105791321A (en) * | 2016-05-03 | 2016-07-20 | 西南石油大学 | Cloud storage data common auditing method possessing secret key leakage resistance characteristic |
CN105978695A (en) * | 2016-05-03 | 2016-09-28 | 西南石油大学 | Batch self-auditing method for cloud storage data |
CN106789044B (en) * | 2017-02-20 | 2019-12-27 | 西南石油大学 | Searchable encryption method for cipher text data public key stored in cloud on grid under standard model |
CN107124272A (en) * | 2017-05-02 | 2017-09-01 | 西南石油大学 | The lattice cloud storage data safety auditing method for supporting agent data to upload |
CN107332665B (en) * | 2017-07-06 | 2020-06-26 | 河南理工大学 | Partial blind signature method based on identity on lattice |
CN108259180B (en) * | 2017-09-20 | 2021-01-01 | 北京工业大学 | Method for quantum specifying verifier signature |
CN108965258B (en) * | 2018-06-21 | 2021-07-16 | 河南科技大学 | Cloud environment data integrity verification method based on fully homomorphic encryption |
CN109525403B (en) * | 2018-12-29 | 2021-11-02 | 广州市溢信科技股份有限公司 | Anti-leakage public cloud auditing method supporting full-dynamic parallel operation of user |
CN110049054B (en) * | 2019-04-24 | 2021-07-06 | 电子科技大学 | Plaintext shared data auditing method and system supporting privacy information hiding |
CN110266490B (en) * | 2019-07-25 | 2023-04-21 | 西南石油大学 | Keyword ciphertext generation method and device of cloud storage data |
CN112217629B (en) * | 2020-10-13 | 2022-07-22 | 安徽大学 | Cloud storage public auditing method |
CN112564911A (en) * | 2020-11-23 | 2021-03-26 | 重庆大学 | Identity-based cloud server computing correctness verification method |
CN112632604B (en) * | 2020-12-21 | 2024-01-23 | 贵州航天计量测试技术研究所 | Cloud data auditing method, system and device based on multi-authority auditors |
CN113746836B (en) * | 2021-09-03 | 2022-08-23 | 南京南瑞信息通信科技有限公司 | Data holding verification method and system |
-
2015
- 2015-07-16 CN CN201510419271.5A patent/CN104994110B/en not_active Expired - Fee Related
Non-Patent Citations (2)
Title |
---|
"An Efficient Method for Checking the Integrity of Data in the Cloud";TAN Shuang等;《IEEE》;20141124;第68-81页 * |
"Efficient Identity-based Public Auditing Scheme for Cloud Storage from Lattice Assumption";Xiaojun Zhang等;《IEEE》;20141221;第1819-1826页第III节 * |
Also Published As
Publication number | Publication date |
---|---|
CN104994110A (en) | 2015-10-21 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104994110B (en) | A kind of method audited for designated-verifier to cloud storage data | |
CN105791321A (en) | Cloud storage data common auditing method possessing secret key leakage resistance characteristic | |
CN106357401B (en) | A kind of storage of private key and application method | |
CN107124268A (en) | A kind of privacy set common factor computational methods for resisting malicious attack | |
CN106506158B (en) | A kind of encryption method and system based on whitepack | |
KR20120007509A (en) | Method for authenticating identity and generating share key | |
CN105978695A (en) | Batch self-auditing method for cloud storage data | |
CN107124272A (en) | The lattice cloud storage data safety auditing method for supporting agent data to upload | |
CN109379176B (en) | Password leakage resistant authentication and key agreement method | |
CN111241514A (en) | Safety face verification method based on face verification system | |
CN111859446A (en) | Agricultural product traceability information sharing-privacy protection method and system | |
CN106953723A (en) | Prevent fractionation and merging method that DFA is attacked | |
CN105187382A (en) | Multi-factor identity authentication method for preventing library collision attacks | |
CN109981290A (en) | The communication system and method close based on no certificate label under a kind of intelligent medical environment | |
Kaleem et al. | New Efficient Cryptographic Techniques For Cloud Computing Security | |
CN106549756A (en) | A kind of method and device of encryption | |
Goel et al. | LEOBAT: Lightweight encryption and OTP based authentication technique for securing IoT networks | |
Li et al. | Recoverable private key scheme for consortium blockchain based on verifiable secret sharing | |
Wang et al. | Dynamic threshold changeable multi‐policy secret sharing scheme | |
Abiega-L’Eglisse et al. | A new fuzzy vault based biometric system robust to brute-force attack | |
CN104468535B (en) | It is adapted to ciphertext storage and connection query system and the method for cloud environment | |
CN109714148B (en) | Method for remote multi-party authentication of user identity | |
CN111541538B (en) | Data transmission method and device, server, computer equipment and storage medium | |
Kumar et al. | Secured electronic transactions using visual encryption: An E-commerce instance | |
CN110336659A (en) | A kind of multi-party quantum key machinery of consultation, terminal and storage device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20180413 Termination date: 20210716 |
|
CF01 | Termination of patent right due to non-payment of annual fee |