CN109858283B - Cloud storage security data sharing method based on Chaum-Pedersen - Google Patents

Cloud storage security data sharing method based on Chaum-Pedersen Download PDF

Info

Publication number
CN109858283B
CN109858283B CN201910142859.9A CN201910142859A CN109858283B CN 109858283 B CN109858283 B CN 109858283B CN 201910142859 A CN201910142859 A CN 201910142859A CN 109858283 B CN109858283 B CN 109858283B
Authority
CN
China
Prior art keywords
data
owner
group
user
users
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910142859.9A
Other languages
Chinese (zh)
Other versions
CN109858283A (en
Inventor
王鑫
韩志宇
周彦伟
张磊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shaanxi University of Science and Technology
Original Assignee
Shaanxi University of Science and Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shaanxi University of Science and Technology filed Critical Shaanxi University of Science and Technology
Priority to CN201910142859.9A priority Critical patent/CN109858283B/en
Publication of CN109858283A publication Critical patent/CN109858283A/en
Application granted granted Critical
Publication of CN109858283B publication Critical patent/CN109858283B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

With the development of cloud computing technology, data can be outsourced to the cloud, so that sharing among users is facilitated. However, in many cases, users may worry about the reliability and integrity of their data outsourced to the cloud, and it is therefore crucial to provide a data sharing service that meets these security requirements. The invention provides a reliable and safe data sharing scheme by adopting a threshold secret key sharing technology and a Chaum-Pedersen zero-knowledge proving method. The scheme is not only flexible and effective, but also can realize semantic security characteristics. Furthermore, this solution enables the security of the user's decryption key and the identification of fraudsters if some of the users are dishonest. Efficiency analysis shows that this scheme has better performance in terms of computational cost than other related work. In particular, the scheme is suitable for protecting cloud medical insurance data of the user.

Description

Cloud storage safety data sharing method based on Chaum-Pedersen
Technical Field
The invention belongs to the technical field of information security, is particularly suitable for protecting cloud medical insurance data of a user, and relates to a cloud storage security data sharing method based on Chaum-Pedersen.
Background
Under the strong push of the innovative development trend of cloud technology, the data sharing technology of cloud computing and cloud storage becomes a promising technology which allows file owners to store and users to access conveniently. However, in storing, sharing data, file owners are increasingly concerned about the privacy of the storage and the reliable access of the data. Medical care data covers aspects of human life and includes a variety of data such as medical record information, medical insurance information, health records, genetic information, medical experimental and scientific data, and the like. Medical experimental data, scientific research data and insurance information not only relate to the privacy of data owners, but also influence the development trend of the pharmaceutical industry and even influence the national security. Therefore, in the development process and application of healthcare data, it is necessary to provide targeted compliance assurance for data source certification and medical data types.
When a person stores her medical insurance data in the cloud for occasional needs (sudden death, insurance claims, etc.), careful consideration should be given to who is allowed access to the data. In this process, due to the diversity and complexity of medical data, not only the confidentiality of the data itself but also the specificity of the actual situation need to be considered in the data storage process.
In a cloud-based medical service scenario, a patient (data owner) stores the above important personal information (e.g., electronic medical records, health files, consulting information, and financial information) in a ciphertext form, divides the access rights of a file into a plurality of copies, and assigns them to different types of groups, such as a family group, a friend group, a medical staff group, and a financial information management group, each of which is composed of a plurality of users. The proof that the patient (data owner) is in an emergency or an unexpected death and needs to retrieve the above information can be provided by a group of users even if the patient cannot. In this process, in order to ensure fairness of information extraction, it is critical to allow rights of a few users to fail, prevent a fraudster from infringing on personal interests and provide false rights by a dishonest user.
Disclosure of Invention
In order to overcome the above-mentioned shortcomings of the prior art and achieve the above-mentioned needs, the present invention provides a cloud storage security data sharing method based on Chaum-Pedersen, which combines symmetric encryption and key sharing technologies, can verify and can deceive, and a data owner can designate an authorized user by himself to ensure the security of personal data; grouping management is carried out according to the types of users so as to supervise when accessing data, thereby realizing decentralized management of authority; in addition, according to the validity and fairness of the data, any behavior interfering with normal data access can be thoroughly identified, so that the stability of the system is ensured and the system can normally operate. The invention adopts a threshold secret key sharing technology and a Chaum-Pedersen zero-knowledge proving method, has the characteristics of reliability and safety, and can play a fundamental and inspirational role in the aspect of solving the medical data management in the personal health environment of the Internet.
In order to achieve the purpose, the invention adopts the technical scheme that:
a cloud storage security data sharing method based on Chaum-Pedersen is characterized in that:
hiding confidential information irrelevant to the important data, encrypting the important data and storing the important data in the cloud;
dividing the types of important data corresponding to authorized users into a plurality of groups;
each important data corresponds to a group of secret shares, each group of secret shares consists of secret shares of a plurality of different owners, each secret share is distributed to a corresponding authorized user group by using a threshold secret sharing method of Shamir, a decryption key is assigned to each authorized user group, the authorized users of each authorized user group distribute private keys, namely sub-keys of the group of decryption keys, according to the decryption keys of the group, and when the decryption keys are correctly reconstructed, the corresponding secret shares of the important data can be decrypted, so that the important data can be decrypted under mutual supervision among the groups.
The data is medical insurance data, and the confidential information irrelevant to the important data refers to personal information of an owner, including name, age, work family, address and the like; the important data refers to data of an owner directly related to medical insurance, and comprises electronic medical records, health records, consultation information and financial information, and the identity of the authorized user corresponds to the type of the important data, and comprises a family group, a friend group, a medical staff group and a financial information management group.
The confidential information irrelevant to the important data is hidden by a Bloom filter and the like.
Compared with the existing data sharing scheme, the scheme can provide the following advantages of safety and efficiency:
1) The cloud server may utilize data file tags to assist in record searching and may not be able to obtain any meaningful information about the owner data or the owner's personal confidential data.
2) The user who has access to the data file is authorized by the data owner, who can verify the decryption key sent by the owner. Even if some decryption keys from authorized users are incorrect, the system can still function properly without affecting the reliability of the data.
3) It is possible to identify in advance a dishonest user who provides a pseudo decryption key without revealing the decryption key of a dishonest user. Thus, the data file can be decrypted safely and correctly under supervision of these user groups.
Drawings
FIG. 1 is a framework for a secure shared data protection service in a cloud environment of the present invention.
Detailed Description
The embodiments of the present invention will be described in detail below with reference to the drawings and examples.
As shown in fig. 1, the present invention proposes an efficient, reliable and integrated internet medical data sharing scheme to ensure semantic security and efficient use of owner data on cloud storage. Confidential information of a patient, such as name, age, work, home address and the like, which is irrelevant to important data, is hidden through a Bloom filter and the like, and important data files, such as electronic medical records, health records, consultation information and financial information, are encrypted and stored in the cloud.
In order to achieve decryption of secret data files under mutual supervision between groups, decryption keys are used for assigning rights among cloud decryption users, which are divided into groups according to their identities when registered in an agreement, such as family groups, friend groups, medical staff groups, financial information management groups, etc. Each data file corresponds to a set of secret shares, each secret share is assigned to a corresponding group of users by using Shamir's threshold secret sharing method, each group is assigned a decryption key, and authorized users of each group assign their private keys, i.e., sub-keys of the group of decryption keys, based on the group's decryption keys, and when the decryption keys are properly reconstructed, the corresponding secret shares of the data file can be successfully decrypted.
First, preliminary knowledge required for understanding the present invention is introduced:
1. key sharing scheme
The key sharing scheme divides the key into a number of parts, each part being referred to as a shared key, and the key can be recovered when the required number of shared keys is in possession.
A sharing stage: to share the key, the issuer generates shared keys for different authorized users by constructing different polynomials and then sends the shared keys to each authorized user through a dedicated channel.
A reconstruction stage: any subset of these authorized users can reconstruct the key using polynomial interpolation as long as given conditions are met.
2. Threshold encryption cryptosystem
In our protocol, a threshold key sharing system is adopted to design an encryption scheme, and the cryptosystem consists of the following five algorithms:
and (3) generating a key: taking a security parameter k, the number n of decryption groups (n is more than or equal to 1), a threshold value t (t is more than or equal to 1 and less than or equal to n) and a random character string x as input, and outputting a public key pk and a group of shared keys { y1…ynAnd a set of verification keys v, { v }1…vn}。
Encryption: the public key pk, the random character string x and the plaintext
Figure BDA0001979092390000041
As an input, and outputs the ciphertext CT.
Partial decryption: the public key pk, the ciphertext CT, the index i (i is more than or equal to 1 and less than or equal to n) and the corresponding shared secret key yiAs input, and outputs a corresponding decrypted share ciAnd proving that the share decryption is validDemonstration of pi
And (3) verification: the cipher text CT, the index i (i is more than or equal to 1 and less than or equal to n), the verification key v, and the { v {1…vn}, decryption fraction ciAnd its demonstration piAs an input. And if the result is valid, outputting 1, and otherwise, outputting ^ T.
Combining: taking any subset of the public key pk and the valid decryption group t as input and outputting the plaintext
Figure BDA0001979092390000044
3. Bloom filter
A Bloom filter is a random data storage structure made up of a set of Hash functions BF (x) = (bh)1(x),…,bhk(x) ) is prepared. The Bloom filter is used to hide the value of the attribute or part of the information of the attribute during the access process. In this scheme, bloom filters are used to anonymously store data files, with a verification output (bh)1(x),…,bhk(x) Is matched with the input x, the searched tag is verified.
4. Proof of discrete logarithm equation
The Chaum-Pedersen attestation protocol may be used to prove equations for discrete logarithms. Let p, q be two large prime numbers, and q | p-1, let GqIs marked as
Figure BDA0001979092390000042
The sub-group of order q of (a),
Figure BDA0001979092390000043
is a non-zero integer ring of modulo p, G and h being GqTwo generators. Without the need to inform a specific formula, y ≡ g can be demonstratedx(modp) and t ≡ hxThe index value x of (modp) is the same, which proves to work as follows:
prover
Figure BDA00019790923900000515
Randomly selecting a value r ∈ ZpThen U.ident.gr(modp) and V ≡ hr(modp) to the verifier
Figure BDA0001979092390000051
-
Figure BDA0001979092390000052
Let the random value e be ZpSending back
Figure BDA0001979092390000053
-
Figure BDA0001979092390000054
Calculate z = r + xe mod p and send z to
Figure BDA0001979092390000055
If g isz≡Uye(modp) and hz≡Vte(modp),
Figure BDA0001979092390000056
The proof is accepted; otherwise, the proof is rejected. Its reliability is that the two accepted dialog processes have the same first step, and honest verifier zero knowledge is true because for any random value e ZpAnd Z ∈ ZpArray of generated (g)zy-e,hzt-eE, z) are reliable, the distribution of values cannot be predicted from random values.
Based on the above preliminary knowledge, the present invention performs the following process:
1. system initialization
(1) The public key generator selects a group G with the order of prime number p1,G1A generator g and an anti-collision hash function H.
(2) Using grouping functions
Figure BDA0001979092390000057
Dividing a user set U which wants to share important data of an owner into N different groups according to different identities, such as a family group, a friend group, a medical staff group and legal staffGroup, etc., denoted as U1,…,UNAnd satisfies U = U1∪…∪UN. I.e. associating user IDs in a set of usersiIs divided into
Figure BDA0001979092390000058
Wherein
Figure BDA0001979092390000059
Is defined as
Figure BDA00019790923900000510
Is provided with
Figure BDA00019790923900000511
k belongs to {1, \ 8230;, N }, and then the user group
Figure BDA00019790923900000512
Also referred to as U for shortkWherein the number of users is nk
(3) Data owner at tkZ of degree-1pUpper selection of random number skAnd a random polynomial
Figure BDA00019790923900000513
Wherein ZpRepresenting modulo-p integer rings, each group UkIn (a) ofk,0=sk,k=1~N。
2. Key generation
IDiRepresenting users of a set of users by means of a grouping function
Figure BDA00019790923900000514
Divide it into groups UkWherein the number of users is nk. Is a marker group UkUser ID in (1)iNeed to be a group UkUser renumbering, user ID iniIs a group UkThe jth user in (1) is represented as IDjk
(1) Data owner is group UkEach user ID in (1)jkUsing a set of polynomials fk(x) Calculate its shared secret yj|k=fk(xjk) Wherein
Figure BDA0001979092390000061
Is with the user
Figure BDA0001979092390000062
An associated common value.
(2) Data owner first calculates
Figure BDA0001979092390000063
Let the validation key v = g then, the other validation keys are then calculated:
Figure BDA0001979092390000064
wherein j =1,2, \8230;, nkFinally, disclose
Figure BDA0001979092390000065
The value of (c). G is G1Known generator of, skFor the selected random number, ak,iIs a random polynomial fk(x) The coefficients are known.
(3) Next, the data owner will share the secret key over the dedicated channel
Figure BDA0001979092390000066
Sent to corresponding authorized users
Figure BDA0001979092390000067
(4) At the user IDjkReceiving a shared secret SKjkThereafter, the received shared key SK is first verifiedjkWhether valid, i.e. verification
Figure BDA0001979092390000068
Wherein t isk-1 is the highest degree,
Figure BDA0001979092390000069
(5) Validating shared secret SKjkThen useHome-general SKjkAs its shared key.
3. Data file generation
(1)
Figure BDA00019790923900000611
Is the data to be encrypted, the owner of the data selects a random number rk∈Zp(k =1, \ 8230;, N) and a random index skI K belongs to {1, \ 8230;, N } }, and the encrypted data file is
Figure BDA00019790923900000610
G1Item 1 representing the ciphertext, item N of the ciphertext denoted GNAnd the N +1 th item of the ciphertext is marked as C0
(2) The owner information is expressed as (Value)owner) The label of the file is Tagowner=H(Valueowner). Label BF which is then used for retrieval and matchingowner=BF(Tagowner) May be constructed by Bloom filters.
(3) The owner anonymously uploads his encrypted data file CP to the cloud server. The format of each stored data file is as follows:
Figure BDA0001979092390000071
4. partial decryption algorithm
AkIs a group UkIs used to determine the set of rights to be granted,
Figure BDA0001979092390000072
is the union of N subsets of permissions of N groups.
(1) The authorized users of these N sets of permissions calculate the Tag of the data file they want to decryptowner=H(Valueowner) And then transmits it to the cloud server.
(2) The cloud server receives a Tag provided by a userownerAnd verifying BFowner=BF(Tagowner). If so, the ciphertext CT is sent back to the user.
(3) For a given ciphertext CT, each authorized user decrypts a portion of it. Authorized user IDjkUsing his decryption key yjkTo partially decrypt
Figure BDA0001979092390000079
Simultaneous generation of a non-interactive proof pjkTo prove CjkAnd vjkHave been promoted to the same rights.
5. Data file decryption
Set of authorized users AkReceiving a corresponding data file sent by the cloud server: g1,…,GN,C0
(1) From these sets of rights AkIs used by an authorized user
Figure BDA0001979092390000073
Checking equation
Figure BDA0001979092390000074
If there is no interactive proof pjkValid, it is the honest user who provides the decryption key
(2) If no dishonest of the authorized users is present, these users may recover the data
Figure BDA0001979092390000075
Figure BDA0001979092390000076
Figure BDA0001979092390000077
For the sake of simplicity, note
Figure BDA0001979092390000078
In the arrangement shown in fig. 1, in order to ensure the security of personal data, the data owner may specify an authorized user himself. In addition, for efficient and convenient management, grouping management is carried out according to the types of users so as to access data in a supervision mode, and therefore a scattered authority management mechanism is achieved. In addition, due to the validity and fairness of the data, any behavior interfering with normal data access can be thoroughly identified to ensure the stability of the system for its normal operation.
Therefore, the safety and the reliability of the data file can be fully guaranteed. The scheme is not only flexible and effective, but also can realize semantic security characteristics. Furthermore, the solution enables identification of fraudsters without infringing the honesty rights. Compared with the existing fraudster identification method such as the RS code, the method can detect each dishonest user. Efficiency analysis shows that the scheme is low in calculation cost and low in bandwidth utilization rate.

Claims (2)

1. A cloud storage security data sharing method based on Chaum-Pedersen is characterized in that:
hiding confidential information irrelevant to the important data, encrypting the important data and storing the important data in the cloud;
dividing the types of the important data corresponding to the authorized users into a plurality of groups;
each important data corresponds to a group of secret shares, each group of secret shares consists of secret shares of a plurality of different owners, each secret share is distributed to a corresponding authorized user group by using a Shamir threshold secret sharing method, a decryption key is assigned to each authorized user group, the authorized users of each authorized user group distribute private keys, namely sub-keys of the group of decryption keys, according to the decryption keys of the group, and when the decryption keys are correctly reconstructed, the corresponding secret shares of the important data can be decrypted, so that the important data can be decrypted under mutual supervision among the groups;
the data is medical insurance data, and the confidential information irrelevant to the important data refers to personal information of an owner, including name, age, work family and address; the important data refers to data of an owner directly related to medical insurance, and comprises electronic medical records, health records, consultation information and financial information, and the identity of the authorized user corresponds to the type of the important data, and comprises a family group, a friend group, a medical staff group and a financial information management group;
the method comprises the following specific steps:
1) System initialization
(1.1) public key generator selects a group G with order prime p1,G1The anti-collision hash function is H;
(1.2) Using grouping function
Figure FDA0003833119690000011
Dividing a user set U which wants to share important data of an owner into N different groups according to different identities, and expressing the groups as U1,…,UNAnd satisfies U = U1∪…∪UN(ii) a I.e. associating user IDs in a set of usersiIs divided into
Figure FDA0003833119690000012
Wherein
Figure FDA0003833119690000013
Is defined as
Figure FDA0003833119690000014
Is provided with
Figure FDA0003833119690000015
Then the user group
Figure FDA0003833119690000016
Referred to as U for shortkWhere the number of users is nk
(1.3) data owner at tkZ of degree-1pUpper selection of random number skAnd a random polynomial
Figure FDA0003833119690000017
Wherein ZpRepresenting modulo-p integer rings, each group UkIn (a)k,0=sk,k=1~N;
2) Key generation
(2.1)IDj|kIndicating the user IDiIs a group UkThe jth user in (1), the data owner is the group UkEach user ID in (1)j|kUsing a set of polynomials fk(x) Calculate its shared secret yj|k=fk(xj|k) Where j =1, \ 8230;, nk
Figure FDA0003833119690000021
Is with the user
Figure FDA0003833119690000022
An associated common value;
(2.2) data owner first calculates
Figure FDA0003833119690000023
Let the validation key v = g then, the other validation keys are then calculated:
Figure FDA0003833119690000024
wherein j =1,2, \8230;, nkFinally, disclose
Figure FDA0003833119690000025
G is G1Known generator of (2), skFor the selected random number, ak,iIs a random polynomial fk(x) Known coefficients of (1);
(2.3) data owner will share secret key through dedicated channel
Figure FDA0003833119690000026
Sent to corresponding authorized users
Figure FDA0003833119690000027
(2.4) at user IDj|kReceiving a shared secret SKj|kThereafter, the received shares are first verifiedKey SKj|kWhether it is valid, i.e. verify
Figure FDA0003833119690000028
Wherein t isk-1 is the highest degree of the image,
Figure FDA0003833119690000029
(2.5) verification of shared secret SKj|kThe user then sends SKj|kAs its shared key;
3) Data file generation
(3.1)
Figure FDA00038331196900000210
Is the data to be encrypted, the owner of the data selects a random number rk∈Zp(k =1, \8230;, N) and a random index skI K belongs to {1, \ 8230;, N } }, and the encrypted data file is
Figure FDA00038331196900000211
G1Item 1 representing the ciphertext, item N of the ciphertext denoted GNAnd the N +1 th item of the ciphertext is marked as C0
(3.2) express the owner's information as (Value)owner) The label of the file is Tagowner=H(Valueowner) BF as a tag for retrieval and matchingowner=BF(Tagowner) Constructed by a Bloom filter;
(3.3) the owner anonymously uploads its encrypted data file CP to the cloud server, and the format of each stored data file is as follows:
Figure FDA0003833119690000031
4) Partial decryption algorithm
(4.1)AkIs a group UkIs used to determine the set of rights to be granted,
Figure FDA0003833119690000032
is the union of N subsets of permissions of N groups, the authorized user of which calculates the Tag of the data file that he wants to decryptowner=H(Valueowner) Then sending the data to a cloud server;
(4.2) the cloud Server receives the TagownerAnd verify BFowner=BF(Tagowner) If yes, sending the ciphertext CT back to the user;
(4.3) for a given ciphertext CT, each authorized user decrypts a portion of it, an authorized user IDj|kUsing its shared secret yj|kTo partially decrypt
Figure FDA0003833119690000033
Simultaneous generation of a non-interactive proof pj|kTo prove Cj|kAnd vj|kHave been promoted to the same privilege;
5) Decrypting the data file
(5.1) set of authorized users AkReceiving a corresponding data file sent by the cloud server: g1,…,GN,C0(ii) a From a set of authorized users AkAuthorized user of (2) using the authentication key
Figure FDA0003833119690000034
Checking equation
Figure FDA0003833119690000035
If there is no interactive proof pj|kIf the decryption key is valid, the truthful user provides the decryption key;
(5.2) if there are no dishonest ones of the authorized users, then these users are able to recover the data
Figure FDA0003833119690000036
Figure FDA0003833119690000037
2. The method for Chaum-Pedersen based cloud storage secure data sharing according to claim 1, wherein the confidential information that is not related to important data is hidden by a Bloom filter.
CN201910142859.9A 2019-02-26 2019-02-26 Cloud storage security data sharing method based on Chaum-Pedersen Active CN109858283B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910142859.9A CN109858283B (en) 2019-02-26 2019-02-26 Cloud storage security data sharing method based on Chaum-Pedersen

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910142859.9A CN109858283B (en) 2019-02-26 2019-02-26 Cloud storage security data sharing method based on Chaum-Pedersen

Publications (2)

Publication Number Publication Date
CN109858283A CN109858283A (en) 2019-06-07
CN109858283B true CN109858283B (en) 2022-11-01

Family

ID=66898991

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910142859.9A Active CN109858283B (en) 2019-02-26 2019-02-26 Cloud storage security data sharing method based on Chaum-Pedersen

Country Status (1)

Country Link
CN (1) CN109858283B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111161075B (en) * 2019-12-31 2024-04-05 深圳市迅雷网络技术有限公司 Blockchain transaction data proving and supervising method, system and related equipment
CN113779609B (en) * 2021-09-22 2024-03-22 北方健康医疗大数据科技有限公司 Data management method, device, electronic equipment and storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1633077A2 (en) * 2000-03-24 2006-03-08 Dategrity Corporation Verifiable, secret shuffles of encrypted data, such as elgamal encrypted data for secure multi-authority elections
US9461821B1 (en) * 2014-06-30 2016-10-04 Emc Corporation System and method for key material protection on devices using a secret sharing scheme
CN106127081A (en) * 2016-07-18 2016-11-16 贵州大学 The open data fault-tolerant method for secure storing that can verify that
CN107241321A (en) * 2017-05-26 2017-10-10 陕西科技大学 A kind of personal medical information method for secret protection
CN107395568A (en) * 2017-06-21 2017-11-24 西安电子科技大学 A kind of cipher text retrieval method of more data owner's certifications
CN109274492A (en) * 2018-09-30 2019-01-25 中国科学技术大学 From the close coupling privacy sharing method of safety

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1633077A2 (en) * 2000-03-24 2006-03-08 Dategrity Corporation Verifiable, secret shuffles of encrypted data, such as elgamal encrypted data for secure multi-authority elections
US9461821B1 (en) * 2014-06-30 2016-10-04 Emc Corporation System and method for key material protection on devices using a secret sharing scheme
CN106127081A (en) * 2016-07-18 2016-11-16 贵州大学 The open data fault-tolerant method for secure storing that can verify that
CN107241321A (en) * 2017-05-26 2017-10-10 陕西科技大学 A kind of personal medical information method for secret protection
CN107395568A (en) * 2017-06-21 2017-11-24 西安电子科技大学 A kind of cipher text retrieval method of more data owner's certifications
CN109274492A (en) * 2018-09-30 2019-01-25 中国科学技术大学 From the close coupling privacy sharing method of safety

Non-Patent Citations (5)

* Cited by examiner, † Cited by third party
Title
Desigh of generalization of threshold sighcryption scheme based on ECC;Xueming Wang等;《IEEE Xplore》;20110117;第46-49页 *
公开可验证的门限秘密共享方案;石润华等;《微电子学与计算机》;20080105(第01期);第29-33页 *
可公开验证的秘密共享方案在自组网中的应用;程睿等;《信息工程大学学报》;20050930(第03期);第18-21页 *
基于身份加密的秘密共享及其应用研究;李大伟;<中国博士学位论文全文数据库信息科技辑>;20120515(第05期);第I136-28页 *
抗隐蔽敌手的云外包秘密共享方案;张恩等;《通信学报》;20170525(第05期);第57-65页 *

Also Published As

Publication number Publication date
CN109858283A (en) 2019-06-07

Similar Documents

Publication Publication Date Title
CN111914027B (en) Block chain transaction keyword searchable encryption method and system
Barsoum et al. Provable multicopy dynamic data possession in cloud computing systems
Yu et al. Improved security of a dynamic remote data possession checking protocol for cloud storage
CN103229450B (en) The system and method stored for safe multi-tenant data
JP5562687B2 (en) Securing communications sent by a first user to a second user
Yu et al. Remote data possession checking with enhanced security for cloud storage
CN111261250B (en) Medical data sharing method and device based on block chain technology, electronic equipment and storage medium
CN106850656B (en) Multi-user&#39;s file-sharing control method under a kind of cloud environment
CN113407627B (en) Block chain-based intelligent medical network system and medical data sharing method
WO2019043589A1 (en) Systems and methods for communication, storage and processing of data provided by an entity over a blockchain network
US20180145825A1 (en) Cipher-information generation device, cipher-information generation method, storage medium, and collation system
Sharma et al. RSA based encryption approach for preserving confidentiality of big data
CN111274594A (en) Block chain-based secure big data privacy protection sharing method
KR102354758B1 (en) System and method for distributed autentication based on zero knowledge proof
CN109858283B (en) Cloud storage security data sharing method based on Chaum-Pedersen
Barman et al. A blockchain‐based approach to secure electronic health records using fuzzy commitment scheme
Jonas et al. Privacy-preserving record grouping and consent management based on a public-private key signature scheme: theoretical analysis and feasibility study
Said et al. A multi-factor authentication-based framework for identity management in cloud applications
Reedy et al. A Secure Framework for Ensuring EHR's Integrity Using Fine-Grained Auditing and CP-ABE
Pawar et al. CovidBChain: Framework for access‐control, authentication, and integrity of Covid‐19 data
JP2007189345A (en) Multiple-key authentication terminal, multiple-key authentication management apparatus, and multiple-key authentication system and program
Xu et al. A decentralized pseudonym scheme for cloud-based eHealth systems
KR101864213B1 (en) Apparatus and method for biometric encryption
JP7500771B2 (en) Service provision system
Lyu et al. NSSIA: A New Self‐Sovereign Identity Scheme with Accountability

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant