CN112699123A - Method and system for verifying existence and integrity of data in data storage system - Google Patents

Method and system for verifying existence and integrity of data in data storage system Download PDF

Info

Publication number
CN112699123A
CN112699123A CN202011603598.5A CN202011603598A CN112699123A CN 112699123 A CN112699123 A CN 112699123A CN 202011603598 A CN202011603598 A CN 202011603598A CN 112699123 A CN112699123 A CN 112699123A
Authority
CN
China
Prior art keywords
verification
data
block
node
tree
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202011603598.5A
Other languages
Chinese (zh)
Inventor
何琨
陈晶
杜瑞颖
张晨
徐丽华
郑明辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wuhan University WHU
Original Assignee
Wuhan University WHU
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Wuhan University WHU filed Critical Wuhan University WHU
Priority to CN202011603598.5A priority Critical patent/CN112699123A/en
Publication of CN112699123A publication Critical patent/CN112699123A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/22Indexing; Data structures therefor; Storage structures
    • G06F16/2219Large Object storage; Management thereof
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/22Indexing; Data structures therefor; Storage structures
    • G06F16/2228Indexing structures
    • G06F16/2246Trees, e.g. B+trees
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention discloses a method and a system for verifying the existence and the integrity of data in a data storage system, which comprises a Mercker tree structure for rapidly summarizing and verifying the existence and the integrity of block data. The use method of the verification structure mainly comprises three parts of creation, certification and verification, wherein the creation method is based on Hash operation to obtain a verification structure called a blockless Mercker tree and metadata thereof; the proving method generates an evidence based on the challenge information, the verification structure and the file; the verification method generates a decision whether the evidence is valid based on the challenge information, the evidence and the metadata. The invention is suitable for data integrity verification under a large-scale data storage system and storage and transaction verification of Ether house block data, the verification structure of the non-block Mercker tree greatly reduces the calculation and storage expenses in the verification process, and a light-weight non-block verification method is provided for the verification of the specified data block.

Description

Method and system for verifying existence and integrity of data in data storage system
Technical Field
The invention relates to the fields of cryptography and data security, provides a method for verifying data existence and integrity, and particularly relates to a method and a system for verifying data existence and integrity in a large-scale data storage system based on a block-free verified Merkle Tree (Block free Merkle Tree).
Background
The concept of the merkel tree was proposed by ruff merck in 1979, and is a tree-shaped data structure in cryptography and computer science, in which each leaf node takes the hash of a data block as a label, and nodes other than the leaf node take the encrypted hashes of their child node labels as labels, and finally, a root hash is obtained. The hash tree can efficiently and safely verify the content of a large data structure, and is a popularization form of the hash chain. The structural characteristics of the merkel tree, which is widely used in distributed systems and distributed storage, include rapid comparison of large amounts of data, rapid location modification, and zero knowledge proof, make it possible to quickly summarize and verify the existence and integrity of data.
In recent years, with the development of blockchain technology, P2P network and decentralized technology have received much attention. In the bit currency block chain system, each block comprises an encrypted hash, a corresponding time stamp and transaction data of the previous block, data packets in the block chain are subjected to hash operation through a Merck binary tree, new hash nodes are generated through continuous recursion operation, only one Merck root is finally left to be stored in a block head, and each hash node attaches importance to two adjacent data blocks or hash values of the two adjacent data blocks. Furthermore, the "simplified payment verification protocol" (APV) of mercker tree enables clients to verify transaction data in bitcoin terms without the need to run a complete blockchain network node. This makes possible a light client protocol for the etherhouse block, which allows the client to easily conduct and verify transaction data.
In a distributed storage system, in order to maintain data consistency, data between systems needs to be synchronized, and if all data on a machine are compared, the data transmission amount is large, thereby causing "network congestion". To solve this problem, a mercker tree can be constructed on each machine, so that when the data alignment is performed on the two machines, the alignment is performed starting from the root node of the mercker tree, and if the root nodes are the same, it means that the two copies are now identical, and no further processing is required; if the data are different, the leaf nodes with inconsistent data can be quickly positioned by inquiring along the node paths with different hash values, and only the inconsistent data need to be synchronized, so that the comparison time and the data transmission quantity are greatly saved.
In addition, the cloud storage brings convenience for the storage and access of user data, although the cloud computing infrastructure has stronger capacity and higher reliability than personal and enterprise storage devices, threats from the inside and the outside of a cloud platform are still severe, and the integrity protection of cloud data is always a research hotspot. Data auditing is an effective method for protecting the integrity of cloud data, can find data loss caused by software and hardware faults of a cloud server, can detect various malicious behaviors which damage the integrity of the data in the cloud in time, and provides a feasible auditing scheme for the cloud data based on a Mercker tree challenge-response model, so that a verifier (namely a data owner or a special third party) is allowed to check the integrity of remote data without downloading the whole file, and the communication cost is reduced.
Disclosure of Invention
In the conventional method for verifying the mercker tree, no matter whether the data block is damaged or tampered, the verifier needs to perform the creation operation of the mercker tree once according to the complete path from the leaf node where the specified block is located to the root node and the sibling nodes on the path, and when the number of the data blocks is large, the calculated storage overhead is large.
In order to solve the technical problem, the invention provides a method and a system for verifying data existence and integrity in a data storage system.
The method adopts the technical scheme that: a method for verifying existence and integrity of data in a data storage system is characterized by comprising the following steps:
step 1: acquiring an original data block from a data storage system;
step 2: creating a verification structure;
step 2.1: selecting a group of random number generators and calculating homomorphic compression values of original data blocks;
step 2.2: taking a hash value obtained by calculating a homomorphic compression value of an original data block as a leaf node, and upwards generating a binary hash tree, wherein the data structure of each node comprises an index value of the node, the number of leaf nodes which can be reached by the node and the hash value of the leaf node;
step 2.3: outputting a verification structure consisting of a binary hash tree and a random number generator and metadata consisting of nodes and the random number generator;
and step 3: inputting challenge information, and checking the existence and integrity of the challenged data block according to the verification structure generated in the step 2.3 and the input challenge information;
step 3.1: calculating a homomorphic compression value of the challenge block according to the block index in the challenge information and the generator in the verification structure;
step 3.2: calculating a linear response value of the challenge block according to the block coefficient, the block index and a generating element in the verification structure in the challenge information;
step 3.3: calculating a path from the root node to the challenged leaf node and brother nodes on the path, and integrating calculation results into evidence to be output;
step 3.4: analyzing the evidence to obtain a linear response value, a homomorphic compression value, a path from the root node to the challenged leaf node and a brother node on the path of the challenged leaf node;
step 3.5: performing non-block homomorphic verification according to the linear response value and the homomorphic compression value, if the verification fails, outputting a decision that the evidence is invalid, and terminating the verification, otherwise, continuing the next step;
step 3.6: calculating a hash value for the homomorphic compression value of each challenge block;
step 3.7: reconstructing a tree according to the brother nodes on the path obtained in the step 3.4 and the metadata generated in the step 2.3 to obtain a root; if the reconstructed tree root is not equal to the tree root in the verification structure, outputting a decision that the evidence is invalid, and terminating the verification, otherwise, continuing the next step;
step 3.3: the verification is successful and the challenged data block is present and complete.
The technical scheme adopted by the system of the invention is as follows: a system for verifying the presence and integrity of data in a data storage system, comprising: the system comprises the following modules;
the first module is used for acquiring an original data block from a data storage system;
a second module for creating a verification structure;
the specific implementation comprises the following substeps:
step 2.1: selecting a group of random number generators and calculating homomorphic compression values of original data blocks;
step 2.2: taking a hash value obtained by calculating a homomorphic compression value of an original data block as a leaf node, and upwards generating a binary hash tree, wherein the data structure of each node comprises an index value of the node, the number of leaf nodes which can be reached by the node and the hash value of the leaf node;
step 2.3: outputting a verification structure consisting of a binary hash tree and a random number generator and metadata consisting of nodes and the random number generator;
a third module, configured to input challenge information, and perform existence and integrity verification on the challenged data block according to the verification structure generated in step 2.3 and the input challenge information;
the specific implementation comprises the following substeps:
step 3.1: calculating a homomorphic compression value of the challenge block according to the block index in the challenge information and the generator in the verification structure;
step 3.2: calculating a linear response value of the challenge block according to the block coefficient, the block index and a generating element in the verification structure in the challenge information;
step 3.3: calculating a path from the root node to the challenged leaf node and brother nodes on the path, and integrating calculation results into evidence to be output;
step 3.4: analyzing the evidence to obtain a linear response value, a homomorphic compression value, a path from the root node to the challenged leaf node and a brother node on the path of the challenged leaf node;
step 3.5: performing non-block homomorphic verification according to the linear response value and the homomorphic compression value, if the verification fails, outputting a decision that the evidence is invalid, and terminating the verification, otherwise, continuing the next step;
step 3.6: calculating a hash value for the homomorphic compression value of each challenge block;
step 3.7: reconstructing a tree according to the brother nodes on the path obtained in the step 3.4 and the metadata generated in the step 2.3 to obtain a root; if the reconstructed tree root is not equal to the tree root in the verification structure, outputting a decision that the evidence is invalid, and terminating the verification, otherwise, continuing the next step;
step 3.8: the verification is successful and the challenged data block is present and complete.
The invention provides a blockless Mercker tree verification structure and a using method thereof. Compared with the traditional Merck tree, the structure considers the problems of calculation and storage expenses in the verification process when the number of data blocks is large, the structure of the traditional Merck tree is optimized, homomorphic compression and linear response are constructed, so that the block-free verification can be realized, namely, the participation of original data blocks is not needed in the verification process, and the calculation and storage expenses in the verification process are greatly reduced.
The invention has two main differences with the traditional Mercker tree, firstly, extra verification information (namely node index and block index) is embedded into the Hash value, thus making up the loophole of the traditional Mercker tree; second, adding a layer of nodes below the leaf nodes that store hash values for blocks of data, this modification can achieve block-less authentication.
The invention is improved on the basis of the traditional Mercker tree, and in order to reduce the calculation and storage expenses of a verifier, in the creation of the tree, leaf nodes of the invention are directly generated on the basis of homomorphic compression values of data blocks, thereby realizing a light-weight integrity check method.
Drawings
FIG. 1 is a flow chart of a method according to an embodiment of the present invention.
Fig. 2 is a tree generated when D is 4 and S is 3 in the embodiment of the present invention, in which,
Figure BDA0002872232060000041
and v is4:=(4,1,H(u1))。
FIG. 3 is a non-blocking Mercker tree based challenge-response model in an embodiment of the present invention.
Detailed Description
The present invention is described in detail below with reference to the accompanying drawings, but it should be noted that these implementation methods are not limiting, and those skilled in the art can make equivalent changes or substitutions of functions, methods or structures according to these implementation methods, and fall within the protection scope of the present invention. The embodiments of the present specification tree show a specific implementation method of the non-block merkel tree verification structure, and the implementation method mainly includes a creation method, a proof method and a verification method of the non-block merkel tree. Compared with the traditional Mercker tree, the Mercker tree in the prior method is generated based on labels instead of files, and the non-block Mercker tree generation algorithm of the invention is generated directly based on file blocks, so that the proving algorithm and the verifying algorithm are different from the traditional algorithm.
Referring to fig. 1, in the data existence and integrity verification method in the data storage system provided in this embodiment, G is a multiplication cycle group with a prime number p, H: {0,1} → {0,1} > is a hash function. The present embodiment assumes that the file consists of D data blocks
Figure BDA0002872232060000051
When composing, storing and processing files, data blocks are basic units (e.g., 4KB and 16 KB). However, the data block is too large to be in
Figure BDA0002872232060000052
And (4) treating. Thus, the present embodiment divides each data block di into s segments
Figure BDA0002872232060000053
Wherein the content of the first and second substances,
Figure BDA0002872232060000054
Figure BDA0002872232060000055
a set of integers representing modulo p;
the method of the embodiment mainly comprises three parts of creation, certification and verification, wherein the creation method is based on Hash operation to obtain a verification structure called a blockless Merckel tree and metadata thereof; the proving method generates an evidence based on the challenge information, the verification structure and the file; the verification method generates a decision whether the evidence is valid based on the challenge information, the evidence and the metadata.
1. Tree creation algorithm
Referring to FIG. 2, when D data blocks are inputted
Figure BDA0002872232060000056
Then, the algorithm outputs a verified structure and some metadata, and the specific steps are as follows:
(1) selecting S random generator g1,…,gs∈G;
(2) For each data block diCalculating
Figure BDA0002872232060000057
Wherein the content of the first and second substances,
Figure BDA0002872232060000058
denotes gjD ofijThe power of the next power; u. ofiRepresenting a homomorphic compression value of a data block;
(3) building a complete binary tree of tau and d leaf nodes, where each node stores a vl=(l,ll,sl) Wherein l isUnique index of nodes in the tree,/lIs the number of leaf nodes that the l-th node can reach, slIs a hash value; the index value of the root node is 1, and the indexes are increased from top to bottom and from left to right;
(4) for index l in treeiSet l to the ith leaf node ofl1 and calculate
Figure BDA0002872232060000059
Wherein the content of the first and second substances,
Figure BDA00028722320600000510
and H (u)i) All represent uiThe hash value of (a);
(5) for each non-leaf node with index l in the tree, l is calculated separatelyi:=l2l+l2l+1And sl:=H(v2l||v2l+1) Wherein v is2l=(2l,l2l,s2l) And v2l+1=(2l+1,l2l+1,s2l+1) Are each vlLeft child and right child;
(6) return authentication structure
Figure BDA0002872232060000061
And metadata
Figure BDA0002872232060000062
In particular, we use uiTo calculate hash values stored in leaf nodes, instead of diThis is why the present invention does not require a tag and a verifier.
2. Tree proving algorithm
Input challenge
Figure BDA0002872232060000063
(wherein ibAn index representing the block to be challenged,
Figure BDA0002872232060000064
is a coefficient, B is the number of blocks challenged,
Figure BDA0002872232060000065
represents a set of integers except 0 for the outer mold p; data block
Figure BDA0002872232060000066
Tree τ and
Figure BDA0002872232060000067
this algorithm generates a proof. The specific treatment process is as follows:
(1) computing
Figure BDA0002872232060000068
And obtain
Figure BDA0002872232060000069
Wherein d isib,jJ-th segment, u, representing the challenged data blockibRepresenting challenged data block dibA homomorphic compression value of;
(2) computing
Figure BDA00028722320600000610
And obtain
Figure BDA00028722320600000611
Wherein, mujRepresenting a proof value;
(3) calculating a path from a root node to a challenged leaf node and a brother node theta of nodes on the path;
(4) returning evidence
Figure BDA00028722320600000612
Wherein libDenotes an index of ibIs the index of the challenged data block in the tree.
In practice, the first step of the algorithm proves to be unnecessary, since uibCan be calculated in advance and can also be output by a tree generation algorithm
Figure BDA00028722320600000613
And will be
Figure BDA00028722320600000614
Stored as a verification structure.
3. Verification algorithm
Input challenge
Figure BDA00028722320600000615
Evidence (evidence)
Figure BDA00028722320600000616
Root node v of tree τ1
Figure BDA00028722320600000617
This algorithm checks whether the evidence is valid. The specific process is as follows:
(1) will be provided with
Figure BDA00028722320600000618
Is resolved into
Figure BDA00028722320600000619
Theta and
Figure BDA00028722320600000620
(2) if it is not
Figure BDA00028722320600000621
If not, returning to 0;
(3) for each uibCalculating
Figure BDA00028722320600000622
(4) According to theta and
Figure BDA0002872232060000071
the root is reconstructed, wherein,
Figure BDA0002872232060000072
this reconstruction process is similar to the tree construction algorithm. If the root and v are reconstructed1If not, returning to 0;
(5) returning to 1 indicates that the evidence is valid. That is, each
Figure BDA0002872232060000073
Corresponds to the ithbLeaf nodes and is not tampered (1 ≦ B ≦ B).
The embodiment also provides a system for verifying the existence and the integrity of data in the data storage system, which comprises the following modules;
the first module is used for acquiring an original data block from a data storage system;
a second module for creating a verification structure;
the specific implementation comprises the following substeps:
step 2.1: selecting a group of random number generators and calculating homomorphic compression values of original data blocks;
step 2.2: taking a hash value obtained by calculating a homomorphic compression value of an original data block as a leaf node, and upwards generating a binary hash tree, wherein the data structure of each node comprises an index value of the node, the number of leaf nodes which can be reached by the node and the hash value of the leaf node;
step 2.3: outputting a verification structure consisting of a binary hash tree and a random number generator and metadata consisting of nodes and the random number generator;
a third module, please refer to fig. 3, configured to input challenge information, and perform existence and integrity verification on the challenged data block according to the verification structure generated in step 2.3 and the input challenge information;
the specific implementation comprises the following substeps:
step 3.1: calculating a homomorphic compression value of the challenge block according to the block index in the challenge information and the generator in the verification structure;
step 3.2: calculating a linear response value of the challenge block according to the block coefficient, the block index and a generating element in the verification structure in the challenge information;
step 3.3: calculating a path from the root node to the challenged leaf node and brother nodes on the path, and integrating calculation results into evidence to be output;
step 3.4: analyzing the evidence to obtain a linear response value, a homomorphic compression value, a path from the root node to the challenged leaf node and a brother node on the path of the challenged leaf node;
step 3.5: performing non-block homomorphic verification according to the linear response value and the homomorphic compression value, if the verification fails, outputting a decision that the evidence is invalid, and terminating the verification, otherwise, continuing the next step;
step 3.6: calculating a hash value for the homomorphic compression value of each challenge block;
step 3.7: reconstructing a tree according to the brother nodes on the path obtained in the step 3.4 and the metadata generated in the step 2.3 to obtain a root; if the reconstructed tree root is not equal to the tree root in the verification structure, outputting a decision that the evidence is invalid, and terminating the verification, otherwise, continuing the next step;
step 3.8: the verification is successful and the challenged data block is present and complete.
The detailed description set forth in this example is merely a detailed description of possible embodiments of the invention, and is not intended to limit the scope of the invention, which is defined by the claims, and all equivalent embodiments or modifications that do not depart from the spirit of the invention are intended to be included within the scope of the invention.
It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof. The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference sign in a claim should not be construed as limiting the claim concerned.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (5)

1. A method for verifying existence and integrity of data in a data storage system is characterized by comprising the following steps:
step 1: acquiring an original data block from a data storage system;
step 2: creating a verification structure;
step 2.1: selecting a group of random number generators and calculating homomorphic compression values of original data blocks;
step 2.2: taking a hash value obtained by calculating a homomorphic compression value of an original data block as a leaf node, and upwards generating a binary hash tree, wherein the data structure of each node comprises an index value of the node, the number of leaf nodes which can be reached by the node and the hash value of the leaf node;
step 2.3: outputting a verification structure consisting of a binary hash tree and a random number generator and metadata consisting of nodes and the random number generator;
and step 3: inputting challenge information, and checking the existence and integrity of the challenged data block according to the verification structure generated in the step 2.3 and the input challenge information;
step 3.1: calculating a homomorphic compression value of the challenge block according to the block index in the challenge information and the generator in the verification structure;
step 3.2: calculating a linear response value of the challenge block according to the block coefficient, the block index and a generating element in the verification structure in the challenge information;
step 3.3: calculating a path from the root node to the challenged leaf node and brother nodes on the path, and integrating calculation results into evidence to be output;
step 3.4: analyzing the evidence to obtain a linear response value, a homomorphic compression value, a path from the root node to the challenged leaf node and a brother node on the path of the challenged leaf node;
step 3.5: performing non-block homomorphic verification according to the linear response value and the homomorphic compression value, if the verification fails, outputting a decision that the evidence is invalid, and terminating the verification, otherwise, continuing the next step;
step 3.6: calculating a hash value for the homomorphic compression value of each challenge block;
step 3.7: reconstructing a tree according to the brother nodes on the path obtained in the step 3.4 and the metadata generated in the step 2.3 to obtain a root; if the reconstructed tree root is not equal to the tree root in the verification structure, outputting a decision that the evidence is invalid, and terminating the verification, otherwise, continuing the next step;
step 3.3: the verification is successful and the challenged data block is present and complete.
2. A method for verifying the existence and integrity of data in a data storage system according to claim 1, wherein: in step 2, let G be a multiplication cycle group with a prime number p, H: {0,1} → {0,1} > is a hash function; suppose a file consists of D data blocks
Figure FDA0002872232050000021
Composition, when storing and processing files, data blocks are basic units; each data block diDivided into s segments
Figure FDA0002872232050000022
Wherein the content of the first and second substances,
Figure FDA0002872232050000023
Figure FDA0002872232050000024
a set of integers representing modulo p;
in step 2, when D data blocks are input
Figure FDA0002872232050000025
And then outputting a verified structure and some metadata, and the specific steps are as follows:
(1) selecting S random generator g1,…,gs∈G;
(2) For each data blockdiCalculating
Figure FDA0002872232050000026
Wherein the content of the first and second substances,
Figure FDA0002872232050000027
denotes gjD ofijThe power of the next power; u. ofiRepresenting a homomorphic compression value of a data block;
(3) building a complete binary tree of tau and d leaf nodes, where each node stores a vl=(l,ll,sl) Where l is the unique index of a node in the tree, llIs the number of leaf nodes that the l-th node can reach, slIs a hash value; the index value of the root node is 1, and the indexes are increased from top to bottom and from left to right;
(4) for index l in treeiSet l to the ith leaf node ofl1 and calculate
Figure FDA0002872232050000028
Wherein the content of the first and second substances,
Figure FDA0002872232050000029
and H (u)i) All represent uiThe hash value of (a);
(5) for each non-leaf node with index l in the tree, l is calculated separatelyi:=l2l+l2l+1And sl:=H(v2l||v2l+1) Wherein v is2l=(2l,l2l,s2l) And v2l+1=(2l+1,l2l+1,s2l+1) Are each vlLeft child and right child;
(6) return authentication structure
Figure FDA00028722320500000210
And metadata
Figure FDA00028722320500000211
3. A method for verifying the existence and integrity of data in a data storage system according to claim 2, characterized in that: in step 3, a challenge is input
Figure FDA00028722320500000212
Data block
Figure FDA00028722320500000213
Binary tree τ sum
Figure FDA00028722320500000214
Generating an evidence; wherein ibAn index representing the block to be challenged,
Figure FDA00028722320500000215
is a coefficient, B is the number of blocks challenged,
Figure FDA00028722320500000216
represents a set of integers except 0 for the outer mold p; the specific process is as follows:
(1) computing
Figure FDA00028722320500000217
And obtain
Figure FDA00028722320500000218
Wherein d isib,jJ-th segment, u, representing the challenged data blockibRepresenting challenged data block dibA homomorphic compression value of;
(2) computing
Figure FDA00028722320500000219
And obtain
Figure FDA00028722320500000220
Wherein, mujRepresenting a proof value;
(3) calculating a path from a root node to a challenged leaf node and a brother node theta of nodes on the path;
(4) returning evidence
Figure FDA0002872232050000031
Wherein libDenotes an index of ibIs the index of the challenged data block in the tree.
4. A method for verifying the existence and integrity of data in a data storage system according to claim 3, wherein: in step 3, a challenge is input
Figure FDA0002872232050000032
Evidence (evidence)
Figure FDA0002872232050000033
Root node v of binary tree tau1
Figure FDA0002872232050000034
Checking whether the evidence is valid; the specific process is as follows:
(1) will be provided with
Figure FDA0002872232050000035
Is resolved into
Figure FDA0002872232050000036
Theta and
Figure FDA0002872232050000037
(2) if it is not
Figure FDA0002872232050000038
If not, returning to 0;
(3) for each uibCalculating
Figure FDA0002872232050000039
(4) According to theta and
Figure FDA00028722320500000310
the root is reconstructed, wherein,
Figure FDA00028722320500000311
if the root and v are reconstructed1If not, returning to 0;
(5) returning to 1 indicates that the evidence is valid.
5. A system for verifying the presence and integrity of data in a data storage system, comprising: the system comprises the following modules;
the first module is used for acquiring an original data block from a data storage system;
a second module for creating a verification structure;
the specific implementation comprises the following substeps:
step 2.1: selecting a group of random number generators and calculating homomorphic compression values of original data blocks;
step 2.2: taking a hash value obtained by calculating a homomorphic compression value of an original data block as a leaf node, and upwards generating a binary hash tree, wherein the data structure of each node comprises an index value of the node, the number of leaf nodes which can be reached by the node and the hash value of the leaf node;
step 2.3: outputting a verification structure consisting of a binary hash tree and a random number generator and metadata consisting of nodes and the random number generator;
a third module, configured to input challenge information, and perform existence and integrity verification on the challenged data block according to the verification structure generated in step 2.3 and the input challenge information;
the specific implementation comprises the following substeps:
step 3.1: calculating a homomorphic compression value of the challenge block according to the block index in the challenge information and the generator in the verification structure;
step 3.2: calculating a linear response value of the challenge block according to the block coefficient, the block index and a generating element in the verification structure in the challenge information;
step 3.3: calculating a path from the root node to the challenged leaf node and brother nodes on the path, and integrating calculation results into evidence to be output;
step 3.4: analyzing the evidence to obtain a linear response value, a homomorphic compression value, a path from the root node to the challenged leaf node and a brother node on the path of the challenged leaf node;
step 3.5: performing non-block homomorphic verification according to the linear response value and the homomorphic compression value, if the verification fails, outputting a decision that the evidence is invalid, and terminating the verification, otherwise, continuing the next step;
step 3.6: calculating a hash value for the homomorphic compression value of each challenge block;
step 3.7: reconstructing a tree according to the brother nodes on the path obtained in the step 3.4 and the metadata generated in the step 2.3 to obtain a root; if the reconstructed tree root is not equal to the tree root in the verification structure, outputting a decision that the evidence is invalid, and terminating the verification, otherwise, continuing the next step;
step 3.8: the verification is successful and the challenged data block is present and complete.
CN202011603598.5A 2020-12-30 2020-12-30 Method and system for verifying existence and integrity of data in data storage system Pending CN112699123A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011603598.5A CN112699123A (en) 2020-12-30 2020-12-30 Method and system for verifying existence and integrity of data in data storage system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011603598.5A CN112699123A (en) 2020-12-30 2020-12-30 Method and system for verifying existence and integrity of data in data storage system

Publications (1)

Publication Number Publication Date
CN112699123A true CN112699123A (en) 2021-04-23

Family

ID=75512256

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011603598.5A Pending CN112699123A (en) 2020-12-30 2020-12-30 Method and system for verifying existence and integrity of data in data storage system

Country Status (1)

Country Link
CN (1) CN112699123A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114154192A (en) * 2021-11-25 2022-03-08 海信集团控股股份有限公司 Data processing method and equipment
CN114463010A (en) * 2022-04-13 2022-05-10 南京金宁汇科技有限公司 Local node block data integrity detection method and system based on double-layer chain
CN115016988A (en) * 2022-08-08 2022-09-06 四川大学 CDP backup recovery method, system and storage medium based on binary tree log

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106301789A (en) * 2016-08-16 2017-01-04 电子科技大学 Apply the dynamic verification method of the cloud storage data that linear homomorphism based on lattice signs
CN110912706A (en) * 2019-11-15 2020-03-24 东北大学 Identity-based dynamic data integrity auditing method

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106301789A (en) * 2016-08-16 2017-01-04 电子科技大学 Apply the dynamic verification method of the cloud storage data that linear homomorphism based on lattice signs
CN110912706A (en) * 2019-11-15 2020-03-24 东北大学 Identity-based dynamic data integrity auditing method

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
KUNG HE等: "Dynamic Group-Oriented Provable", 《IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING》, 2 July 2019 (2019-07-02), pages 1394 - 1403 *
张茜等: "用户身份可追踪的云共享数据完整性审计方案", 《计算机科学》, 30 June 2020 (2020-06-30) *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114154192A (en) * 2021-11-25 2022-03-08 海信集团控股股份有限公司 Data processing method and equipment
CN114463010A (en) * 2022-04-13 2022-05-10 南京金宁汇科技有限公司 Local node block data integrity detection method and system based on double-layer chain
CN114463010B (en) * 2022-04-13 2022-06-17 南京金宁汇科技有限公司 Local node block data integrity detection method and system based on double-layer chain
CN115016988A (en) * 2022-08-08 2022-09-06 四川大学 CDP backup recovery method, system and storage medium based on binary tree log

Similar Documents

Publication Publication Date Title
Xie et al. zkbridge: Trustless cross-chain bridges made practical
Li et al. Blockchain-based public auditing for big data in cloud storage
CN110912706B (en) Identity-based dynamic data integrity auditing method
US20220029816A1 (en) Optimizations for verification of interactions system and method
Zheng et al. Fair and dynamic proofs of retrievability
Wang et al. Enabling public auditability and data dynamics for storage security in cloud computing
Erway et al. Dynamic provable data possession
Guo et al. Outsourced dynamic provable data possession with batch update for secure cloud storage
Schröder et al. Verifiable data streaming
CN112699123A (en) Method and system for verifying existence and integrity of data in data storage system
US7315866B2 (en) Method for incremental authentication of documents
Garg et al. RITS-MHT: Relative indexed and time stamped Merkle hash tree based data auditing protocol for cloud computing
CN110263584A (en) A kind of data integrity auditing method and system based on block chain
CN108123934A (en) A kind of data integrity verifying method towards mobile terminal
CN112732695A (en) Cloud storage data security deduplication method based on block chain
CN111783148A (en) Justice-supporting lightweight multi-copy data cloud auditing method and device
CN114329621A (en) Block chain cross-chain interactive data integrity verification method
CN110555783B (en) Block chain-based electric power marketing data protection method and system
Balmany et al. Dynamic proof of retrievability based on public auditing for coded secure cloud storage
CN117235342A (en) Dynamic cloud auditing method based on homomorphic hash function and virtual index
CN108809996A (en) Different popularities delete the integrality auditing method for storing data again
CN112671712B (en) Cloud data integrity verification method and system supporting efficient dynamic update
Chen et al. Ensuring dynamic data integrity with public auditability for cloud storage
CN115964407A (en) Double-copy power network security audit method, system, medium and equipment
Junxiang et al. Dynamic provable data possession with batch-update verifiability

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20210423