CN114598717B - Distributed cloud storage data access method and data service system - Google Patents

Distributed cloud storage data access method and data service system Download PDF

Info

Publication number
CN114598717B
CN114598717B CN202210380254.5A CN202210380254A CN114598717B CN 114598717 B CN114598717 B CN 114598717B CN 202210380254 A CN202210380254 A CN 202210380254A CN 114598717 B CN114598717 B CN 114598717B
Authority
CN
China
Prior art keywords
data
node
address
signature
public key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210380254.5A
Other languages
Chinese (zh)
Other versions
CN114598717A (en
Inventor
徐洪记
李帅帅
仲池
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Foshan Zhongying Shengda Small Loan Co ltd
Original Assignee
Foshan Zhongying Shengda Small Loan Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Foshan Zhongying Shengda Small Loan Co ltd filed Critical Foshan Zhongying Shengda Small Loan Co ltd
Priority to CN202210380254.5A priority Critical patent/CN114598717B/en
Publication of CN114598717A publication Critical patent/CN114598717A/en
Application granted granted Critical
Publication of CN114598717B publication Critical patent/CN114598717B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3257Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using blind signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Computer And Data Communications (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to a distributed cloud storage data access method and a data service system, which are used for implementing clustering management on data distributed and stored on each network node, wherein a cluster center node takes a bloom filter to record data characteristics issued by cluster members as index information, a user provides query service by the cluster center node when the data is required to be accessed, and the located cluster members directly transmit target data to the user, so that data query and data storage service are isolated, and catastrophic loss caused by single-point faults after the data are all stored in the center node is avoided; the unidirectional data characteristics are used as the data index, so that the data security can be ensured, and any third party can not know the specific data object requested by the user; meanwhile, a partial blind signature algorithm is adopted for restraining transaction parameters agreed by both sides of the service, so that both sides can independently complete transfer and target data access service by taking the signature as a transaction certificate.

Description

Distributed cloud storage data access method and data service system
Technical Field
The invention relates to the field of cloud storage application, in particular to a distributed cloud storage data access method and a data service system.
Background
Cloud storage is a complex storage resource pool system developed in the concept of cloud computing. The cloud storage integrates a plurality of different types of storage devices in a network through application software to cooperatively work through cluster application, a distributed file system and the like, and provides dense data storage and shared access functions for users through the application software and respective interfaces thereof, so that the users can flexibly use cloud storage space or receive cloud data access service and pay according to needs. The rapid development of cloud computing in recent years has attracted an increasing number of users to deploy large amounts of applications and data into cloud platforms.
Currently, distributed storage technologies mainly include two types: centralized systems and peer-to-peer systems. The centralized system is that index information in the system is stored on a metadata server, a user submits a query request to the metadata server, and the metadata server gives out an object to which data belong and a geographic storage position, such as a service system of GFS, HDFS and the like; the peer-to-peer system stores index information in a distributed manner on each node of the system, each node is equivalent in position, and part of nodes cooperate with each other to query specific positions of target data in the data query process, and the system has Dynamo, bitTorrent. However, the index information of the file is directly associated with the data body, namely, the index node can know the data object which the user requests to access through the index information, which exposes the privacy of the user; and for an attacker, the specific position of cloud data can be positioned by launching a malicious index request, so that an intrusion data storage node cannot illegally steal, copy or tamper with the original data, or a server paralysis is caused by launching an attack such as DoS.
In addition, since the data on the cloud is separated from the physical control of the user, an illegal user can attempt to acquire information contained in the data by illegally accessing the data, which causes leakage of the data information and the privacy of the user. In order to ensure the privacy and confidentiality of data, an encryption technology is generally adopted to store a file in a cloud server or a network node in a ciphertext form, and when the data is accessed, a trusted third party key management mechanism distributes keys for legal visitors, or the visitors and the interviewees adopt key exchange protocols such as Diffie-Hellman and the like to establish a data secret transmission channel to realize data security transmission. Such interactive key agreement messages are easily intercepted and the key is stolen by masquerading the identity of both parties. Meanwhile, the support of a searchable encryption technology is needed for ciphertext retrieval, so that a large amount of cloud computing resources are consumed, a certain burden is brought to a server, and the access cost of a user to data is increased.
Disclosure of Invention
In order to solve the safety problem existing in the prior art of data access implemented by the distributed cloud storage technology, the invention provides a novel distributed cloud storage data access method and a data service system. In order to achieve the purpose, the distributed cloud storage data access method of the invention specifically comprises the following implementation steps:
Carrying out clustering management on cloud data stored on all nodes of a network in a distributed mode, and recording data characteristics of the cloud data stored by each cluster member by a cluster center node through a bloom filter;
The data request node utilizes the data characteristics to retrieve target data from the cluster center node, takes the cluster member stored with the target data as a data providing node, and utilizes the exchanged address public parameters to jointly generate a collection public key address;
the data providing node generates a partial blinding message according to the data characteristics and the address disclosure parameters of the target data, and the data requesting node signs the partial blinding message to obtain a partial blinding signature;
the data providing node blindly solves the partial blinded signature to obtain a blind-removed signature, takes the blind-removed signature as a transaction certificate agreed by both parties, and transfers the data access service fee to a public key address recorded in the signature, and the data providing node transmits appointed target data to the data requesting node according to the data characteristics recorded in the signature;
After verifying that the target data are correct, the data request node transmits address secret parameters to the data providing node;
the data providing node generates a receipts private key address using the address secret parameter, the receipts private key address being used to spend digital currency on the receipts public key address.
Further preferably, the step of the data requesting node retrieving the target data is:
The data request node extracts a target data identifier recorded in the block chain, calculates a space vector corresponding to the target data identifier as a data characteristic, and broadcasts a data retrieval request containing the space vector to a network;
Each cluster center node respectively judges that if the local bloom filter contains the space vector, the cluster members to which the space vector belongs are notified;
searching local data identifiers corresponding to the space vectors by the cluster members, and forwarding first data promises associated with the local data identifiers to the data request nodes through the cluster center nodes;
The data request node forms all the received first data commitments into a commitment set, uses the target data identification to participate in generating a second data commitment, selects the same element as the second data commitment from the commitment set as the target data commitment, and uses the cluster center node sending the target data commitment as the data source center node.
Further preferably, the step of generating the public key address for collection by the data requesting node and the data providing node together is:
The data request node adopts a key generation algorithm to respectively generate a random public key pair and a first main control address public key pair, and sends the random public key and the first main control address public key to the data providing node;
the data providing node adopts the same key generation algorithm to generate a second main control address public-private key pair, and the second main control address public key is sent to the data request node;
The data request node adopts a random public key address generation algorithm, and a disposable random address generated by a random private key, a first main control address public key and a second main control address public key is used as a money receiving public key address of the data providing node;
the data providing node adopts a random public key address generation algorithm, and uses a disposable random address generated by a random public key, a first main control address public key and a second main control address private key as a local receipts public key address;
the two public key addresses generated by both parties are identical.
Further preferably, the step of performing a partial blind signature between the data requesting node and the data providing node is:
The cluster center node publishes the public parameters of the partial blind signature generation algorithm to the data request node and the data providing node, distributes a temporary signature public-private key pair for executing the partial blind signature for the data request node by utilizing the public parameters, and sends the temporary signature public-private key pair to the data request node in a secret mode;
The data request node generates a shared information constraint parameter of a part of blind signature by the random public key, the first main control address public key and the target data identifier, and the shared information constraint parameter is used for constraining the implementation condition of the part of blind signature and is forwarded to the data providing node through the data source center node;
The data providing node performs the public key blinding processing on the second main control address, combines the blinding information with the shared information constraint parameter to generate a part of blinding information, and forwards the part of blinding information to the data requesting node through the data source center node;
the data request node signs the partially blinded message by using the temporary signature private key to obtain a partially blinded signature, and forwards the partially blinded signature to the data providing node through the data source center node;
The data providing node performs blind solving on the partial blind signature to obtain a blind-removed signature, performs secondary signature on the blind-removed signature by using a signature private key of the data providing node, and forwards the blind-removed signature and the secondary signature information to the data requesting node through the data source center node.
Further preferably, the cluster center node adopts a partial blind signature algorithm based on identity, and a temporary signature public-private key pair is generated by using the public parameters and the data request node identity.
Further preferably, the generating step of the receipts private key address includes:
the data request node encrypts the first main control address private key and forwards the ciphertext to the data providing node through the data source center node;
after the ciphertext is decrypted by the data providing node, a random private key address generation algorithm is adopted, and a disposable random address generated by the random public key, the first main control address private key and the second main control address private key is used as a money receiving private key address.
Further preferably, the data request node and the data providing node adopt a key generation algorithm, generate a symmetric key for encrypting and decrypting data by using a target data identifier, and the encrypted data comprises a random public key, a first main control address public key, a second main control address public key, a shared information constraint parameter, a partial blinding message, a partial blinding signature, a blind signature removing message, a secondary signature message and a first main control address private key which are exchanged by both parties.
Further preferably, the data requesting node accountability step is further included:
When the data request node has paid service fees and has not received target data, a blind signature removing message, a secondary signature message, a signature public key of the data providing node, a random public private key pair, a first main control address public key, a second main control address public key and a target data identifier are published to the network;
Any third party verifies the main body of the secondary signature message by using the signature public key of the data providing node, if the main body is not blind signature removing, the main body indicates that the data requesting node is invalid, otherwise, blind signature removing verification algorithm is adopted, random public key, first main control address public key, second main control address public key and target data identification are used for verifying blind signature removing, if verification fails, the data requesting node is invalid, otherwise, whether the random public key is matched with the random private key is further verified, if the random public key is not matched with the random private key, the data requesting node is invalid, otherwise, the random private key, the first main control address public key and the second main control address public key are used for regenerating an address value, if no digital currency with a stipulated amount exists on the address value, the data requesting node is invalid, otherwise, the data requesting node is valid, and the data providing node is confirmed to be illegal.
Further preferably, the data providing node accountability step is further included:
When the data providing node has sent the target data but does not receive the first main control address private key, publishing a blind signature, a random public key, a first main control address public key, a second main control address public key pair and a target data identifier to the network;
Any third party adopts a blind signature removing verification algorithm, verifies blind signatures by using a random public key, a first main control address public key, a second main control address public key and a target data identifier, if verification fails, the data providing node accountability is invalid, otherwise, further verifies whether the second main control address public key is matched with the second main control address private key, if the second main control address public key is not matched with the second main control address private key, the data providing node accountability is invalid, otherwise, the random public key, the first main control address public key and the second main control address private key are used for regenerating an address value, if no digital coin with a stipulated amount exists on the address value, the data providing node accountability is invalid, otherwise, the data providing node accountability is valid, and the data requesting node accountability is confirmed.
The invention also provides a distributed cloud storage data service system, which comprises a service subsystem and a client subsystem, wherein the service subsystem comprises a distributed cluster center node, data providing nodes managed by the cluster center node in a clustering way and a blockchain co-established by network nodes;
The service subsystem is used for providing cloud data access service for the client subsystem, and the cloud data are stored on the data providing nodes in a distributed mode;
The block chain is recorded with a data identifier of cloud data and a standard hash value, wherein the data identifier is used for marking the cloud data, and the standard hash value is used for verifying the integrity of the cloud data;
the cluster center node adopts a bloom filter to record the data characteristics of cloud data stored by each cluster member, and the data characteristics are generated by a data identifier;
the data providing node further comprises: the system comprises an address generation module, a message blinding module and a service providing module;
an address generation module: generating own address public parameters, participating in generating a collection public key address by the address public parameters exchanged by the data request node, and generating a collection private key address by utilizing the address secret parameters, wherein the collection private key address is used for spending digital coins on the collection public key address;
message blinding module: generating a partial blinding message according to the data characteristics and the address disclosure parameters of the target data;
Message blinding module: the partial blinded signature is subjected to blinding to obtain a blind-removed signature, and the blind-removed signature is used as a transaction certificate for the two parties to achieve consensus;
A service providing module: transmitting the appointed target data to the data request node according to the data characteristics recorded in the signature;
The data request node includes: the system comprises a data query module, an address generation module, a message signature module, a data verification module and a service settlement module;
And a data query module: retrieving target data from a cluster center node by utilizing the data characteristics, and taking a cluster member storing the target data as a data providing node;
An address generation module: generating own address public parameters and address secret parameters, and generating a public key address by the address public parameters exchanged by the data providing nodes;
Message signing module: the method comprises the steps of obtaining a partially blinded signature for the partially blinded message signature;
and a data verification module: performing hash operation on the received target data, comparing the obtained hash value with a standard hash value recorded in a block chain, and judging the data integrity;
and (3) a fee settlement module: for transferring the data access service fee to the public key address of the deposit recorded in the signature.
The distributed cloud storage data access method and the data service system have the beneficial effects that:
Carrying out clustering management on data distributed and stored on each network node, uploading the data which is accessed by a user from the local area to a cluster center node in the form of characteristic values by each cluster member, recording the characteristic values of the data by a bloom filter as index information by the cluster center node, improving the utilization rate of storage space, providing query service by the cluster center node when the user needs to access the data, directly transmitting target data to the user by the positioned cluster member nodes, isolating data query from data storage service, and avoiding catastrophic loss caused by single-point faults after the data are all stored in the center node; the cloud data is characterized as the data characteristics conforming to the storage rule of the cloth Long Qi, and the data characteristics have hash unidirectionality, so that the cloud data cannot be reversely deduced through a series of hash values, the data characteristics are used as data indexes to ensure the data security, and any third party cannot know the specific data object requested by the user.
The cost of the data access service is settled by using blockchain digital coins, the public key address of collection is negotiated and determined by the user side and the service provider together, the generated public key address of collection has randomness and uniqueness to the current data transaction, the user side grasps a part of secret parameters of the public key address of collection, the secret participation is sent to the service provider only under the condition that the acceptance data is correct, the service provider calculates the private key address of collection corresponding to the public key address of collection, and the settlement mode can restrict the transaction behavior of the service provider and reduce the risk of default.
The method comprises the steps that a part of blind signature algorithm is adopted, a user signs part of blind information of a data providing node by using signature checking parameters provided by a cluster center node to obtain part of blind signature, the part of blind information comprises shared information used for restraining implementation conditions of the part of blind signature, the shared information is agreed by exchange parameters of two parties, and the public key blind information of a main control address used for constructing a collection address is used for constructing the part of blind signature, the data providing node further blindly solves the part of blind signature to obtain blind signature, the blind signature is used as a transaction certificate agreed by the two parties, so that the two parties can independently complete transfer and target data access service according to the certificate, a credit platform and the like are not needed to provide guarantee, any party can implement audit work or account to a default party to the public transaction certificate, and the transaction activity degree of integrity and the transaction object integrity are improved.
Drawings
FIG. 1 is a flow chart of a distributed cloud storage data access method provided by the invention;
FIG. 2 is a schematic diagram of recording and retrieving target data using bloom filters in an embodiment of the present invention;
Fig. 3 is a schematic diagram of a data service system according to the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the present invention more apparent, the embodiments of the present invention will be described in further detail with reference to the accompanying drawings.
As shown in fig. 1, the method for accessing distributed cloud storage data provided by the invention comprises the following steps:
Carrying out clustering management on cloud data stored on all nodes of a network in a distributed mode, and recording data characteristics of the cloud data stored by each cluster member by a cluster center node through a bloom filter;
The data request node utilizes the data characteristics to retrieve target data from the cluster center node, takes the cluster member stored with the target data as a data providing node, and utilizes the exchanged address public parameters to jointly generate a collection public key address;
the data providing node generates a partial blinding message according to the data characteristics and the address disclosure parameters of the target data, and the data requesting node signs the partial blinding message to obtain a partial blinding signature;
the data providing node blindly solves the partial blinded signature to obtain a blind-removed signature, takes the blind-removed signature as a transaction certificate agreed by both parties, and transfers the data access service fee to a public key address recorded in the signature, and the data providing node transmits appointed target data to the data requesting node according to the data characteristics recorded in the signature;
After verifying that the target data are correct, the data request node transmits address secret parameters to the data providing node;
the data providing node generates a receipts private key address using the address secret parameter, the receipts private key address being used to spend digital currency on the receipts public key address.
Unlike the traditional centralized system, the service platform is required to implement single-point aggregation on the scattered data, and unlike the peer-to-peer system, cloud data is required to be stored on a plurality of intermediate nodes in a scattered mode, data retrieval and data access service are bound together, and the cloud data is implemented jointly by the same or a plurality of intermediate nodes. The distributed cloud storage service system provided by the invention is characterized in that stored data scattered on each network node is managed in a clustering way, retrieval service is provided for local data through a selected or voluntarily added cluster center node, but a data body is not directly managed to the cluster center node, when a user puts forward a data access requirement, the cluster center node is responsible for verifying the identity legitimacy of the user and completing preliminary orientation on the requirement, the oriented cluster member directly confirms whether the supply and demand relationship of the two parties is met or not with the user, and when the local stored data of the cluster member is confirmed to be required by the user node, target data is forwarded to the user node, so that the complete separation of data retrieval and data access service is realized, and the risk of leakage of the data by a third party is reduced while the retrieval service efficiency is improved.
The clustering mode can adopt a trusted third party platform hosting mode or a network self-organizing mode. The trusted third party platform can be used as a custom service mechanism provided by network operators such as Microsoft, IBM, *** and Oracle for constructing a custom retrieval service module by a large cloud storage provider, and the data node can select objects conforming to the data node according to protocol frameworks of different operators as retrieval service parties.
The network ad hoc mode is an ad hoc grouping of all network members into clustered subnetworks. In the initialization state, each network node broadcasts a probe message outwards according to a fixed period, wherein the probe message comprises the ID of the node, the IDs of other received nodes and the weight value. The weight value is related to the local channel bandwidth, the number of local adjacent nodes, the operation and storage capacity level, the evaluation parameters of the nodes by the evaluation center and the like, namely, the nodes with rich network resources and good reputation are selected as cluster heads. The current node receives the message of the neighbor node while broadcasting the message, compares the received weight value with the self weight value, selects the node with high weight value as a local candidate cluster head according to the comparison result, continuously repeats the comparison process until no more neighbor nodes with higher weight value appear, then mutually declares the candidate cluster head selected by itself, and finally takes one or more nodes with highest candidate ticket numbers as cluster center nodes in a certain local area. The election process of the cluster center node is dynamically adjusted according to a certain period so as to adapt to the change of the network environment. In addition, each independently operated network node can also select a plurality of cluster center nodes in the range of the area to jointly provide proxy retrieval service, the same group of data can be distributed to one cluster center node in a one-to-one mode, the same group of data can also be distributed to a plurality of cluster center nodes in a one-to-many mode, the selection mode depends on network load and access heat of the data in the network, and dynamic adjustment can be continuously implemented.
After the cluster center node is set, any network node calculates the data characteristics of local data, uploads the data characteristics to one or more cluster center nodes selected by the network node, and after the cluster center nodes verify that the membership of the cluster is legal, the data characteristics are recorded in a bloom filter, and the mapping relation between the data characteristics and the provider ID of the data characteristics is built locally at the same time. Because the identities of the data provider and the requester can be exchanged at any time, each cluster member can be a data providing node or possibly a data demand node, and can request the cluster center node to allocate a temporary signature public and private key and a key for data encryption for the cluster center node, so that the real identity of the data sender is verified, and the data transmission safety is ensured.
The bloom filter is a probability data structure and can be used for judging whether a certain element is in a set or not, and has the characteristics of high running speed and small occupied memory. But there is a certain false recognition rate, it can determine that a certain element is not necessarily in the set or may be in the set, but it cannot completely determine that a certain element is necessarily in the set, and as the data feature record quantity increases, the false recognition rate of the bloom filter increases.
Therefore, the invention adopts a bloom filter and data promise mode to accurately position the target data. The data promise used in the invention is non-interactive, and is used for verifying whether the promised data is target data, and the provenance of the target data is determined by the data promise after preliminary screening by a bloom filter. Firstly, a user node calculates the data characteristics of target data to be accessed, wherein the data characteristics can be expressed as a space vector form, and the data characteristics are broadcasted to a network; then each cluster center node judges whether the received data characteristic is contained in a locally set bloom filter, if not, the data characteristic does not respond, and if so, the cluster member node which uploaded the data characteristic is notified; the cluster member node builds a data promise by using the public identification information of the data and feeds back the data promise to the user node, at the moment, the user node calculates a new promise by using the public identification information of the target data, if the new promise value is consistent with the received data promise, the data corresponding to the data promise is the object which the user wants to access, because the promise result of the consistency can be restored only by using the same identification information, and the identification information is unique to single data. In addition, the data characteristics of only singleness and the data promise with zero knowledge proof characteristics which are mutually transmitted by the two parties in the handshake stage do not contain identification information or other identity information capable of identifying data, and any third party including a cluster center node cannot know which part of data is specifically determined by the two parties in negotiation, namely, the data retrieval result is transparent and invisible to the third party.
In the following embodiments provided in the present invention, the steps for specifically describing the data requesting node to retrieve the target data are:
The data request node extracts a target data identifier recorded in the block chain, calculates a space vector corresponding to the target data identifier as a data characteristic, and broadcasts a data retrieval request containing the space vector to a network;
Each cluster center node respectively judges that if the local bloom filter contains the space vector, the cluster members to which the space vector belongs are notified;
searching local data identifiers corresponding to the space vectors by the cluster members, and forwarding first data promises associated with the local data identifiers to the data request nodes through the cluster center nodes;
The data request node forms all the received first data commitments into a commitment set, uses the target data identification to participate in generating a second data commitment, selects the same element as the second data commitment from the commitment set as the target data commitment, and uses the cluster center node sending the target data commitment as the data source center node.
In the above embodiment, before providing access service, all the cloud data available for access need to be first marked and linked, and only the marking information, abstract and standard hash value of the data are recorded in the area block, and the data body is not completely recorded, so that the confidentiality of the data is ensured, and the data is prevented from being damaged or abused. The identification information has uniqueness to the data, can be formulated by a data provider and is audited by all the blockchain members, mainly confirms whether the identification has repeated values in the blockchain and accords with character specifications, and can be encoded by a blockcreator and verified by other blockchain members in the digital coin production stage. The abstract is convenient for users to implement plaintext retrieval and find target data meeting the requirements of the users. The standard hash value is the core of the building block, each data provider locally carries out hash operation on the data body through a consensus algorithm, the generated hash value with the standard format is broadcast to other blockchain members, and a Merkle tree based on the data identification is built. And the user finds the data identifier recorded in the designated leaf node according to the Merkle tree path provided by the blockchain through the abstract matching requirement.
The two parties executing the data access service also complete service transaction on the blockchain, for example, UTXO mode of the blockchain application is adopted, the visitor settles the service fee in the form of digital currency, random address is generated by using the address generator as output, deposit address of the digital currency is taken as input, and the transfer of the digital currency between the addresses is realized. Unlike the traditional digital coin transaction mode, it is: in the present invention, the receipt addresses confirmed by both parties are not provided by the data provider alone, but are negotiated by both parties to the transaction. The same public key address for receiving the digital coin can be generated on the respective party by the exchanged address public parameters, and the public key address for receiving the digital coin is also disclosed, but the data provider cannot generate the corresponding private key address for receiving the digital coin on the transaction address when not knowing the secret parameters because the data requester also grasps a part of address secret parameters of the receiving address. At this time, a safer transaction mode can be selected, for the data request party, after receiving the data of the data provider, the data provider can send the address secret parameter to the data provider only under the condition of checking and accepting the data without errors, the data provider can calculate the receipt private key address corresponding to the receipt public key address, so that the ownership of the receipt address can be obtained, the transaction behavior of the data provider can be restrained by the settlement mode, and the situation that the data provider does not provide data service according to the reservation after the transfer of the ownership of the digital coin is avoided.
In the following embodiments provided by the present invention, the steps for generating the public key address together with the data requesting node and the data providing node are specifically described as follows:
The data request node adopts a key generation algorithm to respectively generate a random public key pair and a first main control address public key pair, and sends the random public key and the first main control address public key to the data providing node;
the data providing node adopts the same key generation algorithm to generate a second main control address public-private key pair, and the second main control address public key is sent to the data request node;
The data request node adopts a random public key address generation algorithm, and a disposable random address generated by a random private key, a first main control address public key and a second main control address public key is used as a money receiving public key address of the data providing node;
the data providing node adopts a random public key address generation algorithm, and uses a disposable random address generated by a random public key, a first main control address public key and a second main control address private key as a local receipts public key address;
since both sides adopt the homomorphic key generation algorithm, the two public key addresses for collection generated by both sides together are the same.
On the other hand, the step of locally generating the receipts private key address by the data providing node is as follows:
when the acceptance data is correct, the data request node encrypts a first main control address private key and forwards the ciphertext to the data providing node through the data source center node;
after the ciphertext is decrypted by the data providing node, a random private key address generation algorithm is adopted, and a disposable random address generated by the random public key, the first main control address private key and the second main control address private key is used as a money receiving private key address.
In the above embodiment, since the data providing node also holds a part of the address secret parameter, that is, the second master address private key, so long as the part of the secret parameter is not revealed outwards, even if the data requesting node does not present the first master address private key to the other party, the data requesting node cannot locally generate the collection private key address, so that it is known that the data requesting node does not always obtain ownership of the collection address. After the data providing node provides the data service to the data requesting node in terms of the contract, the transaction is locked if the data requesting node does not transmit the address secret parameter to the data providing node and cannot spend or redeem the digital coin paid to the public key address. Therefore, the settlement mode can simultaneously restrict the transaction behaviors of both parties, plays a role in mutual restriction, and reduces the risk of default.
In the scheme of partial blind signature, a signer can join in a message negotiated with a user or own information when in blind signature, and a message provider cannot tamper with the information added by the signer, so that a signature applicant is prevented from providing illegal information to abuse the signature, and the benefits of the signer are damaged. Thus, the blindness of the signature information to the signer can be ensured, the signer can control the signed content part, and the method is more practical than simple blinding signature. The invention adopts a partial blind signature algorithm, a user signs a partial blind message of a data providing node by using signature checking parameters provided by a cluster center node to obtain a partial blind signature, the partial blind message comprises shared information for restraining implementation conditions of the partial blind signature, the shared information is agreed by exchange parameters of both parties, and the data providing node further blinds the partial blind signature to obtain a blind-removing signature, and takes the blind-removing signature as a transaction certificate agreed by both parties, so that both parties can independently complete transfer and target data access service according to the certificate.
The following describes, in one embodiment, the steps of performing a partial blind signature between a data requesting node and a data providing node as follows:
The cluster center node publishes the public parameters of the partial blind signature generation algorithm to the data request node and the data providing node, distributes a temporary signature public-private key pair for executing the partial blind signature for the data request node by utilizing the public parameters, and sends the temporary signature public-private key pair to the data request node in a secret mode;
The data request node generates a shared information constraint parameter of a part of blind signature by the random public key, the first main control address public key and the target data identifier, wherein the shared information constraint parameter is used for constraining the implementation condition of the part of blind signature and is forwarded to the data providing node through the cluster center node;
The data providing node performs the public key blinding processing on the second main control address, combines the blinding information with the shared information constraint parameter to generate a part of blinding information, and forwards the part of blinding information to the data requesting node through the data source center node;
the data request node signs the partially blinded message by using the temporary signature private key to obtain a partially blinded signature, and forwards the partially blinded signature to the data providing node through the data source center node;
The data providing node performs blind solving on the partial blind signature to obtain a blind-removed signature, performs secondary signature on the blind-removed signature by using a signature private key of the data providing node, and forwards the blind-removed signature and the secondary signature information to the data requesting node through the data source center node.
In the above embodiment, the relevant parameters used for the public key address negotiation are fused into the partial blind signature, the partial blind signature provides non-repudiation transaction evidence for both transaction parties, namely, the data request node is responsible for the blind signature removal message, the data providing node is responsible for the secondary signature message, if any party has the default behavior, the other party can publicize the group of transaction evidence to the whole network, the public node or the evaluating mechanism can implement audit work to find out dishonest objects, and to the default party responsibility, further restrict the transaction behavior of the network node by means of tracing and punishing the default party, such as requiring loss of compensation, limiting the transaction behavior, bringing the transaction behavior into the list of the trusted node, and the like, thereby being beneficial to improving the integrity of the transaction objects and purifying the network environment.
The processing procedure of the data access method of the invention is described in detail below by using a specific implementation algorithm, and the implementation algorithm mainly comprises address generation, signature, key generation and encryption and decryption algorithms.
1. An initialization stage:
In the initialization state, for an un-clustered node newly added into the network, the routing table data is established with the adjacent node, then the weight value of the node is calculated, and a clustering request message containing the weight value and the node ID identification is broadcasted outwards. The W i weight value may be generated by the following algorithm:
Wi=x*Bi+y*Qi+z*Li
Wherein B i represents a channel bandwidth, Q i represents the number of adjacent nodes, L i represents the operation and storage capacity level of the local device, the level value is divided by a certain parameter standard, and x, y and z represent quantization parameters of the channel bandwidth, the number of nodes and the level value respectively.
The receiving node of the clustering request message can verify the running state of the non-clustered nodes through the Ping command, and analyze the number of the one-hop nodes recorded in the routing table of the non-clustered nodes to verify whether the number of the adjacent nodes is true or not. If the receiving node is not clustered, the weight value W i can be compared with the weight value of the local candidate cluster head or the weight value of the receiving node, if the weight value W i is larger, the non-clustered node is replaced to be the candidate cluster head, otherwise, a clustering receipt message is returned to the non-clustered node, the message contains the local candidate cluster head ID and the weight value, and the candidate cluster head is updated by the non-clustered node.
In contrast, if the receiving node is clustered, the weight value W i may be compared with the locally selected cluster head weight value, and if the weight value W i is greater, the processing is not performed, because the cluster head does not reach the dynamic adjustment time limit, otherwise, a clustering response piece message is returned to the non-clustered node, the message contains the locally selected cluster head ID and the weight value, and the non-clustered node implements the candidate cluster head update.
The non-clustered nodes continuously update candidate cluster heads through weight values according to the received clustered receipt messages until the node corresponding to the maximum value is selected as a final cluster center node, and a plurality of nodes with larger weight values can be selected as the cluster center node according to requirements. If no node with a higher weight value than local appears nearby, the non-clustered node may declare itself to the network as a cluster-centric node.
After the clustering is completed, the cluster member nodes compress and map the public identification information of the local storage data into one point in the space vector through a group of hash functions, and the space vector is uploaded to the cluster center node and stored in a bloom filter. If a point corresponding to the input data exists in the bloom filter, the data is possibly in the set; otherwise, it means that the data is not necessarily in the collection. As shown in fig. 2, the formal bloom filter consists of a set of n-bit-based bit vectors s= (S 1,s2,...sn) and a series of Hash functions h= (Hash 1,Hash2,...Hashm), m < n. All initial values of the bit vector set are set to be 0, hash operation is carried out on any input data to obtain a hash value sequence (h 1,h2,...hm) with values within [1, n ], namely, a space vector which is characterized by m dimensions, each hash value h i (i is more than or equal to 1 and less than or equal to m) is mapped to a corresponding bit of the bit vector set S= (S 1,s2,...sn) and is set to be 1, and the rest unmapped bits still remain to be 0, so that the space vector to bit vector set recording process of the input data is completed. Because the calculation process of the hash function is unidirectional and irreversible, the cluster center node cannot calculate reversely according to the hash value sequence (h 1,h2,...hm) to obtain the data identification, and the data cannot be traced by using the space vector, so that the data secret is protected.
The cluster member node also needs to uplink the data identification, and saves the identification information, the abstract and the standard hash value of the data into a blockchain through a blockchain consensus mechanism as public query resources to serve the whole network node. The data identification may use pseudo-random codes generated locally by the cluster member nodes, or may be automatically coded during the block generation phase. If the data identification is given by the blockchain, the cluster member node needs to perform the data-related parameter uplink operation first, and then uses the coding information fed back by the blockchain as the data identification to calculate the space vector again. For the hash function group, the SHA-512 algorithm can be adopted to execute hash operation, and the algorithm can meet the requirement of a bloom filter with large data capacity and improve the collision resistance of space vector factors.
2. Data access phase:
The data request node u obtains the data summary information and the data identifier required by the data request node u from a third party search platform, and the third party search platform must be a full node recorded with a complete blockchain, and can also be a full node or a light node only retaining a block head relative to the data request node. Then, a space vector H u=(hu1,hu2,...hum corresponding to the target data identifier is calculated), an asymmetric encryption public key a pk and a decryption private key a sk are generated by using a key generation algorithm such as elliptic curve or RSA, and a data retrieval request containing the space vector H u and the encryption public key a pk is broadcast to the network.
Each cluster center node respectively judges whether the local bloom filter contains a space vector H u, if not, the local bloom filter does not process, and if so, the local bloom filter informs cluster member nodes to which the space vector belongs.
The cluster member node i searches the local data identifier corresponding to the space vector, and forwards a first data promise (cm i,ti) associated with the local data identifier to the data request node through the cluster center node. The first data commitment consists of commitment value cm i and blinding factor t i, expressed as a commitment function:
Where τ i represents the local data identification.
The cluster center node allocates a temporary signature public-private key pair (a pk,ask) for executing a partial blind signature algorithm to the data request node, and sends a data retrieval response piece containing the temporary signature private key a sk and a first data commitment (cm i,ti) to the data request node in a secret mode. The process of encrypting the above transfer data using the encryption public key α pk can be expressed as:
c=Eupk,(ask,cmi,ti))
Where E u () represents the encryption function defined by the data requesting node u and c represents the ciphertext.
In an embodiment of the invention, a signature public-private key pair (a pk,ask) is obtained using an identity-based signature generation algorithm. The specific process is as follows:
firstly, a system safety parameter 1 k is selected, and a large prime number q is less than or equal to 2 k,G1、G2 which is an addition cyclic group and a multiplication cyclic group with the order q is selected randomly. Then, a generator P epsilon G 1 is selected, and a bilinear map e: g 1×G1→G2, calculating t=e (P, P). Randomly selecting integers As a master private key of the system, P pub =sp is calculated as a master public key of the system. Selecting three hash functions with strong collision resistance Public parameter sequence L pub={q,e,T,G1,G2,P,Ppub,H1,H2,H3, public parameter sequence L pub is disclosed to all cluster member nodes and data request nodes, and the master control private key s is kept secret from outside. The public parameter sequence calculation result is generated before the user accesses and is replaced at any time according to the use frequency. The common parameter sequence L pub is sent to the data requesting node through the data retrieval response piece, but encryption is not required.
A temporary signed public-private key pair associated with the identity of the data requesting node is then constructed using the public parameter sequence L pub (a pk,ask). The identity of the data request node is set as ID u, and the identity ID u can be distributed by a trusted network operator in the node registration stage and used for representing the true identity of the user, and also comprises an inherent signing key distributed to the user for use, wherein the identity and the inherent signing key have uniqueness.
The ID u of the data request node is recorded in the data retrieval request, and after the cluster center node confirms that the identity of the data request node is legal, the cluster center node calculatesAs a temporary signature private key.
The data requesting node decrypts the ciphertext c using the decryption private key α sk, resulting in a plaintext message c' =d usk,c)={ask,cmi,ti},Du () representing the decryption function defined by the data requesting node u. Because the space vector directional retrieval target data has uncertainty, the cluster center node simply feeds back the result with the same vector value to the data requesting party, and whether the data objects with the same vector value are the same or not is not considered, so that the data requesting node may receive a plurality of data retrieval receipts sent from different cluster center nodes. The first data commitment values recorded in all receipts are extracted to form a commitment set cm= { CM 1,cm2,...cmn-1,cmn }. Identifying participation in generating a second data commitment value using the target data:
Where τ u represents the target data identification.
Comparing the second data promise value CM u with elements in the promise set CM, if no element with the same value is found, indicating that the set does not contain a target object, and possibly that the data retrieval request does not reach the target node, and performing secondary retrieval; if the elements with the consistent values are found, the elements are taken as target data commitments, and the cluster center node which sends the target data commitments is taken as a data source center node.
Then verifying the validity of the temporary signature private key a sk by using a public parameter sequence L pub recorded in the data retrieval receipt, calculating the temporary signature public key a pk=Ppub+H1(IDu) P by using a local identity by adopting the same key generation algorithm with the cluster center node, and verifying whether an equation e (a sk,apk) =T is true or not, if so, the temporary signature public private key pair (a pk,ask) is valid, otherwise, the cluster center node is required to regenerate the temporary signature public key until the verification equation is satisfied.
After confirming that the temporary signature public-private key pair is valid, a private public-private key pair (b pk,bsk) of the data requesting node is locally generated. Randomly selecting random numbersAs a private key, the private public key b pk=e(bskP,apk is further calculated using bilinear map e).
The payee address negotiation process is then performed, requiring the data requester to exchange respective address disclosure parameters with the data provider. The data request node selects random numbers R and V, wherein R=rP, V=vP and beta=τ u P, and takes (R, R) as a random public-private key pair and (V, V) as a first main control address public-private key pair, and beta as a shared key of both parties for encrypting data.
Let the sharing information f= { r|v|τ u } negotiated and established between the data request node and the data providing node, calculateRandomly selecting integersFurther calculation ofAs the shared information constraint parameter, the random public key R, the first master address public key V, and the shared information constraint parameter W are encrypted with the shared key β to obtain ciphertext c u =e (β, (R, V, W)), and E () represents a symmetric encryption algorithm.
Finally, the data request node signs the ciphertext c u, the target data promise cm u, and the proprietary public key b pk with its own inherent signature private key sk u:
σu=Ssig(sku,(cu,cmu,bpk))
Where S sig () represents a signature generation algorithm.
And sending the data access request containing the signature sigma u and the signed information to the data source center node.
The data source central node first verifies the signature in the data access request:
Verify(pku,(cu,cmu,bpk),σu)→b
The signature verification algorithm Verify () inputs the inherent signature public key pk u, signed information and signature σ u of the data requesting node, outputs a boolean variable b, proves that σ u is verified when the boolean variable b returns TRUE, and proves that σ u is not verified when the boolean variable b returns FALSE.
After the verification is passed, the ciphertext c u, the target data commitment cm u, and the private public key b pk are sent to the cluster member that received the same commitment value before, which is the data providing node.
The data providing node searches the transmitted message for the first data commitment cm i which is consistent with the target data commitment cm u, further confirms the local data and the identifier τ i of the commitment existence, and can generate the decryption key β' =τ i P. It can be seen that only τ i=τu, β' =β, can decrypt and obtain the correct plaintext. Ciphertext c u is decrypted using key β 'to yield plaintext c' u=D(β′,cu) = { R, V, W }.
And selecting a random number X, calculating X=xP, and taking (X, X) as a public and private key pair of the second main control address. Then blinding the second main control address public key X, combining the blinded information X * with the shared information constraint parameter W, and calculating to obtain a partial blinded information by the following formula:
Wherein the hash value h=h 2 (X, F, Z), the intermediate value Represents a blinding factor;
And then the partial blinded message Y * is encrypted again by the key beta', and is forwarded to the data request node through the data source center node.
Similarly, the data requesting node decrypts the ciphertext of the data providing node using the local key β to obtain the partially blinded message Y *. And (3) a partial blind signature algorithm is adopted, and a partial blind signature of the partial blind message is obtained by using a temporary signature private key calculation:
δ*=jask+H3(F)bskY*
After encrypting the partially blind signature delta * again with the key beta and signing with the inherent signature private key sk u, the signed message is sent to the data source central node.
The data source center node is responsible for verifying the validity of the signature message, and forwarding the signature message confirmed to be valid to the data providing node.
The data providing node firstly decrypts the ciphertext by using the secret key beta' to obtain a plaintext signature message, and then blindly solves part of the blind signature delta * to obtain blind-removing signature delta=mu delta *, wherein the blind-removing signature delta takes the public key X of the second main control address as a main signature object and simultaneously contains the constraint on the shared information F. For any node, the signature validity can be verified by disclosing the data set (X, Z, F, P pub), and the data requesting node's private public key b pk and identity ID u.
Since the shared information F and the master public key P pub are known to the data requesting node, the data set (δ, X, Z) need only be forwarded to the data requesting node by the data source central node. The data providing node is required to perform secondary signature on the data group (delta, X, Z) containing the blind-removing signature delta by utilizing the local inherent signature private key sk i before forwarding so as to prove the approval of the data providing node to the implementation condition of the blind-removing signature delta, and the secondary signature message can be disclosed to the public when the data providing node denies the transaction.
After encrypting the data group (delta, X, Z) and its secondary signature by the secret key beta', the received access message containing the ciphertext is forwarded to the data request node by the data source center node.
The data request node uses the secret key beta to decrypt the ciphertext in the access accepting message to obtain a data group (delta, X, Z) and a secondary signature thereof. Firstly, verifying the validity of a secondary signature by using an inherent signature public key pk i of a data providing node, and after confirming the validity, further verifying a blind signature by a signature verification algorithm:
if the above equation holds, then the blinding signature is indicated as valid, otherwise the signature is indicated as invalid.
After confirming that the blind signature is valid, a random public key address generation algorithm is adopted to generate a public key address for receipt:
addrpk=H2(rX)P+V
the payment of the data access service fee to the public key address addr pk can be charged according to the data byte quantity, or according to the fixed limit set by the data providing node, the concrete calculation mode and pricing record are recorded in the access receiving message.
Likewise, a random public key address generation algorithm is also employed at the data providing node to generate a receipts public key address:
addrpk=H2(Rx)P+V
After confirming that the data access service fee with the specified amount is stored in the public key address addr pk, the data request node is provided with service, and the encrypted target data is forwarded to the data request node through the data source center node. Similarly, the data source center node can also pay additional network proxy service fees to the data providing node according to the forwarded data flow, the specific metering standard is determined by negotiation of the two parties, and the settlement mode can also be realized through digital coins or other financial tools.
3. Settlement stage:
The data request node firstly decrypts the ciphertext to obtain target data in a plaintext form. And then, recalculating the complete hash value of the data by using a hash algorithm of the block chain consensus, comparing the complete hash value with a standard hash value recorded in the block chain, if the complete hash value is not the same, indicating that the data is incomplete or has errors (such as packet loss), sending an error message to a data providing node through a data source center node, retransmitting the data by the data providing node, and if the complete hash value is the same, indicating that the target data is correct.
After confirming that the target data is complete, encrypting and signing the first main control address private key v, and forwarding a data acknowledgement receipt containing the ciphertext and the signature to the data providing node through the data source center node.
After the data providing node decrypts the ciphertext and successfully verifies the signature, a first master control address private key v in a plaintext form is obtained, and a random private key address generation algorithm is adopted to generate a receipts private key address:
addrsk=H2(Rx)+v
The deduction process that the public key address addr pk and the private key address addr sk are effective address pairs is as follows:
addrpk=addrskP=(H2(Rx)+v)P=H2(Rx)P+V
=H2(rxP)P+V=H2(rX)P+V
in other embodiments of the present invention, when the data requesting node sends a data retrieving request, it may broadcast a partial space vector of the target data to the network, and if the target data identifier corresponds to the space vector H u=(hu1,hu2,...hum), then the partial coordinate value H ui∈Hu, 1.ltoreq.i.ltoreq.m, and the component space vector H' u may be extracted as the retrieving target. For the cluster center node, as long as the local bloom filter contains the partial space vector, the corresponding local data commitment is fed back to the data request node. Compared with the retrieval process implemented by using the complete space vector, the data retrieval range is enlarged by utilizing part of the space vector, so that the risk of reverse analysis of target data can be effectively reduced, and the data privacy is improved.
The invention takes the data promise as a data filter, can accurately position the target data storage position, can simultaneously realize that the specific data object to be accessed by the outward secrecy user can not be realized by any other node except that the data request node can calculate promise of the same value by utilizing the space vector H u (or partial space vector H' u) and the outward secrecy target data identifier tau u; similarly, for other first data commitments that are not matched, the data request nodes cannot judge which data objects they make, so that malicious nodes are prevented from detecting the distribution situation of network cloud data in a mode of broadcasting a large number of non-directional false data requests, and network attacks are implemented on some interested data storage nodes.
On the other hand, the first data promise value cm i provided by any cluster member has a certain randomness due to the addition of the random blinding factor t i, which is inevitably different from each other for multiple network nodes storing the same data, and even for the same data object stored on the same node, multiple promises of continuous outward transmission are completely different, so that an attacker cannot implement data tracing through the intercepted multiple promise values.
In another embodiment of the present invention, the distributed cloud storage data access method further includes a accountability mechanism. When one of the data access party and the data provider has an default action, the other party starts a process of accountability, and the process is demonstrated to a public communication platform or a whole network, so that the evidence that the transaction action is already executed according to the agreement of the public communication platform or the whole network, but the other party does not execute the related transaction action according to the agreement, and the transaction failure is caused. Specifically including the responsibilities of the data requesting node and the data providing node. A data request node accountability step:
When the data requesting node has paid the service fee but has not received the target data, the data providing node does not provide the target data transfer record, and the data requesting node publishes the blinded signature δ, the secondary signature message, the signature public key pk i of the data providing node, the random public-private key pair (R, R), the first master address public key V, the second master address public key X and the target data identifier τ u, the intermediate value Z, the exclusive public key b pk of the data requesting node, and the identity ID u.
Any third party verifies the body of the secondary signed message using the public signature key pk i of the data providing node, if the body is not a blinded signature delta, indicating that the data requesting node is invalidity, otherwise indicating that the secondary signed message is valid, then further adopting a blind signature removal verification algorithm to calculate shared information f= { r|v||τ u }, and verifying whether the following equation is satisfied by using the public parameter sequence L pub={q,e,T,G1,G2,P,Ppub,H1,H2,H3 disclosed by the cluster center node, wherein the hash value h=h 2 (X, F, Z):
If the verification fails, indicating that the data request node accountability is invalid, otherwise, indicating that the blind signature is valid; and then further verifying whether the random public key and the random private key are matched, namely whether an R=rP equation is satisfied, if the R=rP equation is not matched, indicating that the responsibility of the data request node is invalid, otherwise, regenerating an address value addr pk=H2 (rX) P+V by using the random private key R, the first main control address public key V and the second main control address public key X, namely, the public key address of the receipts negotiated by the two parties, if the digital currency of the agreed amount does not exist on the address value, indicating that the data request node does not pay corresponding fees, and indicating that the responsibility is invalid, otherwise, indicating that the data request node has paid corresponding service fees according to the agreed fee, and confirming that the responsibility is valid, and confirming that the data providing node is illegal.
Data providing node accountability step in this embodiment:
When the data providing node has transmitted the target data but does not receive the first master address private key V, the data requesting node does not provide a data acknowledgement receipt transmission record, and the data providing node publishes the blind-removal signature delta, the random public key R, the first master address public key V, the second master address public private key pair (X, X) and the target data identifier τ u, the intermediate value Z, the exclusive public key b pk of the data requesting node, and the identity ID u to the network.
Similarly, any third party employs a blind signature verification algorithm, the shared information f= { r|v|τ u }, the hash value h=h 2 (X, F, Z), the common parameter sequence L pub={q,e,T,G1,G2,P,Ppub,H1,H2,H3 published by the cluster center node is used to verify whether the following equation holds:
If the verification fails, the data providing node accountability is invalid, otherwise, the blind signature is valid; further verifying whether the second public key of the main control address is matched with the private key of the second main control address, namely whether an X=xP equation is satisfied, if the equation is not matched, the fact that the data providing node is invalid in question is indicated, otherwise, the fact that the public key pair of the second main control address is confirmed to be legal is confirmed by the data providing node is indicated, then, an address value addr pk=H2 (Rx) P+V is regenerated by using a random public key R, a first main control address public key V and the private key X of the second main control address, if a digital currency of a stipulated amount does not exist on the address value, the fact that the data providing node is invalid in question is indicated, because the data requesting node needs to pay service fees first according to transaction rules, the data providing node can send data to the data requesting node when confirming that the digital currency exists on a public key address of receipts is confirmed, namely, the fact that the data providing node violates the transaction rules first is confirmed, otherwise, the fact that the data requesting node has paid service fees according to transaction conventions is confirmed.
The effectiveness of the blind signature removal verification algorithm used in the embodiments of the present invention is analyzed as follows:
Therefore, the blind signature verification algorithm can effectively verify the authenticity of the signature, is applicable to signers, signees and transaction evidence receivers disclosed by both parties, and ensures that all parties of the transaction can trust that the partial blind signature transaction mode provided by the invention has enough operation reliability so as to be convenient for executing transaction audit work.
In order to achieve the cloud data access method, the invention further provides a distributed cloud storage data service system, the system is designed in a C/S mode as a whole, the distributed cloud storage data service system comprises a service subsystem and a client subsystem, the service subsystem comprises a distributed cluster center node, data providing nodes governed by the cluster center node in a clustering way and a blockchain co-established by network nodes, and the client subsystem comprises a data request node. The service terminal system is utilized to combine a large number of computing nodes (cluster centers) and storage nodes (cluster members) which are scattered at different positions and have larger storage space together to form a data service platform, the cluster centers have stronger data processing performance and are responsible for scheduling data storage services and managing data information in the system, the cluster members store cloud data which are widely distributed on a network and are data providers, and the nodes are uniformly managed by network communication according to a consensus algorithm established when the system is built together and provide data storage and access services to the outside.
The system structure shown in fig. 3, specifically, the service subsystem is used for providing cloud data access service for the client subsystem, and the cloud data is distributed and stored on the data providing node;
The block chain is recorded with a data identifier of cloud data and a standard hash value, wherein the data identifier is used for marking the cloud data, and the standard hash value is used for verifying the integrity of the cloud data;
the cluster center node adopts a bloom filter to record the data characteristics of cloud data stored by each cluster member, and the data characteristics are generated by a data identifier;
the data providing node further comprises: the system comprises an address generation module, a message blinding module and a service providing module;
an address generation module: generating own address public parameters, participating in generating a collection public key address by the address public parameters exchanged by the data request node, and generating a collection private key address by utilizing the address secret parameters, wherein the collection private key address is used for spending digital coins on the collection public key address;
message blinding module: generating a partial blinding message according to the data characteristics and the address disclosure parameters of the target data;
Message blinding module: the partial blinded signature is subjected to blinding to obtain a blind-removed signature, and the blind-removed signature is used as a transaction certificate for the two parties to achieve consensus;
A service providing module: transmitting the appointed target data to the data request node according to the data characteristics recorded in the signature;
The data request node includes: the system comprises a data query module, an address generation module, a message signature module, a data verification module and a cost settlement module;
And a data query module: retrieving target data from a cluster center node by utilizing the data characteristics, and taking a cluster member storing the target data as a data providing node;
An address generation module: generating own address public parameters and address secret parameters, and generating a public key address by the address public parameters exchanged by the data providing nodes;
Message signing module: the method comprises the steps of obtaining a partially blinded signature for the partially blinded message signature;
and a data verification module: performing hash operation on the received target data, comparing the obtained hash value with a standard hash value recorded in a block chain, and judging the data integrity;
and (3) a fee settlement module: for transferring the data access service fee to the public key address of the deposit recorded in the signature.
It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential characteristics thereof. The present embodiments are, therefore, to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference sign in a claim should not be construed as limiting the claim concerned.

Claims (9)

1. A distributed cloud storage data access method, the method comprising:
Carrying out clustering management on cloud data stored on all nodes of a network in a distributed mode, and recording data characteristics of the cloud data stored by each cluster member by a cluster center node through a bloom filter;
The data request node utilizes the data characteristics to retrieve target data from the cluster center node, takes the cluster member stored with the target data as a data providing node, and utilizes the exchanged address public parameters to jointly generate a collection public key address;
the data providing node generates a partial blinding message according to the data characteristics and the address disclosure parameters of the target data, and the data requesting node signs the partial blinding message to obtain a partial blinding signature;
the data providing node blindly solves the partial blinded signature to obtain a blind-removed signature, takes the blind-removed signature as a transaction certificate agreed by both parties, and transfers the data access service fee to a public key address recorded in the signature, and the data providing node transmits appointed target data to the data requesting node according to the data characteristics recorded in the signature;
After verifying that the target data are correct, the data request node transmits address secret parameters to the data providing node;
The data providing node generates a receipts private key address by using the address secret parameter, wherein the receipts private key address is used for spending digital coins on the receipts public key address;
the step of the data request node retrieving the target data is:
The data request node extracts a target data identifier recorded in the block chain, calculates a space vector corresponding to the target data identifier as a data characteristic, and broadcasts a data retrieval request containing the space vector to a network;
Each cluster center node respectively judges that if the local bloom filter contains the space vector, the cluster members to which the space vector belongs are notified;
searching local data identifiers corresponding to the space vectors by the cluster members, and forwarding first data promises associated with the local data identifiers to the data request nodes through the cluster center nodes;
The data request node forms all the received first data commitments into a commitment set, uses the target data identification to participate in generating a second data commitment, selects the same element as the second data commitment from the commitment set as the target data commitment, and uses the cluster center node sending the target data commitment as the data source center node.
2. The distributed cloud storage data access method of claim 1, wherein the step of the data requesting node and the data providing node together generating the collection public key address is:
The data request node adopts a key generation algorithm to respectively generate a random public key pair and a first main control address public key pair, and sends the random public key and the first main control address public key to the data providing node;
the data providing node adopts the same key generation algorithm to generate a second main control address public-private key pair, and the second main control address public key is sent to the data request node;
The data request node adopts a random public key address generation algorithm, and a disposable random address generated by a random private key, a first main control address public key and a second main control address public key is used as a money receiving public key address of the data providing node;
the data providing node adopts a random public key address generation algorithm, and uses a disposable random address generated by a random public key, a first main control address public key and a second main control address private key as a local receipts public key address;
the two public key addresses generated by both parties are identical.
3. The method for accessing distributed cloud storage data according to claim 2, wherein the step of performing a partial blind signature between the data requesting node and the data providing node comprises:
The cluster center node publishes the public parameters of the partial blind signature generation algorithm to the data request node and the data providing node, distributes a temporary signature public-private key pair for executing the partial blind signature for the data request node by utilizing the public parameters, and sends the temporary signature public-private key pair to the data request node in a secret mode;
The data request node generates a shared information constraint parameter of a part of blind signature by the random public key, the first main control address public key and the target data identifier, and the shared information constraint parameter is used for constraining the implementation condition of the part of blind signature and is forwarded to the data providing node through the data source center node;
The data providing node performs the public key blinding processing on the second main control address, combines the blinding information with the shared information constraint parameter to generate a part of blinding information, and forwards the part of blinding information to the data requesting node through the data source center node;
the data request node signs the partially blinded message by using the temporary signature private key to obtain a partially blinded signature, and forwards the partially blinded signature to the data providing node through the data source center node;
The data providing node performs blind solving on the partial blind signature to obtain a blind-removed signature, performs secondary signature on the blind-removed signature by using a signature private key of the data providing node, and forwards the blind-removed signature and the secondary signature information to the data requesting node through the data source center node.
4. The distributed cloud storage data access method of claim 3, wherein the cluster center node uses an identity-based partial blind signature algorithm to generate a temporary signature public-private key pair by using public parameters and a data request node identity.
5. The method for accessing distributed cloud storage data according to claim 4, wherein the step of generating the receipts private key address comprises:
the data request node encrypts the first main control address private key and forwards the ciphertext to the data providing node through the data source center node;
after the ciphertext is decrypted by the data providing node, a random private key address generation algorithm is adopted, and a disposable random address generated by the random public key, the first main control address private key and the second main control address private key is used as a money receiving private key address.
6. The method according to claim 5, wherein the data requesting node and the data providing node use a key generation algorithm to generate a symmetric key for encrypting and decrypting data by using the target data identifier, and the encrypted data includes a random public key, a first public key of a main control address, a public key of a second main control address, a shared information constraint parameter, a partially blinded message, a partially blinded signature, a secondary signature message, and a private key of the first main control address exchanged by both parties.
7. The method of claim 6, further comprising the step of data requesting node accountability:
When the data request node has paid service fees and has not received target data, a blind signature removing message, a secondary signature message, a signature public key of the data providing node, a random public private key pair, a first main control address public key, a second main control address public key and a target data identifier are published to the network;
Any third party verifies the main body of the secondary signature message by using the signature public key of the data providing node, if the main body is not blind signature removing, the main body indicates that the data requesting node is invalid, otherwise, blind signature removing verification algorithm is adopted, random public key, first main control address public key, second main control address public key and target data identification are used for verifying blind signature removing, if verification fails, the data requesting node is invalid, otherwise, whether the random public key is matched with the random private key is further verified, if the random public key is not matched with the random private key, the data requesting node is invalid, otherwise, the random private key, the first main control address public key and the second main control address public key are used for regenerating an address value, if no digital currency with a stipulated amount exists on the address value, the data requesting node is invalid, otherwise, the data requesting node is valid, and the data providing node is confirmed to be illegal.
8. The distributed cloud storage data access method of claim 6, further comprising a data providing node accountability step:
When the data providing node has sent the target data but does not receive the first main control address private key, publishing a blind signature, a random public key, a first main control address public key, a second main control address public key pair and a target data identifier to the network;
Any third party adopts a blind signature removing verification algorithm, verifies blind signatures by using a random public key, a first main control address public key, a second main control address public key and a target data identifier, if verification fails, the data providing node accountability is invalid, otherwise, further verifies whether the second main control address public key is matched with the second main control address private key, if the second main control address public key is not matched with the second main control address private key, the data providing node accountability is invalid, otherwise, the random public key, the first main control address public key and the second main control address private key are used for regenerating an address value, if no digital coin with a stipulated amount exists on the address value, the data providing node accountability is invalid, otherwise, the data providing node accountability is valid, and the data requesting node accountability is confirmed.
9. The distributed cloud storage data service system is characterized by comprising a service subsystem and a client subsystem, wherein the service subsystem comprises a distributed cluster center node, data providing nodes managed by the cluster center node in a clustering way and a blockchain co-established by network nodes;
The service subsystem is used for providing cloud data access service for the client subsystem, and the cloud data are stored on the data providing nodes in a distributed mode;
The block chain is recorded with a data identifier of cloud data and a standard hash value, wherein the data identifier is used for marking the cloud data, and the standard hash value is used for verifying the integrity of the cloud data;
the cluster center node adopts a bloom filter to record the data characteristics of cloud data stored by each cluster member, and the data characteristics are generated by a data identifier;
the data providing node further comprises: the system comprises an address generation module, a message blinding module and a service providing module;
an address generation module: generating own address public parameters, participating in generating a collection public key address by the address public parameters exchanged by the data request node, and generating a collection private key address by utilizing the address secret parameters, wherein the collection private key address is used for spending digital coins on the collection public key address;
message blinding module: generating a partial blinding message according to the data characteristics and the address disclosure parameters of the target data;
Message blinding module: the partial blinded signature is subjected to blinding to obtain a blind-removed signature, and the blind-removed signature is used as a transaction certificate for the two parties to achieve consensus;
A service providing module: transmitting the appointed target data to the data request node according to the data characteristics recorded in the signature;
The data request node includes: the system comprises a data query module, an address generation module, a message signature module, a data verification module and a service settlement module;
and a data query module: retrieving target data from a cluster center node by utilizing the data characteristics, and taking a cluster member storing the target data as a data providing node; the step of the data request node retrieving the target data is:
The data request node extracts a target data identifier recorded in the block chain, calculates a space vector corresponding to the target data identifier as a data characteristic, and broadcasts a data retrieval request containing the space vector to a network;
Each cluster center node respectively judges that if the local bloom filter contains the space vector, the cluster members to which the space vector belongs are notified;
searching local data identifiers corresponding to the space vectors by the cluster members, and forwarding first data promises associated with the local data identifiers to the data request nodes through the cluster center nodes;
The data request node forms a commitment set by all the received first data commitments, uses target data identification to participate in generating a second data commitment, selects the same element as the second data commitment from the commitment set as a target data commitment, and uses a cluster center node for transmitting the target data commitment as a data source center node;
An address generation module: generating own address public parameters and address secret parameters, and generating a public key address by the address public parameters exchanged by the data providing nodes;
Message signing module: the method comprises the steps of obtaining a partially blinded signature for the partially blinded message signature;
and a data verification module: performing hash operation on the received target data, comparing the obtained hash value with a standard hash value recorded in a block chain, and judging the data integrity;
and (3) a fee settlement module: for transferring the data access service fee to the public key address of the deposit recorded in the signature.
CN202210380254.5A 2022-04-08 2022-04-08 Distributed cloud storage data access method and data service system Active CN114598717B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210380254.5A CN114598717B (en) 2022-04-08 2022-04-08 Distributed cloud storage data access method and data service system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210380254.5A CN114598717B (en) 2022-04-08 2022-04-08 Distributed cloud storage data access method and data service system

Publications (2)

Publication Number Publication Date
CN114598717A CN114598717A (en) 2022-06-07
CN114598717B true CN114598717B (en) 2024-06-28

Family

ID=81820545

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210380254.5A Active CN114598717B (en) 2022-04-08 2022-04-08 Distributed cloud storage data access method and data service system

Country Status (1)

Country Link
CN (1) CN114598717B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104994110A (en) * 2015-07-16 2015-10-21 电子科技大学 Method for assigning verifier for auditing cloud storage data
CN111539719A (en) * 2020-03-16 2020-08-14 中国人民解放军战略支援部队信息工程大学 Auditable mixed currency service method and system model based on blind signature

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA2369304A1 (en) * 2002-01-30 2003-07-30 Cloakware Corporation A protocol to hide cryptographic private keys
US10706107B2 (en) * 2017-05-30 2020-07-07 Open Text Sa Ulc Search systems and methods utilizing search based user clustering
CN112543099B (en) * 2020-11-25 2023-05-23 南京邮电大学 Certificateless searchable encryption method based on edge calculation
CN112564903B (en) * 2020-12-08 2022-06-14 西安电子科技大学 Decentering access control method for data security sharing in smart power grid
CN113886856A (en) * 2021-10-20 2022-01-04 兰州理工大学 Dual verifiable cloud storage method based on block chain

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104994110A (en) * 2015-07-16 2015-10-21 电子科技大学 Method for assigning verifier for auditing cloud storage data
CN111539719A (en) * 2020-03-16 2020-08-14 中国人民解放军战略支援部队信息工程大学 Auditable mixed currency service method and system model based on blind signature

Also Published As

Publication number Publication date
CN114598717A (en) 2022-06-07

Similar Documents

Publication Publication Date Title
Zhang et al. Data security sharing and storage based on a consortium blockchain in a vehicular ad-hoc network
Guo et al. Blockchain meets edge computing: A distributed and trusted authentication system
Li et al. FADB: A fine-grained access control scheme for VANET data based on blockchain
CN109451467B (en) Vehicle-mounted self-organizing network data secure sharing and storage system based on block chain technology
CN111372243B (en) Security distributed aggregation and access system and method based on fog alliance chain
CN110138560B (en) Double-proxy cross-domain authentication method based on identification password and alliance chain
CN112418860A (en) Block chain efficient management framework based on cross-chain technology and working method
CN110046521A (en) Decentralization method for secret protection
CN111147460B (en) Block chain-based cooperative fine-grained access control method
CN112804064A (en) Attribute encryption access control system and method based on block chain
CN110059503A (en) The retrospective leakage-preventing method of social information
CN113194469A (en) 5G unmanned aerial vehicle cross-domain identity authentication method, system and terminal based on block chain
CN110709874A (en) Voucher generation and distribution method and system for block chain network
Namasudra et al. Achieving a decentralized and secure cab sharing system using blockchain technology
Li et al. A quantum voting protocol using single-particle states
CN110830244A (en) Anti-quantum computing vehicle networking method and system based on identity secret sharing and alliance chain
CN113949544A (en) DAG block chain-based lightweight authentication and access authorization method for Internet of things equipment
CN110730064A (en) Data fusion method based on privacy protection in crowd sensing network
CN112470423A (en) Computer-implemented system and method for asset blending
CN113645039A (en) Communication information transmission system and method based on different authorities
CN117828673B (en) Block chain-based data circulation and privacy protection method and device
Guo et al. Accountable attribute-based data-sharing scheme based on blockchain for vehicular ad hoc network
Ahmed et al. Toward fine‐grained access control and privacy protection for video sharing in media convergence environment
CN110910110B (en) Data processing method and device and computer storage medium
CN115834047A (en) Continuous trusted data sharing method based on block chain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20240603

Address after: 528000, Room 312, Building 5, No. 17 Sanyou South Road, Shiwan Town Street, Chancheng District, Foshan City, Guangdong Province (Residence Declaration)

Applicant after: Foshan Zhongying Shengda Small Loan Co.,Ltd.

Country or region after: China

Address before: 241199 No.1 Yonghe Road, Xinwu Economic Development Zone, Wuhu City, Anhui Province

Applicant before: Xu Hongji

Country or region before: China

GR01 Patent grant
GR01 Patent grant