[go: up one dir, main page]

CN109145650B - An efficient and secure outsourcing big data audit method in cloud environment - Google Patents

An efficient and secure outsourcing big data audit method in cloud environment Download PDF

Info

Publication number
CN109145650B
CN109145650B CN201810892385.5A CN201810892385A CN109145650B CN 109145650 B CN109145650 B CN 109145650B CN 201810892385 A CN201810892385 A CN 201810892385A CN 109145650 B CN109145650 B CN 109145650B
Authority
CN
China
Prior art keywords
file
algorithm
ttpa
params
challenge
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201810892385.5A
Other languages
Chinese (zh)
Other versions
CN109145650A (en
Inventor
王晓明
甘庆晴
晏嘉俊
李素玉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jinan University
Original Assignee
Jinan University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jinan University filed Critical Jinan University
Priority to CN201810892385.5A priority Critical patent/CN109145650B/en
Publication of CN109145650A publication Critical patent/CN109145650A/en
Application granted granted Critical
Publication of CN109145650B publication Critical patent/CN109145650B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • G06F21/645Protecting data integrity, e.g. using checksums, certificates or signatures using a third party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • Software Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Storage Device Security (AREA)

Abstract

本发明公开了一种云环境下高效安全的外包大数据审计方法,基于代数签名和异或同态函数,通过采用代数签名技术,本发明相比现有技术,具有低计算开销和通信费用。此外,本发明引入了可信第三方审计者TTPA,由TTPA实现大数据完整性验证,有效地降低了数据拥有者的计算开销。安全证明表明,提出的方案在安全模型下可证明安全。性能分析表明,与已有方案相比,本发明对于服务器具有较少的计算开销,并且有效减低了验证者的计算、存储和验证过程中的通信费用。

Figure 201810892385

The invention discloses an efficient and safe outsourced big data auditing method in cloud environment. Based on algebraic signature and XOR and homomorphic function, the invention has lower computational cost and communication cost compared with the prior art by adopting the algebraic signature technology. In addition, the present invention introduces a trusted third-party auditor TTPA, and the TTPA realizes the integrity verification of big data, which effectively reduces the computational cost of the data owner. Security proofs show that the proposed scheme is provably secure under the security model. The performance analysis shows that, compared with the existing solution, the present invention has less computational cost for the server, and effectively reduces the verifier's computation, storage and communication cost in the verification process.

Figure 201810892385

Description

Efficient and safe outsourcing big data auditing method in cloud environment
Technical Field
The invention relates to the technical field of outsourcing storage data security audit in a cloud environment, in particular to an outsourcing big data audit scheme based on algebraic signatures and XOR homomorphic functions.
Background
With the development of networking and explosive growth of data, a big data age has come. Big data appears in the aspects of people's life, including information recording, trend analysis, digital online service and the like. Usually, the data is stored in a cloud service end, and data management is performed by a cloud service provider. Since a cloud server is not fully trusted in a cloud computing environment, for example, the cloud server may delete a file with less access to save storage overhead, and an enterprise or an individual outsources data to the cloud, which means that the enterprise or the individual loses full control over the data, a problem of security and integrity verification of the data arises. How to establish an effective and safe mechanism for verifying the integrity of big data of an external package becomes an urgent problem to be solved.
In 2007, Ateniese et al put forward a concept of data security audit in the document "Provable data permission at untrausted stores", and two data audit schemes are constructed by using homomorphic verifiable tags, so as to be safely applied to data integrity verification in a cloud environment. Later, Wang et al, in "energy public availability and data dynamics for storage security in closed computing," devised a remote data integrity verification scheme based on bilinear aggregate signature technology and Merkle hash trees. In 2015, Yu et al put forward a data auditing scheme based on a random sampling technology in a document "remove data admission checking with enhanced security for closed storage", so that some security defects existing in the past research are solved, and the integrity verification function of data is realized. However, since these schemes are based on public key cryptography or employ bilinear pairings, the verification process is computationally expensive.
In order to improve the efficiency of data integrity verification, a part of documents use algebraic signatures to construct a data auditing scheme. For example, a data auditing scheme "Using algebra signatures to check data permission in closed storage" proposed by Chen et al based on algebraic signatures, but the scheme cannot resist replay attacks and malicious server deletion attacks, and does not refer to a third party auditor, which brings huge computational overhead to data owners. Recently, Sookhak et al have designed an outsourcing data auditing scheme based on algebraic signatures in the document "Dynamic remote data auditing for securing big data storage in closed computing", and have effectively realized data integrity verification. However, this scheme is insecure, there is a replay attack, and the challenge information does not contain a random value, resulting in the certification information generated by the cloud server not being completely random.
So far, most data auditing schemes have large calculation cost or have safety problems, and how to design an efficient and safe outsourced big data safety auditing scheme becomes a key problem.
Disclosure of Invention
The invention aims to overcome the defects of the prior art, provides a high-efficiency and safe outsourced big data auditing method in a cloud environment, and flexibly realizes the safety audit of outsourced big data. The invention effectively reduces the calculation expense of the data owner by introducing the TTPA of the credible third party auditor. The safety certification shows that the invention can prove safety under a safety model and can resist various attacks. Performance analysis shows that compared with the existing scheme, the method has less calculation, storage and communication cost, and effectively realizes integrity verification of outsourced big data in the cloud environment.
The purpose of the invention is realized by the following technical scheme: an efficient and safe outsourcing big data auditing method in a cloud environment comprises the following steps:
s1, when the data owner DO wants to outsource storage of multiple files to the cloud server, he first runs the system Setup algorithm Setup (1)λ) Obtaining system parameters params and a private key sk, wherein the sk is kept secret by DO;
s2, the data owner DO executes a tag generation algorithm TagBlock (params, sk, F) to generate a file tag T for each file blocki(ii) a The DO uploads the file blocks and the corresponding labels to a cloud server CS;
s3, once the data owner DO wants to check whether the file is completely saved in the cloud server CS, he authorizes TTPA to execute; the TTPA calls a Challenge algorithm Challenge, generates Challenge information Challenge and transmits the Challenge information Challenge to a cloud server CS;
s4, the cloud server CS calls a Proof algorithm Proof (params, F, T) according to the received chaliChal) obtaining the proving information prf and returning the proving information prf to the TTPA;
s5, finally, the TTPA verifies the integrity of the file by calling a verification algorithm Verificati on (params, sk, hall, prf); if the output of the verification algorithm is 1, the prf is valid and the file is completely stored in the cloud server; otherwise the output is 0, indicating that the file is corrupted.
Preferably, the method comprises a preprocessing stage, in which a data segmentation technique is used to divide the file F into n blocks, each of which is represented as F [ i ], i is greater than or equal to 1 and less than or equal to n.
Preferably, in step S1, the system Setup algorithm Setup (1)λ):Data owner DO first chooses randomly
Figure GDA0003135908940000031
And defining an XOR homomorphic hash function
Figure GDA0003135908940000032
Second, DO randomly selects an element γ from the Galois field for defining an algebraic signature Sγ(ii) a Finally outputting system parameters params ═ q, f, SγThe private key sk ═ k1,k2,k3}。
Preferably, in step S2, the tag generation algorithm TagBlock (params, sk, F): DO first selects n random numbers
Figure GDA0003135908940000033
Then adding file information Info for each file blocki={Indi||Vi||TSiIn which IndiRepresents an index, ViRepresenting version number with initial value of 1, TSiRepresents a timestamp; and (4) DO calculation:
Figure GDA0003135908940000034
then the label for each file block is Ti=Sγ(Ci||Infoi) (ii) a DO will
Figure GDA0003135908940000035
Sending the file to a cloud server CS, and deleting the local file F; at the same time, DO passes k through the secure channel2,
Figure GDA0003135908940000036
Sending the k to a trusted third party auditor TTPA3And sending to the CS.
Preferably, in step S3, the Challenge algorithm Challenge: TTPA of trusted third party auditor selects c random numbers
Figure GDA0003135908940000037
Challenge information
Figure GDA0003135908940000038
Is sent to CS, where CSiA file block representing a challenge.
Preferably, in step S4, the Proof algorithm Proof (params, F, T)iChal): after receiving the challenge information chal, the CS calculates:
Figure GDA0003135908940000039
and will be
Figure GDA00031359089400000310
As attestation information to the TTPA.
Preferably, in step S5, the verification algorithm veridication on (params, sk, hall, prf): after receiving the certification information prf, TTPA first calculates
Figure GDA00031359089400000311
Then calculate
Figure GDA00031359089400000312
Finally TTPA verifies the integrity of the file F by verifying whether the following equation holds:
Figure GDA0003135908940000041
if the equation is established, the verification algorithm outputs 1, which indicates that the cloud server completely stores the file F; otherwise the output is 0, indicating that the file is corrupted.
Compared with the prior art, the invention has the following advantages and beneficial effects:
in a big data outsourcing scene, the cloud server may not completely save the data or files of the user in order to save storage overhead, and many existing integrity verification schemes have the problems of high computing cost and safety. Therefore, in order to realize safe and effective data integrity verification in a cloud environment, the invention provides an outsourced data auditing scheme based on algebraic signatures and XOR homomorphic functions. By adopting the algebraic signature technology, compared with the existing scheme, the invention has low calculation overhead and communication cost. In addition, the invention introduces a trusted third party auditor TTPA, realizes big data integrity verification by the TTPA, and effectively reduces the calculation expense of the data owner. The security proof shows that the proposed scheme can prove security under a security model. Performance analysis shows that compared with the existing scheme, the method has less calculation overhead for the server, and effectively reduces the communication cost in the calculation, storage and verification processes of the verifier.
Drawings
FIG. 1 is a flow diagram of an auditing scheme for outsourcing big data according to an embodiment.
Fig. 2 is a schematic diagram of an interaction process of the TTPA and the CS in a challenge algorithm, a certification algorithm and a verification algorithm of an outsourced big data auditing scheme.
Detailed Description
The present invention will be described in further detail with reference to examples and drawings, but the present invention is not limited thereto.
Example 1
Formalized definition of outsourcing big data auditing scheme:
an efficient and safe outsourcing big data auditing scheme under a cloud environment is composed of the following 5 polynomial time algorithms:
(1) system establishment algorithm Setup (1)λ): inputting a security parameter lambda and outputting a system public parameter params and a private key sk;
(2) the tag generation algorithm TagBlock (params, sk, F): inputting system public parameters params, a private key sk and a file F. Suppose file F is divided into n blocks, each represented as F [ i ]](i is more than or equal to 1 and less than or equal to n), and outputting a file label Ti
(3) Challenge algorithm Challenge: outputting challenge information chal;
(4) proof of Algorithm Proof (params, F, T)iChal): import system public parameters params, file F, file tag TiChallenge information chal, and output certification information prf;
(5) verification algorithm veridicati on (params, sk, chal, prf): inputting system public parameters params, a private key sk, challenge information chal and certification information prf, and outputting 0 or 1.
Scheme design:
in a cloud environment, a specific example of an auditing scheme for outsourcing big data is shown in fig. 1. The graph consists of three entities: a Cloud Server (CS), a Data Owner (DO), and a Trusted Third Party Auditor (TTPA).
When the data owner DO wants to outsource storage of multiple files to the cloud server, he first runs the system Setup algorithm Setup (1)λ) Obtaining system parameters params and a private key sk, wherein the sk is kept secret by DO; then executing TagBlock (params, sk, F) to generate a file tag T for each file blocki. The DO uploads these file blocks and corresponding tags to the cloud server CS. Once the DO wants to check if the file is completely saved in the CS, he will authorize the TTPA to execute. TTPA calls the Challenge algorithm Challenge, generates Challenge information chal and passes it to the CS. The cloud server CS calls a Proof algorithm Proof (params, F, T) according to the received chaliChal) gets the attestation information prf and returns it to TTPA. Finally, TTPA verifies the integrity of the file by calling the verification algorithm veridicati on (params, sk, chal, prf). If the verification algorithm output is 1, then the prf is valid and the file is completely saved in the cloud server.
In the preprocessing stage, a data segmentation technology is adopted to divide the file F into n blocks, and each file block is represented as F [ i ] (i is more than or equal to 1 and less than or equal to n). The outsourcing big data auditing scheme provided by the patent comprises the following algorithms:
(1) system establishment algorithm Setup (1)λ): data owner DO first chooses randomly
Figure GDA0003135908940000061
And defining an XOR homomorphic hash function
Figure GDA0003135908940000062
Second, DO randomly selects an element γ from the Galois field for defining an algebraic signature Sγ. Finally outputting system parameters params ═ q, f, SγThe private key sk ═ k1,k2,k3Q represents a large prime number, a random number
Figure GDA0003135908940000063
f represents an XOR homomorphic hash function
Figure GDA0003135908940000064
(2) The tag generation algorithm TagBlock (params, sk, F): DO first selects n random numbers
Figure GDA0003135908940000065
Then adding file information Info for each file blocki={Indi||Vi||TSiIn which IndiRepresents an index, ViRepresenting version number with initial value of 1, TSiRepresenting a time stamp. And (4) DO calculation:
Figure GDA0003135908940000066
then the label for each file block is Ti=Sγ(Ci||Infoi). DO will
Figure GDA0003135908940000067
And sending the file to the cloud server CS, and deleting the local file F. At the same time, DO passes k through the secure channel2,
Figure GDA0003135908940000068
Sending the k to a trusted third party auditor TTPA3And sending to the CS.
(3) Challenge algorithm Challenge: TTPA of trusted third party auditor selects c random numbers
Figure GDA0003135908940000069
Challenge information
Figure GDA00031359089400000610
Is sent to CS, where CSiA file block representing a challenge.
(4) Proof of Algorithm Proof (params, F, T)iChal): after receiving the challenge information chal, the CS calculates:
Figure GDA00031359089400000611
and will be
Figure GDA00031359089400000612
As attestation information to the TTPA.
(5) Verification algorithm veridicati on (params, sk, chal, prf): after receiving the certification information prf, TTPA first calculates
Figure GDA00031359089400000613
Then calculate
Figure GDA00031359089400000614
Finally TTPA verifies the integrity of the file F by verifying whether the following equation holds:
Figure GDA0003135908940000071
if the above equation is true, the verification algorithm outputs 1, indicating that the cloud server has completely saved the file F. Otherwise the output is 0, indicating that the file is corrupted. Fig. 2 illustrates the interactive process of TTPA and CS in the challenge algorithm, attestation algorithm, and validation algorithm of the outsourced big data auditing scheme presented herein.
The protocol was analyzed for correctness as follows:
Figure GDA0003135908940000072
in terms of calculation, storage and communication overhead, the embodiment compares the proposed scheme with the document [1] [2] [3] [4], and specifically includes whether the encryption mechanism adopts public key encryption or symmetric encryption, calculation overhead of the server and the verifier, communication overhead of the verification process, storage overhead of the verifier, whether verification is completed by a third party auditor, and the like, as shown in table 1. Where n represents the maximum number of encrypted files in the system, the server computational overhead primarily considers the computational cost of generating the attestation information, and the verifier computational overhead primarily considers the computational cost of the verification process.
Table 1 comparison of protocols herein with related protocols
Figure GDA0003135908940000073
As can be seen from table 1, the scheme proposed in this embodiment and the document [1] [2] [3] [4] both keep the storage overhead of the verifier at O (1), but the computation overhead of the server, the computation overhead of the verifier, and the communication overhead of the verification process of the scheme of this embodiment are also at O (1), which is superior to the document [2] [3] [4] with O (logn) complexity, and the same as the document [1 ]. On the other hand, document [1] [2] [3] is based on a public key cryptography, while the scheme of the present embodiment and document [4] is based on a symmetric cryptography. Generally, symmetric encryption mechanisms are less computationally expensive than public key encryption mechanisms. In addition, as can be seen from table 1, document [1] [2] [4] does not pass the third party verification, that is, the integrity verification of the file is realized by the data owner, while the scheme of this embodiment and document [3] introduces a third party verifier, which allows a trusted third party auditor to perform a data auditing operation, thereby greatly reducing the computational overhead of the data owner. Taken together, the scheme proposed by the embodiment is superior to the document [1] [2] [3] [4], and has less calculation, storage and communication overhead.
Reference documents:
[1]Ateniese G,Burns R,Curtmola R,et al.Provable data possession at untrusted stores.In:Proceedings of the 14th ACM Conference on Computer and Communications Security,Alexandria,2007.598-609.
[2]Erway C C,Papamanthou C,Tamassia R.Dynamic provable data possession.ACM Trans Inf Syst Secur,2009,17:213-222.
[3]Wang Q,Wang C,Ren K,et al.Enabling public auditability and data dynamics for storage security in cloud computing.IEEE Trans Parall Distrib Syst,2011,22:847-859.
[4]Yu Y,Zhang Y,Ni J,et al.Remote data possession checking with enhanced security for cloud storage.Future Gener Comput Syst,2015,52:77-85.
the above embodiments are preferred embodiments of the present invention, but the present invention is not limited to the above embodiments, and any other changes, modifications, substitutions, combinations, and simplifications which do not depart from the spirit and principle of the present invention should be construed as equivalents thereof, and all such changes, modifications, substitutions, combinations, and simplifications are intended to be included in the scope of the present invention.

Claims (2)

1.一种云环境下高效安全的外包大数据审计方法,其特征在于,包括以下步骤:1. an efficient and safe outsourcing big data auditing method under cloud environment, is characterized in that, comprises the following steps: 预处理阶段,采用数据分段技术将文件F分为n块,每个文件块表示为F[i],1≤i≤n;In the preprocessing stage, the data segmentation technique is used to divide the file F into n blocks, and each file block is represented as F[i], 1≤i≤n; S1、当数据拥有者DO想要将多个文件外包存储到云服务器,他首先运行系统建立算法Setup(1λ)得到系统参数params和私钥sk,其中sk由DO秘密保存,λ为安全参数;S1. When the data owner DO wants to outsource multiple files to the cloud server, he first runs the system establishment algorithm Setup(1 λ ) to obtain the system parameters params and the private key sk, where sk is secretly stored by the DO, and λ is the security parameter ; S2、然后数据拥有者DO执行标签生成算法TagBlock(params,sk,F)为每一个文件块生成文件标签Ti;DO将这些文件块和对应的标签上传到云服务器CS;S3、一旦数据拥有者DO想要检查文件是否完整保存在云服务器CS,他将授权给可信第三方审计者TTPA执行;TTPA调用挑战算法Challenge,生成挑战信息chal并将其传给云服务器CS;S2, then the data owner DO executes the tag generation algorithm TagBlock (params, sk, F) to generate a file tag Ti for each file block; DO uploads these file blocks and the corresponding tags to the cloud server CS; S3, once the data has If the user DO wants to check whether the file is completely saved in the cloud server CS, he will authorize the trusted third-party auditor TTPA to execute; TTPA calls the challenge algorithm Challenge, generates the challenge information chal and transmits it to the cloud server CS; S4、云服务器CS根据收到的chal,调用证明算法Proof(params,F,Ti,chal)得到证明信息prf并返回给TTPA;S4. According to the received chal, the cloud server CS calls the proof algorithm Proof(params, F, T i , chal) to obtain the proof information prf and returns it to TTPA; S5、最后,TTPA通过调用验证算法Verificati on(params,sk,chal,prf),对文件完整性进行验证;如果验证算法输出为1,则说明prf是有效的并且文件完整保存在云服务器;否则输出为0,说明文件被损坏;S5. Finally, TTPA verifies the integrity of the file by calling the verification algorithm Verification (params, sk, chal, prf); if the output of the verification algorithm is 1, it means that the prf is valid and the file is completely saved in the cloud server; otherwise The output is 0, indicating that the file is damaged; 步骤S1中,系统建立算法Setup(1λ):数据拥有者DO首先随机选取
Figure FDA0003172479720000011
并且定义一个异或同态哈希函数
Figure FDA0003172479720000012
其次,DO从Galois域随机选取元素γ用于定义代数签名Sγ;最后输出系统参数params={q,f,Sγ},私钥sk={k1,k2,k3},q表示输出系统参数中的素数;In step S1, the system establishes an algorithm Setup(1 λ ): the data owner DO first randomly selects
Figure FDA0003172479720000011
And define an XOR homomorphic hash function
Figure FDA0003172479720000012
Secondly, DO randomly selects element γ from Galois domain to define algebraic signature S γ ; finally outputs system parameters params={q,f,S γ }, private key sk={k 1 ,k 2 ,k 3 }, q represents output the prime numbers in the system parameters; 步骤S2中,标签生成算法TagBlock(params,sk,F):DO首先选取n个随机数
Figure FDA0003172479720000013
然后为每个文件块添加文件信息Infoi={Indi||Vi||TSi},其中Indi代表索引,Vi代表版本号,版本号初始值设为1,TSi代表时间戳;DO计算:In step S2, the tag generation algorithm TagBlock(params,sk,F): DO first selects n random numbers
Figure FDA0003172479720000013
Then add file information Info i ={Ind i ||V i ||TS i } for each file block, where Ind i represents the index, Vi represents the version number, the initial value of the version number is set to 1, and TS i represents the timestamp ;DO calculation:
Figure FDA0003172479720000014
Figure FDA0003172479720000014
 步骤S3中,挑战算法Challenge:可信第三方审计者TTPA选取c个随机数
Figure FDA0003172479720000021
将挑战信息
Figure FDA0003172479720000022
发送给CS,其中csi代表挑战的文件块;In step S3, the challenge algorithm Challenge: the trusted third-party auditor TTPA selects c random numbers
Figure FDA0003172479720000021
will challenge information
Figure FDA0003172479720000022
Sent to CS, where cs i represents the challenged file block; 步骤S4中,证明算法Proof(params,F,Ti,chal):收到挑战信息chal后,CS计算:In step S4, the proof algorithm Proof(params, F, T i , chal): after receiving the challenge information chal, CS calculates:
Figure FDA0003172479720000023
Figure FDA0003172479720000023
 并将
Figure FDA0003172479720000024
作为证明信息发送给TTPA;and will
Figure FDA0003172479720000024
sent to TTPA as attestation information; 步骤S5中,验证算法Verificati on(params,sk,chal,prf):收到证明信息prf后,TTPA首先计算
Figure FDA0003172479720000025
然后计算
Figure FDA0003172479720000026
最后TTPA通过验证以下等式是否成立来验证文件F的完整性:In step S5, the verification algorithm Verification (params, sk, chal, prf): after receiving the certification information prf, TTPA first calculates
Figure FDA0003172479720000025
then calculate
Figure FDA0003172479720000026
Finally TTPA verifies the integrity of file F by verifying that the following equation holds:
Figure FDA0003172479720000027
Figure FDA0003172479720000027
 如果上述验证算法的等式成立,则验证算法输出1,否则输出为0;If the above equation of the verification algorithm holds, the verification algorithm outputs 1, otherwise the output is 0; γ为从Galois域中随机选取的元素,用于定义代数签名Sγγ is an element randomly selected from the Galois field to define the algebraic signature S γ . 2.根据权利要求1所述的云环境下高效安全的外包大数据审计方法,其特征在于,步骤S2中,那么对于每个文件块的标签为Ti=Sγ(Ci||Infoi);DO将
Figure FDA0003172479720000028
发送给云服务器CS,并将本地文件F删除;同时,DO通过安全信道将
Figure FDA0003172479720000029
发送给可信第三方审计者TTPA,将k3发送给CS。2. the efficient and safe outsourcing big data auditing method under cloud environment according to claim 1, is characterized in that, in step S2, then the label for each file block is T i =S γ (C i ||Info i ); DO will
Figure FDA0003172479720000028
Send it to the cloud server CS, and delete the local file F; at the same time, the DO sends the
Figure FDA0003172479720000029
Send to trusted third-party auditor TTPA, send k 3 to CS.
CN201810892385.5A 2018-08-07 2018-08-07 An efficient and secure outsourcing big data audit method in cloud environment Expired - Fee Related CN109145650B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810892385.5A CN109145650B (en) 2018-08-07 2018-08-07 An efficient and secure outsourcing big data audit method in cloud environment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810892385.5A CN109145650B (en) 2018-08-07 2018-08-07 An efficient and secure outsourcing big data audit method in cloud environment

Publications (2)

Publication Number Publication Date
CN109145650A CN109145650A (en) 2019-01-04
CN109145650B true CN109145650B (en) 2021-10-08

Family

ID=64791801

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810892385.5A Expired - Fee Related CN109145650B (en) 2018-08-07 2018-08-07 An efficient and secure outsourcing big data audit method in cloud environment

Country Status (1)

Country Link
CN (1) CN109145650B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109818944B (en) * 2019-01-08 2021-05-04 桂林电子科技大学 A cloud data outsourcing and integrity verification method and device supporting preprocessing
CN110505052B (en) * 2019-08-28 2022-11-25 安徽大学 A cloud data public verification method to protect data privacy
CN113489690B (en) * 2021-06-22 2023-04-07 暨南大学 On-line/off-line outsourcing data integrity auditing method with strong resistance to key exposure

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8290161B2 (en) * 1998-10-30 2012-10-16 CQRCert, LLC Incorporating shared randomness into distributed cryptography
US8327250B1 (en) * 2009-04-21 2012-12-04 Network Appliance, Inc. Data integrity and parity consistency verification
CN103605784A (en) * 2013-11-29 2014-02-26 北京航空航天大学 Data integrity verifying method under multi-cloud environment
CN104023044A (en) * 2014-01-01 2014-09-03 电子科技大学 Cloud-storage data lightweight-level public auditing method with privacy protection
CN105320899A (en) * 2014-07-22 2016-02-10 北京大学 User-oriented cloud storage data integrity protection method
CN105491069A (en) * 2016-01-14 2016-04-13 西安电子科技大学 Integrity verification method based on active attack resistance in cloud storage
CN106357701A (en) * 2016-11-25 2017-01-25 西安电子科技大学 Integrity verification method for data in cloud storage
CN106650503A (en) * 2016-12-09 2017-05-10 南京理工大学 Cloud side data integrity verification and restoration method based on IDA
CN106790303A (en) * 2017-03-23 2017-05-31 西安电子科技大学 The data integrity verification method completed by third party in cloud storage

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8290161B2 (en) * 1998-10-30 2012-10-16 CQRCert, LLC Incorporating shared randomness into distributed cryptography
US8327250B1 (en) * 2009-04-21 2012-12-04 Network Appliance, Inc. Data integrity and parity consistency verification
CN103605784A (en) * 2013-11-29 2014-02-26 北京航空航天大学 Data integrity verifying method under multi-cloud environment
CN104023044A (en) * 2014-01-01 2014-09-03 电子科技大学 Cloud-storage data lightweight-level public auditing method with privacy protection
CN105320899A (en) * 2014-07-22 2016-02-10 北京大学 User-oriented cloud storage data integrity protection method
CN105491069A (en) * 2016-01-14 2016-04-13 西安电子科技大学 Integrity verification method based on active attack resistance in cloud storage
CN106357701A (en) * 2016-11-25 2017-01-25 西安电子科技大学 Integrity verification method for data in cloud storage
CN106650503A (en) * 2016-12-09 2017-05-10 南京理工大学 Cloud side data integrity verification and restoration method based on IDA
CN106790303A (en) * 2017-03-23 2017-05-31 西安电子科技大学 The data integrity verification method completed by third party in cloud storage

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
云环境下基于代数签名持有性审计的大数据安全存储方案;徐洋 等;《计算机科学》;20161031;第43卷(第10期);第172-176页 *

Also Published As

Publication number Publication date
CN109145650A (en) 2019-01-04

Similar Documents

Publication Publication Date Title
Li et al. Blockchain-based public auditing for big data in cloud storage
CN111639361B (en) A block chain key management method, multi-person co-signature method and electronic device
Eskandarian et al. Clarion: Anonymous communication from multiparty shuffling protocols
CN107800688B (en) Cloud data deduplication and integrity auditing method based on convergence encryption
Wang et al. Privacy-preserving public auditing for secure cloud storage
Ng et al. Private data deduplication protocols in cloud storage
Cervesato et al. Breaking and fixing public-key Kerberos
Yu et al. Remote data possession checking with enhanced security for cloud storage
Bock et al. On the security goals of white-box cryptography
Garg et al. Comparative analysis of cloud data integrity auditing protocols
Zhang et al. A blockchain-based efficient data integrity verification scheme in multi-cloud storage
Fan et al. On indistinguishability in remote data integrity checking
Shankar et al. Improved multisignature scheme for authenticity of digital document in digital forensics using edward‐curve digital signature algorithm
Nirmala et al. Data confidentiality and integrity verification using user authenticator scheme in cloud
Li et al. Algebraic signature-based public data integrity batch verification for cloud-IoT
CN109145650B (en) An efficient and secure outsourcing big data audit method in cloud environment
Gan et al. Efficient and secure auditing scheme for outsourced big data with dynamicity in cloud
Albrecht et al. Device-oriented group messaging: a formal cryptographic analysis of matrix’core
Ramprasath et al. Protected data sharing using attribute based encryption for remote data checking in cloud environment
Fischlin et al. Verifiable verification in cryptographic protocols
De Lacerda Filho et al. Improving data security, privacy, and interoperability for the IEEE biometric open protocol standard
Ma et al. Secure public-auditing cloud storage enabling data dynamics in the standard model
Ramaiah et al. Complete privacy preserving auditing for data integrity in cloud computing
Khudaier et al. A Review of Assured Data Deletion Security Techniques in Cloud Storage
Tang et al. Key Transferring-Based Secure Deduplication for Cloud Storage With Resistance Against Brute-Force Attacks

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20211008