A cloud storage security control method and system based on a public key pool

A technology of security control and key pool, which is applied in the field of cloud storage, can solve problems such as insufficient security for the execution environment of encryption programs on the client side, inability to achieve true randomness of keys, and insufficient security.

Active Publication Date: 2018-12-11
RUBAN QUANTUM TECH CO LTD
View PDF4 Cites 21 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Public cloud customers have worries about data migration to the cloud
[0007] (2) If the file key is a pseudo-random key, the true randomness of the key cannot be realized, it may be predicted, and the security is insufficient
[0008] (3) The execution environment of the user-side encryption program is not safe enough. If there is a virus Trojan horse, the key in the memory may be monitored

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A cloud storage security control method and system based on a public key pool
  • A cloud storage security control method and system based on a public key pool
  • A cloud storage security control method and system based on a public key pool

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0066] Figure 5 The timing diagram of the storage method provided by the embodiment of the present invention. Figure 7 It is a flow chart of a storage method provided by the embodiment of the present invention, and the specific steps of a cloud storage security control method based on a public key pool are as follows:

[0067] Step 1.1 The client uploads the Hash value of the data file and each algorithm ID to the server: before uploading the data file, the client first calculates the Hash value of the data file and uploads the Hash value to the server. At the same time, the ID of each algorithm (including the key selection algorithm fp, the primary key generation algorithm fg and the self-selected key generation algorithm ff, the same reason below) is also uploaded. Wherein, the self-selected key generation algorithm ff can be selected unique to the client, or ff0 can be selected. In this embodiment, it is assumed that ff0 is selected, that is, ff(x)=x is selected, which ...

Embodiment 2

[0086] Figure 8 It is a flow chart of a storage method provided in this embodiment. The sequence diagram of the storage method of the present embodiment is consistent with Embodiment 1, and the specific steps of a cloud storage security control method based on a public key pool are as follows:

[0087] Step 2.1 The user end uploads the Hash value of the data file and each algorithm ID to the cloud server: before uploading the data file, the user end first calculates the Hash value of the data file, and uploads the Hash value to the cloud server. At the same time, the ID of each algorithm is uploaded. Among them, the self-selected key generation algorithm ff chooses the unique one of the client instead of ff0, that is, chooses ff(x)≠x, which means that the privacy and confidentiality function that only belongs to the individual is used. This file is unique to the user and cannot be used. Participate in ciphertext deduplication.

[0088] Step 2.2 The cloud server saves the H...

Embodiment 3

[0097] Figure 6 The timing diagram of the storage method provided by the embodiment of the present invention. Figure 9 A flow chart of a file reading method provided by an embodiment of the present invention, a cloud storage security control method based on a public key pool, based on the above-mentioned embodiment, the specific steps for the client to read a file are as follows:

[0098] Step 3.1 The client initiates a file read request: the client sends the Hash value of the file to be read and each algorithm ID to the server.

[0099] Step 3.2 The server sends the corresponding information to the client: After receiving the file Hash value and algorithm ID, the server finds the information corresponding to the Hash value and algorithm ID, and sends the ciphertext and personal key to the client.

[0100] Step 3.3 The client obtains the file key: the client uses the private key to decrypt the personal key to obtain a true random number r. Use the public key of P to encryp...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a cloud storage security control method and a cloud storage security control system based on a public key pool. A user end uploads the data file encrypted by the file key to the server, and the user end is provided with a quantum key card. The file key is generated by combining the true random number generated by the quantum key card with the key pool device, and the user end uploads the true random number to the server. The server receives and stores data files and true random numbers from the client. The user terminal downloads a true random number and a data file encrypted by using a file key, and combines the true random number with the key pool device to generate a file key, and decrypts the file to obtain a data file. In the cloud storage process, the server can not access the file key and the decrypted data file, which solves the security concerns of the client for the cloud storage data, the true random number generated by the quantum key card is used togenerate the true random file key, so as to improve the security of the key and ensure the security of the execution environment of the encrypted program at the client.

Description

technical field [0001] The invention relates to the field of cloud storage, in particular to a cloud storage security control method and system based on a public key pool. Background technique [0002] With the development of science and technology, cloud storage has increasingly become a trend, and various cloud storage technologies emerge in endlessly. In order to ensure the security of cloud storage data, various encryption methods are usually used to ensure data security. For example, through Asymmetric key encryption is used to ensure the security of data. Asymmetric key encryption requires the use of different keys to complete the encryption and decryption operations. One is publicly released, that is, the public key, and the other is kept secretly by the user, that is, the private key. . The information sender uses the public key to encrypt, and the information receiver uses the private key to decrypt. [0003] Since shared storage is mostly used in cloud storage, s...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/08H04L29/06H04L29/08
CPCH04L9/0825H04L9/083H04L9/0833H04L9/0852H04L9/0869H04L63/045H04L63/062H04L63/065H04L67/1097
Inventor 富尧钟一民杨羽成
Owner RUBAN QUANTUM TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap