Efficient and helpful reading method for static data

Abstract

The invention provides an efficient and helpful reading method for static data, which comprises the following steps: a client encrypts data locally by using a pseudo-random function F to generate an encrypted data set C, interpolates and creates a polynomial function f (x) to enable f (i) to be equal to C [i], and uploads a coefficient of the polynomial function to a server; when the client wants to access the data item corresponding to the real index i, the real index i is binded into a pseudo index gamma i, the pseudo index gamma i is sent to the server; after receiving the access request, the server calculates f (gamma i) and returns a result to the client; and the client receives the f (gamma i) and then locally recovers the f (gamma i) into C [i], and then decrypts the f (gamma i) by using a pseudo-random function F to obtain a data item corresponding to the real index i. According to the method, the property of the polynomial is utilized, the real index accessed by the user is blinded, the access mode of the user is protected, only the data block corresponding to the blinded index is accessed each time, the data volume transmitted by the client and the server is reduced, and the bandwidth is optimized; and complicated shuffling operation and extra storage space are not needed, so that the calculation and storage overhead is reduced.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to an efficient dazed reading method for static data. Background technique [0002] In recent years, with the development of cloud computing technology, more and more individuals and users choose to outsource data to cloud servers for storage and processing. However, because third-party cloud server providers are often untrustworthy, a series of safe question. Once the user uploads the data to the cloud server, he loses control over the data, and untrustworthy cloud service providers can easily obtain the user's private information by analyzing and mining the data. The traditional solution is to directly encrypt the data and outsource it to the cloud server, which ensures the integrity and confidentiality of the data content. On the surface, untrustworthy cloud service providers cannot obtain encrypted data, but this scheme does not hide the index of user acce...

AI Technical Summary

Problems solved by technology

The user's access request is divided into two operations: read and write. ORAM confuses the user's access behavior and target data by complicating the user's access behavior or adding redundant data on the client and server, so that the attacker cannot distinguish between each Whether a visit is real or random, the user's privacy cannot be inferred based on the user's access pattern

[0004] The blind read method is a method of reading static data that protects the user's access mode. In the prior art, ORAM schemes are mostly used. However, most ORAM schemes hide their access behavior by complicating the user's access operations, and consume a lot of storage space and computing resources

For example, the ORAM scheme based on the simple model needs to store all the data on the server and read all the data for each access; the ORAM scheme based on the square root only accesses the data in the buffer each time, but needs to perform complex shuffling operations. It will bring additional overhead; the ORAM scheme based on the hierarchical model uses a hash table to establish a hierarchical storage model. Although the bandwidth is optimized, it still requires complex shuffling operations; the traditional ORAM scheme based on the tree model does not require Washing operation, but the client needs to store the location mapping table, and the server needs to store redundant data. Whenever the client submits an access request, the server needs to return all data blocks on the path from the root node to a certain leaf node. Will cause at least O(logN) level of overhead, where N represents the size of the input data, and then complex eviction operations are required

[0005] Therefore, although most ORAM schemes protect the user's access mode, the result is a huge performance overhead. In actual scenarios, it is often not well applied due to issues such as cost and efficiency.

Images