CN-121750381-B - Multi-cloud storage data integrity verification and error positioning method in low-altitude unmanned aerial vehicle network

Abstract

The invention discloses a method for verifying the integrity and positioning errors of multi-cloud storage data in a low-altitude unmanned aerial vehicle network, wherein the data integrity verification is performed in the low-altitude unmanned aerial vehicle network, after a user private key and a public key are registered and generated through a comprehensive supervision service platform, the storage data are sent to a plurality of cloud servers to perform multi-cloud storage; the method comprises the steps of performing integrity verification on low-altitude unmanned aerial vehicle data stored on a plurality of cloud servers, wherein a first intelligent contract on a blockchain generates auditing challenges according to a chain state and issues the auditing challenges, each cloud server generates response certificates according to stored coded data blocks and issues the response certificates to the chain, and the verification contract monitors and aggregates all the response certificates to perform batch verification, and results are issued in an auditing log. The method constructs a decentralization audit framework, and does not depend on third party auditors. If the verification fails, a positioning mechanism can be triggered to accurately position the damaged data. In order to protect identity privacy, the embedded key exchange protocol realizes conditional anonymity, and the supervision platform can balance anonymity and accountability.

Inventors

• ZHAO JIE
• HE FUYUAN
• QIAN JIAWEI
• WANG PENGYU
• MAO JINHONG
• WANG XUAN
• WANG WENDONG
• LIU BAOWEN
• ZHANG XIAOJUN
• Yang chan
• CAO LANG

Assignees

• 西南石油大学

Dates

Publication Date

20260512

Application Date

20260302

Claims (8)

1. 1. A method for verifying integrity of multi-cloud storage data in a low-altitude unmanned aerial vehicle network is characterized in that in the low-altitude unmanned aerial vehicle network, after an unmanned aerial vehicle is registered through a comprehensive supervision service platform to generate a user private key and a user public key, storage data are sent to a plurality of cloud servers to be subjected to multi-cloud storage, and the method comprises the steps that the unmanned aerial vehicle registers data files to be uploaded Dividing into a plurality of data blocks, dividing each data block into a plurality of data word blocks, and encrypting each data sub-block by using a symmetric encryption algorithm to obtain a ciphertext sub-block The unmanned aerial vehicle obtains the number of available cloud servers, calculates the coded data quantity stored by each cloud server, and then constructs an adaptive coded data random distribution record table for recording the coded vectors corresponding to each cloud server and verification tags thereof so as to distribute and transmit the stored data required to be stored by the unmanned aerial vehicle to one of a plurality of cloud servers for storage; Then performing integrity verification on the low-altitude unmanned aerial vehicle data stored on the plurality of cloud servers, wherein the method comprises the steps of performing an audit challenge generation stage by a first intelligent contract deployed on a blockchain, wherein the first intelligent contract generates audit challenges for the plurality of cloud servers and issues the audit challenges to the blockchain as first transactions, and the first intelligent contract generates the audit challenges for the plurality of cloud servers, wherein the audit challenges for the plurality of cloud servers comprise the steps of acquiring head hash values of latest blocks according to the state and the block height of the current blockchain by the first intelligent contract And extracting the previous historical head hash values according to the reverse order, wherein the total number is Calculating an audit challenge seed based on the latest block header hash and the historical header hash, and generating the audit challenge containing a challenge index by using a pseudo-random function based on the audit challenge seed; Each cloud server monitors the blockchain, generates a response proof according to the self-stored coded data block after acquiring audit wars in the first transaction, and issues the respective response proof to the blockchain as a second transaction; And executing a response proof verification stage by a verification contract deployed on the blockchain, wherein the verification contract monitors and acquires a plurality of response proofs in the second transaction issued by all cloud servers in a preset time, performs batch verification on the aggregated plurality of response proofs according to a preset verification algorithm to determine the integrity of the target data, and issues an audit log containing verification results to the blockchain as a third transaction.
2. 2. The method for verifying the integrity of multi-cloud storage data in a low-altitude unmanned aerial vehicle network according to claim 1, wherein calculating an audit challenge seed based on the latest block header hash and the history header hash comprises: First Smart contracts Calculating audit challenge seed key 1: And audit challenge seed key 2: ; in the two-way type of the above-mentioned formula, 、 、 All are historical head hash values, and are in subscripts For the total number of pre-history header hash values, Is a fifth hash function; first smart contract output audit challenges Wherein And Respectively expressed in audit targets The number of encoding vectors and data blocks that are challenged, In order to be an anonymous identity, The file name of the data file uploaded by the unmanned aerial vehicle; The generating the audit challenge including a challenge index using a pseudo-random function based on the audit challenge seed includes: first smart contract invocation pseudorandom generator Index (index) Wherein Generating a counting variable in the process for the challenge index; , a pseudo-random generator corresponding to the challenge seed key 1 for auditing; generating a challenge index set The method comprises the following steps: wherein Representation cloud server An index set of the vector to be coded is required, In the number of cloud servers, Is the first And the cloud server.
3. 3. The method for verifying the integrity of multi-cloud storage data in a low-altitude unmanned aerial vehicle network according to claim 2, wherein the generating a response proof according to the self-stored coded data block comprises: determining the index of the coded data block to be challenged in the server according to the challenge index in the audit challenge , , Generating a count variable in the process for the challenge index, and And calculate the corresponding weight ; Wherein, the Is a pseudo-random generator; computing challenged coded data blocks : Wherein, the The challenged coded data block stored for the cloud server, Is a die The remaining class of rings is defined as a class of rings, Is an index set; aggregating authentication tags corresponding to the challenged coded data blocks, the authentication tags being Wherein: ; ; In the above-mentioned method, the step of, In order to take the hash value of the random value corresponding to the challenged coded data block as a base and the corresponding weight as an index value, In order to base the label corresponding to the challenged coded data block and to take the corresponding weight as the value of the index, To verify the bilinear group to which the tag belongs; and forming a response proof by aggregating the coded data blocks and the aggregation verification tag.
4. 4. A method for verifying integrity of multi-cloud storage data in a low-altitude unmanned aerial vehicle network according to claim 3, wherein the predetermined verification algorithm is: wherein Q is a verification parameter, , As a master public key of the network, Is the public key of the user and, Is a pair of two-line pairs, and the two-line pairs are arranged on the same plane, Is a generator of a multiplication loop group, Is a fourth hash function, U is the second user public key, where; If the equation is true, the validation contract outputs a validation result as true, and otherwise, outputs false.
5. 5. The method for locating the error of the multi-cloud storage data in the low-altitude unmanned aerial vehicle network, which is realized based on the method for verifying the integrity of the multi-cloud storage data in the low-altitude unmanned aerial vehicle network according to any one of claims 1 to 4, is characterized in that when the verification result determined in the response proof verification stage is not passed, the method is executed: Aiming at low-altitude unmanned aerial vehicle data stored by a plurality of cloud servers in a low-altitude unmanned aerial vehicle network, positioning an error cloud server through a positioning contract deployed on a blockchain, performing integrity verification on a set of the cloud servers based on the preset verification algorithm until all error cloud servers with incomplete stored data are positioned, setting an error cloud server positioning entry through the positioning contract, and providing a transaction for the blockchain; And the error cloud server monitors the block chain to acquire the transaction provided by the block chain, and then performs fragment verification on the local storage of the error cloud server to determine the specific damaged encoded data block.
6. 6. The method for locating multiple cloud storage data errors in a low-altitude unmanned aerial vehicle network according to claim 5, wherein performing integrity verification on the set of the plurality of cloud servers based on the predetermined verification algorithm until all cloud servers with incomplete storage data errors are located comprises: Initializing a candidate index set containing all cloud server indexes and an empty set for collecting error server indexes; Pushing the candidate index set to a management stack; ejecting an index subset to be checked from the management stack, and adding the index of the index subset into an error server set if the size of the index subset is 1, and dividing the index subset into two subsets if the size of the index subset is greater than 1; Carrying out integrity verification on each divided subset by the preset verification algorithm; Pushing the subset which fails to pass the verification into the management stack again, and repeating the processes of popping, dividing and verifying until the stack is empty, so as to obtain a final error cloud server set.
7. 7. The method for locating errors in multi-cloud storage data in a low-altitude unmanned aerial vehicle network according to claim 5, wherein the performing fragment verification on the local storage of the error cloud server to determine the specific damaged encoded data block comprises: the cloud server with error first retrieves the audit target Stored data in (a) Wherein In order to be an anonymous identity, For file name of data file uploaded by unmanned aerial vehicle and defining limited set Wherein, the method comprises the steps of, In order to encode the vector(s), To authenticate the tag; then, the error cloud server initializes an empty set To record data and store complete encoded vectors, and a counter is set and tracks the set ; The error cloud server performs aggregation calculation on the verification tags of the error cloud server to generate a combined coded data block: and two aggregate signatures, denoted as: , ; Wherein, the To error the coded data vector index in the cloud server, W is the first user public key, Is a fourth hash function, i denotes the ith data block, j denotes the jth data sub-block of the ith data block, y is the total number of data sub-blocks, As a hash value of the random value corresponding to the erroneous coded data block, The tag corresponding to the erroneous coded data block is subjected to integrity verification by the following batch verification equation: In the formula, For an encoded data block in the cloud server that is corrupted, e is a bilinear pair, Is a generator of a multiplication loop group, Is a third hash function, U is the second user public key, H is a seventh hash function, Is the master public key; if the above verification equation is satisfied, in the set All indexes in (a) are added to the empty set In (2) and the counter is incremented by one, otherwise, the set With corrupted code vectors and marked and the counter unchanged until each set After verification, the damaged code vector is determined and output 。
8. 8. The method of claim 7, further comprising a corrupted data recovery stage performed after the corrupted encoded data block positioning stage, comprising: the error cloud server initiates data recovery requests to other normal help cloud servers; after receiving recovery metadata which is not less than a minimum threshold value required by data recovery and is returned by the help cloud server, the error cloud server reconstructs original data or correct coded data blocks based on the recovery metadata and a pre-stored coding matrix so as to replace the locally damaged coded data blocks.

Description

Multi-cloud storage data integrity verification and error positioning method in low-altitude unmanned aerial vehicle network Technical Field The invention relates to the technical field of distributed cloud storage, in particular to a method for verifying the integrity and positioning errors of multi-cloud storage data in a low-altitude unmanned aerial vehicle network. Background Along with the acceleration of the digitizing process, low-altitude economy is rapidly developed, and an Unmanned aerial vehicle (Unmaned AERIAL VEHICLE, UAV) has become core equipment for low-altitude information sensing and acquisition by virtue of high mobility and high-precision sensors such as carried visible light cameras, laser radars, multispectral/infrared imaging and the like, and is widely applied to the fields of military reconnaissance, geographical mapping, emergency rescue, environmental monitoring, personal aerial photography and the like. In a single long-endurance task, the unmanned aerial vehicle can generate TB-level high-resolution, full-element and multi-mode task data, and huge pressure is formed on local storage. The traditional scheme relying on the capacity expansion ground server or the self-built data center has the problems of high cost, complex operation and maintenance, easy formation of information islands and the like, and is difficult to support cross-domain cooperation and centralized management. In contrast, cloud storage provides an efficient and durable mass data storage solution for unmanned aerial vehicles by virtue of high expandability, elastic resource scheduling and specialized data management capability, supports remote access, task backtracking and subsequent intelligent analysis, and becomes a key infrastructure for unmanned aerial vehicle task data storage, management and sharing. However, the cloud environment has inherent risks that the cloud server may damage data due to hardware damage, software Bug or human error, and the cloud service provider (Cloud Service Provider, CSP) may also hide abnormal data and even maliciously tamper with and delete key data to destroy the authenticity and integrity of the data due to benefit motivation (including reputation, cost and the like) under a high-countermeasure scene. Therefore, the safe and reliable cloud storage mechanism is built, and effective integrity verification of unmanned aerial vehicle task data is realized, so that the cloud storage mechanism becomes a core requirement for guaranteeing low-altitude task safety. Data integrity verification mechanisms typically introduce a Third party auditor (Third-Party Auditor, TPA) to replace users (drones) to check the integrity of cloud data without downloading the full amount of data. The existing research proposes a large number of data integrity verification schemes, but is mostly based on a single cloud storage architecture, and the risk of permanent loss of data caused by single-point faults exists. To this end, a multi-Cloud multi-copy integrity verification mechanism is proposed that generates multiple copies for the same data file and distributes the copies to different Cloud servers through a centralized Cloud Broker (Cloud Broker), and upon integrity verification, the TPA sends challenge information to the Cloud Broker, which forwards it to each Cloud server and aggregates the returned response certificates. The mechanism improves the reliability and durability of data storage, but the storage of multiple identical copies causes obvious storage resource waste, and in the auditing process, the repeated transmission of multiple certificates greatly increases the network bandwidth overhead and reduces the overall efficiency of the system. Moreover, in terms of security, the existing scheme is difficult to effectively defend collusion attacks among cloud servers. Because each server stores the same copy and the audit challenges are consistent, dishonest cloud agents can selectively forward the challenges and copy and paste valid certificates of other servers, thereby spoofing the TPA for false verification. Disclosure of Invention The invention aims to overcome the defects of the prior art, and provides a multi-cloud storage data integrity verification and error positioning method in a low-altitude unmanned aerial vehicle network, which is based on a Reed-Solomon erasure code, an identity-based cryptosystem, a homomorphic hash function, a binary search algorithm, a uniform (K, N) set on a finite set and a block chain technology, and has the core of constructing a code-driven data distribution storage, integrity verification and damaged data accurate positioning and effective recovery framework. The aim of the invention is realized by the following technical scheme: in a first aspect, the application discloses a method for verifying the integrity of multi-cloud storage data in a low-altitude unmanned aerial vehicle network, In a low-altitude unmanned aerial vehicle network, after regist