| 一种面向云存储的数据动态验证方案 |
| |
| 引用本文: | 李树全,刘磊,朱大勇,熊超,李锐.一种面向云存储的数据动态验证方案[J].计算机科学,2020,47(2):256-261. |
| |
| 作者姓名: | 李树全 刘磊 朱大勇 熊超 李锐 |
| |
| 作者单位: | 电子科技大学信息与软件工程学院 成都 610054;电子科技大学信息与软件工程学院 成都 610054;电子科技大学信息与软件工程学院 成都 610054;电子科技大学信息与软件工程学院 成都 610054;电子科技大学信息与软件工程学院 成都 610054 |
| |
| 摘 要: | 云存储是一种新型的数据存储体系结构,云储存中数据的安全性、易管理性等也面临着新的挑战。由于用户在本地不再保留任何数据副本,无法确保云中数据的完整性,因此保护云端数据的完整性是云数据安全性研究的重点方向。数据完整性证明(Provable Data Integrity,PDI)被认为是解决这一问题的重要手段。文中提出了一种面向云存储环境的、基于格的数据完整性验证方案。本方案在已有研究的基础上,基于带权默克尔树(Ranked Merkle Hash Tree,RMHT),实现了云数据的动态验证。方案实现了数据粒度的签名,降低了用户方生成认证标签所需的消耗;引入RMHT对数据进行更改验证,支持数据动态更新;具有较强的隐私保护能力,在验证过程中对用户的原始数据进行盲化,使得第三方无法获取用户的真实数据信息,用户的数据隐私得到了有效的保护。此外,为了防止恶意第三方对云服务器发动拒绝服务攻击,方案中只有授权的第三方才能对用户数据进行完整性验证,这在保护云服务器安全的同时也保障了用户数据的隐私性。安全分析和性能分析表明,该方案不仅具有不可伪造性、隐私保护等特性,其签名计算量也优于同类算法。
|
| 关 键 词: | 云存储 公开验证 格密码 带权默克尔树 授权验证 |
Protocol of Dynamic Provable Data Integrity for Cloud Storage |
| |
| LI Shu-quan,LIU Lei,ZHU Da-yong,XIONG Chao,LI Rui.Protocol of Dynamic Provable Data Integrity for Cloud Storage[J].Computer Science,2020,47(2):256-261. |
| |
| Authors: | LI Shu-quan LIU Lei ZHU Da-yong XIONG Chao LI Rui |
| |
| Affiliation: | (School of Information and Software Engineering,University of Electronic Science and Technology of China,Chengdu 610054,China) |
| |
| Abstract: | Cloud storage is a novel data storage architecture.The security and manageability of data in cloud storage are also facing new challenges.Because users no longer store any copies of the data in their local memory,they cannot fully ensure whether the outsourced data are intact overall.How to protect the data integrity in the cloud has become a hot topic in academic research.The protocol of Provable Data Integrity(PDI)was considered to be the main method to solve this problem,this paper presented lattice-based provable data integrity for checking the integrity of the data in the cloud.The proposed scheme realizes the dynamic data verification by incorporating the idea of Ranked Merkle Hash Tree(RMHT)and lattice-based technology.The scheme realizes the fine-grained signature and reduces the computational cost required by the user to generate the authentication tag.The scheme introduces the RMHT to perform the modification verification of the data and supports the dynamic update of the data.It has strong privacy protection capability,blinds the user's original data during the verification process,and the third party cannot obtain user's real data information.Moreover,in order to prevent malicious third parties from launching denial-of-service attacks on cloud servers,only authorized third parties can verify the integrity of user data.Finally,security analysis and performance ana-lysis show that the proposed scheme not only has characteristics of unforgeability and privacy protection,but also greatly reduces the computational cost of signature. |
| |
| Keywords: | Cloud storage Public verification Lattice-based cryptography Ranked merkle hash tree(RMHT) Authorization checking |
| 本文献已被 维普 万方数据 等数据库收录! |
|
