基于Paillier加密的数据多副本持有性验证方案

云存储服务中,用户将数据存储在不可信的云储存服务器上,为检查云存储中服务提供商(CSP)是否按协议完整地存储了用户的所有数据副本,提出一种 支持对数据副本进行动态操作 的基于Paillier加密的数据多副本持有性验证方案, 即DMR-PDP方案。该方案为实现多副本检查,将文件块以文件副本形式存储在云服务器上,将各副本编号与文件连接后利用Paillier密码系统生成副本文件以防止CSP各服务器的合谋攻击。利用BLS签名实现对所有副本的批量验证。将文件标志和块位置信息添加到数据块标签中,以保证本方案的安全性,支持对文件的动态更新操作。安全性分析和仿真实验结果表明,该方案在安全性、通信和计算开销方面的性能优于其他文献提出的方案,极大地提高了文件存储和验证的效率,减少了计算开销。

Multiple-replica Provable Data Possession Based on Paillier Encryption

In cloud storage service,the user data are stored in untrusted cloud storage server and faced with security threat.In order to check whether all the file replicas are stored by the CSP intactly,a multiple-replica provable data possession scheme based on Paillier encryption and supporting the dynamic operation of data replica was proposed,namely the DMR-PDP scheme.To realize multiple-replica check,the file blocks are stored in the cloud server in the form of co-pies,and differentiable replicas are generated by using Paillier encryption system to encrypt the concatenation of the serial numbers of replicas and the file.The verifying tags are generated by BLS signature,which can batch checking of all replicas.The information of file identification and block position are added into the block tags to prevent both of the replacing and replay attacks from the CSP.The security analysis and simulation results show that the scheme is better than other literature methods in terms of security,communications and computational overhead,greatly improves the efficiency of file storage and validation,and reduces the computational overhead.