| 云加密数据安全重复删除方法 |
| |
| 引用本文: | 张曙光,咸鹤群,王利明,刘红燕.云加密数据安全重复删除方法[J].软件学报,2019,30(12):3815-3828. |
| |
| 作者姓名: | 张曙光 咸鹤群 王利明 刘红燕 |
| |
| 作者单位: | 青岛大学 计算机科学技术学院, 山东 青岛 266071;广西密码学与信息安全重点实验室(桂林电子科技大学), 广西 桂林 541004;中国科学院 信息工程研究所 第五研究室, 北京 100093,青岛大学 计算机科学技术学院, 山东 青岛 266071;广西密码学与信息安全重点实验室(桂林电子科技大学), 广西 桂林 541004,中国科学院 信息工程研究所 第五研究室, 北京 100093,青岛大学 计算机科学技术学院, 山东 青岛 266071 |
| |
| 基金项目: | 国家自然科学基金(61702294);山东省自然科学基金(ZR2019MF058);广西密码学与信息安全重点实验室研究课题(GCIS201722);赛尔网络下一代互联网技术创新项目(NGII20170414) |
| |
| 摘 要: | 在云环境存储模式中,采用用户端数据加密虽然能够有效降低数据的存储安全风险,但同时会使云服务商丧失重复数据鉴别能力,导致存储开销随数据量增大而不断攀升.加密数据重复删除技术是解决该问题的方法之一,现有方案通常基于可信第三方设计,安全性假设过强,执行效率较低.基于椭圆曲线与密文策略属性加密两种高安全密码学原语,构造了重复加密数据识别与离线密钥共享两种安全算法,进而实现一种无需初始数据上传用户与可信第三方实时在线的加密数据重复删除方法.详细的安全性与仿真实验分析,证明该方法不仅实现数据的语义安全,同时能够保证系统的高效率运行.
|
| 关 键 词: | 加密数据重复删除 椭圆曲线 密文策略属性加密 数据流行度 |
| 收稿时间: | 2018/2/6 0:00:00 |
| 修稿时间: | 2018/5/22 0:00:00 |
Secure Cloud Encrypted Data Deduplication Method |
| |
| ZHANG Shu-Guang,XIAN He-Qun,WANG Li-Ming and LIU Hong-Yan.Secure Cloud Encrypted Data Deduplication Method[J].Journal of Software,2019,30(12):3815-3828. |
| |
| Authors: | ZHANG Shu-Guang XIAN He-Qun WANG Li-Ming and LIU Hong-Yan |
| |
| Affiliation: | College of Computer Science and Technology, Qingdao University, Qingdao 266071, China;Guangxi Key Laboratory of Cryptography and Information Security(Guilin University of Electronic Technology), Guilin 541004, China;The Fifth Research Laboratory, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China,College of Computer Science and Technology, Qingdao University, Qingdao 266071, China;Guangxi Key Laboratory of Cryptography and Information Security(Guilin University of Electronic Technology), Guilin 541004, China,The Fifth Research Laboratory, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China and College of Computer Science and Technology, Qingdao University, Qingdao 266071, China |
| |
| Abstract: | Deduplication states that only one copy of the same data is stored in the cloud server. In order to protect data privacy, users usually encrypt their data before uploading them. When encrypted with different keys, the same data may have different ciphertext results. It is difficult for the cloud server to identify and eliminate the duplicate copies. Most current solutions to the problem rely heavily on online trusted third parties, resulting in unsatisfying efficiency and security. A secure cloud encrypted data deduplication scheme is proposed, which supports offline key deliver. By constructing a duplicate check tag, it can be verified whether encrypted data originate from the same plaintext data. The ciphertext policy attribute based encryption is used to ensure the check tag is securely generated. The initial uploader of some specific data is able to deliver the encryption key to the subsequent uploaders via the cloud server in an offline manner. Deduplication can be completed without online participation of any trusted third party. Security analysis and proving are presented. The feasibility and efficiency of the scheme are verified via simulation experiments. |
| |
| Keywords: | encryption data deduplication elliptic curve ciphertext policy attribute based encryption (cp-abe) data popularity |
|
| 点击此处可从《软件学报》浏览原始摘要信息 |
|
点击此处可从《软件学报》下载全文 |
|
