无双线性对的云数据完整性验证方案

doi:10.3969/j.issn.1671-1122.2015.07.002

信息网络安全 ›› 2015, Vol. 15 ›› Issue (7): 7-12.doi: 10.3969/j.issn.1671-1122.2015.07.002

无双线性对的云数据完整性验证方案

赵洋, 任化强(), 熊虎, 陈阳

电子科技大学信息与软件工程学院,四川成都 610054

收稿日期:2015-05-11 出版日期:2015-07-01 发布日期:2015-07-28
作者简介:
作者简介：赵洋（1973-）,男,四川,副教授,博士,主要研究方向：网络安全;任化强（1990-）,男,安徽,硕士研究生,主要研究方向：网络安全;熊虎（1982-）,男,四川,副教授,博士,主要研究方向：网络安全;陈阳（1985-）,男,湖北,硕士研究生,主要研究方向：网络安全。
基金资助:
国家自然科学基金[61472064];国家高技术研究发展计划[2015AA016007]

Cloud Data Integrity Verification Scheme without Bilinear Pairing

Yang ZHAO, Hua-qiang REN(), Hu XIONG, Yang CHEN

School of Information and Software Engineering, University of Electronic Science and Technology of China, Chengdu Sichuan 610054, China

Received:2015-05-11 Online:2015-07-01 Published:2015-07-28

摘要/Abstract

摘要：

云存储系统给现代生活带来了便利,用户可以将数据存储在云存储系统中,在不同的地方通过因特网访问云中的数据。但由于云服务器是半可信的,为了保证云数据的完整性和正确性,用户需要对云中的数据进行完整性验证。文章提出了一种无双线性对的云数据完整性验证方案,用户将完整性验证的任务委托给第三方代理执行。第三方代理首先发送挑战信息给云服务器,云服务器根据要挑战的信息生成相应的证据发送给第三方代理进行验证。在验证之前,第三方代理需要将证据发送给重签名服务器进行重签名,然后第三方代理利用自己的私钥对重签名后的证据进行验证,验证失败时,通知用户。由于方案中无双线性对的参与,计算性能要优于现有需要复杂的双线性对运算的方案,同时因为在验证过程中需要代理重签名服务器的参与,所以文中方案能够实现用户对第三方审计者的权利进行撤销的功能。通过最后的安全分析和性能分析可以看出,文中方案是一个高效安全的云数据完整性验证方案。

关键词: 云存储, 数据完整性, 第三方代理审计, 重签名

Abstract:

Cloud storage system brings conveniences to the modern life, the user can store their data in the cloud storage system and access data through the Internet in different places. But due to the cloud server is half credible, in order to ensure the completeness and correctness of the cloud data, the user needs to provable cloud data possession. This paper proposes a cloud data integrity verification scheme without bilinear pairing. The users can entrust a third party agent to audit cloud data. Firstly, the third party agent send challenge information to the cloud server, the cloud server according the information to generate the corresponding proof sent to the third party agent for validation. Before the third party agent audit the proof, it needs to be sent to the re-signature server for re-signature, and then the third party agent using its own private key to verify the proof of re-signature. When audit fails, the third party agent notifies the user. Since the scheme proves without bilinear pairing, the computing performance is superior to the existing scheme which requires expensive bilinear pairing operation. At the same time, because in the audit process it requires the participation of re-signature server, so this scheme can realize the function which the users undo rights of the third party auditor. By security analysis and performance analysis which in the end of this article, we can be seen that this scheme is an efficient security provable data possession scheme.

Key words: cloud storage, data integrity, the third-party audit, re-signature

中图分类号:

TP309

赵洋, 任化强, 熊虎, 陈阳. 无双线性对的云数据完整性验证方案[J]. 信息网络安全, 2015, 15(7): 7-12.

Yang ZHAO, Hua-qiang REN, Hu XIONG, Yang CHEN. Cloud Data Integrity Verification Scheme without Bilinear Pairing[J]. Netinfo Security, 2015, 15(7): 7-12.

图/表 4

参考文献 24

[1]	DESWARTE Y, QUISQUATER J J, SAÏDANE A. Remote integrity checking[M]. Integrity and Internal Control in Information Systems VI, Springer US, 2004: 1-11.
[2]	OPREA A, REITER M K, YANG K.Space-Efficient Block Storage Integrity[C]//Proceedings of the Network and Distributed System Security Symposium, NDSS 2005, California, USA, 2005.
[3]	GAZZONI FILHO D L, BARRETO P S L M. Demonstrating data possession and uncheatable data transfer[R]. IACR Cryptology ePrint Archive, 2006, 2006: 150.
[4]	SEBE F, MARTINEZ-BALLESTE A, DESWARTE Y, et al.Time-bounded remote file integrity checking[R]. Technical Report 04429, LAAS, 2004.
[5]	SCHWARZ T S J, MILLER E L. Store, forget, and check: Using algebraic signatures to check remotely administered storage[C]//IEEE International Conference on Distributed Computing Systems. IEEE Computer Society, 2006: 12.
[6]	ATENIESE G, KAMARA S, KATZ J.Proofs of storage from homomorphic identification protocols[M]. Advances in Cryptology-ASIACRYPT 2009, Springer Berlin Heidelberg, 2009: 319-333.
[7]	ATENIESE G, BURNS R, CURTMOLA R, et al.Provable data possession at untrusted stores[C]//Proceedings of the 14th ACM conference on Computer and communications security. Acm, 2007: 598-609.
[8]	JUELS A, KALISKI JR B S. PORs: Proofs of retrievability for large files[C]//Proceedings of the 14th ACM conference on Computer and communications security. Acm, 2007: 584-597.
[9]	ATENIESE G, DI PIETRO R, MANCINI L V, et al.Scalable and efficient provable data possession[C]//Proceedings of the 4th international conference on Security and privacy in communication netowrks. ACM, 2008: 9.
[10]	ERWAY C, KÜPÇÜ A, PAPAMANTHOU C, et al. Dynamic provable data possession[C]//Proceedings of the 16th ACM conference on Computer and communications security. Acm, 2009: 213-222.
[11]	WANG C, WANG Q, REN K, et al.Privacy-preserving public auditing for data storage security in cloud computing[C]//INFOCOM, 2010 Proceedings IEEE. Ieee, 2010: 1-9.
[12]	WANG Q, WANG C, LI J, et al.Enabling public verifiability and data dynamics for storage security in cloud computing[M]. Computer Security-ESORICS 2009. Springer Berlin Heidelberg, 2009: 355-370.
[13]	ZHU Y, WANG H, HU Z, et al.Dynamic audit services for integrity verification of outsourced storages in clouds[C]//Proceedings of the 2011 ACM Symposium on Applied Computing. ACM, 2011: 1550-1557.
[14]	YANG K, JIA X.An efficient and secure dynamic auditing protocol for data storage in cloud computing[J]. Parallel and Distributed Systems, IEEE Transactions on, 2013, 24(9): 1717-1726.
[15]	CHANG E C, XU J.Remote integrity check with dishonest storage server[M]. Computer Security-ESORICS 2008. Springer Berlin Heidelberg, 2008: 223-237.
[16]	SHAH M A, SWAMINATHAN R, BAKER M.Privacy-Preserving Audit and Extraction of Digital Contents[J]. IACR Cryptology ePrint Archive, 2008, 2008: 186.
[17]	秦志光,吴世坤,熊虎. 云存储服务中数据完整性审计方案综述[J]. 信息网络安全,2014,(7):1-6.
[18]	SHACHAM H, WATERS B.Compact proofs of retrievability[M].Advances in Cryptology-ASIACRYPT 2008. Springer Berlin Heidelberg, 2008: 90-107.
[19]	BOWERS K D, JUELS A, OPREA A.HAIL: a high-availability and integrity layer for cloud storage[C]//Proceedings of the 16th ACM conference on Computer and communications security. ACM, 2009: 187-198.
[20]	BOWERS K D, JUELS A, OPREA A.Proofs of retrievability: Theory and implementation[C]//Proceedings of the 2009 ACM workshop on Cloud computing security. ACM, 2009: 43-54.
[21]	BONEH D, LYNN B, SHACHAM H.Short signatures from the Weil pairing[M]. Advances in Cryptology—ASIACRYPT 2001. Springer Berlin Heidelberg, 2001: 514-532.
[22]	MERKLE R C.Protocols for public key cryptosystems[C]//2012 IEEE Symposium on Security and Privacy. IEEE Computer Society, 1980: 122-122.
[23]	陈亮,陈性元,孙奕,等. 代理重签名研究进展[J]. 计算机应用研究,2014,31(1):23-27.
[24]	FABER J.Measuring cooperation, conflict, and the social network of nations[J]. Journal of Conflict Resolution, 1987, 31(3): 438-464.

无双线性对的云数据完整性验证方案

Cloud Data Integrity Verification Scheme without Bilinear Pairing

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 4

参考文献 24

相关文章 15

编辑推荐

Metrics

本文评价

[1]	李晓冉, 郝蓉, 于佳. 具有数据上传管控的无证书可证明数据持有方案[J]. 信息网络安全, 2020, 20(1): 83-88.
[2]	刘建华, 郑晓坤, 郑东, 敖章衡. 基于属性加密且支持密文检索的安全云存储系统[J]. 信息网络安全, 2019, 19(7): 50-58.
[3]	侯林, 李明洁, 徐剑, 周福才. 基于变长认证跳表的分布式动态数据持有证明模型[J]. 信息网络安全, 2019, 19(7): 67-74.
[4]	秦中元, 韩尹, 张群芳, 朱雪金. 一种改进的多私钥生成中心云存储访问控制方案[J]. 信息网络安全, 2019, 19(6): 11-18.
[5]	邵必林, 李肖俊, 边根庆, 赵煜. 云存储数据完整性审计技术研究综述[J]. 信息网络安全, 2019, 19(6): 28-36.
[6]	黑一鸣, 刘建伟, 张宗洋, 喻辉. 基于区块链的可公开验证分布式云存储系统[J]. 信息网络安全, 2019, 19(3): 52-60.
[7]	李帅, 刘晓洁, 徐兵. 一种基于目录哈希树的磁盘数据同步方法研究[J]. 信息网络安全, 2019, 19(2): 53-59.
[8]	赵星, 王晓东, 张串绒. 一种基于数据漂移的动态云安全存储机制[J]. 信息网络安全, 2019, 19(10): 65-73.
[9]	秦中元, 韩尹, 朱雪金. 基于改进DGHV算法的云存储密文全文检索研究[J]. 信息网络安全, 2019, 19(1): 8-8.
[10]	鲁秀青, 咸鹤群. 云存储中基于用户授权的大数据完整性审计方案[J]. 信息网络安全, 2018, 18(4): 32-37.
[11]	马苗立, 张洪波, 丁卫颖. 基于字节级优化更新的云存储增量式网络编码方法研究[J]. 信息网络安全, 2018, 18(11): 18-26.
[12]	周悦, 王威, 宋红波, 何泾沙. 云平台下数据完整性验证方案设计[J]. 信息网络安全, 2018, 18(11): 57-65.
[13]	赵萌, 丁勇, 王玉珏. 指定审计员的云数据安全存储方案[J]. 信息网络安全, 2018, 18(11): 66-72.
[14]	姜红, 亢保元, 李春青. 改进的保护身份的云共享数据完整性公开审计方案[J]. 信息网络安全, 2018, 18(10): 85-91.
[15]	张键红, 孟宏欣. 云存储中一种基于链表的动态去重方案研究[J]. 信息网络安全, 2017, 17(8): 14-18.