一种基于代数签名的云存储完整性审计方案研究

doi:10.3969/j.issn.1671-1122.2017.10.011

信息网络安全 ›› 2017, Vol. 17 ›› Issue (10): 69-74.doi: 10.3969/j.issn.1671-1122.2017.10.011

一种基于代数签名的云存储完整性审计方案研究

侯慧莹¹, 于佳^1,^2,³(), 郝蓉¹

1. 青岛大学计算机科学技术学院,山东青岛266071
2.中国科学院信息工程研究所信息安全国家重点实验室, 北京100093
3. 南京信息工程大学计算机与软件学院,江苏南京210044

收稿日期:2017-06-07 出版日期:2017-10-10 发布日期:2020-05-12
作者简介:
作者简介：侯慧莹（1992—）,女,山东,硕士研究生,主要研究方向为云计算;于佳（1976—）,男,山东,教授,博士,主要研究方向为密码学、云计算安全、大数据安全、网络安全;郝蓉（1976—）,女,山东,实验师,本科,主要研究方向为信息安全。
基金资助:
国家自然科学基金[61572267,61272425];“十三五”国家密码发展基金[MMJJ201301011];中国科学院信息工程研究所信息安全国家重点实验室开放课题[2016-MS-23,2017-MS-21]

Research on an Integrity Auditing Scheme Based on Algebraic Signature in Cloud Storage

Huiying HOU¹, Jia YU^1,^2,³(), Rong HAO¹

1.College of Computer Science and Technology, Qingdao University, Qingdao Shandong 266071, China
2.State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China
3.School of Computer and Software, Nanjing University of Information Engineering, Nanjing Jiangsu 210044, China

Received:2017-06-07 Online:2017-10-10 Published:2020-05-12

摘要/Abstract

摘要：

在云存储系统中,安全和效率是两个重要问题。为了解决这两个问题,许多支持数据删重的云存储完整性审计方案被提出。在以往方案中,用户需要为每一个文件块计算一个基于BLS短签名或者RSA签名技术的同态认证器。这样可能会给用户带来比较大的计算负担,尤其当外包数据特别大时。文章使用代数签名技术为每个文件块产生认证器。因为在计算代数签名的过程中大多数操作是异或操作,因此只需要很小的计算开销。此外,方案支持数据所有权的动态变化。当用户对数据进行删除或修改操作后,他就不再是该数据合法的拥有者,不能再正确访问该数据。实验表明,文章方案是安全和高效的。

关键词: 数据删重, 代数签名, 完整性审计

Abstract:

In cloud storage system, security and efficiency are two important issues. In order to solve these problems simultaneously, many cloud storage integrity auditing schemes that support data deduplication are proposed. In most of the previous schemes, the user has to generate a homomorphism authenticator based on BLS signature or RSA signature for each file block, which incurs high overhead for the user especially when the outsourcing data is very big. This paper uses the algebraic signature technique to generate authenticator for each file block. Because most operations of algebraic signature are XOR operations, only minimal computational overhead is required. In addition, the scheme supports dynamic changes in data ownership. When the user performs deletion or modification operation, he is no longer the legal owner of the data, and does not have right to access the data. The experimental results show that the scheme is secure and efficient.

Key words: data deduplication, algebraic signature, integrity auditing

中图分类号:

TP309

侯慧莹, 于佳, 郝蓉. 一种基于代数签名的云存储完整性审计方案研究[J]. 信息网络安全, 2017, 17(10): 69-74.

Huiying HOU, Jia YU, Rong HAO. Research on an Integrity Auditing Scheme Based on Algebraic Signature in Cloud Storage[J]. Netinfo Security, 2017, 17(10): 69-74.

图/表 7

图1

图2

图3

图4

图5

图6

图7

参考文献 20

[1]	LIU Chang, RANJIAN R, ZHANG Xuyun, et al.Public Auditing for Big Data Storage in Cloud Computing-A Survey[C]//IEEE.2013 IEEE 16th International Conference on Computational Science and Engineering (CSE), March 6, 2014. Sydney, NSW, Australia.NJ:IEEE, 2013:1128-1135.
[2]	YU Jia., REN Kui., WANG Cong,et al.Enabling Cloud Storage Auditing with Key-Exposure Resistance[J]. IEEE Transactions on Information Forensics & Security, 2017, 10(6):1167-1179.
[3]	YU Jia, REN Kui, WANG Cong.Enabling Cloud Storage Auditing with Verifiable Outsourcing of Key Updates[J]. IEEE Transactions on Information Forensics & Security, 2016, 11(6):1362-1375.
[4]	唐春明, 郑晓龙. 云计算中一种对大群组用户的隐私保护公共审计方案[J]. 信息网络安全, 2015(2): 19-25.
[5]	YANG Guangyang, YU Jia, SHEN Wenting, et al.Enabling Public Auditing for Shared Data in Cloud Storage Supporting Identity Privacy and Traceability[J].Journal of Systems and Software, 2016(113): 130-139.
[6]	SHEN Wenting, YU Jia, XIA Hui, et al.Light-weight and Privacy-preserving Secure Cloud Auditing Scheme for Group Users via the Third Party Medium[J].Journal of Network and Computer Applications, 2017(82): 56-64.
[7]	WANG Cong, CHOW S S M, WANG Qian, et al. Privacy Preserving Public Auditing for Secure Cloud Storage[J]. IEEE Transactions on Computers, 2013(62): 362-375.
[8]	WANG Cong, WANG Qian, REN Kui, et al.Privacy-Preserving Public Auditing for Data Storage Security in Cloud Computing[C]//IEEE.Proceedings of IEEE INFOCOM 2010, March 14-19, 2010. San Diego, CA, USA.NJ:IEEE,2010:525-533.
[9]	赵洋, 任化强, 熊虎, 等. 基于更新树的动态云数据审计方案[J]. 信息网络安全, 2015 (12): 1-7.
[10]	WANG Huaqun, HE Debiao, TANG Shaohua.Identity-Based Proxy-Oriented Data Uploading and Remote Data Integrity Checking in Public Cloud[J].IEEE Transactions on Information Forensics and Security, 2016(11): 1165-1176.
[11]	YU Jia, WANG Huaqun.Strong Key-Exposure Resilient Auditing for Secure Cloud Storage[J]. IEEE Transactions on Information forensics and security, 2017(12): 1931-1940.
[12]	秦志光,吴世坤,熊虎. 云存储服务中数据完整性审计方案综述[J]. 信息网络安全, 2014(7): 1-6.
[13]	GANTZ J, REINSEL D. The Digital Universe Decade-Are You Ready?[EB/OL]. .
[14]	HALEVI S, HARNIK D, PINKAS B, et al.Proofs of Ownership in Remote Storage Systems[C]//ACM.Proceedings of the 18th ACM Conference on Computer and Communications Security, October 17 - 21, 2011. Chicago, Illinois, USA. New York: ACM,2011: 491-500.
[15]	PIETRO R D,SORNIOTTI A.Boosting Efficiency and Security in Proof of Ownership for Deduplication[C]//ACM.Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security, May 2-4, 2012. Seoul, Korea. New York:ACM, 2012: 81-82.
[16]	ZHENG Qingji, XU Shouhuai.Secure and Efficient Proof of Storage with Deduplication[C]//ACM. Proceedings of the Second ACM Conference on Data and Application Security and Privacy, February 7 - 9, 2012. San Antonio, Texas, USA. New York: ACM, 2012: 1-12.
[17]	YUAN Jiawei, YU Shucheng.Secure and Constant Cost Public Cloud Storage Auditing with Deduplication[C]//IEEE.2013 IEEE Conference on Communications and Network Security (CNS), October 14-16, 2013. National Harbor, MD, USA.NJ:IEEE, 2013: 145-153.
[18]	LI Jingwei, LI Jin, XIE Dongqing, et al.Secure Auditing and Deduplicating Data in Cloud[J].IEEE Transactions on Computers, 2016, 65(8):2386-2396.
[19]	LITWIN W, SCHWARZ T.Algebraic Signatures for Scalable Distributed Data Structures[C]//IEEE.Twentieth IEEE International Conference on Data Engineering, April 2, 2004. Boston, MA, USA.NJ:IEEE, 2004: 412-423.
[20]	Pairing-Based Cryptography(PBC) Library,2017-5-20.

一种基于代数签名的云存储完整性审计方案研究

Research on an Integrity Auditing Scheme Based on Algebraic Signature in Cloud Storage

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 7

参考文献 20

相关文章 2

编辑推荐

Metrics

本文评价

[1]	柏建丽, 李晓冉, 郝蓉, 于佳. 云环境下基于代数签名的支持所有权动态变更的安全审计和去冗方案[J]. 信息网络安全, 2018, 18(8): 50-55.
[2]	边根庆, 邵必林, 蔡皖东, 王栋. 云环境下支持数据动态更新的多副本数据完整性审计方法研究[J]. 信息网络安全, 2017, 17(10): 22-28.