用于云存储的主动秘密共享方案

doi:10.3969/j.issn.1671-1122.2023.05.010

摘要/Abstract

摘要：

文章提出了一种可用于云存储场景的多秘密共享方案，该方案基于门限密码学和主动安全技术，旨在保证数据在较长时间内的存储安全。该方案首先将用户上传的机密数据拆分成多个秘密，并对这些秘密进行秘密共享。然后选择不同的云服务提供商对共享后的影子份额分别进行存储，从而满足（k,n）阈值方案的安全性。在这个过程中，秘密分发者负责对秘密进行分发和共享，并确保每个云服务提供商只持有一部分数据的影子份额。为了保证系统的安全性，该方案在份额更新和验证阶段采用周期性的策略，使得攻击者只有在一个更新周期内攻破不小于k个云服务提供商，才能获取原秘密或关于它的信息。该方案不仅避免了各云服务商之间的直接交互，降低了云存储服务商间的通信交互代价，而且采用门限密码学和主动安全技术，保证了系统的安全性和数据的长时安全存储。通过与其他方案的对比分析证明了文章所提方案效率更高，更适合存储大规模秘密数据。

关键词: 云存储, 多秘密共享, 主动安全, 机密数据

Abstract:

The article proposed a multi-secret sharing method that can be used in cloud storage scenarios. The solution was based on gated cryptography and active security technology and was designed to ensure secure storage of data over long periods of time. In this scheme, the confidential data uploaded by the user was first split into multi secrets, and these secrets were shared secretly. Then, the shadow shares after sharing were selected separately for stored by different cloud service providers, thus satisfying the security of the (k,n) threshold scheme. In this process, the secret distributor was responsible for distributing and sharing the secrets and ensuring that each cloud service provider helds only a shadow share of a portion of the data. To ensure the security of the system, the scheme used a cyclic policy in share update and verification phase such that an attacker can only gain access to the original secret or any information about it if he compromised no less than k cloud service providers in one update cycle. Notably, the scheme avoid direct interaction between various cloud providers, thus reducing the cost of communication interactions between cloud storage providers. At the same time, the scheme used threshold cryptography and active security technology, which can ensure the security of the system and the long-time secure storage of data. The comparative analysis with other schemes proves that the scheme proposed in the paper is more efficient and more suitable for storing large-scale secret data.

Key words: cloud storage, multi-secret sharing, proactive safety, confidential data

中图分类号:

TP309

裴蓓, 张水海, 吕春利. 用于云存储的主动秘密共享方案[J]. 信息网络安全, 2023, 23(5): 95-104.

PEI Bei, ZHANG Shuihai, LYU Chunli. A Proactive Multi-Secret Sharing Scheme for Cloud Storage[J]. Netinfo Security, 2023, 23(5): 95-104.

图/表 4

表1

表2

表3

表4

参考文献 38

[1]	SHEN Changhong, ZHANG Bo, ZENG Zichuan, et al. Cloud Data Confidentiality Protection and Integrity Verification Scheme[J]. Journal of Computer Applications, 2016, 36(S2): 54-56, 65.
	申长虹, 张博, 曾子川, 等. 云数据机密性保护和完整性验证方案[J]. 计算机用, 2016, 36(S2): 54-56, 65.
[2]	SHAMIR A. How to Share a Secret[J]. Communications of the ACM, 1979, 22(11): 612-613. doi: 10.1145/359168.359176 URL
[3]	BLAKLEY G R. Safeguarding Cryptographic Keys[C]// IEEE. Proceedings of AFIPS National Computer Conference. New York: IEEE, 1979: 313-318.
[4]	MIGNOTTE M. How to Share a Secret[C]// Springer. Workshop on Cryptography. Berlin:Springer, 1982: 371-375.
[5]	ASMUTH C, BLOOM J. A Modular Approach to Key Safeguarding[J]. IEEE Transactions on Information Theory, 1983, 29(2): 208-210. doi: 10.1109/TIT.1983.1056651 URL
[6]	HINEMAN A, BLAUM M. A Modified Shamir Secret Sharing Scheme with Efficient Encoding[J]. IEEE Communications Letters, 2022, 26(4): 758-7625. doi: 10.1109/LCOMM.2022.3144375 URL
[7]	RONG Huigui, MO Jinxia, CHANG Bingguo, et al. Key Distribution and Recovery Algorithm Based on Shamir’s Secret Sharing[J]. Journal on Communications, 2015, 36(3): 64-73.
	荣辉桂, 莫进侠, 常炳国, 等. 基于Shamir秘密共享的密钥分发与恢复算法[J]. 通信学报, 2015, 36(3): 64-73.
[8]	CHOR B, GOLDWASSER S, MICALI S, et al. Verifiable Secret Sharing and Achieving Simultaneous Broadcast[C]// IEEE. Proceedings of the 26th Symposium on Foundations of Computer Science. New York: IEEE, 1985: 335-344.
[9]	FELDMAN P. A Practical Scheme for Non-Interactive Verifiable Secret Sharing[C]// IEEE. Proceedings of the 28th Annual Symposium on Foundations of Computer Science. New York: IEEE, 1987: 427-438.
[10]	YUAN Jiangtao, YANG Jing, WANG Chenyu, et al. A New Efficient Hierarchical Multi-Secret Sharing Scheme Based on Linear Homogeneous Recurrence Relations[J]. Information Sciences, 2022, 592: 36-49. doi: 10.1016/j.ins.2022.01.053 URL
[11]	KIAMARI N, HADIAN M, MASHHADI S. Non-Interactive Verifiable LWE-Based Multi Secret Sharing Scheme[J]. Multimedia Tools and Applications, 2022, 7: 1-13.
[12]	KAYA K, SELÇUK A A. A Verifiable Secret Sharing Scheme Based on the Chinese Remainder Theorem[C]// Springer. International Conference on Cryptology in India. Berlin:Springer, 2008: 414-425.
[13]	OSTROVSKY R, YUNG M. How to Withstand Mobile Virus Attacks[C]// ACM. Proceedings of the 10th ACM Symposium on Principles of Distributed Computing. New York: ACM, 1991: 51-59.
[14]	HERZBERG A, JARECKI S, KRAWCZYK H, et al. Proactive Secret Sharing or: How to Cope with Perpetual Leakage[C]// Springer. International Cryptology Conference. Berlin:Springer, 1995: 339-352.
[15]	FENG Bin, GUO Cheng, LI Mingchu, et al. A Novel Proactive Multi-Secret Sharing Scheme[J]. International Journal of Network Security, 2015, 17(2): 123-128.
[16]	ZOU Hui, WANG Jiandong. Multi-Level Threshold Multi-Secret Sharing Scheme with Proactive Security[J]. Journal of Computer Applications, 2009, 29(8): 2218-2219, 2232. doi: 10.3724/SP.J.1087.2009.02218 URL
	邹慧, 王建东. 动态安全的多级门限多秘密共享方案[J]. 计算机应用, 2009, 29(8):2218-2219, 2232.
[17]	ZHOU Lidong, SCHNEIDER F B, Renesse R V. APSS: Proactive Secret Sharing in Asynchronous Systems[J]. ACM Transactions on Information and System Security (TISSEC), 2005, 8(3): 259-286. doi: 10.1145/1085126.1085127 URL
[18]	SCHULTZ D, LISKOV B, LISKOV M. MPSS: Mobile Proactive Secret Sharing[J]. ACM Transactions on Information and System Security (TISSEC), 2010, 13(4): 1-32.
[19]	BARON J, DEFRAWY K E, LAMPKINS J, et al. Communication-Optimal Proactive Secret Sharing for Dynamic Groups[C]// Springer. Proceedings of the 13th International Conference on Applied Cryptography and Network Security (ACNS 2015). Berlin:Springer, 2015: 23-41.
[20]	QIN Huawang, DAI Yuewei. Proactive Quantum Secret Sharing[J]. Quantum Information Processing, 2015, 14(11): 4237-4244. doi: 10.1007/s11128-015-1106-x URL
[21]	TAN Shuang, JIA Yan, HAN Weihong. Research and Development of Provable Data Integrity in Cloud Storage[J]. Chinese Journal of Computers, 2015, 38(1): 164-177.
	谭霜, 贾焰, 韩伟红. 云存储中的数据完整性证明研究及进展[J]. 计算机学报, 2015, 38(1): 164-177.
[22]	ATENIESE G, BURNS R, CURTMOLA R, et al. Provable Data Possession at Untrusted Stores[C]// ACM. Proceedings of the 14th ACM Conference on Computer and Communications Security. New York: ACM, 2007: 598-609.
[23]	BOWERS K D, JUELS A, OPREA A. HAIL: A High-Availability and Integrity Layer for Cloud Storage[C]// ACM. Proceedings of the 16th ACM Conference on Computer and Communications Scurity. New York: ACM, 2009: 187-198.
[24]	YANG Yang, CHEN Yanjiao, CHEN Fei, et al. Efficient Identity-Based Provable Data Possession Protocol with Compressed Cloud Storage[J]. IEEE Transactions on Information Forensics and Security, 2022, 17: 1359-1371. doi: 10.1109/TIFS.2022.3159152 URL
[25]	ERWAY C C, KUPÇU A, PAPAMANTHOU C, et al. Dynamic Provable Data Possession[J]. ACM Transactions on Information and System Security (TISSEC), 2015, 17(4): 1-29.
[26]	WANG Qian, WANG Cong, LI Jin, et al. Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing[C]// Springer. European Symposium on Research in Computer Security. Berlin:Springer, 2009: 355-370.
[27]	JUELS A, KALISKI J B S. PORs: Proofs of Retrievability for Large Files[C]// ACM. Proceedings of the 14th ACM Conference on Computer and Communications Security. New York: ACM, 2007: 584-597.
[28]	SHACHAM H, WATERS B. Compact Proofs of Retrievability[C]// Springer. International Conference on the Theory and Application of Cryptology and Information Security. Berlin:Springer, 2008: 90-107.
[29]	LUO Fucai, AL-KUWARI S, LIN Changlu, et al. Provable Data Possession Schemes from Standard Lattices for Cloud Computing[J]. The Computer Journal, 2022, 65(12): 3223-3239. doi: 10.1093/comjnl/bxab190 URL
[30]	ZHANG Shuihai, WANG Jingfu, ZHANG Yan, et al. An Efficient Proactive Secret Sharing Scheme for Cloud Storage[C]// Springer. International Conference on Applied Cryptography and Network Security. Berlin:Springer, 2021: 346-357.
[31]	TSENG Y F, LIN Yanbin. A Novel Undeniable (t, n)-Threshold Signature with Cheater Identification[EB/OL]. (2022-05-29)[2022-12-03]. https://doi.org/10.3390/sym14061118.
[32]	ZHENG Wei. Research on Rational Secure Multi-Party Computing Protocol Based on Secret Sharing Under Multiple Mechanisms[D]. Beijing: Beijing University of Technology, 2019.
	郑炜. 多种机制下基于秘密共享的理性安全多方计算协议的研究[D]. 北京: 北京工业大学, 2019.
[33]	HOSAM O, YUAN Fanbin. A Comprehensive Analysis of Trusted Execution Environments[C]// IEEE. 2022 8th International Conference on Information Technology Trends (ITT). New York: IEEE, 2022: 61-66.
[34]	WANG Juan, FAN Chengyang, CHENG Yueqiang, et al. Analysis and Research of SGX Technology[J]. Journal of Software, 2018, 29(9): 2778-2798.
	王鹃, 樊成阳, 程越强, 等. SGX技术的分析和研究[J]. 软件学报, 2018, 29(9): 2778-2798.
[35]	LI Fulin, LIU Yang, YAN Jiayun, et al. A New Fair Multi-Secret Sharing Scheme Based on Asymmetric Bivariate Polynomial[J]. Cryptography and Communications, 2022, 14(5): 1039-1053. doi: 10.1007/s12095-022-00576-5
[36]	LI Fulin, HU Hang, ZHU Shixin, et al. A Fully Dynamic Multi-Secret Sharing Scheme with Redundant Authorization[J]. Cryptography and Communications, 2022, 11(8): 1-18. doi: 10.1007/s12095-018-0341-2
[37]	MASHAHDIS, BAGHERPOUR B, ZAGHIAN A. A Non-Interactive (t, n)- Publicly Verifiable Multi-Eecret Sharing Scheme[J]. Designs, Codes and Cryptography, 2022, 90(8): 1761-1782. doi: 10.1007/s10623-022-01082-8
[38]	MUNFAATI R H, GURITMAN S, SILALAHI B P. Application of Recursive Algorithm on Shamir’s Scheme Reconstruction for Cheating Detection and Identification[J]. Jambura Journal of Mathematics, 2022, 4(1): 126-134.

方案	是否可验证	是否可刷新	是否支持多秘密
文献[2]方案	否	否	否
文献[9]方案	是	否	否
文献[14]方案	是	是	否
文献[15]方案	是	是	是
文献[6]方案	否	否	否
文献[10]方案	否	否	是
文献[11]方案	是	否	是

方案	基本原理	类型
文献[27]方案	哨兵	POR
文献[28]方案	容错编码	POR
文献[26]方案	Merkle哈希树	PDP
文献[25]方案	动态数据结构	PDP
文献[24]方案	存储审计	PDP
文献[29]方案	格理论编码	PDP

角色	含义
秘密分发者$D$	系统的初始参与角色，负责系统的初始化工作，包括设置各种参数、分割数据等
验证者${{B}_{1}},{{B}_{2}},\cdots,{{B}_{l}}$	作为可信第三方参与系统的份额验证工作，定期验证份额是否正确
云服务商${{U}_{r}}$	参与存储秘密数据的云服务提供商

方案	是否需要可信第三方	是否支持多秘密共享	是否支持数据完整性验证	是否支持更新份额
文献[14]方案	是	否	否	是
文献[15]方案	是	是	否	是
文献[35]方案	是	是	否	否
文献[36]方案	是	是	否	否
文献[37]方案	否	是	否	是
文献[38]方案	否	否	否	是
本文方案	是	是	是	是