摘要
可去重云存储系统中一般采用收敛加密算法,通过计算数据的哈希值作为其加密密钥,使得重复的数据加密后得到相同的密文,可实现对重复数据的删除;然后通过所有权证明(Po W),验证用户数据的真实性来保障数据安全。针对可去重云存储系统中所有权证明时间开销过高导致整个系统性能下降问题,提出了一种基于布隆过滤器进行所有权证明的高效安全方法,实现用户计算哈希值与初始化值的快速验证。最后,提出一种支持细粒度重复数据删除的BF方案,当文件级数据存在重复时进行所有权证明,否则只需要进行局部的文件块级数据重复检测。通过仿真对比实验,结果表明所提BF方案空间开销低于经典Baseline方案,同时时间开销低于经典Baseline方案,在数据文件越大的情况下性能优势更加明显。
Convergent encryption algorithm is generally used in deduplication cloud storage system, the data can be encrypted by using the hash value as the encryption key, so that the same data is encrypted to obtain the same ciphertext, and the deletion of the duplicate data can be realized, then through the Proof of ownership (PoW), the authenticity of user data can be verified to protect data security. Aiming at the problem that the time overhead of Proof of ownership (PoW) is too high, which leads to the degradation of the whole system performance, an efficient security method based on Bloom Filter (BF) was proposed to verify the user hash value and the initialization value efficiently. Finally, a BF scheme supporting fine- grained data deduplieation was proposed. When the file level data was duplicated, the PoW was needed; otherwise, only partial block level data duplication detection was needed. The simulation experiment results show that, the key space overhead of the proposed BF scheme is lower than the classical Baseline scheme, and the time cost of the BF scheme is also lower than the Baseline scheme; and with the increase of data size, the performance advantage of BF scheme is more obvious.
出处
《计算机应用》
CSCD
北大核心
2017年第3期766-770,共5页
journal of Computer Applications
基金
国家自然科学基金资助项目(61572144)
广东省重大科技专项(2016B030306004
2015B010110001
2014B010117004)
广州市科技计划项目(201508010065)~~
关键词
云存储
数据去重
收敛加密
哈希算法
布隆过滤器
cloud storage
data deduplication
convergent encryption
hash algorithm
Bloom Filter (BF)