期刊文献+

基于BLS的多用户多副本数据持有性批量审计 被引量:8

Public Batch Auditing for 2M-PDP Based on BLS in Cloud Storage
下载PDF
导出
摘要 为了保证用户数据的可靠性和可用性,云服务提供商会根据用户需求对数据进行多副本存储.但是服务提供商往往是不可信的.为检查远程数据完整性,现有方案大多解决如何高效的完成单用户对单份数据的完整性验证,尚缺少如何高效的完成多用户同时验证多副本数据.若将这些方案直接应用于多用户多副本环境中,将带来的成倍于单份数据的持有性证明方案的计算开销与通信开销问题.为了解决该问题,本文提出了一种基于BLS的2M-PDP审计方案.该方案采用双线性对聚集签名技术构造2M-PDP算法,在不泄露用户隐私信息的前提下引入第三方审计者,将多用户的审计申请批量发送给云服务提供商,减少交互次数和降低通信开销;服务提供商计算持有性证明和第三方审计者验证过程中采用双线性对聚集签名技术,降低计算开销.在安全性上,所引入的审计第三方不会带来新的安全风险,并且本方案能够抵抗云服务器重放攻击、合谋攻击和替换攻击.最后通过实验验证了该方案的可行性和高效性. In cloud storage system, to ensure the reliability and availability of user's data, cloud service providers(CSPs) usually store multiple copies of user's data according to user's need. However, CSPs are often semi-trusted. In order to check whether they actually spend storage for multiple replicas, current schemes mostly solve how the single user to efficiently verify the single-copy, but do not work well for multi-user to simultaneously verify multi-copy. If these schemes directly applied to a multi-user multi-copy environment, it will bring double computational and communication overhead than that in provable data procession verification of single-copy. In order to solve the problem, the 2M-PDP based on BLS with public batch auditing is proposed. The scheme uses the technique of bilinear aggregate signature to construct 2M-PDP, third party audit is introduced with the prerequisite of non-disclosure of user privacy information, the batch of multi-user application is sent to cloud service providers for audit to reduce the number of interactions and reduce communication overhead. CSPs computing holds proof and third-party auditors verification process for gathering signatures bilinear technology to reduce computational overhead. In security, the third party auditing process should bring in no vulnerabilities towards user data privacy, and the scheme can resist the cloud server replay attacks, collusion attacks, and replacement attacks. Finally, experiments verify the feasibility and efficiency.
出处 《密码学报》 2014年第4期368-378,共11页 Journal of Cryptologic Research
基金 国家自然科学基金项目(60175022) 福建省科技厅重点项目(2012H0025)
关键词 云存储 多副本批量审计 数据持有性验证 公开验证 cloud storage multiple-replica batch auditing provable data possession public auditing
  • 相关文献

参考文献5

二级参考文献65

  • 1周婧,王意洁,阮炜,李思昆.面向海量数据的数据一致性研究[J].计算机科学,2006,33(4):137-140. 被引量:18
  • 2Cooper B, Garcia-Molina H. Peer to peer data trading to preserve information [J]. ACM Trans on Information Systems, 2002, 20(2): 133-170.
  • 3Goh E, Shacham H, Mndadugu N, et al. SiRiUS: Securing remote untrustcd storage [C]//Proc of the 10th Network and Distributed Systems Security Syrup (NDSS'03). Reston, VA: Internet Society, 2003:131-145.
  • 4Kallahalla M, Riedel E, Swaminathan R, et al. Plutus: Scalable secure file sharing on untrusted storage [C] //Proc of the 2nd USENIX Conf on File and Storage Technologies (FAST'03). Berkeley, CA: USENIX, 2003:29-42.
  • 5Tompa M, Woll H. How to share a secret with cheaters [J]. Journal of Cryptography, 1988. 1(2): 133-138.
  • 6Krawczyk H. Distributed fingerprints and secure information dispersal [C] //Proc of the 12th ACM Symp on Principles of Distributed Computing ( PODC' 93). New York: ACM, 1993:207-218.
  • 7Shah M, Baker M, Mogul J, et al. Auditing to keep online storage services honest[C] //Proc of HotOS XL Berkeley, CA: USENIX, 2007.
  • 8Luby M, Rackoff C. How to construct pseudorandom permutations and pseudorandom functions [J]. SIAM Journal on Computing, 1988, 17:373-386.
  • 9Be/lare M, Canetti R, Krawczyk H. Keying hash functions for message authentication [G]//LNCS 1109: Proc of the 16th Annual Int Cryptology Conf (Crypto' 96). Berlin:Springer, 1996:1-19.
  • 10Ateniese G, Burns R, Curtmola R, et al. Provable data possession at untrusted stores [C]//Proc of the 14th ACM Conf on Computer and Communications Security (CCS'07). New York:ACM, 2007:598-609.

共引文献71

同被引文献55

  • 1陈兰香,许力.云存储服务中可证明数据持有及恢复技术研究[J].计算机研究与发展,2012,49(S1):19-25. 被引量:28
  • 2曹珍富.密码学的新发展[J].四川大学学报(工程科学版),2015,47(1):1-12. 被引量:27
  • 3Wang C, Wang Q, Ren K, et al. Toward secure and dependable storage services in cloud computing~-Jl. IEEE Transactions on Services Computing, 2012, 5 (2) .. 220-232.
  • 4Ateniese G, Johns R B, Curtmola R, et al. Provable data possession at untrusted stores[C]//Proc of 14thACM Conference on Computer and Communications Security. New York: ACM, 2007= 598-609.
  • 5Shacham H, Waters B. Compact proofs of retriev- ability[C7 //Proc of 14th International Conference Theory and Application of Cryptology and Informa- tion Security= Advances in Cryptology. Berlin.. Springer-Verlag, 2008= 90-107.
  • 6Wang Q, Wang C, Ren K, et al. Enabling public au- ditability and data dynamics for storage security in cloud computing[-J~. IEEE Transactions on Parallel and Distributed Systems, 2011, 22(5): 847-859.
  • 7Zhu Y, Wang H, Hu Z, et al. Dynamic audit serv- ices for outsourced storages in clouds [J]. IEEE Transactions on Services Computing, 2013, 6 (2) : 227-238.
  • 8Zhu Y, Hu H, Ahn G, et al. Cooperative provable data possession for integrity verification in multi- cloud storage[J]. IEEE Transactions on Parallel and Distributed Systems, 2012, 23(12) : 2231-2244.
  • 9Yang K, Jia X. An efficient and secure dynamic audi ting protocol for data storage in cloud computing[J]. IEEE Transactions on Parallel and Distributed Sys terns, 2013, 24(9)= 1717-1726.
  • 10Yuan J, Yu S. Public integrity auditing for dynamic data sharing with multiuser modification[J]. IEEE Transactions on Information Forensics ~ Security, 2015, 10: 1717-1726.

引证文献8

二级引证文献73

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部