基于代理重签名的云端数据完整性验证方案

doi:10.19678/j.issn.1000-3428.0048266

计算机工程 ›› 2018, Vol. 44 ›› Issue (9): 130-135. doi: 10.19678/j.issn.1000-3428.0048266

基于代理重签名的云端数据完整性验证方案

杨小东,刘婷婷,杨平,安发英,肖立坤,王彩芬

西北师范大学计算机科学与工程学院,兰州 730070

收稿日期:2017-08-07 出版日期:2018-09-15 发布日期:2018-09-15
作者简介:杨小东(1981—),男,副教授、博士,主研方向为代理重签名、云计算安全;刘婷婷、杨平、安发英、肖立坤,硕士研究生;王彩芬,教授、博士、博士生导师。
基金资助:
国家自然科学基金(61662069);中国博士后科学基金(2017M610817);甘肃省科技计划项目(145RJDA325,1506RJZA130);国家档案局科技计划项目(2014-X-33);甘肃省高等学校科研项目(2014-A011);兰州市科技计划项目(2013-4-22);西北师范大学青年教师科研能力提升计划项目(WNU-LKQN-14-7)。

Integrity Verification Scheme for Cloud Data Based on Proxy Re-signature

YANG Xiaodong,LIU Tingting,YANG Ping,AN Faying,XIAO Likun,WANG Caifen

College of Computer Science and Engineering,Northwest Normal University,Lanzhou 730070,China

Received:2017-08-07 Online:2018-09-15 Published:2018-09-15

摘要/Abstract

摘要：

针对数据动态更新和群组用户撤销的问题,提出一种新的云端数据完整性验证方案。基于代理重签名技术实现数据所有权的转移和用户的撤销。使用随机掩码技术防止好奇的第三方审计者恢复原始数据块,确保云端数据的隐私性。通过多分支路径树构建简单的认证结构,简化数据更新过程,从而支持云端数据的插入、修改和删除等更新操作。分析结果表明,该方案满足存在不可伪造性,能抵抗重放攻击和删除攻击。

关键词: 云端存储, 完整性验证, 代理重签名, 多分支路径树, 用户撤销, 数据动态更新

Abstract:

A new integrity verification scheme for cloud data is proposed to solve the problems of dynamic data updating and user revocation.The new scheme uses proxy re-signature to transfer data ownership and revoke users.By using the random masking technique,it can prevent the curious third-party auditor from restoring raw data blocks and ensure privacy of cloud data.In addition,a simple authentication structure is constructed by multi-branch path tree,which simplifies the data update process and supports the update operations such as inserting,modifying and deleting the cloud data.The analysis results show that the proposed scheme satisfies existential unforgeability,and can resist replay attack and deletion attack.

Key words: cloud storage, integrity verification, proxy re-signature, multi-branch path tree, user revocation, dynamic data update

中图分类号:

TP309

杨小东,刘婷婷,杨平,安发英,肖立坤,王彩芬. 基于代理重签名的云端数据完整性验证方案[J]. 计算机工程, 2018, 44(9): 130-135.

YANG Xiaodong,LIU Tingting,YANG Ping,AN Faying,XIAO Likun,WANG Caifen. Integrity Verification Scheme for Cloud Data Based on Proxy Re-signature[J]. Computer Engineering, 2018, 44(9): 130-135.

http://www.ecice06.com/CN/Y2018/V44/I9/130

参考文献

［1］SOOKHAK M,GANI A,KHAN M K,et al.Dynamic remote data auditing for securing big data storage in cloud computing［J］.Information Sciences,2017,380:101-116.br/ ［2］KUMARI M P,PAUL R K.A study for authentication and integrity of data files in cloud computing［J］.International Journal of Science and Research,2017,2(9):1-8.br/ ［3］ATENIESE G,BURNS R,CURTMOLA R.Provable data possession at untrusted stores［C］//Proceedings of the 14th ACM Conference on Computer and Communications Security.New York,USA:ACM Press,2007:598-609.br/ ［4］ERWAY C,KUPCCU A,PAPAMATHOU C,et al.Dynamic provable data possession［C］//Proceedings of the 16th ACM Conference on Computer and Communications Security.New York,USA:ACM Press,2009:213-222.br/ ［5］WANG Qian,WANG Cong,LI Jin,et al.Enabling public verifiability and data dynamics for storage security in cloud computing［C］//Proceedings of European Symposium on Research in Computer Security.Berlin,Germany:Springer,2009:355-370.br/ ［6］李勇,姚戈,雷丽楠,等.基于多分支路径树的云存储数据完整性验证机制［J］.清华大学学报(自然科学版),2016,56(5):504-510.br/ ［7］WANG Cong,WANG Qian,REN Kui,et al.Privacy-preserving public auditing for data storage security in cloud computing［C］//Proceedings of the 29th Conference on Information Communications.Berlin,Germany:Springer,2010:525-533.br/ ［8］WANG Cong,CHOW S S M,WANG Qian,et al.Privacy-preserving public auditing for secure cloud storage［J］.IEEE Transactions on Computers,2013,62(2):362-375.br/ ［9］WANG Cong,WANG Qian,REN Kui,et al.Toward secure and dependable storage services in cloud computing［J］.IEEE Transactions on Services Computing,2013,5(2):220-232.br/ ［10］ZHU Yan,AHN G J,HU Hongxin,et al.Dynamic audit services for outsourced storages in clouds［J］.IEEE Transactions on Services Computing,2013,6(2):227-238.br/ ［11］WANG Boyang,LI Baochun,LI Hui.Knox:privacy-preserving auditing for shared data with large groups in the cloud［C］//Proceedings of the 10th International Conference on Applied Cryptography and Network Security.Berlin,Germany:Springer,2012:507-525.br/ ［12］WANG Boyang,LI Baochun,LI Hui.Panda:public auditing for shared data with efficient user revocation in the cloud［J］.IEEE Transactions on Services Computing,2015,8(1):92-106.br/ ［13］YU Y,NI J,AU M H,et al.Comments on a public auditing mechanism for shared cloud data service［J］.IEEE Transactions on Services Computing,2015,8(6):998-999.br/ ［14］张新鹏,许春香,张新颜,等.基于代理重签名的支持用户可撤销的云存储数据公共审计方案［J］.计算机应用,2016,36(7):1816-1821.br/ ［15］ATENIESE G,HOHENBERGER S.Proxy re-signatures:new definitions,algorithms,and applications［C］//Proceedings of the 12th ACM Conference on Computer and Communications Security.New York,USA:ACM Press,2005:310-319.br/

[1]	张晓均, 刘庆, 郑爽, 王鑫, 薛婧婷, 王世雄. 支持隐私保护的可验证云端数据分享方案[J]. 计算机工程, 2023, 49(3): 49-57.
[2]	张晓均, 张经伟, 黄超, 唐伟. 可验证的云存储医疗加密数据统计分析方案[J]. 计算机工程, 2021, 47(6): 32-37,43.
[3]	牛淑芬, 李文婷, 王彩芬. 无双线性对的部分盲代理重签名方案[J]. 计算机工程, 2020, 46(5): 187-192.
[4]	杨小东, 裴喜祯, 陈桂兰, 王美丁, 王彩芬. 支持用户撤销的多用户多副本数据公开审计方案[J]. 计算机工程, 2020, 46(12): 150-156,192.
[5]	曹素珍, 杜霞玲, 杨小东, 刘雪艳, 汪锐. 可验证混合存储属性基多关键字密文检索方案[J]. 计算机工程, 2020, 46(11): 181-186,193.
[6]	牛淑芬,田苗,王彩芬,杜小妮. 格上基于同态加密的数据完整性验证方案[J]. 计算机工程, 2018, 44(8): 174-178,183.
[7]	杨小东,李亚楠,周其旭,高国娟,王彩芬. 基于身份的服务器辅助验证代理重签名方案[J]. 计算机工程, 2017, 43(4): 166-170,176.
[8]	杨小东,高国娟,周其旭,李亚楠,王彩芬. 基于代理重签名的电子政务数据安全交换方案[J]. 计算机工程, 2017, 43(2): 183-188.
[9]	张立红,陈晶,杜瑞颖,何琨,陈炯. 云存储中支持安全去重的数据完整性验证方法[J]. 计算机工程, 2017, 43(1): 32-36,42.
[10]	徐海峰,洪璇. 可证明安全的单向可变门限代理重签名方案[J]. 计算机工程, 2016, 42(4): 143-146,154.
[11]	方雪锋,王晓明. 可撤销用户的外包加解密CP-ABE方案[J]. 计算机工程, 2016, 42(12): 124-128,132.
[12]	张玉磊,李臣意,周冬瑞,王彩芬. 高效的可撤销无证书签名方案[J]. 计算机工程, 2015, 41(7): 157-162.
[13]	冯婕,蓝才会,郏伯荣,杨小东. 强不可伪造的双向代理重签名方案[J]. 计算机工程, 2015, 41(3): 116-119,124.
[14]	杨小东,李春梅,周思安,王彩芬. 一种强不可伪造代理重签名方案[J]. 计算机工程, 2014, 40(11): 130-134.
[15]	杨涛, 胡建斌, 陈钟. 一种可追溯的车载自组网隐私保护认证协议[J]. 计算机工程, 2013, 39(8): 161-165.

选择文件类型/文献管理软件名称

选择包含的内容

基于代理重签名的云端数据完整性验证方案

Integrity Verification Scheme for Cloud Data Based on Proxy Re-signature

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

本文评价

模态框（Modal）标题

选择文件类型/文献管理软件名称

选择包含的内容

基于代理重签名的云端数据完整性验证方案

Integrity Verification Scheme for Cloud Data Based on Proxy Re-signature

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

本文评价