您的位置:山东大学 -> 科技期刊社 -> 《山东大学学报(理学版)》

《山东大学学报(理学版)》 ›› 2022, Vol. 57 ›› Issue (5): 57-65.doi: 10.6040/j.issn.1671-9352.2.2021.004

• • 上一篇    

基于ECDSA的云存储审计方案

李瑞峰1,易铮阁1,袁文勇1,杨晓元1,2,钮可1,2*   

  1. 1.武警工程大学密码工程学院, 陕西 西安 710086;2.网络与信息安全武警部队重点实验室, 陕西 西安 710086
  • 发布日期:2022-05-27
  • 作者简介:李瑞峰(1998— ),男,硕士研究生,研究方向为信息安全与密码学. E-mail:1225126834@qq.com*通信作者简介:钮可(1981— ),男,博士,副教授,硕士生导师,研究方向为信息安全. E-mail:425186300@qq.com
  • 基金资助:
    国家重点研发计划“网络空间安全”重点专项课题(2017YFB0802000);国家自然科学基金资助项目(62172436);武警工程大学基础前沿研究基金项目(WJY202014)

ECDSA-based auditing scheme for cloud storage

LI Rui-feng1, YI Zheng-ge1, YUAN Wen-yong1, YANG Xiao-yuan1,2, NIU Ke1,2*   

  1. 1. College of Cryptographic Engineering, Engineering University of PAP, Xian 710086, Shaanxi, China;
    2. Key Laboratory of Network and Information Security of the PAP, Xian 710086, Shaanxi, China
  • Published:2022-05-27

摘要: 针对用户云端数据完整性被破坏后维权困难的问题,提出了一种基于椭圆曲线签名的云审计方案。方案使用区块链与智能合约技术,能够实现云审计公平支付;支持针对云服务商与第三方审计者的数据隐私保护;审计过程中不需要计算幂指数和双线性对,计算开销较小。安全性分析和实验结果表明,本方案是安全、高效的。

关键词: 云存储, 完整性验证, 无双线性对, 椭圆曲线签名, 隐私保护

Abstract: Aiming at the problem of difficult rights protection after the integrity of user cloud data is destroyed, a cloud audit scheme based on elliptic curve signature is proposed. The scheme uses blockchain and smart contract technology to realize fair payment of cloud audit. Support data privacy protection for cloud service providers and third-party auditors. There is no need to calculate power exponent and bilinear pair in the audit process, and the calculation overhead is small. Security analysis and experimental results show that the scheme is safe and efficient.

Key words: cloud storage, integrity auditing, without bilinear pair signature, elliptic curve signature, privacy protection

中图分类号: 

  • TP309.7
[1] SINGH B, DHAWAN S, ARORA A, et al. A view of cloud computing[J]. International Journal of Computers & Technology, 2013, 4(2b1):50-58.
[2] QUICK D, MARTINI B, CHOO K K R. Cloud storage forensics[M]. New York: Syngress, 2014: 23-61.
[3] DESWARTE Y, QUISQUATER J J, SAÏDANE A. Remote integrity checking[M] //Integrity and Internal Control in Information Systems VI. Boston: Kluwer Academic Publishers, 2004: 1-11.
[4] GAZZONI F D L, BARRETO P S L M. Demonstrating data possession and uncheatable data transfer[J]. IACR Cryptology ePrint Archive, 2006: 150-159.
[5] ATENIESE G, BURNS R, CURTMOLA R, et al. Provable data possession at untrusted stores[C] //Proceedings of the 14th ACM Conference on Computer and Communications Security-CCS '07. New York: ACM Press, 2007: 28-31.
[6] ZENG K. Publicly verifiable remote data integrity[M] //Information and Communications Security. Heidelberg: Springer, 2008: 419-434.
[7] SEBÉ F, DOMINGO-FERRER J, MARTINEZ-BALLESTE A, et al. Efficient remote data possession checking in critical information infrastructures[J]. IEEE Transactions on Knowledge and Data Engineering, 2008, 20(8):1034-1038.
[8] WANG C, CHOW S S M, WANG Q, et al. Privacy-preserving public auditing for secure cloud storage[J]. IEEE Transactions on Computers, 2013, 62(2):362-375.
[9] XUE J T, XU C X, ZHAO J N, et al. Identity-based public auditing for cloud storage systems against malicious auditors via blockchain[J]. Science China Information Sciences, 2019, 62(3):1-16.
[10] HUANG L X, ZHOU J L, ZHANG G X, et al. Certificateless public verification for data storage and sharing in the cloud[J]. Chinese Journal of Electronics, 2020, 29(4):639-647. http://dx.doi.org/10.1049/cje.2020.05.007
[11] MING Y, SHI W C. Efficient privacy-preserving certificateless provable data possession scheme for cloud storage[J]. IEEE Access, 2019, 7:122091-122105.
[12] WANG H, QIN H, ZHAO M H, et al. Block chain-based fair payment smart contract for public cloud storage auditing[J]. Information Sciences, 2020, 519:348-362.
[13] 富瑶,李庆丹,张泽辉,等.支持隐私保护和公平支付的数据完整性验证方案[J/OL]. [2021-08-24].计算机研究与发展,http://kns.cnki.net/kcms/detail/11.1777.TP.20210824.1601.014.html. FU Yao, LI Qingdan, ZHANG Zehui, et al. Data Integrity Verification Scheme for Privacy Protection and Fair Payment[J/OL]. [2021-08-24]. Journal of Computer Research and Development, http://kns.cnki.net/kcms/detail/11.1777.TP.2021 0824.1601.014.html.
[14] GALBRAITH S D, PATERSON K G, SMART N P. Pairings for cryptographers[J]. Discrete Applied Mathematics, 2008, 156(16):3113-3121.
[15] MILLER V S. Use of elliptic curves in cryptography[M] //Lecture Notes in Computer Science. Berlin: Springer,1986: 417-426.
[16] KOBLITZ N. Elliptic curve cryptosystems[J]. Mathematics of Computation, 1987, 48(177):203-209.
[17] 贺海武, 延安, 陈泽华. 基于区块链的智能合约技术与应用综述[J]. 计算机研究与发展, 2018, 55(11):2452-2466. HE Haiwu, YAN An, CHEN Zehua. Survey of smart contract technology and application based on blockchain[J]. Journal of Computer Research and Development, 2018, 55(11):2452-2466.
[18] 韩静,李艳平,禹勇,等.用户可动态撤销及数据可实时更新的云审计方案[J].软件学报,2020,31(2):578-596. HAN Jing, LI Yanping, YU Yong, et al. Cloud auditing scheme with dynamic revocation of users and real-time updates of data[J]. Journal of Software, 2020, 31(2):578-596.
[1] 康海燕,邓婕. 区块链数据隐私保护研究综述[J]. 《山东大学学报(理学版)》, 2021, 56(5): 92-110.
[2] 柳欣,徐秋亮. 基于预付费的隐私保护多重电子优惠券系统[J]. 《山东大学学报(理学版)》, 2021, 56(11): 1-14.
[3] 马海峰,杨家海,薛庆水,鞠兴忠,朱浩之,林涛,原鑫鑫. 一种非同频远程数据持有检测方法[J]. 《山东大学学报(理学版)》, 2020, 55(5): 81-87.
[4] 岳泽轮,王栋,毛江龙. 改进的不使用双线性对无证书签密方案[J]. 《山东大学学报(理学版)》, 2020, 55(3): 51-57.
[5] 张超,梁英,方浩汕. 支持隐私保护的社交网络信息推荐方法[J]. 《山东大学学报(理学版)》, 2020, 55(3): 9-18.
[6] 姚克,杨海宁,秦静. 云存储中可验证完整性的可搜索加密协议[J]. 《山东大学学报(理学版)》, 2019, 54(1): 67-78.
[7] 李艳平,齐艳姣,张凯,魏旭光. 支持用户撤销的多授权机构的属性加密方案[J]. 山东大学学报(理学版), 2018, 53(7): 75-84.
[8] 康海燕,朱万祥. 位置服务隐私保护[J]. 《山东大学学报(理学版)》, 2018, 53(11): 35-50.
[9] 康海燕,黄渝轩,陈楚翘. 基于视频分析的地理信息隐私保护方法[J]. 山东大学学报(理学版), 2018, 53(1): 19-29.
[10] 毕晓迪,梁英,史红周,田辉. 一种基于隐私偏好的二次匿名位置隐私保护方法[J]. 山东大学学报(理学版), 2017, 52(5): 75-84.
[11] 康海燕,马跃雷. 差分隐私保护在数据挖掘中应用综述[J]. 山东大学学报(理学版), 2017, 52(3): 16-23.
[12] 查明明,王伟. FlowMonitor: Android隐私数据流向监控防护系统[J]. 山东大学学报(理学版), 2016, 51(9): 59-67.
[13] 李宇溪,王恺璇,林慕清,周福才. 基于匿名广播加密的P2P社交网络隐私保护系统[J]. 山东大学学报(理学版), 2016, 51(9): 84-91.
[14] 柳欣,徐秋亮,张波. 满足可控关联性的合作群签名方案[J]. 山东大学学报(理学版), 2016, 51(9): 18-35.
[15] 蔡红云,马晓雪. 在线社会网络中基于关系强度的访问控制机制[J]. 山东大学学报(理学版), 2016, 51(7): 90-97.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!