一种改进的短签名云数据审计方案

doi:10.19665/j.issn1001-2400.20230107

Abstract

Abstract:

With the development of the Internet of Things,Cloud storage has experienced an explosive growth.Effective verification of the integrity of data stored on the Cloud storage service providers(CSP) has become an important issue.In order to solve the problem that the existing data integrity audit scheme based on the BLS short signature is inefficient,ZHU et al.designed a data integrity audit scheme based on the ZSS short signature in 2019.However,this paper points out that the proof generated by ZHU et al.'s scheme in the challenge phase is incorrect and can be subjected to replay attacks or attacked by using a bilinear map,so as to pass the audit of a third party auditor(TPA).Then,this paper proposes an improved cloud audit scheme based on the short signature by improving the calculation method of proof in the challenge stage and optimizing the equations used by the third party auditor in the verification stage for verifying proof.This paper proves the correctness of the improved scheme,compensates for the shortcomings in the original scheme,and analyzes the security of the scheme.The improved scheme not only can make attackers including the third party auditor unable to recover users’ data,but also can resist replay attacks and forgery attacks of attackers including malicious cloud storage service providers.Through numerical analysis,it is found that the computational cost did not change much,and that the communication cost decreased,thus providing a better computational accuracy than the original scheme.

Key words: short signature, cloud storage, cloud security, data possession proof

CLC Number:

TP309.7

CUI Yuanyou,WANG Xu’an,LANG Xun,TU Zheng,SU Yunxuan. Improved short-signature based cloud data audit scheme[J].Journal of Xidian University, 2023, 50(5): 132-141.

Figures/Tables 3

符号	含义
Ad $d Z q$	定义在Z_q内的加法
Ad $d G 1$	定义在G₁内的加法
Mu $l Z q$	定义在Z_q的乘法
Mu $l G 1$	定义在G₁的乘法
Mu $l G 2$	定义在G₂的乘法
Pair	双线性对运算
Has $h Z q$	定义在Z_q的哈希算法
Has $h G 1$	定义在G₁的哈希算法
$E Z q$	定义在Z_q的整数幂运算

	原方案	新方案	变化量
用户	nHas $h Z q$ +nMu $l G 1$ + nAd $d Z q$ +nInver $t Z q$	nHas $h Z q$ +nMu $l G 1$ +nAd $d Z q$ + nInver $t Z q$	0
CSP	cHas $h Z q$ +2cAd $d Z q$ +(c+1)Ad $d G 1$ + cMu $l Z q$ +(c+4)Mu $l G 1$ +cInver $t G 1$	cHas $h Z q$ +2Has $h G 1$ +(2c+1)Ad $d Z q$ + cAd $d G 1$ +cMu $l Z q$ +(c+2)Mu $l G 1$ + $E Z q$ +cInver $t Z q$	2Has $h G 1$ +Ad $d Z q$ -Ad $d G 1$ - 2Mu $l G 1$ + $E Z q$ +c(Inver $t Z q$ - Inver $t G 1$ )
TPA	Mu $l G 2$ +3Pair+Ad $d G 1$	2Pair+Ad $d Z q$ +Ad $d G 1$ + 2Has $h G 1$ + $E Z q$	-Mu $l G 2$ -Pair+Ad $d Z q$ + 2Has $h G 1$ + $E Z q$

References 15

[1]	CHEN K, HU C, ZHANG X, et al. Survey on Routing in Data Centers:Insights and Future Directions[J]. IEEE Network, 2011, 25(4):6-10.
[2]	DESWARTE Y, QUISQUATER J J, SAÏDANE A, Remote Integrity Checking[C]//Proceedings of the Integrity and Internal Control in Information Systems VI[J]. Heidelberg:Springer, 2004:1-11.
[3]	OPREA A, REITER M K, YANG K. Space-Efficient Block Storage Integrity[C]//Proceedings of the Network and Distributed System Security Symposium. San Diego: NDSS, 2005:1-12.
[4]	BONEH D, LYNN B, SHACHAM H. Short Signatures from the Weil Pairing[C]//Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security. Heidelberg:Springer, 2001:514-532.
[5]	FILHO D, BARRETO P S. Demonstrating Data Possession and Uncheatable Data Transfer[J]. Cryptology ePrint Archive, 2006, 1(1):150-159.
[6]	ATENIESE G, BURNS R, CURTMOLA R. Provable Data Possession at Untrusted Stores[C]//Proceedings of the 14th ACM Conference on Computer and Communications Security(CCS2007). New York: ACM, 2007:598-609.
[7]	ATENIESE G, BURNS R, CURTMOLA R, et al. Remote Data Checking Using Provable Data Possession[J]. ACM Transactions on Information and System Security, 2011, 14(1):1-34.
[8]	WANG Q, WANG C, LI J, et al. Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing[J]. IEEE Transactions on Parallel and Distributed Systems, 2011, 22(5):847-859. doi: 10.1109/TPDS.2010.183
[9]	CURTMOLA R, KHAN O, BURNS R, et al. MR-PDP:Multiple-Replica Provable Data Possession[C]//2008 The 28th International Conference on Distributed Computing Systems.Piscataway:IEEE, 2008:411-420.
[10]	李勇, 姚戈, 雷丽楠, 等. 基于多分支路径树的云存储数据完整性验证机制[J]. 清华大学学报(自然科学版), 2016, 56(5):504-510.
	LI Yong, YAO Ge, LEI Linan, et al. A Validation Mechanism for Cloud Storage Data Integrity Based on Multi-branch Path Tree[J]. Journal of Tsinghua University (Science and Technology), 2016, 56(5):504-510.
[11]	ZHU H, YUAN Y, CHEN Y, et al. A Secure and Efficient Data Integrity Verification Scheme for Cloud-IoT Based on Short Signature.[J] IEEE Access, 2019, 7:90036- 90044. doi: 10.1109/Access.6287639
[12]	毛向杰, 张品. 云平台数据完整性混合验证方案[J]. 计算机工程, 2020, 46(10):46-51. doi: 10.19678/j.issn.1000-3428.0056404
	MAO Xiangjie, ZHANG Pin. Hybrid Verification Scheme for Data Integrity of Cloud Platform[J]. Computer Engineering, 2020, 46(10):46-51. doi: 10.19678/j.issn.1000-3428.0056404
[13]	杨小东, 裴喜祯, 陈桂兰, 等. 支持用户撤销的多用户多副本数据公开审计方案[J]. 计算机工程, 2020, 46(12):150-157. doi: 10.19678/j.issn.1000-3428.0056369
	YANG Xiaodong, PEI Xizhen, CHEN Guilan, et al. Multi-User and Multi-Replica Public Data Audit Scheme Supporting User Revocation[J]. Computer Engineering, 2020, 46(12):150-157. doi: 10.19678/j.issn.1000-3428.0056369
[14]	咸鹤群, 刘红燕, 张曙光, 等. 可验证的云存储安全数据删重方法[J]. 软件学报, 2020, 31(2):455-470.
	XIAN Hequn, LIU Hongyan, ZHANG Shuguang, et al. Verifiable Secure Data Deduplication Method in Cloud Storage[J]. Journal of Software, 2020, 31(2):455-470.
[15]	杨海滨, 李瑞峰, 易铮阁, 等. 无效双线性对的高效云存储数据审计方案[J]. 西安电子科技大学学报, 2022, 49(1):47-54.
	YANG Haibin, LI Ruifeng, YI Zhengge, et al. Efficient Cloud Storage Data Auditing Scheme without Bilinear Pairing[J]. Journal of Xidian University, 2022, 49(1):47-54.

Improved short-signature based cloud data audit scheme

RichHTML

PDF (PC)

Like

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 3

References 15

Related Articles 7

Metrics

Comments

Recommended 10

[1]	LIN Genghao,ZHOU Ziji,TANG Xin,ZHOU Yiteng,ZHONG Yuqi,QI Tianyang. Random chunks attachment strategy based secure deduplication for cloud data [J]. Journal of Xidian University, 2023, 50(5): 212-228.
[2]	YANG Haibin,LI Ruifeng,YI Zhengge,NIU Ke,YANG Xiaoyuan. Efficient cloud storage data auditing scheme without bilinear pairing [J]. Journal of Xidian University, 2022, 49(1): 47-54.
[3]	REN Jingsi;WANG Jinlin;CHEN Xiao;YE Xiaozhou. Provable multi-copy dynamic data possession in cloud storage [J]. Journal of Xidian University, 2017, 44(6): 156-161+174.
[4]	LI Haoxing;LI Fenghua;SONG Chenggen;SU Mang;LIU Xin. Public key encryption with multi-keywords search [J]. J4, 2015, 42(5): 20-25.
[5]	LI liya. Data Synchronization Algorithm Controlled by Intelligent Terminal [J]. J4, 2013, 40(2): 172-180.
[6]	LI Liya;HU Xiaohong;XIN Zhenguo. Data synchronization algorithm controlled by the intelligent terminal [J]. J4, 2013, 40(2): 172-180+212.
[7]	XIN Xiang-jun1;2;LI Fa-gen3;XIAO Guo-zhen1. A fair exchange protocol based on short signature with the off-line semi-trusted third party [J]. J4, 2007, 34(1): 92-95.