基于ECDSA的云存储审计方案

doi:10.6040/j.issn.1671-9352.2.2021.004

山东大学学报 (工学版) ›› 2022, Vol. 57 ›› Issue (5): 57-65.doi: 10.6040/j.issn.1671-9352.2.2021.004

• • 上一篇

基于ECDSA的云存储审计方案

李瑞峰¹,易铮阁¹,袁文勇¹,杨晓元^1,2,钮可^1,2*

1.武警工程大学密码工程学院, 陕西西安 710086;2.网络与信息安全武警部队重点实验室, 陕西西安 710086

发布日期:2022-06-21
作者简介:李瑞峰(1998— ),男,硕士研究生,研究方向为信息安全与密码学. E-mail:1225126834@qq.com*通信作者简介:钮可(1981— ),男,博士,副教授,硕士生导师,研究方向为信息安全. E-mail:425186300@qq.com
基金资助:
国家重点研发计划“网络空间安全”重点专项课题(2017YFB0802000);国家自然科学基金资助项目(62172436);武警工程大学基础前沿研究基金项目(WJY202014)

ECDSA-based auditing scheme for cloud storage

LI Rui-feng¹, YI Zheng-ge¹, YUAN Wen-yong¹, YANG Xiao-yuan^1,2, NIU Ke^1,2*

1. College of Cryptographic Engineering, Engineering University of PAP, Xian 710086, Shaanxi, China;
2. Key Laboratory of Network and Information Security of the PAP, Xian 710086, Shaanxi, China

Published:2022-06-21

摘要/Abstract

摘要： 针对用户云端数据完整性被破坏后维权困难的问题,提出了一种基于椭圆曲线签名的云审计方案。方案使用区块链与智能合约技术,能够实现云审计公平支付;支持针对云服务商与第三方审计者的数据隐私保护;审计过程中不需要计算幂指数和双线性对,计算开销较小。安全性分析和实验结果表明,本方案是安全、高效的。

关键词: 云存储, 完整性验证, 无双线性对, 椭圆曲线签名, 隐私保护

Abstract: Aiming at the problem of difficult rights protection after the integrity of user cloud data is destroyed, a cloud audit scheme based on elliptic curve signature is proposed. The scheme uses blockchain and smart contract technology to realize fair payment of cloud audit. Support data privacy protection for cloud service providers and third-party auditors. There is no need to calculate power exponent and bilinear pair in the audit process, and the calculation overhead is small. Security analysis and experimental results show that the scheme is safe and efficient.

Key words: cloud storage, integrity auditing, without bilinear pair signature, elliptic curve signature, privacy protection

中图分类号:

TP309.7

李瑞峰,易铮阁,袁文勇,杨晓元,钮可. 基于ECDSA的云存储审计方案[J]. 山东大学学报 (工学版), 2022, 57(5): 57-65.

LI Rui-feng, YI Zheng-ge, YUAN Wen-yong, YANG Xiao-yuan, NIU Ke. ECDSA-based auditing scheme for cloud storage[J]. Journal of Shandong University(Engineering Science), 2022, 57(5): 57-65.

参考文献

[1] SINGH B, DHAWAN S, ARORA A, et al. A view of cloud computing[J]. International Journal of Computers & Technology, 2013, 4(2b1):50-58.
[2] QUICK D, MARTINI B, CHOO K K R. Cloud storage forensics[M]. New York: Syngress, 2014: 23-61.
[3] DESWARTE Y, QUISQUATER J J, SAÏDANE A. Remote integrity checking[M] //Integrity and Internal Control in Information Systems VI. Boston: Kluwer Academic Publishers, 2004: 1-11.
[4] GAZZONI F D L, BARRETO P S L M. Demonstrating data possession and uncheatable data transfer[J]. IACR Cryptology ePrint Archive, 2006: 150-159.
[5] ATENIESE G, BURNS R, CURTMOLA R, et al. Provable data possession at untrusted stores[C] //Proceedings of the 14th ACM Conference on Computer and Communications Security-CCS '07. New York: ACM Press, 2007: 28-31.
[6] ZENG K. Publicly verifiable remote data integrity[M] //Information and Communications Security. Heidelberg: Springer, 2008: 419-434.
[7] SEBÉ F, DOMINGO-FERRER J, MARTINEZ-BALLESTE A, et al. Efficient remote data possession checking in critical information infrastructures[J]. IEEE Transactions on Knowledge and Data Engineering, 2008, 20(8):1034-1038.
[8] WANG C, CHOW S S M, WANG Q, et al. Privacy-preserving public auditing for secure cloud storage[J]. IEEE Transactions on Computers, 2013, 62(2):362-375.
[9] XUE J T, XU C X, ZHAO J N, et al. Identity-based public auditing for cloud storage systems against malicious auditors via blockchain[J]. Science China Information Sciences, 2019, 62(3):1-16.
[10] HUANG L X, ZHOU J L, ZHANG G X, et al. Certificateless public verification for data storage and sharing in the cloud[J]. Chinese Journal of Electronics, 2020, 29(4):639-647. http://dx.doi.org/10.1049/cje.2020.05.007
[11] MING Y, SHI W C. Efficient privacy-preserving certificateless provable data possession scheme for cloud storage[J]. IEEE Access, 2019, 7:122091-122105.
[12] WANG H, QIN H, ZHAO M H, et al. Block chain-based fair payment smart contract for public cloud storage auditing[J]. Information Sciences, 2020, 519:348-362.
[13] 富瑶,李庆丹,张泽辉,等.支持隐私保护和公平支付的数据完整性验证方案[J/OL]. [2021-08-24].计算机研究与发展,http://kns.cnki.net/kcms/detail/11.1777.TP.20210824.1601.014.html. FU Yao, LI Qingdan, ZHANG Zehui, et al. Data Integrity Verification Scheme for Privacy Protection and Fair Payment[J/OL]. [2021-08-24]. Journal of Computer Research and Development, http://kns.cnki.net/kcms/detail/11.1777.TP.2021 0824.1601.014.html.
[14] GALBRAITH S D, PATERSON K G, SMART N P. Pairings for cryptographers[J]. Discrete Applied Mathematics, 2008, 156(16):3113-3121.
[15] MILLER V S. Use of elliptic curves in cryptography[M] //Lecture Notes in Computer Science. Berlin: Springer,1986: 417-426.
[16] KOBLITZ N. Elliptic curve cryptosystems[J]. Mathematics of Computation, 1987, 48(177):203-209.
[17] 贺海武, 延安, 陈泽华. 基于区块链的智能合约技术与应用综述[J]. 计算机研究与发展, 2018, 55(11):2452-2466. HE Haiwu, YAN An, CHEN Zehua. Survey of smart contract technology and application based on blockchain[J]. Journal of Computer Research and Development, 2018, 55(11):2452-2466.
[18] 韩静,李艳平,禹勇,等.用户可动态撤销及数据可实时更新的云审计方案[J].软件学报,2020,31(2):578-596. HAN Jing, LI Yanping, YU Yong, et al. Cloud auditing scheme with dynamic revocation of users and real-time updates of data[J]. Journal of Software, 2020, 31(2):578-596.

多维度评价

Viewed

Full text

Abstract

Cited

Shared

Discussed

基于ECDSA的云存储审计方案

ECDSA-based auditing scheme for cloud storage

PDF (PC)

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 3

多维度评价

本文评价

推荐阅读 0

[1]	黄泗勇, 陈婷婷, 卢清, 吴英杰, 叶少珍. 基于kd-树的差分隐私二维空间数据划分发布方法[J]. 山东大学学报(工学版), 2015, 45(1): 24-29.
[2]	周风余, 赵文斐, 田天, 陈宏兴, 陈竹敏. 陪护机器人云存储系统设计及实现[J]. 山东大学学报(工学版), 2014, 44(5): 1-6.
[3]	孙岚,罗钊,吴英杰,王一蕾. 面向路网限制的位置隐私保护算法[J]. 山东大学学报(工学版), 2012, 42(5): 96-101.