计算机与现代化

• 信息安全 • 上一篇    下一篇

基于盲签名的云共享数据完整性审计方案

  

  1. (南京航空航天大学计算机科学与技术学院,江苏南京211106)
  • 收稿日期:2019-07-10 出版日期:2020-04-22 发布日期:2020-04-24
  • 作者简介:张茜(1995-),女,江苏邳州人,硕士研究生,CCF会员,研究方向:信息安全,E-mail: zhangxi105@nuaa.edu.cn; 王箭(1968-),男,教授,博士,研究方向:信息安全,E-mail: wangjian@nuaa.edu.cn。

A Public Integrity Auditing Scheme Based on Blind Signature for Shared Data in Cloud

  1. (College of Computer Science and Technology, Nanjing University of Aeronautics and Astronautics, Nanjing 211106, China)
  • Received:2019-07-10 Online:2020-04-22 Published:2020-04-24

摘要: 云端共享数据完整性审计用来验证一个用户群组共享在云端的数据的完整性。传统方式下,成员用户需要为每一个数据块生成认证器,再将数据块和对应的认证器上传到云服务器中保存。然而用户的计算资源有限且计算能力不高,由用户产生数据块认证器需要消耗用户很大的计算开销。为了节省用户的计算资源,提高认证器生成的效率,提出基于盲签名算法的云共享数据完整性审计方案。用户先对数据块进行盲化再发送到认证器生成中心生成相应的认证器,此外,方案中对第三方审计者TPA进行审计授权,有效地避免了攻击者对于云服务器的DDoS攻击。安全性分析和实验结果表明该方案是安全、高效的。

关键词: 云存储, 共享数据, 数据完整性审计, 盲签名, 审计授权

Abstract: Public integrity auditing for shared data in the cloud is used to verify the integrity of data which are shared among group users in the cloud. Traditionally, group users need to generate the authenticator for each data block, and then upload shared data and the corresponding authenticators to the cloud server for storage. However, the users computing resources are limited and computing power is not enough, so it takes a lot of computing overhead for users to generate authenticators for data blocks. In order to save users computing resources and improve the efficiency of authenticator generation, a public integrity auditing scheme based on blind signature for shared data in the cloud is proposed. Users firstly blind the data blocks and then send them to the authenticator generation center to generate the corresponding authenticators. In addition, the Third Party Auditor (TPA) is authorized to audit in this scheme, which effectively avoids the DDoS attacks of the attacker on the cloud sever. The security analysis and experimental results show that the proposed scheme is safe and efficient.

Key words: cloud storage, shared data, data integrity auditing, blind signature, auditing authorization

中图分类号: