袁文勇;易铮阁;李瑞峰;杨晓元;

• 1:武警工程大学密码工程学院
• 2:网络与信息安全武警部队重点实验室

摘要(Abstract)：

存储数据的完整性问题是云计算安全的重要问题。针对撤销用户与云服务器或者第三方审计机构可能存在的合谋问题，提出一种能够抵抗合谋攻击并且满足数据批验证的方案，可提高存储数据的安全性和验证完整性的效率。方案结合虚拟用户思想和代理重签名技术，把撤销用户的签名转化为虚拟用户的签名，以此抵抗撤销用户与CSP的合谋攻击。在审计阶段利用随机掩码技术盲化证据，使得TPA即使有撤销用户的合谋，也无法获得当前用户的隐私。方案不仅支持单个数据块的完整性验证，也支持多个数据的批验证，可同时检验多个群用户的审计请求。安全分析表明，该方案能够有效抵抗合谋攻击，保护用户数据隐私。

关键词(KeyWords)： 云存储;完整性;抗合谋攻击;批验证;数据隐私

Abstract:

Keywords:

基金项目(Foundation): 国家重点研发计划项目(2017YFB0802000);; 国家自然科学基金项目(62172436)

作者(Authors): 袁文勇;易铮阁;李瑞峰;杨晓元;

DOI: 10.13705/j.issn.1671-6841.2021414

参考文献(References)：

• [1] CHOO K K R,DOMINGO-FERRER J,ZHANG L.Cloud cryptography:theory,practice and future research directions[J].Future generation computer systems,2016,62:51-53.
• [2] 邵必林，李肖俊，边根庆，等.云存储数据完整性审计技术研究综述[J].信息网络安全，2019(6):28-36.SHAO B L,LI X J,BIAN G Q,et al.A survey on data integrity auditing technology in cloud storage[J].Netinfo security,2019(6):28-36.
• [3] 刘炜，彭宇飞，田钊，等.基于区块链的医疗信息隐私保护研究综述[J].郑州大学学报(理学版),2021,53(2):1-18.LIU W,PENG Y F,TIAN Z,et al.A survey on medical information privacy protection based on blockchain[J].Journal of Zhengzhou university (natural science edition),2021,53(2):1-18.
• [4] ATENIESE G,BURNS R,CURTMOLA R,et al.Provable data possession at untrusted stores[C]//ACM Conference on Computer and Communications Security.New York:ACM Press,2007:598-609.
• [5] ATENIESE G,DI PIETRO G,MANCINI L V,et al.Scalable and efficient provable data possession[C]//International Conference on Security and Privacy in Communication Networks.New York:ACM Press,2008:1-10.
• [6] WANG Q,WANG C,LI J,et al.Enabling public verifiability and data dynamics for storage security in cloud computing[C]//European Symposium on Research in Computer Security.Berlin:Springer Press,2009:355-370.
• [7] WANG C,WANG Q,REN K,et al.Privacy-preserving public auditing for data storage security in cloud computing[C]//IEEE Conference on Computer Communications.Piscataway:IEEE Press,2010:1-9.
• [8] WANG B Y,LI B C,LI H.Knox:privacy-preserving auditing for shared data with large groups in the cloud[C]//International Conference on Applied Cryptography and Network Security.Berglin:Springer Press,2012:507-525.
• [9] WANG B Y,LI B C,LI H.Public auditing for shared data with efficient user revocation in the cloud[C]//IEEE Conference on Computer Communications.Piscataway:IEEE Press,2013:2904-2912.
• [10] WANG B Y,LI B C,LI H.Oruta:privacy-preserving public auditing for shared data in the cloud[C]//IEEE Fifth International Conference on Cloud Computing.Piscataway:IEEE Press,2012:295-302.
• [11] WANG B Y,LI B C,LI H.Panda:public auditing for shared data with efficient user revocation in the cloud[J].IEEE transactions on services computing,2015,8(1):92-106.
• [12] 徐云云，白光伟，沈航，等.云存储中基于虚拟用户的数据完整性验证[J].计算机科学，2017,44(5):95-99.XU Y Y,BAI G W,SHEN H,et al.Virtual-user-based public auditing integrity in cloud storage[J].Computer science,2017,44(5):95-99.
• [13] LIU H Q,WANG B C,LU K,et al.Public auditing for shared data utilizing backups with user revocation in the cloud[J].Wuhan university journal of natural sciences,2018,23(2):129-138.
• [14] 韩静，李艳平，禹勇，等.用户可动态撤销及数据可实时更新的云审计方案[J].软件学报，2020,31(2):578-596.HAN J,LI Y P,YU Y,et al.Cloud auditing scheme with dynamic revocation of users and real-time updates of data[J].Journal of software,2020,31(2):578-596.
• [15] 玄鹏开，周福才，王强，等.支持多用户操作的外包数据库可验证方案[J].郑州大学学报(理学版),2018,50(3):15-21.XUAN P K,ZHOU F C,WANG Q,et al.An outsourced database verifiable scheme for multi-user operations[J].Journal of Zhengzhou university (natural science edition),2018,50(3):15-21.
• [16] 苏盛辉，孙国栋.基于多离散对数问题的公钥密码的分析[J].电子学报，2018,46(1):218-222.SU S H,SUN G D.Analysis of a public-key cryptograph based on multi-discrete logarithm problems[J].Acta electronica sinica,2018,46(1):218-222.
• [17] BLAZE M,BLEUMER G,STRAUSS M.Divertible protocols and atomic proxy cryptography[C]//International Conference on the Theory and Application of Cryptographic Techniques.Berlin:Springer Press,1998:127-144.