摘要
为使用户存储在半可信云服务器上的数据不被篡改或丢失,提出一种基于格密码算法的数据完整性验证方案。方案安全性基于LWE困难问题,用户运用同态加密算法对数据块进行加密,并将加密密文和原始数据上传至服务器中。分析结果表明,该方案可以实现数据持有者对数据的完整性验证,且支持数据的动态更新。
In order to ensure that the data stored on the semi trusted cloud server is not tampered or lost,a data integrity verification scheme based on lattices cipher algorithm is proposed. The security of the scheme is based on the LWE difficult problem. The user encrypts the data block by using the homomorphic encryption algorithm and uploads the encrypted ciphertext and the original data to the server. Analysis results show that the scheme can achieve data integrity verification by data holders and support dynamic updating of data.
引文
[1]ATENIESE G,BURNS R,CURTMOLA R,et al.Provable data possession at untrusted stores[C]//Proceedings of ACM Conference on Computer and Communications Security.New York,USA:ACM Press,2007:598-609.
[2]ATENIESE G,PIETRO R D,MANCINI L V,et al.Scalable and efficient provable data possession[C]//Proceedings of the 4th International Conference on Security and Privacy in Communication Networks.New York,USA:ACM Press,2008:1-10.
[3]SHAH M A,BAKER M,MOGUL J C,et al.Auditing to keep online storage services honest[C]//Proceedings of the 11th USENIX Workshop on Hot Topics in Operating Systems.San Francisco,USA:USENIX,2007:1-6.
[4]WANG C,REN K,LOU W,et al.Toward publicly auditable secure cloud data storage services[J].IEEE Network,2010,24(4):19-24.
[5]ERWAY C,PAPAMANTHOU C,TAMASSIA R.Dynamic provable data possession[C]//Proceedings of ACM Conference on Computer and Communications Security.New York,USA:ACM Press,2009:213-222.
[6]JUELS A,KALISKI B S.Pors:proofs of retrievability for large files[C]//Proceedings of ACM Conference on Computer and Communications Security.New York,USA:ACM Press,2007:584-597.
[7]SHACHAM H,WATERS B.Compact proofs of retriev-ability[C]//Proceedings of International Conference on the Theory and Application of Cryptology and Information Security.Berlin,Germany:Springer,2008:90-107.
[8]CHEN L.Using algebraic signatures to check data possession in cloud storage[J].Future Generation Computer Systems,2013,29(7):1709-1715.
[9]ZHANG Xiaoyun,XU Chunxiang,ZHANG Yuan,et al.Insecurity of a public proof of cloud storage from lattice assumption[J].Chinese Journal of Electronics,2017,26(1):88-92.
[10]李道丰,张小萍,钟诚,等.格LWE难题下分层的基于身份的签名方案[J].小型微型计算机系统,2016,37(1):96-99.
[11]谭霜,何力,陈志坤,等.云存储中一种基于格的数据完整性验证方法[J].计算机研究与发展,2015,52(8):1862-1872.
[12]LI Z,MA C,DU G,et al.Dual LWE-based fully homomorphic encryption with errorless key switching[C]//Proceedings of International Conference on Parallel and Distributed Systems.Washington D.C.,USA:IEEE Computer Society,2016:1169-1174.
[13]王旭阳,胡爱群.格困难问题的复杂度分析[J].密码学报,2015,2(1):1-16.
[14]YOSHINIRI A,TAKUYA H,LE T P,et al.Fast and secure linear regression and biometric authentication with security update[EB/OL].[2017-07-10].https://eprint.iacr.org/2015/692.pdf.
[15]王惠清,洪志全.一种基于代数签名的远程数据完整性方案[J].计算机应用与软件,2016,33(2):302-306.
[16]HAO Z,ZHONG S,YU N.A privacy-preserving remote data integrity checking protocol with data dynamics and public verifiability[J].IEEE Transactions on Knowledge and Data Engineering,2011,23(9):1432-1437.
[17]李雪晓,叶云,田苗苗,等.基于格的大数据动态存储完整性验证方案[J].信息网络安全,2014,2(4):46-50.