摘要
针对用户动态可撤销需要新的数据管理员对其前任所管理的数据进行完整性验证的问题,基于单向代理重签名技术提出了具有隐私保护的支持用户可撤销的云存储数据公共审计方案。首先,该方案中所采用的单向代理重签名算法,其代理重签名密钥由当前用户私钥结合已撤销用户公钥生成,不存在私钥泄露问题,能够安全实现数据所有权的转移;其次,该方案证明了恶意的云服务器不能产生伪造的审计证明响应信息来欺骗第三方审计者(TPA)通过审计验证过程;更进一步,该方案采用了随机掩饰码技术,能够有效防止好奇的第三方审计者恢复原始数据块。和Panda方案相比较,所提方案在增加抗合谋攻击功能的基础上,其审计过程中通信开销与计算代价仍全部低于Panda方案。
Due to user revocability, the new data manager needs to verify the integrity of the former data manager's management data stored in the cloud server, which is obviously inevitable in reality. In order to solve this issue, an efficient privacy-preserving public auditing scheme for cloud storage scheme was proposed. Firstly, in the proposed scheme based on unidirectional proxy re-signature, the proxy re-signature key was generated by the current data manager's private key and the former public key, which did not leak any information, to realize transferring of ownership data caused by the users revocability securely. Secondly, it was proved that the proposed scheme could protect any malicious cloud server from generating the forged response proof which could pass the verification to cheat the Third Party Auditor( TPA). Moreover, the random masking technique was employed to prevent the curious TPA from revealing the primitive data blocks. Compared with the Padna scheme, even though the proposed scheme adds the new functions but its communication overhead in the process of auditing and computational cost are also lower than Panda's.
出处
《计算机应用》
CSCD
北大核心
2016年第7期1816-1821,共6页
journal of Computer Applications
基金
国家自然科学基金重点资助项目(61370203)
四川省科技支撑计划项目(2012SZ0162)~~
关键词
云存储
代理重签名
隐私保护
完整性验证
用户可撤销
cloud storage
proxy re-signature
privacy-preserving
integrity verification
user revocation
