摘要
个人或企业将数据外包给远程云服务器,在获得运营便利的同时也失去了对数据的本地控制权,无法直接保证数据的完整性和隐私性。分析了Zhang等和Xu等提出的基于身份云数据完整性验证方案的安全性。分析表明Zhang等所提方案易遭受密钥恢复攻击,云服务器利用存储的用户数据可恢复出用户的私钥,而Xu等所提方案不能满足健壮性的安全要求。在Xu等方案的基础上,提出了一个改进的云数据完整性验证方案,分析表明新方案可提供健壮性和隐私性的安全需求,并且可提供与Xu等所提方案相同的通信和计算开销。
Many individuals or businesses outsource their data to remote cloud. Cloud storage provides users the advantages of economic convenience, but data owners no longer physically control over the stored data, which introduces new security challenges, such as no security guarantees of integrity and privacy. The security of two identity-based cloud data integrity verification schemes by Zhang et al and Xu et al respectively are analysed. It shows that Zhang et al.’s scheme is subjected to secret key recovery attack for the cloud servers can recover user’s private key only utilizing stored data. And Xu et al.’s scheme cannot satisfy security requirements of soundness. Based on Xu et al.'s scheme, a modified identity-based cloud data integrity verification scheme is proposed. A comprehensive analysis shows the new scheme can provide the security requirements of soundness and privacy, and has the same communication overhead and computation-al cost as Xu et al.’s scheme.
作者
王少辉
潘笑笑
王志伟
肖甫
王汝传
WANG Shaohui;PAN Xiaoxiao;WANG Zhiwei;XIAO Fu;WANG Ruchuan(College of Computer,Nanjing University of Posts and Telecommunications,Nanjing 210003,China;Key Laboratory of Jiangsu High Technology Research for Wireless Sensor Network,Nanjing 210003,China)
出处
《通信学报》
EI
CSCD
北大核心
2018年第11期98-105,共8页
Journal on Communications
基金
国家自然科学基金资助项目(No.61373006
No.61373139
No.61672016
No.61872192)
江苏省科技支撑计划基金资助项目(No.61003236)~~
