具有紧凑标签的基于身份匿名云审计方案

Identity-based anonymous cloud auditing scheme with compact tags

云存储技术具有效率高、可扩展性强等优点。用户可以借助云存储技术节省本地的存储开销,并与他人共享数据。然而,数据存储到云服务器后,用户失去对数据的物理控制,需要有相应的机制保证云中数据的完整性。数据拥有证明(PDP,provable data possession)机制允许用户或用户委托的第三方审计员(TPA,third party auditor)对数据完整性进行验证。但在实际应用中,数据通常由多个用户共同维护,用户在进行完整性验证请求的同时泄露了自己的身份。匿名云审计支持TPA在完成数据完整性验证时保证用户的匿名性。在基于身份体制下,匿名云审计方案通常需要借助基于身份的环签名或群签名技术实现,数据标签的构成元素与用户数量相关,使得数据标签不够紧凑,存储效率较低。为了解决这一问题,提出一种基于身份的匿名云审计方案通用构造,使用一个传统体制下的签名方案和一个传统体制下的匿名云审计方案即可构造一个基于身份的匿名云审计方案。基于该通用构造,使用BLS签名和一个传统体制下具有紧凑标签的匿名云审计方案设计了具有紧凑标签的基于身份匿名云审计方案。该方案主要优势在于数据标签短,能够减少云服务器的存储压力,提高存储效率。此外,证明了该方案的不可欺骗性和匿名性。

Cloud storage has the advantages of high efficiency and scalability.Users can save local storage cost and share data with others through cloud storage technology.However,when data is uploaded to cloud servers,its owner also loses the physical control,and hence there needs a corresponding mechanism to ensure the integrity of data stored in the cloud.The Provable Data Possession(PDP)mechanism allows users or a Third-Party Auditor(TPA)appointed by the user to verify data integrity.In practice,data is usually maintained by multiple users.Users may reveal their identities while making an integrity verification request in traditional auditing processes.Anonymous cloud auditing ensures anonymity of users against the TPA during auditing.Currently,in identity-based systems,anonymous cloud auditing schemes usually resort to identity-based ring signature or group signature schemes.As a result,the size of a tag is related to the number of users,which makes it not compact and causes high storage cost.In order to solve this issue,a general construction of identity-based anonymous cloud auditing scheme was proposed.With a signature scheme and an anonymous cloud auditing scheme,a concrete identity-based anonymous cloud auditing scheme based on the general construction was proposed.It combined theBLS signature and an anonymous cloud auditing scheme with compact tags.The main advantage of this solution is that the tags are compact,which can significantly reduce storage cost and improve storage efficiency.Furthermore,the uncheatability and anonymity of the scheme are proved.