Identity-based public cloud storage auditing schemes can check the integrity of cloud data, and reduce the complicated certificate management. In such a scheme, one Private Key Generator(PKG) is employed to authentica...Identity-based public cloud storage auditing schemes can check the integrity of cloud data, and reduce the complicated certificate management. In such a scheme, one Private Key Generator(PKG) is employed to authenticate the identity and generate private keys for all users, and one Third Party Auditor(TPA) is employed to by users to check the integrity of cloud data. This approach is undesirable for large-scale users since the PKG and the TPA might not be able to afford the heavy workload. To solve the problem, we give a hierarchical Private Key Generator structure for large-scale user groups, in which a root PKG delegates lower-level PKGs to generate private keys and authenticate identities. Based on the proposed structure, we propose an authorized identity-based public cloud storage auditing scheme, in which the lowest-level PKGs play the role of TPA, and only the authorized lowest-level PKGs can represent users in their domains to check cloud data's integrity. Furthermore, we give the formal security analysis and experimental results, which show that our proposed scheme is secure and efficient.展开更多
With the development of Internet of things(IoT), more and more intelligent terminal devices outsource data to cloud servers(CSs). However, the CS is not fully trusted, and the heterogeneity among different domains mak...With the development of Internet of things(IoT), more and more intelligent terminal devices outsource data to cloud servers(CSs). However, the CS is not fully trusted, and the heterogeneity among different domains makes it difficult for third-party auditor(TPA) to conduct an efficient integrity auditing of outsourced data. Therefore, the cross-domain data cloud storage auditing scheme based on certificateless cryptography is proposed, which can effectively avoid the big burden of certificate management or key escrow problems in identity-based cryptography. At the same time, TPA can effectively audit the integrity of outsourced data in different domains. Formal security proof and analysis show that the cloud storage auditing scheme satisfies the security and privacy requirements. Performance analysis demonstrates that the efficiency is acceptable.展开更多
Storage auditing and client-side deduplication techniques have been proposed to assure data integrity and improve storage efficiency, respectively. Recently, a few schemes start to consider these two different aspects...Storage auditing and client-side deduplication techniques have been proposed to assure data integrity and improve storage efficiency, respectively. Recently, a few schemes start to consider these two different aspects together. However, these schemes either only support plaintext data file or have been proved insecure. In this paper, we propose a public auditing scheme for cloud storage systems, in which deduplication of encrypted data and data integrity checking can be achieved within the same framework. The cloud server can correctly check the ownership for new owners and the auditor can correctly check the integrity of deduplicated data. Our scheme supports deduplication of encrypted data by using the method of proxy re-encryption and also achieves deduplication of data tags by aggregating the tags from different owners. The analysis and experiment results show that our scheme is provably secure and efficient.展开更多
In the scenario of large-scale data ownership transactions,existing data integrity auditing schemes are faced with security risks from malicious third-party auditors and are inefficient in both calculation and communi...In the scenario of large-scale data ownership transactions,existing data integrity auditing schemes are faced with security risks from malicious third-party auditors and are inefficient in both calculation and communication,which greatly affects their practicability.This paper proposes a data integrity audit scheme based on blockchain where data ownership can be traded in batches.A data tag structure which supports data ownership batch transaction is adopted in our scheme.The update process of data tag does not involve the unique information of each data,so that any user can complete ownership transactions of multiple data in a single transaction through a single transaction auxiliary information.At the same time,smart contract is introduced into our scheme to perform data integrity audit belongs to third-party auditors,therefore our scheme can free from potential security risks of malicious third-party auditors.Safety analysis shows that our scheme is proved to be safe under the stochastic prediction model and k-CEIDH hypothesis.Compared with similar schemes,the experiment shows that communication overhead and computing time of data ownership transaction in our scheme is lower.Meanwhile,the communication overhead and computing time of our scheme is similar to that of similar schemes in data integrity audit.展开更多
基金supported by National Natural Science Foundation of China (No. 61572267, No. 61272425, No. 61402245)the Open Project of Co-Innovation Center for Information Supply & Assurance Technology, Anhui University+1 种基金the Open Project of the State Key Laboratory of Information Security,Institute of Information Engineering,Chinese Academy of Sciences(No.2017-MS-21, No.2016-MS-23)National Cryptography Development Fund of China (MMJJ20170118)
文摘Identity-based public cloud storage auditing schemes can check the integrity of cloud data, and reduce the complicated certificate management. In such a scheme, one Private Key Generator(PKG) is employed to authenticate the identity and generate private keys for all users, and one Third Party Auditor(TPA) is employed to by users to check the integrity of cloud data. This approach is undesirable for large-scale users since the PKG and the TPA might not be able to afford the heavy workload. To solve the problem, we give a hierarchical Private Key Generator structure for large-scale user groups, in which a root PKG delegates lower-level PKGs to generate private keys and authenticate identities. Based on the proposed structure, we propose an authorized identity-based public cloud storage auditing scheme, in which the lowest-level PKGs play the role of TPA, and only the authorized lowest-level PKGs can represent users in their domains to check cloud data's integrity. Furthermore, we give the formal security analysis and experimental results, which show that our proposed scheme is secure and efficient.
基金supported by the National Natural Science Foundation of China (61802354)。
文摘With the development of Internet of things(IoT), more and more intelligent terminal devices outsource data to cloud servers(CSs). However, the CS is not fully trusted, and the heterogeneity among different domains makes it difficult for third-party auditor(TPA) to conduct an efficient integrity auditing of outsourced data. Therefore, the cross-domain data cloud storage auditing scheme based on certificateless cryptography is proposed, which can effectively avoid the big burden of certificate management or key escrow problems in identity-based cryptography. At the same time, TPA can effectively audit the integrity of outsourced data in different domains. Formal security proof and analysis show that the cloud storage auditing scheme satisfies the security and privacy requirements. Performance analysis demonstrates that the efficiency is acceptable.
基金Supported by the National Natural Science Foundation of China(61373040,61173137)the Ph.D.Programs Foundation of Ministry of Education of China(20120141110002)the Key Project of Natural Science Foundation of Hubei Province(2010CDA004)
文摘Storage auditing and client-side deduplication techniques have been proposed to assure data integrity and improve storage efficiency, respectively. Recently, a few schemes start to consider these two different aspects together. However, these schemes either only support plaintext data file or have been proved insecure. In this paper, we propose a public auditing scheme for cloud storage systems, in which deduplication of encrypted data and data integrity checking can be achieved within the same framework. The cloud server can correctly check the ownership for new owners and the auditor can correctly check the integrity of deduplicated data. Our scheme supports deduplication of encrypted data by using the method of proxy re-encryption and also achieves deduplication of data tags by aggregating the tags from different owners. The analysis and experiment results show that our scheme is provably secure and efficient.
基金supported by National Key R&D Program of China(2020YFB1005900)the National Natural Science Foundation of China(62072051).
文摘In the scenario of large-scale data ownership transactions,existing data integrity auditing schemes are faced with security risks from malicious third-party auditors and are inefficient in both calculation and communication,which greatly affects their practicability.This paper proposes a data integrity audit scheme based on blockchain where data ownership can be traded in batches.A data tag structure which supports data ownership batch transaction is adopted in our scheme.The update process of data tag does not involve the unique information of each data,so that any user can complete ownership transactions of multiple data in a single transaction through a single transaction auxiliary information.At the same time,smart contract is introduced into our scheme to perform data integrity audit belongs to third-party auditors,therefore our scheme can free from potential security risks of malicious third-party auditors.Safety analysis shows that our scheme is proved to be safe under the stochastic prediction model and k-CEIDH hypothesis.Compared with similar schemes,the experiment shows that communication overhead and computing time of data ownership transaction in our scheme is lower.Meanwhile,the communication overhead and computing time of our scheme is similar to that of similar schemes in data integrity audit.
