云存储中基于身份的数据完整性验证的研究
发布时间:2018-07-31 16:37
【摘要】:云存储中,用户将数据存储在云服务器中,这些数据不再受到用户直接的监管和控制,从而无法确保存储在云中的数据是完整的。如何确保用户数据的完整性是学术界研究的一个热点问题。数据完整性验证是保证云存储中数据完整的有效方法。本文研究了基于身份密码体制下的数据完整性验证问题,贡献主要包括以下两点:(1)为了解决基于身份的密码体制中密钥托管所带来的数据完整性验证不可信性,利用基于身份的聚合签名对IBPV方案进行改进,提出了一个基于身份的数据完整性验证方案。具体的是将用户自己生成的密钥作为文件生成标签的密钥,而用PKG为其生成的私钥对用户自己生成的加密公钥等信息签名,从而提高了数据完整性验证的可信性和安全性。(2)为了确保动态环境下的数据完整性,首先引入默克尔树,设置了默克尔树的叶子结点值和非叶子结点的构造方法,提出了一个动态更新机制,实现数据的动态更新,包括单个数据的全动态更新(修改、插入、删除)、批量数据的修改和删除。然后对前面提出的方案进行调整,实现了对动态的数据进行完整性验证。通过安全性证明、仿真实验及复杂度分析表明了方案是安全可行的。
[Abstract]:In cloud storage, the user stores the data in the cloud server, which is no longer directly supervised and controlled by the user, so the data stored in the cloud cannot be guaranteed to be complete. How to ensure the integrity of user data is a hot issue in academic research. Data integrity verification is an effective method to ensure data integrity in cloud storage. In this paper, we study the authentication of data integrity in identity-based cryptosystem. The main contributions are as follows: (1) in order to solve the problem of data integrity verification caused by key escrow in identity-based cryptosystem, the data integrity verification is not credible. An identity-based data integrity verification scheme is proposed by improving the IBPV scheme using identity-based aggregate signatures. Specifically, the key generated by the user is used as the key of the file generation tag, and the private key generated by PKG is used to sign the encrypted public key and other information generated by the user himself. In order to ensure the integrity of data in dynamic environment, the Merkel tree is first introduced, the leaf node value of Merkel tree and the construction method of non-leaf node are set. A dynamic updating mechanism is proposed to realize the dynamic updating of data, including the full dynamic updating (modification, insertion, deletion) of single data, the modification and deletion of batch data. Then the proposed scheme is adjusted to verify the integrity of the dynamic data. The simulation experiment and complexity analysis show that the scheme is safe and feasible.
【学位授予单位】:河北大学
【学位级别】:硕士
【学位授予年份】:2017
【分类号】:TP333;TP309
本文编号:2156170
[Abstract]:In cloud storage, the user stores the data in the cloud server, which is no longer directly supervised and controlled by the user, so the data stored in the cloud cannot be guaranteed to be complete. How to ensure the integrity of user data is a hot issue in academic research. Data integrity verification is an effective method to ensure data integrity in cloud storage. In this paper, we study the authentication of data integrity in identity-based cryptosystem. The main contributions are as follows: (1) in order to solve the problem of data integrity verification caused by key escrow in identity-based cryptosystem, the data integrity verification is not credible. An identity-based data integrity verification scheme is proposed by improving the IBPV scheme using identity-based aggregate signatures. Specifically, the key generated by the user is used as the key of the file generation tag, and the private key generated by PKG is used to sign the encrypted public key and other information generated by the user himself. In order to ensure the integrity of data in dynamic environment, the Merkel tree is first introduced, the leaf node value of Merkel tree and the construction method of non-leaf node are set. A dynamic updating mechanism is proposed to realize the dynamic updating of data, including the full dynamic updating (modification, insertion, deletion) of single data, the modification and deletion of batch data. Then the proposed scheme is adjusted to verify the integrity of the dynamic data. The simulation experiment and complexity analysis show that the scheme is safe and feasible.
【学位授予单位】:河北大学
【学位级别】:硕士
【学位授予年份】:2017
【分类号】:TP333;TP309
【参考文献】
相关期刊论文 前9条
1 冯朝胜;秦志光;袁丁;;云数据安全存储技术[J];计算机学报;2015年01期
2 丁滟;王怀民;史佩昌;吴庆波;戴华东;富弘毅;;可信云服务[J];计算机学报;2015年01期
3 谭霜;贾焰;韩伟红;;云存储中的数据完整性证明研究及进展[J];计算机学报;2015年01期
4 傅颖勋;罗圣美;舒继武;;安全云存储系统与关键技术综述[J];计算机研究与发展;2013年01期
5 陈兰香;;一种基于同态Hash的数据持有性证明方法[J];电子与信息学报;2011年09期
6 曾梦岐;卿昱;谭平璋;杨宇;周楝淞;;基于身份的加密体制研究综述[J];计算机应用研究;2010年01期
7 肖达;舒继武;陈康;郑纬民;;一个网络归档存储中实用的数据持有性检查方案[J];计算机研究与发展;2009年10期
8 冯登国;可证明安全性理论与方法研究[J];软件学报;2005年10期
9 徐秋亮,李大兴;椭圆曲线密码体制[J];计算机研究与发展;1999年11期
,本文编号:2156170
本文链接:https://www.wllwen.com/kejilunwen/jisuanjikexuelunwen/2156170.html
