安全与可靠云存储密码技术研究
发布时间:2019-06-25 14:50
【摘要】:具有高扩展、高可靠、价格低廉等特性的云存储,作为新型存储服务获得大众垂青。用户将数据托管给服务商,享受服务商提供的“按需付费”服务,但是不能像监控本地存储一样的监管云端数据。用户最为担心的是云端数据的安全性、完整性和可用性,因此,如何保证服务商所托管数据的安全性、完整性和可用性成为研究热点。一般的数据校验方法需要将云端数据下载到本地再进行验证,这无疑会给网络带来极大负担,因而这种校验方法并不能得到业界认可。随后,以RSA等公钥技术为基础的完整性验证算法,因其可以保证校验过程的保密性、通信开销低而得到应用。然而RSA公钥技术涉及大量指数运算导致计算量太大。云端数据具有动态性,用户可以进行增加、删除、更新等操作,这无形中对云端数据完整性验证提出了挑战。顺应这种需求,市面上出现了多种动态完整性验证方案,大部分基于MHT。伴随未来量子计算机的发展,基于传统数学困难问题的密码方案不再安全,比如基于大整数分解困难问题的RSA密码技术。因而,对云端数据完整性验证方案提出了如下更高的要求:(1)密码方案可以抵抗量子攻击;(2)支持公有审计;(3)保证验证过程中数据的隐私保护;(4)支持动态性验证;(5)运算效率高。本文以云存储完整性验证为研究对象,完成了以下两个方面的工作:1.本文利用基于格的线性同态签名方案(LHS)、默克尔哈希树(MHT)构造了可信第三方云存储完整性动态验证方案,此方案满足上述五个高级要求。方案引入可信第三方审计来支持公有审计,通过MHT的定义获得根节点的值,进而由根节点的值来判断云端数据块的完整性。并使用Python编程语言实现基本算法。2.本文描述并分析了当前HDFS文件操作机制及完整性验证方法,提出了完整性验证的不足——不能抵抗量子攻击。由于本文所提方案要求用户有较高的计算能力,为了减轻用户的计算负担,在用户与HDFS集群之间引入了应用服务器,并详细介绍文件管理、完整性验证预处理功能的实现。
[Abstract]:Cloud storage, which has the characteristics of high expansion, high reliability and low price, has been popular as a new storage service. Users host the data to the service provider and enjoy the "pay-as-you-go" service provided by the service provider, but they cannot monitor cloud data like monitoring local storage. Users are most worried about the security, integrity and availability of cloud data, so how to ensure the security, integrity and availability of data hosted by service providers has become a research focus. The general data verification method needs to download the cloud data to the local for verification, which will undoubtedly bring a great burden to the network, so this verification method can not be recognized by the industry. Then, the integrity verification algorithm based on RSA and other public key technologies is applied because it can ensure the confidentiality of the verification process and the communication overhead is low. However, RSA public key technology involves a large number of exponential operations, resulting in too much computation. Cloud data is dynamic, and users can increase, delete, update and so on, which challenges the integrity verification of cloud data. In response to this demand, there are a variety of dynamic integrity verification schemes on the market, most of which are based on MHT.. With the development of quantum computer in the future, the cryptography scheme based on traditional mathematical difficulty problem is no longer secure, such as RSA cryptography technology based on large integer decomposition difficulty problem. Therefore, the following higher requirements are put forward for the cloud data integrity verification scheme: (1) the cryptography scheme can resist quantum attacks; (2) support public audit; (3) ensure the privacy protection of the data in the verification process; (4) support dynamic verification; (5) the operation efficiency is high. In this paper, cloud storage integrity verification is taken as the research object, and the following two aspects are completed: 1. In this paper, a trusted third-party cloud storage integrity dynamic verification scheme is constructed by using the lattice-based linear homomorphism signature scheme (LHS), Merkell hash tree (MHT), which meets the above five advanced requirements. The scheme introduces trusted third party audit to support public audit, obtains the value of root node through the definition of MHT, and then judges the integrity of cloud data block by the value of root node. The basic algorithm is realized by using Python programming language. 2. In this paper, the current HDFS file operation mechanism and integrity verification methods are described and analyzed, and the deficiency of integrity verification is proposed, which can not resist quantum attacks. Because the scheme proposed in this paper requires users to have high computing power, in order to reduce the computing burden of users, an application server is introduced between users and HDFS clusters, and the implementation of file management and integrity verification preprocessing is introduced in detail.
【学位授予单位】:电子科技大学
【学位级别】:硕士
【学位授予年份】:2017
【分类号】:TP333;TP309
[Abstract]:Cloud storage, which has the characteristics of high expansion, high reliability and low price, has been popular as a new storage service. Users host the data to the service provider and enjoy the "pay-as-you-go" service provided by the service provider, but they cannot monitor cloud data like monitoring local storage. Users are most worried about the security, integrity and availability of cloud data, so how to ensure the security, integrity and availability of data hosted by service providers has become a research focus. The general data verification method needs to download the cloud data to the local for verification, which will undoubtedly bring a great burden to the network, so this verification method can not be recognized by the industry. Then, the integrity verification algorithm based on RSA and other public key technologies is applied because it can ensure the confidentiality of the verification process and the communication overhead is low. However, RSA public key technology involves a large number of exponential operations, resulting in too much computation. Cloud data is dynamic, and users can increase, delete, update and so on, which challenges the integrity verification of cloud data. In response to this demand, there are a variety of dynamic integrity verification schemes on the market, most of which are based on MHT.. With the development of quantum computer in the future, the cryptography scheme based on traditional mathematical difficulty problem is no longer secure, such as RSA cryptography technology based on large integer decomposition difficulty problem. Therefore, the following higher requirements are put forward for the cloud data integrity verification scheme: (1) the cryptography scheme can resist quantum attacks; (2) support public audit; (3) ensure the privacy protection of the data in the verification process; (4) support dynamic verification; (5) the operation efficiency is high. In this paper, cloud storage integrity verification is taken as the research object, and the following two aspects are completed: 1. In this paper, a trusted third-party cloud storage integrity dynamic verification scheme is constructed by using the lattice-based linear homomorphism signature scheme (LHS), Merkell hash tree (MHT), which meets the above five advanced requirements. The scheme introduces trusted third party audit to support public audit, obtains the value of root node through the definition of MHT, and then judges the integrity of cloud data block by the value of root node. The basic algorithm is realized by using Python programming language. 2. In this paper, the current HDFS file operation mechanism and integrity verification methods are described and analyzed, and the deficiency of integrity verification is proposed, which can not resist quantum attacks. Because the scheme proposed in this paper requires users to have high computing power, in order to reduce the computing burden of users, an application server is introduced between users and HDFS clusters, and the implementation of file management and integrity verification preprocessing is introduced in detail.
【学位授予单位】:电子科技大学
【学位级别】:硕士
【学位授予年份】:2017
【分类号】:TP333;TP309
【相似文献】
相关期刊论文 前10条
1 陈龙;李俊中;;支持不同粒度运算的远程数据完整性验证[J];吉林大学学报(工学版);2012年S1期
2 刘婷婷;赵勇;;一种隐私保护的多副本完整性验证方案[J];计算机工程;2013年07期
3 郑军;杨显;;西门子PLC与颇尔FFS02/FFSXC完整性验证仪之间的通讯[J];机电信息;2011年20期
4 杨平平;杜小勇;王洁萍;;DAS模式下基于密文分组索引的完整性验证[J];计算机科学与探索;2010年05期
5 韩卓;冉晓e,
本文编号:2505766
本文链接:https://www.wllwen.com/kejilunwen/jisuanjikexuelunwen/2505766.html
