| 具有私钥可恢复能力的云存储完整性检测方案 |
| |
| 引用本文: | 沈文婷,于佳,杨光洋,程相国,郝蓉. 具有私钥可恢复能力的云存储完整性检测方案[J]. 软件学报, 2016, 27(6): 1451-1462 |
| |
| 作者姓名: | 沈文婷 于佳 杨光洋 程相国 郝蓉 |
| |
| 作者单位: | 青岛大学 信息工程学院,山东, 青岛 266071,青岛大学 信息工程学院,山东, 青岛 266071;中国科学院信息工程研究所 信息安全国家重点实验室, 北京 100093,青岛大学 信息工程学院,山东, 青岛 266071,青岛大学 信息工程学院,山东, 青岛 266071,青岛大学 信息工程学院,山东, 青岛 266071 |
| |
| 基金项目: | 国家自然科学基金(61572267, 61272425, 60703089, 61402245); 山东省自然科学基金(ZR2014FQ010, ZR2010FQ019); 信息安全国家重点实验室开放课题基金; 华为科技基金(YB2013120027); 青岛市建设事业科技发展项目(JK2015-26) |
| |
| 摘 要: | 共享数据云存储完整性检测用来验证一个群体共享在云端数据的完整性,是最常见的云存储完整性检测方式之一.在云存储完整性检测中,用户用于生成数据签名的私钥可能会因为存储介质的损坏、故障等原因而无法使用.然而,目前已有的共享数据云存储完整性检测方案均没有考虑到这个现实问题.本文首次探索了如何解决共享数据云存储完整性检测中私钥不可用的问题,提出了第一个具有私钥可恢复能力的共享数据云存储完整性检测方案.在方案中,当一个群用户的私钥不可用时,可以通过群里的t个或者t个以上的用户帮助他恢复私钥.同时,设计了一个随机遮掩技术,用于确保参与成员私钥的安全性.用户也可验证被恢复私钥的正确性.最后,给出安全性和实验结果的分析,结果显示提出方案是安全高效的.
|
| 关 键 词: | 云存储 数据完整性检测 私钥恢复 秘密共享 安全性 |
| 收稿时间: | 2015-08-14 |
| 修稿时间: | 2015-10-09 |
Cloud Storage Integrity Checking Scheme with Private Key Recovery Capability |
| |
| SHEN Wen-Ting,YU Ji,YANG Guang-Yang,CHENG Xiang-Guo and HAO Rong. Cloud Storage Integrity Checking Scheme with Private Key Recovery Capability[J]. Journal of Software, 2016, 27(6): 1451-1462 |
| |
| Authors: | SHEN Wen-Ting YU Ji YANG Guang-Yang CHENG Xiang-Guo HAO Rong |
| |
| Affiliation: | College of Information Engineering, Qingdao University, Qingdao 266071, China,College of Information Engineering, Qingdao University, Qingdao 266071, China;State Key Laboratory of Information Security (Institute of Information Engineering, The Chinese Academy of Sciences), Beijing 100093, China,College of Information Engineering, Qingdao University, Qingdao 266071, China,College of Information Engineering, Qingdao University, Qingdao 266071, China and College of Information Engineering, Qingdao University, Qingdao 266071, China |
| |
| Abstract: | Cloud storage integrity checking for shared data is used to verify the integrity of cloud data shared by a group, which is one of the most common ways of cloud storage integrity checking. In cloud storage integrity checking, the private key which is used to generate data signatures by user may be unavailable because of the damage or the fault of storage medium. However, currently existing cloud storage integrity checking schemes for shared data do not consider this realistic problem. In this paper, we firstly explore how to deal with the problem of the private key unavailability in cloud storage integrity checking for shared data. We propose the first scheme that enables cloud storage integrity checking for shared data with private key-recovery ability. In our scheme, when a group user's private key is unavailable, we can recover this user's private key with the help of or more users in the group. At the same time, we design a random masking technology to guarantee the security of participating members' private keys. The user can also verify the correctness of the recovered private key. At last, we give the analysis of security and experimental results, which show that our proposed scheme is secure and efficient. |
| |
| Keywords: | cloud storage data integrity checking private key recovery secret sharing security |
|
| 点击此处可从《软件学报》浏览原始摘要信息 |
|
点击此处可从《软件学报》下载全文 |
|
