摘要
共享数据云存储完整性检测用来验证一个群体共享在云端数据的完整性,是最常见的云存储完整性检测方式之一.在云存储完整性检测中,用户用于生成数据签名的私钥可能会因为存储介质的损坏、故障等原因而无法使用.然而,目前已有的共享数据云存储完整性检测方案均未考虑到这个现实问题.探索了如何解决共享数据云存储完整性检测中私钥不可用的问题,提出了第1个具有私钥可恢复能力的共享数据云存储完整性检测方案.在方案中,当一个群用户的私钥不可用时,可以通过群里的t个或者t个以上的用户帮助其恢复私钥.同时,设计了随机遮掩技术,用于确保参与成员私钥的安全性.用户也可验证被恢复私钥的正确性.最后,给出安全性和实验结果的分析,结果显示所提方案是安全高效的.
Verifying the integrity of cloud data shared by a group is one of the most common usage of cloud storage integrity checking. In cloud storage integrity checking, the private key which is used to generate data signatures by user may be unavailable because of the damage or the fault of storage medium. However, currently existing cloud storage integrity checking schemes for shared data do not consider this realistic problem. This paper first explores how to deal with the problem of the private key unavailability in cloud storage integrity checking for shared data. A new scheme that enables cloud storage integrity checking for shared data with private key-recovery ability is proposed. In this scheme, when a group user's private key is unavailable, this user's private key can be recovered with the helpof t or more users in the group. At the same time, a random masking technology is designed to guarantee the security of participating members' private keys. The user can also verify the correctness of the recovered private key. Finally, the analysis of security and experimental results are provided to show that the proposed scheme is secure and efficient.
出处
《软件学报》
EI
CSCD
北大核心
2016年第6期1451-1462,共12页
Journal of Software
基金
国家自然科学基金(61572267,61272425,60703089,61402245)
山东省自然科学基金(ZR2014FQ010, ZR2010FQ019)
信息安全国家重点实验室开放课题基金
华为科技基金(YB2013120027)
青岛市建设事业科技发展项目(JK2015-26)
关键词
云存储
数据完整性检测
私钥恢复
秘密共享
安全性
cloud storage
data integrity checking
private key recovery
secret sharing
security
