摘要
云存储服务能够让个人或者企业以更低的成本轻松地维护和管理大量数据,但其在为人们带来便利的同时却无法保证其外包数据的完整性和隐私性。远程数据完整性验证方案可以使用户在不下载全部数据的情况下对外包数据的完整性进行验证,即云服务器能够向验证者证明它实际上是在诚实地存储用户的数据。对Li等提出的基于身份云存储远程数据完整性验证方案的安全性进行了分析,结果表明该方案容易受到伪造攻击,即云服务器仅需保存少量的数据就能够生成合法的数据完整性证明。在Li等方案的基础上,提出了一个新的基于身份远程数据完整性验证方案。分析表明,所提方案能够满足健壮性和隐私性的安全需求,且与Li等方案的计算开销也能保持基本一致。
Cloud storage services enable individuals or enterprises to easily maintain and manage large amounts of data at a low cost,but they cannot guarantee the integrity and privacy of outsourced data at the same time.The remote data integrity verification schemes allow users to verify the integrity of outsourced data without downloading all the data,that is,the cloud server can prove to the verifier that it is actually store the user′s data honestly.The security of an identity-based privacy preserving remote data integrity verification scheme proposed by Li et al.is analyzed.The analysis shows that the scheme is subjected to forgery attack,that is,the cloud server only needs to store a small amount of data to generate legitimate data integrity proof.Based on Li et al.’s scheme,a new identity-base remote data integrity verification scheme is proposed.The analysis shows that the new scheme can meet the security requirements of privacy and soundness,and the computational cost is basically comparable to that of Li et al.’s scheme.
作者
王少辉
赵铮宇
王化群
肖甫
WANG Shaohui;ZHAO Zhengyu;WANG Huaqun;XIAO Fu(School of Computer Science,Nanjing University of Posts&Telecommunications,Nanjing 210003,China;Jiangsu High Technology Research Key Laboratory for Wireless Sensor Networks,Nanjing 210003,China)
出处
《计算机科学》
CSCD
北大核心
2023年第7期302-307,共6页
Computer Science
基金
国家自然科学基金(61872192)。
