云存储近年来发展迅猛,越来越多的用户选择将他们的数据存储在云服务器中.为了检验云存储数据的完整性,研究者们提出了可证数据持有(Provable Data Possession,PDP).用户在某些情况下无法访问互联网,例如在远洋轮渡上,或是参加某些涉密的项目时,因此必须将远程数据完整性检验委托给代理.然而在代理PDP中,一旦用户的私钥泄露,审计方案将无法进行.针对上述问题,所提方案将密钥隔离技术与代理PDP相结合,在系统模型中引入了物理上安全但计算受限的助手设备.助手设备在每个时间段生成更新信息并发送给用户,帮助用户计算当前时段的签名密钥.在此方案下,敌手无法在密钥未泄露的时间段伪造用户生成的认证器.安全性分析和性能分析表明,所提方案是安全高效的.
Proxy Provable Data Possession with Key-exposure Resilient
More and more clients would like to store their data to public cloud server along with the rapid development of cloud storage.To check the integrity of remote data,researchers proposed provable data possession(PDP).In some cases,the client will be restricted to access the Internet,such as on the ocean-going vessel,participating in some classified projects.It has to delegate the remote data possession checking task to some proxy.However,in proxy PDP,once the client's private key is exposed,audi-ting schemes would inevitably become unable to work.To solve these problems,the proposed scheme combines key-insulated with proxy PDP,and introduces a physically-secure but computationally-limited helper into the system model.The helper generates an update message in each time period and then sends it to the client to help the client calculate the signing key for the current time peroid.In this scheme,adversaries cannot forge user-generated authenticators during the time period when the key is not leaked.Security analysis and performance analysis show that the proposed scheme is secure and efficient.
Provable data possessionKey exposure resilientProxyCloud storage security
NETL
NSTL
万方数据
