ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2015, Vol. 52 ›› Issue (10): 2422-2430.doi: 10.7544/issn1000-1239.2015.20150515

所属专题: 2015网络安全与隐私保护研究进展

• 信息安全 • 上一篇    

基于部分授权的可证明数据持有性验证

钟婷,韩校,赵宇龙   

  1. (电子科技大学信息与软件工程学院 成都 610054) (zhongting@uesct.edu.cn)
  • 出版日期: 2015-10-01
  • 基金资助: 
    基金项目:国家自然科学基金项目(61472064);四川省科技支撑基金项目(2015GZ0095);中央高校基本科研业务费基础研究项目(YGX2013J072)

Provable Data Possession by Partial Delegation

Zhong Ting, Han Xiao, Zhao Yulong   

  1. (School of Information and Software Engineering, University of Electronic Science and Technology of China, Chengdu 610054)
  • Online: 2015-10-01

摘要: 可证明数据持有性验证(provable data possession, PDP)是云存储中重要的完整性验证技术,采用可证明数据持有验证,客户可通过常量级运算验证云服务器是否诚实地持有客户数据.某些情况下,客户无法亲自验证云端的数据持有,此时客户需要授权代理对云端数据进行持有验证.针对上述问题,提出了一种基于部分授权的可证明数据持有验证方案(provable data possession based on partial delegation, PDPPD),新方案基于双线性对及部分授权技术支持数据拥有者直接通过密钥变形方式委任代理方进行数据持有验证,并且数据拥有者可以随时撤销或更换代理方,证明了方案的安全性.与现有数据持有性验证方案相比,新方案在保证相同安全强度的条件下,具有更小的计算量和通信量,且应用场景更加广泛.

关键词: 可证明数据持有性验证, 双线性对, 部分代理签名, 可证明安全, 存储安全

Abstract: Provable data possession (PDP) is an important integrity checking technique in cloud storage. By using PDP, the client moves its data to cloud server and checks the possession of the data with constant computation. However, the client sometimes is not available to check its data possession. For example, the client wants to check its data which are stored in cloud server when he is in prison or at sea. In those cases, a convenient way to delegate the power of checking data possession to a proxy is necessary. In order to solve this problem, we propose a new provable data possession based on partial delegation (PDPPD). The PDPPD system model and security model are based on bilinear pairing and partial delegation. And the major feature of the proposed scheme is following: the client can delegate verification power to the proxy by sharing the converted secret key with the proxy, and the client can revoke or delete the proxy in an easy way at any time. Through our security analysis, the proposed scheme is provably secure. Compared with existing PDP schemes, the proposed scheme has less computation and communication overhead with the same level of security and also has wider application scenarios.

Key words: provable data possession (PDP), bilinear pairing, partial delegation, provable security, storage security

中图分类号: