ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2022, Vol. 59 ›› Issue (10): 2247-2260.doi: 10.7544/issn1000-1239.20220529

所属专题: 2022数据安全与智能隐私保护研究专题

• 信息安全 • 上一篇    下一篇

支持密钥更新与审计者更换的云安全审计方案

周磊1,2,陈珍珠1,付安民1,2,苏铓1,俞研1   

  1. 1(南京理工大学计算机科学与工程学院 南京 210094);2(广西可信软件重点实验室(桂林电子科技大学) 广西桂林 541004) (1249709729@qq.com)
  • 出版日期: 2022-10-01
  • 基金资助: 
    国家自然科学基金项目(62072239);江苏省自然科学基金项目(BK20211192);广西可信软件重点实验室研究课题资助(KX202029);中央高校基本科研业务费专项资金(30921013111,30920021129)

Cloud Secure Auditing Scheme Supporting Key Update and Auditor Replacement

Zhou Lei1,2, Chen Zhenzhu1, Fu Anmin1,2, Su Mang1, Yu Yan1   

  1. 1(School of Computer Science and Engineering, Nanjing University of Science & Technology, Nanjing 210094);2(Guangxi Key Laboratory of Trusted Software (Guilin University of Electronic Technology), Guilin, Guangxi 541004)
  • Online: 2022-10-01
  • Supported by: 
    This work was supported by the National Natural Science Foundation of China (62072239), the Jiangsu Natural Science Foundation of China (BK20211192), the Project of Guangxi Key Laboratory of Trusted Software (KX202029), and the Fundamental Research Funds for the Central Universities (30921013111, 30920021129).

摘要: 云存储提供数据托管服务,解决了本地端数据管理与分享受限问题.但现有的用于确保云存储数据完整性的审计方案面临一个重要的安全问题:签名密钥一旦泄露,依赖于该密钥产生签名的审计方案将无法提供完整性保护.此外,现有审计方案均默认在整个审计期间仅有一个审计者,然而审计者可能由于被攻陷、被贿赂或资源不足不能再提供审计代理服务.因此,提出一个支持密钥更新与审计者更换的审计方案AKUAR(auditing scheme supporting key update and auditor replacement).针对密钥暴露导致签名无效问题,AKUAR结合双线性对与代理重签名思想设计了高效安全的密钥与标签更新机制,并且由云端承担计算复杂的标签更新操作,仅在本地端引入了少量的开销.此外,当充当审计者的雾节点退出审计时,新的雾节点可以代替其继续进行完整性审计工作,在保证新签名密钥不被泄露给旧雾节点的同时实现了审计服务的可持续性.安全分析证明了AKUAR是安全的,性能评估也证实了AKUAR在标签生成与密钥更新阶段仅引入了少量可接受的计算开销与通信开销.

关键词: 云存储, 完整性审计, 密钥更新, 密钥暴露抵制, 审计者更换

Abstract: Cloud storage provides data hosting services, which solves the issue of local data management and sharing restrictions. Existing audit methods used for securing the cloud data usually have a serious security flaw: if the signature key is revealed, the audit proposal that relies on the key to produce signatures would no longer guarantee the data integrity. In addition, most audit schemes assume that there is only one fixed auditor throughout the auditing process. However, due to being compromised, bribed, or lacking resources, the auditor may not be able to perform audit agency services anymore. Therefore, we propose a cloud secure auditing scheme supporting key update and auditor replacement, named AKUAR. In the model, AKUAR utilizes bilinear pairs and proxy re-signature idea to develop an efficient key and tag update mechanism, wherein the cloud server undertakes the computationally intensive tag update operations and only a little amount of cost is incurred in the local side. In addition, when the fog node acting as the auditor terminates the audit, the new fog node can carry on the integrity audit in its place, realizing the sustainability of the audit service and preventing disclosure of the new signature key to the old fog node. Finally, security analysis demonstrates that AKUAR is provably secure, and performance evaluations also confirm that AKUAR only introduces a modest amount of acceptable computational and communication costs during the tag generation and key update phases.

Key words: cloud storage, integrity auditing, key update, key exposure resistance, auditor replacement

中图分类号: