电子学报2017,Vol.45Issue(12):2863-2872,10.DOI:10.3969/j.issn.0372-2112.2017.12.006
云存储中密文数据的客户端安全去重方案
A Security Client-side Deduplication with Encrypted Data in Cloud Storage
摘要
Abstract
In cloud storage environment,client-side data deduplication can detect duplicated files at local,so as to save storage space and network bandwidth effectively.However,client-side deduplication still faces many security challenges.Firstly,since the file hash value is regarded as the evidence of duplication detection,the attacker is likely to obtain a whole file via a hash of the file.Secondly,to ensure the privacy of data,convergent encryption has been widely used in data deduplication technology,but the data itself is predictable,so that convergent encryption still inevitably suffered from violence dictionary attacks.To solve problems mentioned above,this paper uses blind signature to construct a secure key generation protocol,by introducing a key server to achieve the secondary encryption of keys,which efficiently prevents violence dictionary attacks.Furthermore,we propose a Proof of Ownership method based on block key signature.It can effectively prevent the attacker from obtaining the file through a single hash value and can realize the file-level and block-level deduplication of the encrypted file simultaneously.Meanwhile,the security analysis shows that our scheme can be proved to be secure in the random oracle model and can meet the security properties such as convergence key security,tag consistency and anti-violence dictionary attacks.In addition,compared with the existing schemes,the experimental results show that the computational overhead of our scheme is relatively small in terms of file upload and file deduplication.关键词
客户端数据去重/收敛加密/盲签名/拥有权证明Key words
client deduplication/convergent encryption/blind signature/proof of ownership分类
信息技术与安全科学引用本文复制引用
付安民,宋建业,苏铓,李帅..云存储中密文数据的客户端安全去重方案[J].电子学报,2017,45(12):2863-2872,10.基金项目
国家自然科学基金项目(No.61572255,No.61702266) (No.61572255,No.61702266)
江苏省自然科学基金项目(No.BK20141404,BK20150787) (No.BK20141404,BK20150787)
中国博士后科学基金(No.2015M582622) (No.2015M582622)
江苏省研究生培养创新工程项目(No.KYLX16_0465) (No.KYLX16_0465)
