高级搜索

留言板

尊敬的读者、作者、审稿人, 关于本刊的投稿、审稿、编辑和出版的任何问题, 您可以本页添加留言。我们将尽快给您答复。谢谢您的支持!

姓名
邮箱
手机号码
标题
留言内容
验证码

基于区块链和雾计算的去中心化云端数据完整性审计方案

杨小东 王秀秀 李茜茜 周航 王彩芬

杨小东, 王秀秀, 李茜茜, 周航, 王彩芬. 基于区块链和雾计算的去中心化云端数据完整性审计方案[J]. 电子与信息学报, 2023, 45(10): 3759-3766. doi: 10.11999/JEIT210717
引用本文: 杨小东, 王秀秀, 李茜茜, 周航, 王彩芬. 基于区块链和雾计算的去中心化云端数据完整性审计方案[J]. 电子与信息学报, 2023, 45(10): 3759-3766. doi: 10.11999/JEIT210717
YANG Xiaodong, WANG Xiuxiu, LI Xixi, ZHOU Hang, WANG Caifen. Decentralized Integrity Auditing Scheme for Cloud Data Based on Blockchain and Edge Computing[J]. Journal of Electronics & Information Technology, 2023, 45(10): 3759-3766. doi: 10.11999/JEIT210717
Citation: YANG Xiaodong, WANG Xiuxiu, LI Xixi, ZHOU Hang, WANG Caifen. Decentralized Integrity Auditing Scheme for Cloud Data Based on Blockchain and Edge Computing[J]. Journal of Electronics & Information Technology, 2023, 45(10): 3759-3766. doi: 10.11999/JEIT210717

基于区块链和雾计算的去中心化云端数据完整性审计方案

doi: 10.11999/JEIT210717
基金项目: 国家自然科学基金(61662069, 61562077),中国博士后科学基金(2017M610817),兰州市科技计划项目(2013-4-22),西北师范大学青年教师科研能力提升计划(NWNU-LKQN-14-7)
详细信息
    作者简介:

    杨小东:男,博士后,教授,研究方向为云计算安全与代理重加密

    王秀秀:女,硕士生,研究方向为云计算安全

    李茜茜:女,硕士生,研究方向为区块链与大数据安全

    周航:女,硕士生,研究方向为属性基加密

    王彩芬:女,博士,教授,研究方向为信息安全协议与网络安全

    通讯作者:

    杨小东 y200888@163.com

  • 中图分类号: TN915.08; TP309

Decentralized Integrity Auditing Scheme for Cloud Data Based on Blockchain and Edge Computing

Funds: The National Natural Science Foundation of China (61662069, 61562077), China Postdoctoral Science Foundation (2017M610817), The Science and Technology Project of Lanzhou City (2013-4-22), The Foundation of Northwest Normal University (NWNU-LKQN-14-7)
  • 摘要: 针对传统云端数据完整性验证方案中存在过度依赖完全可信第三方审计者(TPA)、复杂的密钥管理和不支持数据访问者授权等问题,该文提出一种基于区块链和雾计算的去中心化数据完整性审计方案。为了实现审计方案的去中心化,使用雾节点和智能合约代替第三方审计者。利用区块链设计智能合约保障方案中各个实体的公平交易;将审计过程生成的证据存储在区块链中以防止各个实体的不诚实行为。引入无证书密码体制,解决了传统审计方案中复杂的密钥托管和证书管理问题。此外,通过加密累加器实现访问用户授权和身份认证。分析结果表明,该方案满足签名的不可伪造性,与同类方案相比具有较高的计算性能。
  • 图  1  系统模型图

    合约1 智能合约T0
     输入:存储数值$ d $
     输出:存储结果“0/1”
     1. Storage{
     2.  If 输入值==null
     3.   提示错误;
     4.  Else
     5.   存储$ d $;
     6.  End if
     7. }
    下载: 导出CSV
    合约3 智能合约T2
     输入:雾节点计算值$ {{\text{S}}_{\text{1}}} $和$ {{\text{S}}_2} $
     输出:验证结果“0/1”
     1. Promise{
     2.  If $ {{\text{S}}_{\text{1}}} $==$ {{\text{S}}_2} $
     3.   激活智能合约T1;
     4.  End if
     5. }
    下载: 导出CSV
    合约2 智能合约T1
     输入:收款账户CSP、支付金额$ {\text{am}} $、验证时间$ {\text{t}}{{\text{i}}_{\text{1}}} $
     输出:支付时间$ {\text{t}}{{\text{i}}_2} $
     1. Promise{
     2.  If 验证结果==1
     3.   DO向CSP支付金额$ {\text{am}} $;
     4.  End if
    5. }
    下载: 导出CSV

    表  1  性能比较

    方案无证书
    签名
    多用户
    共享
    区块链审计去
    中心化
    外包
    计算
    公平
    支付
    文献[11]××××
    文献[14]××××
    文献[15]×××
    本文方案
    下载: 导出CSV

    表  2  相关运算时间

    符号操作运算时间(ms)
    $ {T_{\text{P}}} $双线性配对运算$\approx 7.839\;506$
    $ {T_{\text{E}}} $群中点的幂运算$\approx 6.216\;714$
    $ {T_{\text{M}}} $群上标量积运算$\approx 0.022\;544$
    $ {T_{\text{m}}} $模乘运算$\approx 0.000\;322$
    $ {T_{\text{H}}} $哈希函数映射到点$\approx 13.346\;683$
    下载: 导出CSV

    表  3  计算开销对比(ms)

    方案文献[11]文献[14]本文方案
    块签名生成$ 2n{T_{\text{E}}} + n{T_{\text{M}}} + n{T_{\text{H}}} $
    $ \approx 12.46n $
    $ 2n{T_{\text{E}}} + 3n{T_{\text{M}}} + n{T_{\text{H}}} $
    $ \approx 12.48n $
    $ 2n{T_{\text{E}}} + n{T_{\text{M}}} + n{T_{\text{m}}} + n{T_{\text{H}}} $
    $ \approx 12.46n $
    签名验证$ 4{T_{\text{p}}} + 2n{T_{\text{E}}} + n{T_{\text{M}}} $
    $ \approx 31.36 + 12.45n $
    $ 3{T_{\text{p}}} + 4n{T_{\text{E}}} + 2n{T_{\text{M}}} $
    $ \approx 23.51 + 25.32n $
    $ 3{T_{\text{p}}} + 2n{T_{\text{E}}} $
    $ \approx 23.51 + 12.43n $
    证据生成$ 2c{T_{\text{p}}} + 4c{T_{\text{E}}} + c{T_{\text{M}}} + c{T_{\text{m}}} + {T_{\text{H}}} $
    $ \approx 13.35 + 40.56n $
    $ c{T_{\text{E}}} + c{T_{\text{M}}} + c{T_{\text{m}}} $
    $ \approx {\text{6}}{\text{.24}}c $
    $ c{T_{\text{E}}} + c{T_{\text{M}}} + c{T_{\text{m}}} $
    $ \approx {\text{6}}{\text{.24}}c $
    证据验证$ 2{T_{\text{P}}} + 4c{T_{\text{E}}} + c{T_{\text{M}}} + c{T_{\text{m}}} + c{T_{\text{H}}} $
    $ \approx {\text{15}}{\text{.68 + 38}}{\text{.23}}c $
    $ 4{T_{\text{P}}} + (3c + 2){T_{\text{E}}} + 3c{T_{\text{M}}} + 2c{T_{\text{m}}} + (c + 4){T_{\text{H}}} $$ \approx {\text{97}}{\text{.18 + 32}}{\text{.07}}c $$ 3{T_{\text{P}}} + (c + 1){T_{\text{E}}} + c{T_{\text{M}}} + c{T_{\text{m}}} + 2{T_{\text{H}}}. $
    $ \approx 56.33 + 6.24c $
    下载: 导出CSV

    表  4  智能合约成本测试

    交易消耗成本(gas)交易费用(美元)
    智能合约T0生成1786210.41
    智能合约T1生成1248330.28
    智能合约T2生成893910.2
    存储$ {{\text{S}}_{\text{1}}} $和$ {{\text{S}}_{\text{2}}} $658140.15
    智能合约T1调用324670.07
    智能合约T2调用540310.12
    下载: 导出CSV
  • [1] ZHOU Lei, FU Anmin, YANG Guomin, et al. Efficient certificateless multi-copy integrity auditing scheme supporting data dynamics[J]. IEEE Transactions on Dependable and Secure Computing, 2022, 19(2): 1118–1132. doi: 10.1109/TDSC.2020.3013927
    [2] 鲁金钿, 肖睿智, 金舒原. 云数据安全研究进展[J]. 电子与信息学报, 2021, 43(4): 881–891. doi: 10.11999/JEIT200158

    LU Jindian, XIAO Ruizhi, and JIN Shuyuan. A survey for cloud data security[J]. Journal of Electronics &Information Technology, 2021, 43(4): 881–891. doi: 10.11999/JEIT200158
    [3] WANG Tao, YANG Bo, LIU Hongyu, et al. An alternative approach to public cloud data auditing supporting data dynamics[J]. Soft Computing, 2019, 23(13): 4939–4953. doi: 10.1007/s00500-018-3155-4
    [4] ZHAO Haichun, YAO Xuanxia, ZHENG Xuefeng, et al. User stateless privacy-preserving TPA auditing scheme for cloud storage[J]. Journal of Network and Computer Applications, 2019, 129: 62–70. doi: 10.1016/j.jnca.2019.01.005
    [5] ATENIESE G, BURNS R, CURTMOLA R, et al. Provable data possession at untrusted stores[C]. The 14th ACM Conference on Computer and Communications Security, Alexandria, USA, 2007: 598–609.
    [6] BOWERS K D, JUELS A, and OPREA A. Proofs of retrievability: Theory and implementation[C]. The 2009 ACM Workshop on Cloud Computing Security, Chicago, USA, 2009: 43–54.
    [7] 张振超, 刘亚丽, 殷新春, 等. 无证书签名方案的分析及改进[J]. 密码学报, 2020, 7(3): 389–403. doi: 10.13868/j.cnki.jcr.000375

    ZHANG Zhenchao, LIU Yali, YIN Xinchun, et al. Analysis and improvement of certificateless signature schemes[J]. Journal of Cryptologic Research, 2020, 7(3): 389–403. doi: 10.13868/j.cnki.jcr.000375
    [8] 魏松杰, 李莎莎, 王佳贺. 基于身份密码系统和区块链的跨域认证协议[J]. 计算机学报, 2021, 44(5): 908–920. doi: 10.11897/SP.J.1016.2021.00908

    WEI Songjie, LI Shasha, and WANG Jiahe. A cross-domain authentication protocol by identity-based cryptography on consortium blockchain[J]. Chinese Journal of Computer, 2021, 44(5): 908–920. doi: 10.11897/SP.J.1016.2021.00908
    [9] 赵艳琦, 来齐齐, 禹勇, 等. 标准模型下基于身份的环签名方案[J]. 电子学报, 2018, 46(4): 1019–1024. doi: 10.3969/j.issn.0372-2112.2018.04.033

    ZHAO Yanqi, LAI Qiqi, YU Yong, et al. ID-based ring signature in the standard model[J]. Acta Electronica Sinica, 2018, 46(4): 1019–1024. doi: 10.3969/j.issn.0372-2112.2018.04.033
    [10] ZHANG Xiaojun, WANG Huaxiong, and XU Chunxiang. Identity-based key-exposure resilient cloud storage public auditing scheme from lattices[J]. Information Sciences, 2019, 472: 223–234. doi: 10.1016/j.ins.2018.09.013
    [11] WU Ge, MU Yi, SUSILO W, et al. Privacy-preserving certificateless cloud auditing with multiple users[J]. Wireless Personal Communications, 2019, 106(3): 1161–1182. doi: 10.1007/s11277-019-06208-1
    [12] 曾萍, 郭瑞芳, 马英杰, 等. 车载自组网中可证明安全的无证书认证方案[J]. 电子与信息学报, 2020, 42(12): 2873–2881. doi: 10.11999/JEIT190883

    ZENG Ping, GUO Ruifang, MA Yingjie, et al. Provable security certificateless authentication scheme for vehicular ad hoc network[J]. Journal of Electronics &Information Technology, 2020, 42(12): 2873–2881. doi: 10.11999/JEIT190883
    [13] 谢永, 李香, 张松松, 等. 一种可证安全的车联网无证书聚合签名改进方案[J]. 电子与信息学报, 2020, 42(5): 1125–1131. doi: 10.11999/JEIT190184

    XIE Yong, LI Xiang, ZHANG Songsong, et al. An improved provable secure certificateless aggregation signature scheme for vehicular ad hoc NETworks[J]. Journal of Electronics &Information Technology, 2020, 42(5): 1125–1131. doi: 10.11999/JEIT190184
    [14] ZHANG Yuan, XU Chunxiang, LIN Xiaodong, et al. Blockchain-based public integrity verification for cloud storage against procrastinating auditors[J]. IEEE Transactions on Cloud Computing, 2021, 9(3): 923–937. doi: 10.1109/TCC.2019.2908400
    [15] WANG Hao, QIN Hong, ZHAO Minghao, et al. Blockchain-based fair payment smart contract for public cloud storage auditing[J]. Information Sciences, 2020, 519: 348–362. doi: 10.1016/j.ins.2020.01.051
    [16] LI Jiguo, YAN Hao, and ZHANG Yichen. Certificateless public integrity checking of group shared data on cloud storage[J]. IEEE Transactions on Services Computing, 2021, 14(1): 71–81. doi: 10.1109/TSC.2018.2789893
    [17] NGUYEN L. Accumulators from bilinear pairings and applications[C]. Cryptographers' Track at the RSA Conference, San Francisco, USA, 2005: 275–292.
    [18] NAIR M S and RAJASREE M S. Fine-grained search and access control in multi-user searchable encryption without shared keys[J]. Journal of Information Security and Applications, 2018, 41: 124–133. doi: 10.1016/j.jisa.2018.06.006
    [19] FENG Xia, SHI Qichen, XIE Qingqing, et al. An efficient privacy-preserving authentication model based on blockchain for VANETs[J]. Journal of Systems Architecture, 2021, 117: 102158. doi: 10.1016/j.sysarc.2021.102158
    [20] TIAN Hui, NAN Fulin, CHANG C C, et al. Privacy-preserving public auditing for secure data storage in fog-to-cloud computing[J]. Journal of Network and Computer Applications, 2019, 127: 59–69. doi: 10.1016/j.jnca.2018.12.004
    [21] LI Hui and JING Tao. A lightweight fine-grained searchable encryption scheme in fog-based healthcare IoT networks[J]. Wireless Communications and Mobile Computing, 2019, 2019: 1019767. doi: 10.1155/2019/1019767
    [22] LI Hui and JING Tao. A ciphertext-policy attribute-based encryption scheme with public verification for an IoT-fog-cloud architecture[J]. Procedia Computer Science, 2020, 174: 243–251. doi: 10.1016/j.procs.2020.06.080
  • 加载中
图(1) / 表(7)
计量
  • 文章访问数:  495
  • HTML全文浏览量:  288
  • PDF下载量:  74
  • 被引次数: 0
出版历程
  • 收稿日期:  2021-07-15
  • 修回日期:  2022-07-25
  • 录用日期:  2023-08-09
  • 网络出版日期:  2023-08-11
  • 刊出日期:  2023-10-31

目录

    /

    返回文章
    返回