云存储中的安全问题研究及应用
|
摘要
近年来,在云计算这一新兴技术的背景下,基于海量数据的云存储服务已经成为各界人士关注的重点。同样,人们对于这一新的存储模式的安全问题也同样关注。本文在前人研究的基础上,对云存储中的安全问题进行深入探讨并对某些安全问题给出相应的解决方案。本文主要进行了如下三个方面的工作:
1.针对云存储中数据的恢复问题,我们提出基于秘密分享的数据存储和恢复方案,使用该方案的客户不用在其本地计算机中保存任何信息,就可以安全有效地从存储服务提供商那里提取所需的数据。由于该方案的公开可验证性,在数据恢复阶段,每一个服务器都可以验证它的合作者所提供的那份数据的正确性,从而可以防止服务器的欺骗。
2.对于云存储中数据的完整性验证,我们没有采用传统的MAC验证方法,而是基于RSA安全假设,提出了一种无需保留原始文件的数据完整性验证方案。该方案中,客户只要在本地保留其私钥sk就可以达到对数据的完整性验证,这样可以真正地减轻用户的存储负担,并且减少通信中的数据流量。同时,用户还可授权可信第三方TPA代替其进行验证。
3.我们基于离线TTP的公平交换技术,来阻止在数据交换过程中客户和服务器之间的欺骗,并且展示了在客户或者服务器产生不合法行为的情况下,TTP如何进行事后追踪,从而保证双方的利益,实现真正的公平。
对于本文所述的数据恢复、完整性验证、数据安全交换问题,我们不仅给出了相应的解决方案,还运用密码学上的协议分析方法,对每一种方案的可行性及安全性进行理论上的证明,从而,确保这些方案能够在实际中得以应用。
Recently, in the set of cloud computing as an emerging technology, cloud storage service based on huge amounts of data has become the focus of people from all fields of life. At the same time, the security issues of this new storage model is obtaining people's attention. In this paper, combined with previous studies, we make a further discussion of the security issues in cloud storage. And also we give the solutions of some security issues. Here, we mainly make the following three works:
Firstly, for the retrieval of data in this storage system, we propose a storage and retrieval scheme based on secret sharing. Users of this scheme do not need to store any information, then data can be extracted from the storage service provider safely and efficiently. Due to the public verification, every server can verify the correctness of its partners' share in retrieval phase. So, this can prevent the cheat of the cooperative servers in retrieve phase.
Secondly, about the data integrity verification in cloud storage, we didn't utilize the traditional MAC authentication methods. Based on the RSA assumption, we put forward an integrity verification scheme in which the user does not need to store their original data in local PC. Users can achieve the integrity verification as long as they retain their private key locally,'['his actually relieves the user's storage burden and reduces the data traffic in the communication. At the same time, a trusted third party TPA authorized by the user can check data integrity in cloud instead of his/her.
Thirdly, we apply a formula based on offline TTP fair exchange technology to prevent deception between client and server in the process of data exchange. And it shows the TTP how to execute later follow-ups in the case that the client or the server produces an unlawful behavior.
With regard to the three security issues raised in this paper:data retrieval、integrity check、data exchange, not only do we give the solutions, but also we use analysis method in cryptographic protocol to demonstrate the feasibility and safety of each program. Thus it ensures that these schemes can be applied in practice.
1.针对云存储中数据的恢复问题,我们提出基于秘密分享的数据存储和恢复方案,使用该方案的客户不用在其本地计算机中保存任何信息,就可以安全有效地从存储服务提供商那里提取所需的数据。由于该方案的公开可验证性,在数据恢复阶段,每一个服务器都可以验证它的合作者所提供的那份数据的正确性,从而可以防止服务器的欺骗。
2.对于云存储中数据的完整性验证,我们没有采用传统的MAC验证方法,而是基于RSA安全假设,提出了一种无需保留原始文件的数据完整性验证方案。该方案中,客户只要在本地保留其私钥sk就可以达到对数据的完整性验证,这样可以真正地减轻用户的存储负担,并且减少通信中的数据流量。同时,用户还可授权可信第三方TPA代替其进行验证。
3.我们基于离线TTP的公平交换技术,来阻止在数据交换过程中客户和服务器之间的欺骗,并且展示了在客户或者服务器产生不合法行为的情况下,TTP如何进行事后追踪,从而保证双方的利益,实现真正的公平。
对于本文所述的数据恢复、完整性验证、数据安全交换问题,我们不仅给出了相应的解决方案,还运用密码学上的协议分析方法,对每一种方案的可行性及安全性进行理论上的证明,从而,确保这些方案能够在实际中得以应用。
Recently, in the set of cloud computing as an emerging technology, cloud storage service based on huge amounts of data has become the focus of people from all fields of life. At the same time, the security issues of this new storage model is obtaining people's attention. In this paper, combined with previous studies, we make a further discussion of the security issues in cloud storage. And also we give the solutions of some security issues. Here, we mainly make the following three works:
Firstly, for the retrieval of data in this storage system, we propose a storage and retrieval scheme based on secret sharing. Users of this scheme do not need to store any information, then data can be extracted from the storage service provider safely and efficiently. Due to the public verification, every server can verify the correctness of its partners' share in retrieval phase. So, this can prevent the cheat of the cooperative servers in retrieve phase.
Secondly, about the data integrity verification in cloud storage, we didn't utilize the traditional MAC authentication methods. Based on the RSA assumption, we put forward an integrity verification scheme in which the user does not need to store their original data in local PC. Users can achieve the integrity verification as long as they retain their private key locally,'['his actually relieves the user's storage burden and reduces the data traffic in the communication. At the same time, a trusted third party TPA authorized by the user can check data integrity in cloud instead of his/her.
Thirdly, we apply a formula based on offline TTP fair exchange technology to prevent deception between client and server in the process of data exchange. And it shows the TTP how to execute later follow-ups in the case that the client or the server produces an unlawful behavior.
With regard to the three security issues raised in this paper:data retrieval、integrity check、data exchange, not only do we give the solutions, but also we use analysis method in cryptographic protocol to demonstrate the feasibility and safety of each program. Thus it ensures that these schemes can be applied in practice.
引文
[1]IDC. J.F. Gantz et al. The Expanding Digital Universe:A Forecast of Worldwide Information Growth through 2010, March,2007.Whitepaper.
[2]A. Juels and J. Burton S. Kaliski, "PORs:Proofs of Retrievability for Large Files," Proc. of CCS'07, pp.584-597,2007.
[3]D. L. G. Filho and P. S. L. M. Barreto, "Demonstrating Data Possession and Uncheatable Data Transfer," Cryptology ePrint Archive, Report 2006/150,2006, http://eprint.iacr.org/.
[4]C. Wang, Q. Wang. K. Ren. and W. Lou, "Ensuring data storage security in cloud computing," in Proc. of IWQoS'09, Charleston, South Carolina, USA,2009.
[5]G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D. Song, "Provable Data Possession at Untrusted Stores," Proc. of CCS'07, pp.598-609,2007.
[6]F. Bao, R. Deng, and W. Mao. Efficient and practical fair exchange protocols with offline TTP.In P. Karger and L. Gong, editors, Proceedings of IEEE Security & Privacy, pages 77-85, May 1998.
[7]Diffie W, Hellman M.E. New directions in cryptography[J].IEEE transactions on informa-tion theory,1976,31(4):469-472.
[8]《现代密码学基础理论与应用》张键红编著,电子科技大学出版社,2011.4.1
[9]Berry Schoenmakers. A simple publicly verifiable secret sharing scheme and its application to electronic voting.CRYPTO'99, LNCS 1666,pp.148-164, Springer-Verlag,1999.
[10]M. Stadler. Public verifiable secret sharing. Advances in Cryptology EUROCRYPT'96, LNCS 1070, U. Maurer ed., pp.190-199. Springer-Verlag,1996.
[11]D. Pointcheval and J. Stern. "Security Proofs for Signature Schemes", Advanced in Cryptology-Eurocrypt 1996, LNCS 1070. pp387-398, Springer-Verlag,1996.
[121 ATENIESE G,PIETRO R D.MANCINI L V, et al. Scalable and efficient provable data possession [C]//SecureComm'08:Proceedings of the 4th International Conference on Security and Privacy in Communication Networks. New York:ACM Press,2008:1-10.
[13]ATENIESE G, KAMARA S, KATZ J. Proofs of storage from homomorphic identification protocols [C]//ASIACRYPT'09:Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security:Advances in Cryptology. Berlin:Springer-Verlag,2009:319-333.
[14]CURTMOLA R, KHAN O, BURNS R, et al. MR-PDP:Multiple-replica provable data possession [C]//The 28th International Conference on Distributed Computing Systems. Piscataway:IEEE,2008:411-420.
[15| SHAH M A, BAKER M, MOGUL J C, et al. Auditing to keep online storage services honest [C]//HOTOS'07:Proceedings of the 11th USENIX Workshop on Hot Topics in Operating Systems.Berkeley, CA:USENIX Association,2007:1-6.
[16]ISO/IEC 9797:Data Cryptographic Techniques-Data Integrity Mechanism using a Cryptographic Check Function employing a Block Cipher Algorithm. International Organisation for Standardisation (1989)
[17]Q Wang, K. Ren, W Lou, and Y Zhang, "Dependable and secure sensor data storage with dynamic integrity assurance," in Proc. of IEEE INFOCOM'09, Riode Janeiro, Brazil, Appri 12009.
[18]T. Schwarz and E. L Miller, "Store, forget, and check Using algebraic signatures to check remotely administered storage," in Proc. of ICDCS'06,2006.
[19]H. Shacham and B. Waters, "'Compact proofs of retrievability," in Proc. of ASIACRYP T"08. Springer-Verlag,2008, pp.90-107.
[20]Hongwei Li. Yuanshun Dai. Ling Tian and Haomiao Yang, Identity-Based Authentic-ation for Cloud Computing, Cloud Computing 2009,LNCS 5931, pp157-166, Springer, Heidelberg (2009)
[21]彭长根,樊玫玫,李祥,具有多个仲裁者的可验证加密签名方案及应用[J]计算机工程,2008,34(5)
[22]Franklin and M.K. Reiter, " Fair exchange with a semi-trusted third party",in Proceedings of the 4th ACM Conference on Computer and Communication Security.April 1997. pp.1-5.
[23]T.ElGamal, "A public key cryptosystem and a signature scheme based on discrete logarithms", IEEE Transactions on Information Theory. Vol. IT-31, No.4,1985, pp.469-472.
[24]Wen ying Zeng, Yue Long Zhao, Kairi Qu, Wei Song. Research on cloud storage architecture and key technologies, School of Computer science and engineering, south china University of Technology
[25]武水卫,黄小猛.云存储.中国计算机学会 第5卷 第6期 2009年6月
[26]Amazon Simple Storage Service (S3). http://www.amazon.com/s3/,2009
[27]Google App Engine (GAE). http://code.google.com/appengine/,2009
[28]Dropbox. http://www.getdropbox.com/.2009
[29]史美林,姜进磊,孙瑞志等.云计算[M].北京:机械工业出版社,2009.
[30]唐箭.云存储系统的分析与应用研究[J].电脑知识与技术,2009,(20)
[31]Armbrust, M., Fox, A., Griffith, R. et al. Above the Clouds:A Berkeley View of Cloud
Computing. UCB/EECS-2009-28, EECS Department, University of California, Berkeley,2009.
[32]Bruece Schneier著.吴世忠等译.应用密码学 协议、算法与C源程序.机械工业出版社
[33]CAMENISCHJ, STADLER M, Efficient groups[A]..Proceedings of Crypto'97[C] Leeture1997.410-424.group signatures for large Notes in Computer Seiencel294
[34]杨文婷.数字签名在电子现金系统中的应用研究[D].扬州大学,2008
[35]邓宇乔.密码学在数字版权管理系统中的应用研究[D].油头大学,2010
[36]N.Asokan, V.ShouP M.Waidner A synchronous Protocols for optimistic fair exchange. Proceedings of IEEE Symposium on Research in Security and Privacy,1998,Vol.1:86
[37]FC Gartner, H Pagnia, H Vogt. Approaching a Formal Definition of Fairness in Electronic Commerce. In Proceedings of the International Workshop on Electronic Commerce (WELCO-OM'99), Lausanne, Switzerland, Oct.1999.
[38]N. Asokan. Fairness in Electronic Commerce. A thesis presented to the university of Waterloo in fulfillment of the thesis requirement for the degree of Doctor of Philosophy in Computer Science
[39]杜红珍.数字签名技术的若干问题研究[D].北京邮电大学,2009
[40]Ran Canetti, Oded Goldreich and Shai Halevi, The Random Oracle Methodology Revisited. STOC 1998. pp.209-218
[41]D. Chaum. A. Fiat, and M. Naor. Untraceable electronic cash. In Proc. Advances in Cryptology-Crypto'88.pages 319-327.1988.
[42| E.-C. Chang and J. Xu, "Remote integrity check with dishonest storage server."in Proc. of ESORICS"08. Berlin, Heidelberg:Springer-Verlag,2008, pp.223-237
[43]孙文高.数字签名技术研究[D].西安电子科技大学.2010
[44]K. D. Bowers. A. Juels. and A. Oprea, " Proofs of retrievability:Theory and implementation," Cryptology ePrint Archive, Report 2008/175.2008.
[2]A. Juels and J. Burton S. Kaliski, "PORs:Proofs of Retrievability for Large Files," Proc. of CCS'07, pp.584-597,2007.
[3]D. L. G. Filho and P. S. L. M. Barreto, "Demonstrating Data Possession and Uncheatable Data Transfer," Cryptology ePrint Archive, Report 2006/150,2006, http://eprint.iacr.org/.
[4]C. Wang, Q. Wang. K. Ren. and W. Lou, "Ensuring data storage security in cloud computing," in Proc. of IWQoS'09, Charleston, South Carolina, USA,2009.
[5]G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D. Song, "Provable Data Possession at Untrusted Stores," Proc. of CCS'07, pp.598-609,2007.
[6]F. Bao, R. Deng, and W. Mao. Efficient and practical fair exchange protocols with offline TTP.In P. Karger and L. Gong, editors, Proceedings of IEEE Security & Privacy, pages 77-85, May 1998.
[7]Diffie W, Hellman M.E. New directions in cryptography[J].IEEE transactions on informa-tion theory,1976,31(4):469-472.
[8]《现代密码学基础理论与应用》张键红编著,电子科技大学出版社,2011.4.1
[9]Berry Schoenmakers. A simple publicly verifiable secret sharing scheme and its application to electronic voting.CRYPTO'99, LNCS 1666,pp.148-164, Springer-Verlag,1999.
[10]M. Stadler. Public verifiable secret sharing. Advances in Cryptology EUROCRYPT'96, LNCS 1070, U. Maurer ed., pp.190-199. Springer-Verlag,1996.
[11]D. Pointcheval and J. Stern. "Security Proofs for Signature Schemes", Advanced in Cryptology-Eurocrypt 1996, LNCS 1070. pp387-398, Springer-Verlag,1996.
[121 ATENIESE G,PIETRO R D.MANCINI L V, et al. Scalable and efficient provable data possession [C]//SecureComm'08:Proceedings of the 4th International Conference on Security and Privacy in Communication Networks. New York:ACM Press,2008:1-10.
[13]ATENIESE G, KAMARA S, KATZ J. Proofs of storage from homomorphic identification protocols [C]//ASIACRYPT'09:Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security:Advances in Cryptology. Berlin:Springer-Verlag,2009:319-333.
[14]CURTMOLA R, KHAN O, BURNS R, et al. MR-PDP:Multiple-replica provable data possession [C]//The 28th International Conference on Distributed Computing Systems. Piscataway:IEEE,2008:411-420.
[15| SHAH M A, BAKER M, MOGUL J C, et al. Auditing to keep online storage services honest [C]//HOTOS'07:Proceedings of the 11th USENIX Workshop on Hot Topics in Operating Systems.Berkeley, CA:USENIX Association,2007:1-6.
[16]ISO/IEC 9797:Data Cryptographic Techniques-Data Integrity Mechanism using a Cryptographic Check Function employing a Block Cipher Algorithm. International Organisation for Standardisation (1989)
[17]Q Wang, K. Ren, W Lou, and Y Zhang, "Dependable and secure sensor data storage with dynamic integrity assurance," in Proc. of IEEE INFOCOM'09, Riode Janeiro, Brazil, Appri 12009.
[18]T. Schwarz and E. L Miller, "Store, forget, and check Using algebraic signatures to check remotely administered storage," in Proc. of ICDCS'06,2006.
[19]H. Shacham and B. Waters, "'Compact proofs of retrievability," in Proc. of ASIACRYP T"08. Springer-Verlag,2008, pp.90-107.
[20]Hongwei Li. Yuanshun Dai. Ling Tian and Haomiao Yang, Identity-Based Authentic-ation for Cloud Computing, Cloud Computing 2009,LNCS 5931, pp157-166, Springer, Heidelberg (2009)
[21]彭长根,樊玫玫,李祥,具有多个仲裁者的可验证加密签名方案及应用[J]计算机工程,2008,34(5)
[22]Franklin and M.K. Reiter, " Fair exchange with a semi-trusted third party",in Proceedings of the 4th ACM Conference on Computer and Communication Security.April 1997. pp.1-5.
[23]T.ElGamal, "A public key cryptosystem and a signature scheme based on discrete logarithms", IEEE Transactions on Information Theory. Vol. IT-31, No.4,1985, pp.469-472.
[24]Wen ying Zeng, Yue Long Zhao, Kairi Qu, Wei Song. Research on cloud storage architecture and key technologies, School of Computer science and engineering, south china University of Technology
[25]武水卫,黄小猛.云存储.中国计算机学会 第5卷 第6期 2009年6月
[26]Amazon Simple Storage Service (S3). http://www.amazon.com/s3/,2009
[27]Google App Engine (GAE). http://code.google.com/appengine/,2009
[28]Dropbox. http://www.getdropbox.com/.2009
[29]史美林,姜进磊,孙瑞志等.云计算[M].北京:机械工业出版社,2009.
[30]唐箭.云存储系统的分析与应用研究[J].电脑知识与技术,2009,(20)
[31]Armbrust, M., Fox, A., Griffith, R. et al. Above the Clouds:A Berkeley View of Cloud
Computing. UCB/EECS-2009-28, EECS Department, University of California, Berkeley,2009.
[32]Bruece Schneier著.吴世忠等译.应用密码学 协议、算法与C源程序.机械工业出版社
[33]CAMENISCHJ, STADLER M, Efficient groups[A]..Proceedings of Crypto'97[C] Leeture1997.410-424.group signatures for large Notes in Computer Seiencel294
[34]杨文婷.数字签名在电子现金系统中的应用研究[D].扬州大学,2008
[35]邓宇乔.密码学在数字版权管理系统中的应用研究[D].油头大学,2010
[36]N.Asokan, V.ShouP M.Waidner A synchronous Protocols for optimistic fair exchange. Proceedings of IEEE Symposium on Research in Security and Privacy,1998,Vol.1:86
[37]FC Gartner, H Pagnia, H Vogt. Approaching a Formal Definition of Fairness in Electronic Commerce. In Proceedings of the International Workshop on Electronic Commerce (WELCO-OM'99), Lausanne, Switzerland, Oct.1999.
[38]N. Asokan. Fairness in Electronic Commerce. A thesis presented to the university of Waterloo in fulfillment of the thesis requirement for the degree of Doctor of Philosophy in Computer Science
[39]杜红珍.数字签名技术的若干问题研究[D].北京邮电大学,2009
[40]Ran Canetti, Oded Goldreich and Shai Halevi, The Random Oracle Methodology Revisited. STOC 1998. pp.209-218
[41]D. Chaum. A. Fiat, and M. Naor. Untraceable electronic cash. In Proc. Advances in Cryptology-Crypto'88.pages 319-327.1988.
[42| E.-C. Chang and J. Xu, "Remote integrity check with dishonest storage server."in Proc. of ESORICS"08. Berlin, Heidelberg:Springer-Verlag,2008, pp.223-237
[43]孙文高.数字签名技术研究[D].西安电子科技大学.2010
[44]K. D. Bowers. A. Juels. and A. Oprea, " Proofs of retrievability:Theory and implementation," Cryptology ePrint Archive, Report 2008/175.2008.