Dynamic cloud data audit model based on nest Merkle Hash tree block chain
ZHOU Jian1,2, JIN Yu1,2, HE Heng2, LI Peng2
1. College of Computer Science and Technology, Wuhan University of Science and Technology, Wuhan Hubei 430065, China; 2. Hubei Province Key Laboratory of Intelligent Information Processing and Real-time Industrial System, Wuhan Hubei 430065, China
Abstract:Cloud storage is popular to users for its high scalability, high reliability, and low-cost data management. However, it is an important security problem to safeguard the cloud data integrity. Currently, providing public auditing services based on semi-trusted third party is the most popular and effective cloud data integrity audit scheme, but there are still some shortcomings such as single point of failure, computing power bottlenecks, and low efficient positioning of erroneous data. Aiming at these defects, a dynamic cloud data audit model based on block chain was proposed. Firstly, distributed network and consensus algorithm were used to establish a block chain audit network with multiple audit entities to solve the problems of single point of failure and computing power bottlenecks. Then, on the guarantee of the reliability of block chain, chameleon Hash algorithm and nest Merkle Hash Tree (MHT) structure were introduced to realize the dynamic operation of cloud data tags in block chain. Finally, by using nest MHT structure and auxiliary path information, the efficiency of erroneous data positioning was increased when error occurring in audit procedure. The experimental results show that compared with the semi-trusted third-party cloud data dynamic audit scheme, the proposed model significantly improves the audit efficiency, reduces the data dynamic operation time cost and increases the erroneous data positioning efficiency.
周坚, 金瑜, 何亨, 李鹏. 基于嵌套Merkle Hash tree区块链的云数据动态审计模型[J]. 计算机应用, 2019, 39(12): 3575-3583.
ZHOU Jian, JIN Yu, HE Heng, LI Peng. Dynamic cloud data audit model based on nest Merkle Hash tree block chain. Journal of Computer Applications, 2019, 39(12): 3575-3583.
[1] 谭霜,贾焰,韩伟红.云存储中的数据完整性证明研究及进展[J].计算机自动化学报,2015,38(1):164-177.(TAN S, JIA Y, HAN W H. Research and development of provable data integrity in cloud storage[J]. Chinese Journal of Computers, 2015, 38(1):164-177.) [2] WANG Q, WANG C, LI J, et al. Enabling public verifiability and data dynamics for storage security in cloud computing[C]//Proceedings of the 2009 European Conference on Research in Computer Security, LNCS 5789. Berlin:Springer, 2009:355-370. [3] WANG C, WANG Q, REN K, et al. Privacy-preserving public auditing for data storage security in cloud computing[C]//Proceedings of the 29th Conference on Information communications. Piscataway:IEEE, 2010:525-533. [4] ZHENG Q, XU S. Fair and dynamic proofs of retrievability[C]//Proceedings of the 1st ACM Conference on Data and Application Security and Privacy. New York:ACM, 2011:290-295. [5] WANG Q, WANG C, REN K, et al. Enabling public auditability and data dynamics for storage security in cloud computing[J]. IEEE Transactions on Parallel and Distributed Systems, 2011, 22(5):847-859. [6] YANG K, JIA X. An efficient and secure dynamic auditing protocol for data storage in cloud computing[J]. IEEE Transactions on Parallel and Distributed Systems, 2013, 24(9):1717-1726. [7] ERWAY C C, KÜPÇÜ A, PAPAMANTHOU C, et al. Dynamic provable data possession[J]. ACM Transactions on Information and System Security. New York:ACM, 2015:Article No.15. [8] 李勇,姚戈,雷丽楠,等.基于多分支路径树的云存储数据完整性验证机制[J].清华大学学报(自然科学版),2016,56(5):504-510.(LI Y, YAO G, LEI L N, et al. LBT-based cloud data integrity verification scheme[J]. Journal of Tsinghua University (Science and Technology), 2016, 56(5):504-510). [9] GARG N, BAWA S. RITS-MHT:relative indexed and time stamped merkle Hash tree based data auditing protocol for cloud computing[J]. Journal of Network and Computer Applications, 2017, 84:1-13. [10] FILHO D L G, BARRETO P S L M. Demonstrating data possession and uncheatable data transfer[EB/OL].[2019-01-20]. https://eprint.iacr.org/2006/150.pdf. [11] DESWARTE Y, QUISQUATER J J, SA? DANE A. Remote integrity checking[C]//Proceedings of the 2003 Working Conference on Integrity and Internal Control in Information Systems, IFIPAICT 140. Boston:Springer, 2004:1-11. [12] ATENIESE G, BURNS R, CURTMOLA R, et al. Provable data possession at untrusted stores[C]//Proceedings of the 14th ACM Conference on Computer and Communications Security. New York:ACM, 2007:598-609. [13] ATENIESE G, DI PIETRO R, MANCINI L V, et al. Scalable and efficient provable data possession[C]//Proceedings of the 4th International Conference on Security and Privacy in Communication Networks. New York,:ACM, 2008:Article No. 9. [14] CURTMOLA R, KHAN O, BURNS R C, et al. Robust remote data checking[C]//Proceedings of the 4th ACM International Workshop on Storage Security and Survivability. New York:ACM, 2008:63-68. [15] ATENIESE G, BURNS R, CURTMOLA R, et al. Remote data checking using provable data possession[J]. ACM Transactions on Information and System Security, 2011, 14(1):Article No.12. [16] 袁勇,王飞跃.区块链技术发展现状与展望[J].自动化学报,2016,42(4):481-494.(YUAN Y, WANG F Y. Blockchain:the state of the art and future treads[J]. Acta Automatica Sinica, 2016, 42(4):481-494.) [17] 谢辉,王健.区块链技术及其应用研究[J].信息网络安全,2016(9):192-195.(XIE H, WANG J. Study on blockchain technology and its applications[J]. Netinfo Security, 2016(9):192-195) [18] 何蒲,于戈,张岩峰,等.区块链技术与应用前瞻综述[J].计算机科学,2017,44(4):1-7,15.(HE P, YU G, ZHANG Y F, et al. Survey on blockchain technology and its application prospect[J]. Computer Science, 2017, 44(4):1-7, 15.) [19] 杨宇光,张树新.区块链共识机制综述[J].信息安全研究,2018,4(4):369-379.(YANG Y G, ZHANG S X. Review and research for consensus mechanism of block chain[J]. Journal of Information Security Research, 2018, 4(4):369-379) [20] NAKAMOTO S. Bitcoin:a peer-to-peer electronic cash system[EB/OL].[2019-01-20]. https:/bitcoin.org/bitcoin.pdf. [21] LARIMER D. Transactions as proof-of-stake[EB/OL].[2019-01-20]. http://7fvhfe.com1.z0.glb.clouddn.com/wp-content/uploads/2014/01/TransactionsAsProofOfStake10.pdf. [22] LARIMER D. Delegated proof-of-stake white paper[EB/OL].[2019-01-20]. http://www.bts.hk/dpos-baipishu.html. [23] 杜欣军,王莹,葛建华,等.基于双线性对的Chameleon签名方案[J].软件学报,2007,18(10):2662-2668.(DU X J, WANG Y, GE J H, et al. Chameleon signature from bilinear pairing[J]. Journal of Software, 2007, 18(10):2662-2668.) [24] 李佩丽,徐海霞,马添军,等.可更改区块链技术研究[J].密码学报,2018, 5(5):501-509.(LI P L, XU H X, MA T J, et al. Research on fault-correcting blockchain technology[J]. Journal of Cryptologic Research, 2018, 5(5):501-509.)