Post-quantum certificateless public audit scheme based on lattice

doi:10.11772/j.issn.1001-9081.2024050605

Journal of Computer Applications ›› 2025, Vol. 45 ›› Issue (4): 1249-1255.DOI: 10.11772/j.issn.1001-9081.2024050605

• Cyber security • Previous Articles Next Articles

Post-quantum certificateless public audit scheme based on lattice

Haifeng MA¹(), Jiewei CAI¹, Qingshui XUE¹, Jiahai YANG², Jing HAN¹, Zixuan LU¹

^1.School of Computer Science and Information Engineering，Shanghai Institute of Technology，Shanghai 201418，China
^2.Institute for Network Sciences and Cyberspace，Tsinghua University，Beijing 100084，China

Received:2024-05-14 Revised:2024-07-22 Accepted:2024-07-26 Online:2024-08-20 Published:2025-04-10
Contact: Haifeng MA
About author:CAI Jiewei， born in 1998， M. S. candidate. His research interests include lattice-based cryptography， cloud computing security.
XUE Qingshui， born in 1971， Ph. D.， professor. His research interests include cyberspace security.
YANG Jiahai， born in 1966， Ph. D.， professor. His research interests include internet network management， network measurement security.
HAN Jing， born in 2000， M. S. candidate. Her research interests include network security， privacy protection.
LU Zixuan， born in 1998， M. S. candidate. His research interests include network security， digital signature.
Supported by:
State Grid Project(SGHAXTOOWWJS2200033)

基于格的后量子无证书公共审计方案

马海峰¹(), 蔡杰伟¹, 薛庆水¹, 杨家海², 韩静¹, 卢子譞¹

^1.上海应用技术大学计算机科学与信息工程学院，上海 201418
^2.清华大学网络科学与网络空间研究院，北京 100084

通讯作者: 马海峰
作者简介:蔡杰伟（1998—），男，广东潮州人，硕士研究生，主要研究方向：格密码、云计算安全
薛庆水（1971—），男，山东济南人，教授，博士，CCF会员，主要研究方向：网络空间安全
杨家海（1966—），男，浙江丽水人，教授，博士生导师，博士，主要研究方向：互联网网络管理、网络测量安全
韩静（2000—），女，江苏扬州人，硕士研究生，主要研究方向：网络安全、隐私保护
卢子譞（1998—），男，新疆克拉玛依人，硕士研究生，主要研究方向：网络安全、数字签名。
基金资助:
国家电网资助项目(SGHAXTOOWWJS2200033)

Abstract

Abstract:

Periodic audit of data stored on cloud servers is a core strategy to ensure the security and integrity of cloud-stored data. It can identify and address the risks of data tampering or loss effectively. However， traditional public audit schemes suffer from issues such as certificate management or key escrow， leading to privacy leak problem during data querying and dynamic modification. Furthermore， with the continuous development of quantum computing technology， public audit schemes based on traditional public key systems face serious threats of being cracked by quantum computers. To address the above issues， a post-quantum certificateless public audit scheme based on lattice was proposed. Firstly， a certificateless public key cryptosystem was used to solve the certificate management and key escrow problems in traditional public audit schemes. Secondly， during data querying and dynamic modification processes， Data Owners （DO） were not required to provide specific data block information， thereby ensuring the privacy of the DO. Finally， lattice cryptography technology was employed to resist attacks from quantum computers. Theoretical analysis and experimental comparison results demonstrate that the proposed scheme can resist malicious attacks while ensuring the privacy of DO operations， and it achieves higher efficiency in label generation.

Key words: lattice, cloud storage, public audit, certificateless cryptography, post-quantum security

摘要：

对存储在云服务器上的数据进行周期性的审计，是确保存储在云上数据的安全性和完整性的核心策略，它可以有效识别和应对可能存在的数据篡改或丢失的风险。然而传统的公共审计方案存在证书管理问题或密钥托管等问题，进而在数据的查询和动态修改过程中存在隐私泄露问题；此外，随着量子计算技术的不断发展，传统公钥体制下的公共审计方案面临被量子计算机破解的严重威胁。为了解决以上问题，提出一种基于格的后量子无证书公共审计方案。首先，使用无证书公钥密码体制，以解决传统公共审计方案中的证书管理和密钥托管问题；其次，在数据查询和动态修改过程中，数据拥有者（DO）无需提供具体的数据块信息，从而保证DO的隐私；最后，采用格密码学的技术抵抗量子计算机的攻击。理论分析和实验对比结果验证了所提方案可以抵御恶意攻击并保证DO操作的隐私，同时在标签生成方面具备更高的效率。

关键词: 格, 云存储, 公共审计, 无证书密码学, 后量子安全

CLC Number:

TP309.2

Haifeng MA, Jiewei CAI, Qingshui XUE, Jiahai YANG, Jing HAN, Zixuan LU. Post-quantum certificateless public audit scheme based on lattice[J]. Journal of Computer Applications, 2025, 45(4): 1249-1255.

马海峰, 蔡杰伟, 薛庆水, 杨家海, 韩静, 卢子譞. 基于格的后量子无证书公共审计方案[J]. 《计算机应用》唯一官方网站, 2025, 45(4): 1249-1255.

Figures/Tables 4

Fig. 1 System model

Fig. 2 Data storage structure

Tab. 1 Comparison of some functions and cost

方案	无证书	隐私检索	动态操作	抗量子	审计开销
文献［12］方案	是	否	否	是	$n ⋅ M u l t + (4 n + 2) ⋅ A d d$
文献［20］方案	是	否	是	否	$(6 n + 2) ⋅ E x p + 2 n ⋅ H a s h$
文献［21］方案	是	否	否	是	$(n 2 + n) ⋅ M u l t + n ⋅ H a s h$
本文方案	是	是	是	是	$n ⋅ M u l t + H a s h$

Tab. 1 Comparison of some functions and cost

方案	无证书	隐私检索	动态操作	抗量子	审计开销
文献［12］方案	是	否	否	是	$n ⋅ M u l t + (4 n + 2) ⋅ A d d$
文献［20］方案	是	否	是	否	$(6 n + 2) ⋅ E x p + 2 n ⋅ H a s h$
文献［21］方案	是	否	否	是	$(n 2 + n) ⋅ M u l t + n ⋅ H a s h$
本文方案	是	是	是	是	$n ⋅ M u l t + H a s h$

Fig. 3 Comparison of label generation time

References 24

1	AL-RUITHE M， BENKHELIFA E， JARARWEH Y， et al. Addressing data governance in cloud storage： survey， techniques and trends［J］. Journal of Internet Technology（網際網路技術學刊）， 2018， 19（6）： 1763-1776.
2	田俊峰，宋倩倩，王浩宁. 云存储环境下数据持有性证明研究综述［J］. 河北大学学报（自然科学版）， 2021， 41（5）：599-611.
	TIAN J F， SONG Q Q， WANG H N. A review of proof of data possession in cloud storage environment［J］. Journal of Hebei University （Natural Science Edition）， 2021， 41（5）：599-611.
3	APIRAJITHA P S， SATHIANESAN G W. On developing Block-chain based Secure Storage Model （BSSM） with auditing and integrity analysis in the cloud［J］. Concurrency and Computation： Practice and Experience， 2024， 36（7）： No.e7970.
4	ATENIESE G， BURNS R， CURTMOLA R， et al. Provable data possession at untrusted stores［C］// Proceedings of the 14th ACM Conference on Computer and Communications Security. New York： ACM， 2007： 598-609.
5	ATENIESE G， DI PIETRO R， MANCINI L V， et al. Scalable and efficient provable data possession［C］// Proceedings of the 4th International Conference on Security and Privacy in Communication Networks. New York： ACM， 2008： No.9.
6	崔圆佑，王绪安，郎讯，等. 一种改进的短签名云数据审计方案［J］. 西安电子科技大学学报， 2023， 50（5）：132-141.
	CUI Y Y， WANG X A， LANG X， et al. Improved short-signature based cloud data audit scheme［J］. Journal of Xidian University， 2023， 50（5）：132-141.
7	ZHANG Y， XU C， LIANG X， et al. Efficient public verification of data integrity for cloud storage systems from indistinguishability obfuscation［J］. IEEE Transactions on Information Forensics and Security， 2017， 12（3）： 676-688.
8	HUANG L， ZHOU J， ZHANG G， et al. Certificateless public verification for the outsourced data integrity in cloud storage［J］. Journal of Circuits， Systems and Computers， 2018， 27（11）： No.1850181.
9	KHEDR W I， KHATER H M， MOHAMED E R. Cryptographic accumulator-based scheme for critical data integrity verification in cloud storage［J］. IEEE Access， 2019， 7： 65635-65651.
10	张贺，王鹏，李思照. 基于格的后量子密码系统研究［J］. 无线电工程， 2022， 52（8）：1310-1321.
	ZHANG H， WANG P， LI S Z. Research on lattice-based post-quantum cryptosystem［J］. Radio Engineering， 2022， 52（8）：1310-1321.
11	LI H， LIU L， LAN C， et al. Lattice-based privacy-preserving and forward-secure cloud storage public auditing scheme［J］. IEEE Access， 2020， 8： 86797-86809.
12	TIAN M， ZHANG Y， ZHU Y， et al. DIVRS： data integrity verification based on ring signature in cloud storage［J］. Computers and Security， 2023， 124： No.103002.
13	VARRI U S， PASUPULETI S K， KADAMBARI K V. CP-ABSEL： ciphertext-policy attribute-based searchable encryption from lattice in cloud storage［J］. Peer-to-Peer Networking and Applications， 2021， 14： 1290-1302.
14	GENTRY C. Certificate-based encryption and the certificate revocation problem［C］// Proceedings of the 2003 International Conference on the Theory and Applications of Cryptographic Techniques， LNCS 2656. Berlin： Springer， 2003： 272-293.
15	WU L， XU Z， HE D， et al. New certificateless aggregate signature scheme for healthcare multimedia social network on cloud environment［J］. Security and Communication Networks， 2018， 2018： No.2595273.
16	AL-RIYAMI S S， PATERSON K G. Certificateless public key cryptography［C］// Proceedings of the 2003 International Conference on the Theory and Application of Cryptology and Information Security， LNCS 2894. Berlin： Springer， 2003： 452-473.
17	SEPAHI R， STEINFELD R， PIEPRZYK J. Lattice-based certificateless public-key encryption in the standard model［J］. International Journal of Information Security， 2014， 13（4）： 315-333.
18	XIE J， HU Y， GAO J， et al. Efficient certificateless signature scheme on NTRU lattice［J］. KSII Transactions on Internet and Information Systems， 2016， 10（10）： 5190-5208.
19	DONG S， YAO Y， ZHOU Y， et al. A lattice-based unordered certificateless aggregate signature scheme for cloud medical health monitoring system［J］. Peer-to-Peer Networking and Applications， 2024， 17： 284-296.
20	XU Z， HE D， VIJAYAKUMAR P， et al. Certificateless public auditing scheme with data privacy and dynamics in group user model of cloud-assisted medical WSNs［J］. IEEE Journal of Biomedical and Health Informatics， 2023， 27（5）： 2334-2344.
21	LI H， WANG Y， FU X， et al. PSCPAC： post-quantum secure certificateless public auditing scheme in cloud storage［J］. Journal of Information Security and Applications， 2021， 61： No.102927.
22	ALWEN J， PEIKERT C. Generating shorter bases for hard random lattices［J］. Theory of Computing Systems， 2011， 48（3）： 535-553.
23	CENTRY C， PEIKERT C， VAIKUNTANATHAN V. Trapdoors for hard lattices and new cryptographic constructions［C］// Proceedings of the 40th Annual ACM Symposium on Theory of Computing. New York： ACM， 2008： 197-206.
24	AGRAWAL S， BONEH D， BOVEN X. Lattice basis delegation in fixed dimension and shorter-ciphertext hierarchical IBE［C］// Proceedings of the 2010 Annual Cryptology Conference， LNCS 6223. Berlin： Springer， 2010： 98-115.

[1]	Xiaojun ZHANG, Yunpu HAO, Lei LI, Chenyang LI, Ziyu ZHOU. Data tamper-proof batch auditing scheme based on industrial cloud storage systems [J]. Journal of Computer Applications, 2025, 45(3): 891-895.
[2]	Xinyuan YIN, Xiaojian ZHENG, Jinbo XIONG. Two-round three-party password-authenticated key exchange protocol over lattices without non-interactive zero-knowledge proof [J]. Journal of Computer Applications, 2024, 44(3): 805-810.
[3]	Jianyang CUI, Ying CAI, Yu ZHANG, Yanfang FAN. Authenticatable privacy-preserving scheme based on signcryption from lattice for vehicular ad hoc network [J]. Journal of Computer Applications, 2024, 44(1): 233-241.
[4]	Jinbo LI, Ping ZHANG, Ji ZHANG, Muhua LIU. Identity-based ring signature scheme on number theory research unit lattice [J]. Journal of Computer Applications, 2023, 43(9): 2798-2805.
[5]	Zhenjie XIE, Wei FU. Error replica recovery mechanism for cloud storage based on auditable multiple replicas [J]. Journal of Computer Applications, 2023, 43(4): 1102-1108.
[6]	Xuejian ZHAO, Hao LI, Haotian TANG. Recommendation rating prediction algorithm based on user interest concept lattice reduction [J]. Journal of Computer Applications, 2023, 43(11): 3340-3345.
[7]	NONG Qiang, ZHANG Bangbang, OUYANG Yuhao. Lattice-based hierarchical certificateless proxy signature scheme [J]. Journal of Computer Applications, 2023, 43(1): 154-159.
[8]	Zhonghui LIU, Ziyou WANG, Fan MIN. Genetic algorithm for approximate concept generation and its recommendation application [J]. Journal of Computer Applications, 2022, 42(2): 412-418.
[9]	WU Guoliang, XU Jining. Chinese emergency event extraction method based on named entity recognition task feedback enhancement [J]. Journal of Computer Applications, 2021, 41(7): 1891-1896.
[10]	LI Xiuyan, LIU Mingxi, SHI Wenbo, DONG Guofang. Efficient dynamic data audit scheme for resource-constrained users [J]. Journal of Computer Applications, 2021, 41(2): 422-432.
[11]	WANG Shouhua, WU Lirong, JI Yuanfa, SUN Xiyan. Fast ambiguity resolution method based on lattice theory [J]. Journal of Computer Applications, 2020, 40(8): 2299-2304.
[12]	TANG Xin, ZHOU Linna. Response obfuscation based secure deduplication method for cloud data with resistance against appending chunk attack [J]. Journal of Computer Applications, 2020, 40(4): 1085-1090.
[13]	Wei FU, Chenyang GU, Qiang GAO. Multi-user sharing ORAM scheme based on attribute encryption [J]. Journal of Computer Applications, 2020, 40(2): 497-502.
[14]	Zhixiang LIU, Huichao LIU, Dongmei HUANG, Liping ZHOU, Cheng SU. IB-LBM parallel optimization method mixed with multiple task scheduling modes [J]. Journal of Computer Applications, 2020, 40(2): 386-391.
[15]	Yizhuo ZHANG, Sen GE, Liangjun WANG, Jiang XIE, Jie CAO, Wu ZHANG. Parallel computing of bifurcation stenosis flows of carotid artery based on lattice Boltzmann method and large eddy simulation model [J]. Journal of Computer Applications, 2020, 40(2): 404-409.

Post-quantum certificateless public audit scheme based on lattice

基于格的后量子无证书公共审计方案

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 4

References 24

Related Articles 15

Recommended Articles

Metrics