在用户无法完全信任云服务提供商的前提下,对云端的数据完整性进行公开审计是当前的研究热点之一。提出了一个支持隐私保护和高效用户撤销的云共享数据公开审计方案。它通过引入了一个系统管理员SA来负责管理群组密钥,对于共享数据修改,SA生成一个初步签名密钥和一个对应的重签名密钥,用户利用初步签名密钥对所修改的数据块进行签名,并将修改后的数据块和初步签名一起上传到云端,云服务器利用重签名密钥将初步签名转换为最终签名。理论分析表明该方案不仅能够支持隐私保护,而且在能够支持用户撤销时高效的共享数据完整性公开审计。%Recently several data integrity checking schemes have been proposed for secure shared data in the cloud storage, which consider a realistic scenarios where multiple users can modifier the same data in the cloud. However, most of these schemes may disclose sensitive data during the auditing process. Moreover, they do not consider collusion between untrusted cloud and the revoked users. Besides, bidirectional proxy re-signatures used in some schemes result in powerful capacity of the cloud, which may misbehave utilizing the re-signing keys. In this paper, we introduce a Group-Mediator (GM) and propose a novel public auditing scheme for the integrity of shared data in the cloud, which supports public auditing, collusion resistance and efficient user revocation. We further integrate random masking technique to preserve data privacy from the TPA. Numerical analysis and experimental results demonstrate that the proposed scheme is secure and efficient.
展开▼
