Research On Integrity Verification Of Data In Cloud Storage Environment

Cloud users use the storage services that are provided by cloud server to store their own local data on the cloud. Storing local data on the cloud not only can save the local storage space and computing resources, but also can share resources with other users. However, the storage of cloud data faces many challenges in ensuring the correctness and completeness of cloud user data. Specifically, after storing local data on the cloud, the cloud user will delete local data. In a complex cloud computing environment, the cloud server may unintentionally delete data or modify the stored data under the influence of human factors. In addition, in order to maintain their own honor and inter-ests, the cloud server will not take the initiative to cloud users to report data error events. Even the cloud server will deliberately conceal data error events.Therefore, how to establish an efficient verification mechanism to ensure the security of stored data is one of the current hot issues in cloud computing.In view of the security problems and the challenges of data storage, this paper mainly studies the data integrity verification in cloud storage environ-ment from the perspective of data owner and cloud server. Therefore, the secu-rity threats to storage data are mainly from two aspects: one is that unauthorized users or malicious users illegally access to cloud data; another is that the cloud servers unintentionally delete or lost. A multi-data replica integrity verifica-tion protocol and an integrity verification protocol that supports deduplication which are based on server-side threats are presented in this paper. Also, an integrity verification scheme that supports user revocation and supports user identity anonymous integrity verification protocol which are based on client-side threats are introduced in this article. Specifically, the main contributions of this paper are as follows:(1) The homomorphic encryption algorithm and signature technique have been used to design an integrity verification scheme that supports data copy storage. In this scheme, the homomorphic encryption algorithm has been used to calculate the copy of the data block, thus can not only ensure the privacy of the data copy but also realize the distributed storage of data and the dynamic update operation of data copy. There exists a certain security relationship be-tween the public key and the private key of homomorphic encryption algorithm in the protocol, hence the encryption efficiency and decryption efficiency are faster. The security analysis shows that the protocol can resist forgery attack-s, replaces attack and replay attacks. The experimental results show that the data owner and the cloud storage server have the advantages of optimizing the efficiency.(2) A special signature technique has been applied to established an in-tegrity verification scheme that supports deduplication. In this scheme, the homomorphic verifiability and homomorphic combinability signature algorith-m has been used to compute the signature private key of each data block, which facilitates the deduplication operation of the client and saves the communica-tion cost to a large extent. At the same time, the effective update of the data block signature can be achieved according to the signature technology, that is,updating the data block signature only needs to do a simple calculation in the client without recalculating the signature of the data block. The data block has been filtered by the client before the data block is stored, which saves the communication consumption compared to the existing scheme. The security analysis shows that the signature is unforgeable and the illegal user can not obtain the access link created by the server in a spoofed manner.(3) The Paillier encryption algorithm and polynomial commitment tech-nology have been used to design a data integrity verification scheme that sup-ports user revocation. The Paillier encryption algorithm has been used to en-crypt the stored data, thus can not only realize the confidentiality of the shared data on the revocation of the user but also keep the data privacy to the server and the verifier. The security analysis shows that the signature in the protocol is unforgeable. The experimental results show that the protocol has a greater advantage in terms of communication efficiency and computational efficiency than the existing protocols.(4) The identity-based signature technology has been used to design an anonymous data integrity verification protocol that keeps user identity anony-mous. The protocol combines the identity-based signature technology with the randomization method, which can not only track the identity of the suspect file owner, but also achieve the anonymity of the group user identity to the third party verifier and the cloud server. In addition, the protocol can be extend-ed to support multi-user or multi-file batch verification that greatly improves the efficiency of verification. The security analysis shows that the scheme can resist replay attack and replace attack, and the batch verification algorithm sat-isfies completeness and robustness. Compared with the existing scheme, the protocol has great advantages in communication efficiency and computational efficiency.