Research On Key Technologies Of Data Security And Privacy Protection In Distributed Environment

The distributed network environment has the advantages of openness,flexibility,and strong scalability,which can help to reduce costs and improve the agility of commercial services and is suitable for the deployment of various applications.The distributed network environment,promoted by new technologies such as cloud computing and blockchain,has become a new development trend of the current network.Moreover,it has been widely applied to data storage,digital finance,Internet of Things,intelligent manufacturing,supply chain management,etc.Especially,it has actively promoted the development of various technological reforms and innovations in the industry.However,in a complex distributed network environment,massive amounts of users' data with commercial value that cannot be ignored have been frequently stolen and leaked,and are always facing severe data security and privacy leakage issues.For example,in cloud computing and blockchain systems that are based on distributed storage,data may involve important information such as users' personal information,appearance,financial situation,and even medical conditions.Once these data are obtained by the malicious person,it will cause serious threats to the security of lives and property and ideological coercion.Therefore,researches on data security and privacy issues in a distributed environment are the focus of current academia and industry,which also satisfies the data security requirements of society and the country and is of great significance to the development of the data economy era.This dissertation focuses on the key technologies of data security and privacy protection issues in two popular distributed environment,i.e.,cloud computing and blockchain.In cloud computing,in order to ensure the security of data transmission and solve the issue of bandwidth limitation,this dissertation designs a data security outsourcing scheme based on compressed sensing technology and chaotic cryptography theory.Then,to solve the issues of cloud data management and storage space wasted,this dissertation proposes a data deduplication scheme based on some technologies and theories such as duplicates detection and identity authentication.In blockchain system,in order to solve the issue of identity leakage and de-anonymization of transaction data in the blockchain,this dissertation constructs a privacy protection scheme for anonymous micropayment of cryptocurrencies based on digital signature and RSA algorithm.After that,this dissertation focuses on the legitimacy of the data content and private data exposed problems.Therefore,this dissertation conducts a comprehensive survey on state-of-the-art redactable blockchains and compares them comprehensively,and then proposes an efficient privacy protection scheme that supports multi-party supervision based on attributes encryption.The contributions are summarized as follows.(1)An efficient and fast image data security outsourcing scheme is proposed to ensure data confidentiality and solve key management issues in the outsourcing process of multi-dimensional,high-correlation,and high-redundancy color images.This scheme encrypts is controlled by the chaotic system.In this scheme,the measurement matrix and random phase mask for encryption and compression is quickly generated by the chaotic system.The control parameter of the chaotic system is regarded as the secret key,which solves the problems of high bandwidth consumption and security vulnerabilities caused by the transmission of the measurement matrix and random phase mask in the traditional scheme.In addition,the image is compressed and then secondary encrypted,which not only reduces the bandwidth consumption of data outsourcing in the client-side but also enhances robustness and security of ciphertext.This scheme has a strong ability to resist common attacks such as noise attacks and tailoring attacks and can satisfy the security requirements in practical applications.(2)A secure deduplication scheme is proposed for ciphertext based on identity authentication,multi-party computing protocols,and completely randomized tag generation algorithms in distributed Joint Cloud storage.It ensures the confidentiality,integrity,and availability of outsourced data.In this scheme,the secret key is generated by a group of cloud service providers(CSPs),which ensures the security and flexibility of key management.The Joint Cloud architecture has excellent scalability and is suitable for many emerging applications.In addition,the proposed scheme also improves functionality such as data ownership update,authorization,and data sharing.Moreover,the proposed scheme is the first one that not only guarantees the security of data deduplication but also supports data update and cross-clouds data sharing.From theoretical analysis,this scheme solves the single-point failure issue and has strong resistance to brute force attacks and collusion attacks.(3)A privacy protection scheme is proposed for anonymous micropayments of cryptocurrencies.The proposed scheme is based on some cryptography primitives such as RSA assumptions,promises,and signatures to design the escrow protocol and the anonymous merger transactions.In this scheme,the potential links between the transaction address and the user's real identity would be cut off,so that the attackers cannot snoop on the user's privacy by analyzing the public transactions.Hence,the privacy of users can be protected.According to the theoretical analysis,the scheme can not only guarantee fairness but also has strong unlinkability,anti-attack ability,and unforgeability.In addition,the proposed scheme,which is different from the existing schemes,does not need to preset a fixed amount for all transactions,and is better suitable for face-to-face micropayments in the real world.(4)A survey is conducted on the state-of-the-art redactable blockchains.The survey comprehensively analyses three categories of representative redactable blockchains and conducts detailed analyses and comprehensive comparisons from 10 aspects of architecture,security,effectiveness,and functionality.The survey summarizes the limitations of these existing schemes for redacting history in blockchains and elaborates on 5 research directions of redactable blockchains in the future,which is of great significance to the development of editable blockchains.(5)A scheme supporting multi-party supervision is proposed to redact the history data in blockchains.Based on cryptographic primitives such as attribute-based encryption and proxy re-encryption,the proposed scheme first designs a multi-party controlled and attribute-based chameleon hash function,and then this function is adopted to redact the history data of blockchain in a fine-grained and controllable way.In this scheme,the data appended on blockchain is modified by finding the chameleon hash collision,while the scheme ensures the consistency of the blockchain.In addition,the modification privilege is supervised by a group of authorities,which not only solves the single point of failure,meaning that the system would not abort even if any node is offline,but also prevents the modification privilege from being abused.According to the security analysis in the random oracle model,the proposed scheme satisfies indistinguishability and has strong resistance to insider collision attacks,outsider collision attacks,and collusion attacks.