| As a disruptive computing paradigm,blockchain has reconstructed the social trust system with its characteristics of decentralization,immutability,and extensive coverage,which promotes industrial upgrading in digital finance,E-health,supply chains,and other fields.In particular,it has derived the next generation of storage architecture-decentralized storage.Based on the blockchain,it forms a peer-to-peer storage network and integrates the idle resources of storage nodes to provide reliable,low-cost,and on/off-chain collaborative storage services,which have received extensive attention from both academia and industry.Despite this,decentralized storage suffers from many security issues and performance bottlenecks due to the different resource scales and various credibility of storage nodes.Firstly,although decentralized storage has obtained a lot of storage space through resource consolidation,it is only a drop in the bucket for the explosive growth of ”data flood”.Notably,the resource waste caused by repeated uploading is the main cause of the resource dilemma,which undoubtedly weakens the low-cost advantage of decentralized storage services.Secondly,data users will lose physical control of their data after outsourcing it,which means that the storage nodes may lose outsourced data due to a malicious attack,or they may delete the rarely-accessed data maliciously to save storage resources.This has caused users to worry about the security and availability of decentralized storage services.Finally,the security of a decentralized storage system depends on the immutability of the blockchain,which enables malicious nodes to disrupt the decentralized storage network by publishing immutable malicious information or vulnerabilities to launch attacks.Meanwhile,the continuous improvement of cyber security regulations has intensified the conflict between immutability and the “right to be forgotten”,which limits the development of decentralized storage.Focusing on the service requirements of security,efficiency,and compliance,in this dissertation,we study some critical issues of blockchain-based secure data outsourcing from two perspectives of on-chain and off-chain,involving three topics:(1)How to achieve compact encrypted duplication and public audit without TPA;(2)How to achieve verifiable data streaming(VDS)with optimal storage and data audit;(3)How to achieve efficient and verifiable redactable blockchain.Our main contributions are listed as follows:1.We propose a blockchain-based secure deduplication scheme with shared auditing,which solves the problem of weak coupling between encrypted deduplication and auditing,and realizes efficient resource-saving while ensuring the security of outsourced data.Firstly,we build a blockchain-based double-server storage model and design a lightweight tag generation algorithm and an update protocol,to reduce the storage cost of audit tags.Furthermore,we propose a compact secure deduplication and shared audit protocol,which protects the outsourced data from the single point of failure and duplicate-faking attacks while enabling subsequent users to upload data without encrypting the entire file,and adopts a blockchain-based two-way audit mechanism to achieve no-TPA auditing.In particular,our scheme uses the same audit tags to achieve deduplication and auditing,which enables users to share the audit tags and results to save resources.(Chapter 3)2.We propose a blockchain-based VDS scheme with self-auditing,which solves the incompatibility problem between optimal storage and auditing,and realizes a distributed VDS.Firstly,we design a novel authentication data structure,dubbed retrievable homomorphic verifiable tags(RHVTs),which enables the audit tags of all data items to be aggregated into a constant-size tag for optimal storage,and also allows the original tags of the challenged data items to be retrieved from the aggregated tag for public auditing.Furthermore,we present the first compact VDS scheme that adopts a single-level authentication structure to achieve more efficient data append and update.After that,we extend it to a distributed VDS scheme based on blockchain,which introduces a nested doublelevel authentication structure to solve the basic scheme’s performance bottlenecks and security risks,and realizes multi-server self-auditing in distributed VDS.(Chapter 4)3.We propose a blockchain-oriented verifiable on-chain data modification scheme that supports efficient auditing,which solves the resource waste and security issues in redactable blockchain,and achieves efficient query and auditing over on-chain data.Firstly,we introduce the concept of verifiable redactable blockchain(VRBC)and then design a novel authentication data structure,called blockchain authentication tree(BAT),to provide efficient validity verification for on-chain data.Furthermore,we propose an efficient onchain data query and audit protocol to avoid resource waste caused by invalid query and ledger synchronization,as well as security issues caused by inconsistent ledgers.Finally,based on the high scalability of BAT,we introduce some optimization strategies to improve the performance of our scheme,and extended it into two variants,supporting transaction-level redaction and permissionless settings,respectively.(Chapter 5)... |
PDF Full Text Request