Based On The Cloud Computing Security Protocol Analysis And Design

Recently, Cloud Computing, as an emerging service model, has aroused wide attention in academia, business and government circles. Cloud Computing provides service through network by combining various kinds of fundamental computing infrastructures, which can supply with services of software, hardware and data storage. New security threats are introduced along with its advantages and conveniences. This dissertation primarily argues the analysis and design of two kinds of security protocols based on Cloud Computing. The first one is the password-based three-party authenticated key exchange (3PAKE) protocol, which enables secure data share between cloud users via cloud server. And the second one is the data storage auditing protocol, which can guarantee security of cloud users’data stored in cloud srever. Our contributions can be summarized as follows:(1) This dissertation analyzes the security and efficiency of the3PAKE protocol proposed by Lee et al., and points out that although this protocol can resist against various known attacks, its communication process is relatively complex as well. Afterwards, this dissertation proposes a new3PAKE protocol and then demonstrates that the protocol can not only resist against various known attacks effectively and provide prefect forward security, but also improve a lot on the number of rounds of exchange and the time for communication, compared with the existing protocols.(2) This dissertation puts forward a new3PAKE protocol by combining the Abdalla et al.’s security-provable2PAKE protocol and the Abdalla et al.’s design framework of the3PAKE protocol, and proves its security based on DDH assumption. Finally, this dissertation analyzes its efficiency, showing that the protocol is not only security-provable but also efficient.(3) This dissertation analyzes the Wang et al.’s public auditing protocol, and points out its serious secure drawbacks. Moreover, it can not resist against attacks from the malicious cloud server and external attackers. Thus, we give4specific attack schemes.(4) This dissertation analyzes the efficiency of Ateniese et al.’s data owner auditing protocol, and points out that its implementation efficiency needs further improvement. In the following, this dissertation proposes a new data owner auditing protocol and analyzes its security and efficiency with existing public protocols, indicating that it can realize a secure and highly-efficient data owner auditing.(5) This dissertation analyzes the security and efficiency of Ateniese et al.’s public auditing protocol, points out its drawbacks on security and running efficiency. Afterwards, this dissertation proposes a new public auditing protocol, analyzes its security and users’privacy-preserving towards TPA and makes it possible for mutil-users to perform batch auditing tasks simultaneously and efficiently by extending it. Finally, this dissertation also analyzes the efficiency of the protocol with existing ones, and the result shows that its efficiency is better than existing ones. In the public auditing, cloud users’data privacy-preserving toward TPA and batch auditing is of great values in application, which are hot research topics of this protocol.