| Cloud computing, a new computing model in the Internet age, it accommodates huge computing and storage capabilities which are integrated to provide convenient Internet service to users. As an important service of cloud computing, cloud storage is also a crucial issue. The merits of cloud storage are obvious while the security issues become as obstacle in the development of cloud storage. However, the Internet is open, so security of user’s data will suffer huge threat in the cloud computing service. The outsourced data integrity in the cloud is a major concern of data owners. Therefore, how to achieve integrity and privacy of cloud data has become an important issue, which is the motivation of our dissertation.To address the issue above, the thesis will study data auditing protocol in cloud storage, including its cryptanalysis and design. By analyzing the existing data auditing protocol in cloud storage, combined with some cryptographic techniques, we present a new secure storage data auditing protocol with privacy-preserving feature. Specifically:1. We analyze the security of Oruta scheme and Knox scheme. It was demonstrated that an adversary can fool verifier successfully by tampering outsourced data without being detected by verifier, which makes scheme lose soundness. To correct this drawback, we propose an effective solution. We introduce digital signature to make scheme be against the attack above, while the merits of the original scheme can be maintained, then we analyze the reason why schemes are insecure and propose suggestion of improvement.2. Security of Wang scheme is analyzed, and we found that an adversary can also pass the verification phase by modifying outsourced data. In the security analysis,we present two attacks for the original scheme and the modified scheme with public auditing feature, and finally we give a solution according to the reason why scheme cannot be against the attack.3. New construction of secure cloud storage data auditing protocol with privacypreserving feature in the random oracle based on framework of Schacham and Waters scheme and zero-knowledge. We present detailed security proof where the scheme is provable security in completeness, soundness and zero-knowledge privacy-preserving, and it achieves public auditing. In the end, the performanceanalysis is proposed including storage cost, communication cost and computing cost. By compared with the original scheme, it shows that the performance between the two protocols is almost the same. However, our new protocol achieves zero-knowledge privacy-preserving to protect privacy of user’s data while holding the advantages of the original scheme. |
PDF Full Text Request