Design And Implementation Of Remote Data Integrity Verification System

Cloud storage has the advantages of low cost,high expansion,mass storage,and on-demand access,therefore,more and more individuals or businesses choose to store data in the cloud.Users can save a lot of storage,management,and maintenance costs by using cloud storage,but it brings the problem that users cannot directly control the uploaded data and cannot ensure the integrity and privacy of the data storage.The factors that cause data corruption in the cloud environment are as follows: Firstly,the cloud service provider is not completely trusted.Cloud service providers may delete data that users rarely or never access,so they can save storage and store additional data for more revenue.Secondly,user's private key may be leaked in a complex cloud environment.The secret key is the core of the secure cryptosystem.The leakage of the secret key will lead to the decrease of data security.The identity-based data integrity verification scheme solves the problem of certificate validation in the traditional public key infrastructure and effectively reduces the cost.At present,with the development of the Internet,the amount of data outsourced by users to the cloud shows an exponential growth trend.Designing a practical identity-based cloud storage scheme which stores and manages user's data without reducing the security and availability is one of the important directions in the field of cloud storage.This thesis focuses on the integrity verification scheme of remote data based on identity cryptosystem.The specific work is as follows:(1)This thesis studies and analyzes the identity-based data integrity verification scheme in the cloud environment.By analyzing recently proposed scheme,it shows that the cloud server can forge evidence through the TPA with the lost of user's data.This thesis constructs an improved cloud data integrity verification scheme.A comprehensive analysis shows the new scheme can provide the security requirements of soundness and privacy,and has the same communication cost and computational cost as the scheme proposed recently.(2)This thesis studies and analyzes the forward-secure identity-based integrity verification scheme in the cloud environment.The analysis shows that the proposed scheme is subjected to secret key recovery attack for the cloud servers can recover user's private key by utilizing stored data.Then a modified approach is proposed to prevent key recovery attacks,but the revised scheme results in heavy computation cost and communication overhead.Finally,a new data integrity verification scheme supporting forward security is presented,and it is proved that the new scheme can provide forward security and robustness requirements in the random oracle model.Additionally,the user's communication overhead and computation cost are consistent with the original scheme.(3)This thesis implements the proposed scheme above and original scheme based on Alibaba cloud elastic server and bouncy castle cryptography package,and gives the actual performance cost comparison.The analysis shows that the proposed scheme has higher security and the same performance cost as the original scheme,which provides higher practicability.This thesis implements a cloud storage prototype system based on the new forward-based secure identity-based cloud data integrity verification scheme,which provides users with functions such as file upload and download,data verification,etc.This thesis finally gives the analysis of different data partitions on the performance of the client and server.