Research And Implementation Of Key Storage And Update Scheme In Cloud Computing

In recent years,cloud storage technology has been widely used and developed,and the security of cloud storage data has become a hot issue.In the cloud computing environment,multi-user will produce multi-source data,and the confidentiality and integrity protection of these data will also need the support of massive key.The security requirements of massive data challenge the key storage management in the cloud environment.These keys will occupy a lot of storage space.How to reduce the key storage overhead is an important issue of key management;Tenants of cloud storage are dynamic,when the user authority changes,in order to prevent data leakage,it is also necessary to update the authorized user's key.Dynamic key update in cloud environment is also a huge challenge.Therefore,the research of key storage and key update technology in cloud environment is of great significance to the application and development of cloud storage.In this thesis,based on the research of existing key management technologies in cloud computing,a key storage scheme based on key matrix derivation is designed to meet the new requirements of massive key generation and storage.In this scheme,the encryption key of the file is derived from the root key by matrix derivation method.Users only need to store and manage the root key and key matrix configuration to dynamically generate the file encryption key,which can reduce the cost of key storage.In the scheme,the file encryption and decryption calculation is implemented on the private cloud,and the public cloud is responsible for providing the service of storing and querying the ciphertext data.In addition,the cost of updating key in cloud environment is high.So many data owners choose to outsource data to cloud service providers for management.Because outsourcing databases need to deal with a large number of users and data resources,a key problem is found in the research of existing schemes,that is,with the increase of the number of keys,the cost of key update is increasing rapidly.When the data owner's authority to the user changes,the update cost of the key will increase linearly with the number of users.To solve this problem,this thesis optimizes a key update scheme based on the Chinese remainder theorem.When changing the access rights of users,we do not need to resend the verification key to other users,but exclude the users who change the access rights by calculating new X_r(solutions of Congruence Equations composed of authorized users)and C_r(a secret value).When there are a large number of users,users with the same access rights are set as a class,and the key update scheme based on China remainder theorem is applied to each sub user class,rather than to all users.All users in the sub user class share the X_r,so as to reduce the cost of key update.Through simulation experiments,the key storage scheme in this thesis is compared with the reference scheme in terms of storage cost,communication cost of key exchange and calculation cost of key derivation,which proves the effectiveness of the key storage scheme.The key update scheme is verified by simulation experiments.The key update cost of the optimized key update scheme based on Chinese remainder theorem is compared with that of the reference key update scheme.It is proved that the optimized key update scheme proposed in this thesis can reduce the key update cost and verify the effectiveness of the scheme.