Research And Implement Of Remote Data Intergrity Verification Scheme Based On Short Signature

With the rapid development of cloud computing,big data,the Internet of Things and other technologies,daily data generated by users has increased exponentially,and traditional local storage has been unable to meet users' needs.Cloud storage services can implement low-cost and highly scalable data storage services through virtualization,distributed,clustering and other technologies,reducing the burden of user data storage and maintenance.As a result,more and more users choose to store data in cloud servers,and the security of cloud storage data is becoming increasingly serious.When users store data in the cloud,they also lose control of the data.Cloud Service Providers(CSPs)are not completely trustworthy.They may cause data loss or damage due to saving storage resources,deleting user data,or suffering malicious attacks.Therefore,users need to perform data integrity checks on the data in the cloud storage to ensure data integrity and availability,i.e.the integrity verification of cloud storage data.At present,researchers have proposed many solutions to the problem of data integrity verification in cloud storage,but these solutions still have flaws in terms of security and efficiency.For example,most existing schemes rely on digital signature algorithms-RSA(Ron Rivest,Adi Shamir,Leonard Adleman)and BLS(Dan Boneh,Ben Lynn,Hovav Shacham),but these schemes either have a large number of modular exponentiation operations,or the construction of hash functions is complex,which reduces the efficiency of verification.In addition,in order to reduce the user's verification burden,some schemes introduce a third-party verifier(Third Party Auditor,referred to as TPA),but do not consider the issue of user privacy caused by TPA.Aiming at the security and efficiency problems of the above cloud storage data integrity verification scheme,this article does the following research:(1)Aiming at the low efficiency of RSA and BLS signature verification,an improved ZSS(Zhang,Safavi-Naini,and Susilo)short signature algorithm is proposed.On the one hand,the algorithm uses a universal hash function instead of the MTP function during the signature phase,which reduces the computational overhead of the signature.On the other hand,the algorithm introduces random numbers during the verification phase to solve the problem of signature reuse,making the data block at different times.The obtained signature values are different,which prevents the attacker from using the adaptive selection message to attack the forged signature to pass the verification.(2)This paper presents a secure and efficient cloud storage data integrity verification scheme.First,this scheme introduces a trusted third-party verifier TPA during the verification process,which supports public verification.When users need to verify cloud data,first authorize TPA to perform verification operations,and then TPA interacts with the cloud storage server-Send a challenge message to the cloud server,verify the return evidence of the server,and feedback the verification result to the user.Compared with the "user-cloud server" authentication model,this solution uses TPA instead of the user to perform the authentication operation,which reduces the user's authentication overhead.Second,the scheme uses random masking technology to cover the linear relationship of the evidence in the holding evidence returned by the server,making TPA unable to infer the stored user data based on the linear combination of evidence,thereby protecting user privacy.Based on the CDH difficulty assumption,the scheme is proved to be safe under the random oracle model.Finally,experimental comparison and performance analysis of this scheme with Wang's BLS scheme and ID-SEPA scheme show that this scheme has lower overhead and higher security.(3)A cloud storage data integrity verification system is designed and implemented.By building a HDFS distributed file system locally to simulate a cloud storage platform and using the C/S architecture to develop a model,the system is made practical.In addition,the system uses a "user-TPA-cloud server" verification model,which enables the system to support public verification;and in the verification phase,the system combines cryptography techniques such as linear mapping and digital signatures to protect users' privacy.The system can resist selective message attacks,has higher security,and provides a technical basis and application reference for the development of secure and reliable cloud storage services.