Research On Decentralized Outsourced Data Integrity Auditing Protocols

Outsourced computing,led by cloud computing,has been highly valued by our country since its emergence,and has become an important support for the development of Chinese digital economy.The most important feature of cloud computing is transforming personal computing into public cloud computing.Correspondingly,the most important feature of cloud storage is transforming personal storage into public cloud storage.Data outsourcing services enable users with limited resources to outsource costly storage tasks or complicated computing tasks to the cloud servers,and enjoy the highquality services provided by cloud servers by paying on demand and ubiquitous accessing,which could reduce the user's burden of data storage and management greatly.However,the cloud service providers are untrustworthy,data security has become a pain point in the development of cloud computing.The separation of user data ownership and management rights in the outsourcing storage environment results in an uncontrollable situation of user data,which would further cause a series of security risks.Therefore,nowadays,when cloud data security disasters occur from time to time,it is very necessary to conduct an integrity auditing of outsourced data to achieve data security storage.Many existing researches mainly focus on centralized cloud storage,and propose the secure integrity auditing schemes for centralized cloud storage.However,the reliability of the centralized cloud is too low,and it is prone to be attacked by single points of failure and denial of service(DoS).This thesis will research the integrity auditing protocol of decentralized outsourced data,and explore the security schemes for decentralized outsourcing storage.The research work of this thesis mainly includes:(1)This thesis summarizes the related work and development status of data integrity auditing since it was proposed.Although the existing research has become more and more practical,most of them are integrity auditing schemes for centralized cloud storage and rely excessively on centralized cloud servers,which is undoubtedly unreliable.This thesis conducts the research on decentralized outsourcing data integrity auditing,provides security schemes for outsourcing data storage in a decentralized environment,and makes beneficial exploratory research on the innovative design of outsourcing data auditing protocols.(2)A blockchain-based dynamic provable data possession protocol.In order to solve the issues of single point of failure and denial of service faced by the centralized outsourcing storage model,we research some cryptographic tools such as smart contracts,provable data possession protocol,authenticated data structures,and proof of space protocol.Our proposal is based on the scheme proposed by Shacham and Waters,inspired by the idea of multi-copy storage by Curtmola et al.We construct a decentralized outsourcing data integrity auditing model in the P2P network based on blockchain.And we give the system model and security model of blockchain-based dynamic PDP protocol.Among them,this thesis uses smart contracts to realize the public verifiability of outsourcing storage,and uses the Merkle hash tree with rank to realize the dynamic update operations of data.In addition,the detailed construction is given,and the smart contract in the protocol is instantiated.Finally,we give a complete security proof.We base the soundness of the PDP security in the protocol on the unforgeability of the data block tag,and reduce the unforgeability of the data block tag to the discrete logarithm hypothesis.The security of the file tag is reduced to the existential unforgeability of the BLS short signature.Besides,the efficiency test and analysis of the algorithm in the protocol are carried out.(3)A blockchain-based multi user provable data possession protocol.In order to solve the issues of single point of failure,collusion attacks and malicious tampering faced by outsourced data sharing,we research some cryptographic tools such as vector commitment,smart contract,updatable secret sharing,authenticated data structures,and data integrity auditing protocol.Our proposal is inspired by the research of vector commitment by Gorbunov et al.We construct a decentralized outsourced data sharing model in the P2P network.And we give the system model and security model of multi user dynamic PDP protocol based on blockchain.Besides,we give a detailed construction of our model.We use the sharded storage strategy in the distributed network to enhance the reliability of the outsourced data.We reduce the privacy of outsourced data in the scheme to the hiding of vector commitment,and reduce the soundness of the protocol to the the soundness of the data block tag in the public verifiable data storage scheme in the proposal of Shacham et al.If the discrete logarithm hypothesis is satisfied,the protocol satisfies the soundness.If the weak bilinear Diffie-Hellman exponent hypothesis is satisfied,the vector commitment in the protocol satisfies binding and location binding.In addition,the protocol uses a verifiable and updatable secret sharing scheme to update group user keys and revoke malicious users.If the hash function is one-way and collision resistant,the secret sharing scheme satisfies the claimed renewability and collusion resistance.Finally,we test and analyse the efficiency of algorithms in the protocol.