Research On Subversive Attack And Prevention Scheme Under Cloud Data Audit Protocol

Cryptography plays an important role in information security.In the process of analyzing the security of cryptographic schemes,researchers generally assume that the actual deployment of cryptographic systems strictly follows the corresponding standard specifications.However,the Snowden incident in 2013 showed that the actual deployment of the cryptographic system could be controlled by the attackers or subverted with backdoors,which completely destroyed the security of the cryptographic systems.To make matters even worser,users cannot detect backdoors when they are using the cryptographic systems that have been subverted.And because of the high complexity of modern cryptographic mechanisms,it is difficult for even security experts to detect these backdoors with traditional technical methods.Influenced by the Snowden incident,in recent years,the research of ”Post-Snowden Cryptography” is becoming more and more popular in the world,which mainly studies the destructiveness and resistance methods of cryptographic backdoor,named as subversion attack.This paper selected the cloud data auditing protocol in cloud computing as the research object,analyzed the potential subversion attacks on the protocol deeply,and proposed a prevention mechanism.Specifically,the main contributions of this paper is described as follows.· Proposed a subversion attack model for cloud data auditing protocol.This paper formally defined the model of subversion attack on cloud data auditing protocol,and proposed two characteristics named as challenge indistinguishability and secret information recoverability,which provided a basic theoretical framework for the research of cloud data auditing protocol subversion attack.· Proposed a subversion attack framework for cloud data auditing protocol.Based on the established subversion attack model,this paper proposed a generalized subversion attack framework for cloud data auditing protocol.In order to verify the validity of the framework,this paper selected several classic cloud data auditing protocols for instances analysis,so as to demonstrate that the framework is applicable to both non-public verification and public verification auditing protocols.· Designed cloud data auditing protocols that can resist subversion attacks.Based on the cryptographic reverse firewall,this paper designed a cloud data auditing protocol that could resist subversion attacks,and analyzed the security of the protocol and tested its deployment.The analysis results showed that the protocol designed in this paper could effectively resist subversion attack and had high practical performance.