Research On Efficient Identification And Reliable Recovery Of Invalid Data In Verifiable Cloud Storage

With the wide application of cloud storage services,users can share their data in the cloud with a group of users,and reduce the burden of local data storage and increase data utilization rate.Although users save resources through cloud storage services,they also lose the actual control over the stored data.Because cloud service providers are not completely trustworthy.When faced with uncontrollable factors,such as failure of hardware/software and natural disasters,the data stored by users will be lost or invalid,and cloud service providers may deceive users to obtain continuous benefits.Therefore,users need to perform an integrity audit on the data stored on the remote server to ensure that the data is complete and available.In recent years,in order to protect data integrity and security,many data integrity verification schemes(such as public audit,efficient update,user revocation,privacy protection,etc.)have been proposed.However,most of these solutions only support a single function,such as auditing,identification,recovery.In particular,there is a lack of solutions for identifying and recovering invalid data for dynamic group users.If user data is damaged,the data integrity audit will fail,and the user data will be unavailable and the group data sharing service will be halted,which is unacceptable to the user.Aiming at these problems,this thesis designs a solution for the integrity audit of dynamic group users’ shared data and the efficient identification and reliable recovery of invalid data.The scheme achieves a good balance in the function and performance of dynamic group user data sharing service.The main research contents of this thesis are as follows:(1)This thesis proposes an effective identification and recovery scheme for dynamic group user invalid data,dubbed CIRG.The scheme can support publicly and efficient auditing of the data integrity of dynamic group of users,and when user data is invalid,the invalid data can be identified and can be recovered efficiently.The CIRG combines Schnorr signatures with the idea of shared keys to generate data blocks tags based on group shared updatable keys.After the user leaves the group,the tags of the data blocks are still available and do not need to be regenerated,which improves the verification efficiency of data integrity.Aiming at the problem of identifying invalid data of group users,the CIRG correlates the data integrity audit results by the combination of RDI correlation method and mathematical accumulation calculation,thereby reducing the number of calculations for the identification invalid data.Aiming at the problem of recovering invalid data of group users,the CIRG supports the reliable recovery of invalid data through RS erasure coding technology and the idea of shared coding,that is,not only the invalid data of legitimate users in the group can be restored,but also the invalid data of users who have left the group can be effectively restored.This solution not only improves cloud storage data sharing services,but also ensures data availability and improves the sustainability of group data sharing services.(2)This thesis analyzes the correctness,security and performance of the CIRG scheme.The correctness of the CIRG scheme is proved using the knowledge of bilinear mapping.The security of CIRG scheme under its threat model is analyzed by using one-way hash function,invertible condition of mathematical matrix and contradictory reduction.Security analysis shows that the proposed scheme can correctly verify data integrity,support invalid data recovery,and resist forgery attack and replay attack.The efficiency of the scheme is summarized from three aspects: storage cost,computing cost and communication cost.The functional properties of the CIRG scheme are summarized by comparing it with other schemes.The characteristics of single invalid data identification in CIRG scheme and batch auditing when the values of are equal are analyzed.After the user leaves the group,the functional characteristics of the update of the group shared key and the data recovery are analyzed.(3)This thesis implements the prototype system of CIRG scheme,and tests the functions of shared data storage module,invalid data identification module and invalid data recovery module.The experimental test results show that the scheme is correct and feasible in the dynamic group user data sharing service environment.