Research On Data Integrity Verification Scheme Based On Blockchain In Cloud Storage

With the popularization and large-scale application of cloud storage services,more and more users may face data security risks such as data damage and loss in the cloud.To solve this problem,how to verify the integrity of cloud data has become a research hotspot.Traditional cloud storage data integrity verification frameworks use third-party auditing agencies(TPAs)to perform verification operations.However,TPAs may have centralization and collusion issues and cannot be completely trusted.In response to these shortcomings,the decentralization,openness,and tamper-proof characteristics of blockchain technology provide a way to verify data integrity without TPAs.Blockchain-based verification methods not only have distributed fault tolerance,but also have the ability to avoid collusion and can judge the quality of cloud services based on immutable records.However,replacing TPAs with blockchain still faces some new challenges.Due to the immutable nature and structural characteristics of the blockchain,these solutions mostly have poor scalability and low search efficiency,and even cannot support dynamic data updates on the blockchain.Moreover,some solutions cannot handle a large number of concurrent audit tasks in a timely manner.These challenges limit their large-scale practical application.This paper proposes a dynamic data integrity verification scheme based on a T-Merkle hash tree structured blockchain in cloud storage to address the low scalability and low search efficiency issues associated with blockchain used for cloud storage data integrity verification.The specific research content and contributions are as follows:(1)A T-Merkle hash tree storage structure based on the T-tree and Merkle hash tree is proposed.To address the issue of high storage overhead and low search efficiency caused by storing original blockchain data only in the leaf nodes of the Merkle hash tree,improvements were made.First,the data is stored in every node of the tree,rather than just in the leaf nodes.Second,the maximum and minimum values of the indexes are labeled for each node of the tree.Meanwhile,the indexes within the nodes are ordered,and both the tree and the nodes support binary search.Research shows that the new data structure not only improves storage and search efficiency,but also retains the verifiability of the Merkle hash tree.(2)A new decentralized data integrity verification scheme is proposed.First,the ZSS short signature algorithm is used to calculate the tags of data blocks,which reduces the calculation cost of tag generation.Data tags and entities are stored separately in the blockchain and cloud servers,avoiding dishonest behavior of the servers and ensuring data traceability.Second,in the verification phase,the client initiates a verification request,and the cloud server and blockchain generate corresponding data and tag evidence based on the challenge information and provide them to the client.The client then verifies the evidence to obtain a conclusion about data integrity.The proposed scheme shifts most of the computational cost from the client to the cloud server and blockchain,reducing the verification threshold for clients and improving verification efficiency.(3)A data integrity verification scheme that supports dynamic updates is proposed.During the update phase,data blocks may be added,modified,or deleted,and new data labels and indexes are generated for the updated data blocks.The updated data and its index information are then uploaded to the cloud server and the new data labels are appended to the latest block of the blockchain.During the data integrity verification phase,only the latest data labels from the latest block are used,while the old ones are ignored.In addition,a batch verification scheme is designed to aggregate multiple proofs into data and label proofs respectively,which shifts the computational burden from users to cloud servers and blockchains,reducing user overhead.Finally,a simulation system based on Hyperledger Fabric is implemented to verify our scheme.Security analysis and performance evaluation demonstrate that the scheme is secure and efficient.