新的云存储文件去重复删除方法  被引量：6

作　　者：杨超[1] 纪倩[1] 熊思纯 刘茂珍[1] 马建峰[1] 姜奇[1] 白琳[2] 

机构地区：[1]西安电子科技大学网络与信息安全学院,陕西西安710071 [2]西安邮电大学计算机学院,陕西西安710121

出　　处：《通信学报》2017年第3期25-33,共9页Journal on Communications

基　　金：国家自然科学基金资助项目(No.61672415;No.61671360;No.61672413);陕西省教育厅科研基金资助项目(No.14JK1665)~~

摘　　要：去重被广泛地应用于云存储服务中以节省带宽和存储资源,然而,客户端去重复化删除中仍存在安全缺陷,使外部攻击者可访问用户私有数据。基于密文的跨用户的去重复化删除方案Xu-CDE被首次提出,该方案支持在外部攻击者和诚实且好奇的服务器同时存在的场景下保护数据隐私,具有良好的理论意义和代表性。然而该方案中的用户所有权认证凭据缺乏实时性保护,以致不能抵抗重放攻击。针对该缺陷,提出改进方案云存储中基于MLE与随机数改进的客户端密文去重(MRN-CDE),引入随机因子以保障认证凭据的实时性,并利用MLE-KP算法通过原始文件提取密钥代替用文件本身作为加密密钥,在提高安全性的同时大大降低了运算量。经过安全性分析与测试,结果表明,所提出的改进方案MRN-CDE在Xu-CDE方案的基础上,不仅增强所有权认证的安全性,而且在时间效率上也有所提高,对于云端大文件的文件去重效果尤其佳,具有一定的应用价值。Deduplication is widely used in cloud storage service to save bandwidth and storage resources,however,the security of client deduplication still flaws in an external attack to access a user＇s private data.Xu-CDE,a deduplication solution of encrypting data for multi-client was first proposed,which could protect the privacy of data from the external attackers and honest but curious server,with favorable theoretical meaning and representativeness.However,in Xu-CDE,the user ownership authentication credentials were lack of instantaneity protection,which could not resist replay attack.As an improvement to the flaw,the protocol MRN-CDE（MLE based and random number modified client-side deduplication of encrypted data in cloud storage） was proposed,adding random number in order to ensure the instantaneity of the authentication credentials,and using the algorithm of MLE-KP to extract key from original file to replace the file itself as an encryption key.As a consequence,the new protocol improved security while significantly reduced the amount of computation.After the safety analysis and the actual tests,results show that based on Xu-CDE,the proposed protocol MRN-CDE has stronger security of ownership,and improves time efficiency.Specially,the new protocol works better on large files in cloud with a certain value.

关 键 词：加密数据 去重 所有权认证 实时性 云存储 

分 类 号：TP391[自动化与计算机技术—计算机应用技术]