基于身份代理离线签名的数据完整性审计协议  被引量：3

作　　者：黄薛蓉 郭荣佐[1] HUANG Xue-rong;GUO Rong-zuo(College of Computer Science,Sichuan Normal University,Chengdu 610101,China)

机构地区：[1]四川师范大学计算机科学学院,四川成都610101

出　　处：《计算机工程与设计》2020年第6期1553-1561,共9页Computer Engineering and Design

基　　金：国家自然科学基金面上基金项目(61373162、61373163);国家自然科学青年基金项目(61701331);国家科技支撑计划基金项目(2014BAH11F01、2014BAH11F02);教育部2018年第一批产学合作协同育人基金项目(华清远见教育集团)(201801082060);教育部2018年第二批产学合作协同育人基金项目(北京博创智联科技有限公司)(201802027017)。

摘　　要：为解决移动边缘设备进行数据完整性审计时在计算、存储等方面存在限制的问题,提出一种可降低用户计算量和网络通信开销的数据完整性审计方案(IBPOS-PDP)。在基于身份的密码体制上将数据签名分为轻量级在线签名和复杂离线签名,采用代理方帮助用户完成离线签名。分析当前数据完整性审计的研究方向,提出方案模型,在随机预言机模型下证明方案可靠性,攻击者伪造证书、数据签名、完整性验证证据是困难的。利用PCB库进行仿真实验,在已委托代理方生成离线签名的情况下,IBPOS-PDP方案用户计算代价小于IBPS-PDP方案。实验和性能分析结果表明,IBPOS-PDP方案在整个数据完整性审计过程中使用户计算量和系统通信量达到了较好的平衡。To solve the problem that the mobile edge device has limitations in computing and storage capacity during data integrity auditing,a data integrity auditing scheme(IBPOS-PDP)was proposed to reduce the amount of user computing and network communication overhead.Data signatures were classified into lightweight online signatures and complex offline signatures in the identity-based cryptosystem,and the agent generated the offline signature for the user.The research direction of current data integrity audit was analyzed,and the scheme model was proposed.The reliability of the scheme was proved under the random oracle model.It is difficult for the attackers to forge the certificate,the data signature,and the integrity verification evidence.The PCB library was used in the simulation experiments,in which the user calculation cost of the IBPOS-PDP scheme is lower than that of the IBPS-PDP scheme on the premise that the agent has been commissioned to generate an offline signature.The results of the experiments and the performance analysis show that the IBPOS-PDP scheme achieves better balance between user computing and system traffic throughout in the data integrity audit process.

关 键 词：移动边缘计算 完整性审计 基于身份的密码体制 可分在线/离线签名 代理签名 

分 类 号：TP309.2[自动化与计算机技术—计算机系统结构]