为了防止数据丢失、修改或破坏等,需要对存储在云端的远程数据进行持有性验证。云端动态数据可持有性是当前云数据安全领域的研究热点之一。该文针对已有典型基于Hash聚合动态数据持有性证明方案,分析其验证过程存在的安全问题及其产生原因。结果表明:Hash聚合方法能有效减少由于数据动态操作而增加的数据存储量、计算量、传输量等验证成本,但是如果忽略对于数据块位置与数据块值对应关系的验证则会面临替换攻击,导致严重的安全问题。
Dynamic provable data possession (DPDP) schemes are important in cloud data security to prevent the data from being lost, modified or corrupted. This paper presents security analyse of some existing schemes based on Hash aggregation and points out some security problems in the known methods and their fundamental reasons. The analyse show that Hash aggregation can effectively reduce storage, computation and transmission costs of verification due for data dynamic operations. One scheme had security vulnerabilities when verifying the relation between the position and the value of a data block that can allow a substitution attack.
[1] 谭霜, 贾焰, 韩伟红, 等. 云存储中的数据完整性证明研究及进展[J]. 计算机学报, 2014, 37(32):1-15. TANG Shuang, JIA Yan, HAN Weihong, et al. Research and development of provable data integrity in cloud storage[J]. Chinese Journal of Computers, 2014, 37(32):1-15.(in Chinese)[2] Deswarte Y, Quisquater J, Sadane A. Remote integrity checking[C]//Proc 6th Working Conference on Integrity and Internal Control in Information Systems. Lausanne, Switzerland:Springer, 2004:1-11.[3] Ateniese G, Burns R, Curtmola R, et al. Provable data possession at untrusted stores[C]//Proc 14th ACM Conference on Computer and Communications Security. Alexandria, VA, USA:ACM, 2007:598-609.[4] Ateniese G, Burns R, Curtmola R, et al. Remote data checking using provable data possession[J]. ACM Transactions on Information and System Security (TISSEC), 2011, 14(1):1-34.[5] Ateniese G, Di Pietro R, Mancini L V, et al. Scalable and efficient provable data possession[C]//Proc 4th International Conference on Security and Privacy in Communication Networks. Istanbul, Turkey:ACM, 2008:1-10.[6] Sebé F, Domingo F J, Martine B A, et al. Efficient remote data possession checking in critical information infrastructure[J]. IEEE Transactions on Knowledge and Data Engineering. 2008, 20(8):1034-1038.[7] Erway C, Küpü A, Papamanthou C, et al. Dynamic provable data possession[C]//Proc 16th ACM Conference on Computer and Communications Security. Chicago, IL, USA:ACM, 2009:213-222.[8] Wang Q, Wang C, Li J, et al. Enabling public verifiability and data dynamics for storage security in cloud[C]//Proc 14th European Symposium on Research in Computer Security. Saint-Malo, France:Springer-Verlag Berlin, 2009:355-370.[9] Barsoum A F, Hasan M A. Provable multicopy dynamic data possession in cloud computing systems[J]. IEEE Transactions on Information Forensics and Security, 2015, 10(3):485-497.[10] Liu F F, Gu D W, Lu H N. An improved dynamic provable data possession model[C]//Proc 2011 IEEE International Conference on Cloud Computing and Intelligence Systems. Beijing, China:IEEE, 2011:290-295.[11] Wang H Q. Identity-based distributed provable data possession in multi-cloud storage[J]. IEEE Transactions on Services Computing, 2015, 8(2):328-340.[12] Boneh D, Lynn B, Shacham H. Short signatures from the weil pairing[C]//Proc 7th International Conference on the Theory and Application of Cryptology and Information Security. London, UK:Springer-Verlag, 2001:514-532.
