| 摘要: | 雲端儲存服務是雲端計算中最基本的應用之一。使用者可以將大量的資料放置在雲端中,就可在不同地點、使用不同的端末設備(例如手機、NB、辨公室桌上電腦),輕鬆存取這些存放在雲端中的檔案。這樣的解決方案雖然有許多好處,但同時也帶來了新的資料安全的挑戰。因為一旦使用者將檔案部署到雲端,就同時失去了控制這些檔案的能力;況且在雲端中的檔案可能被雲端伺服器不小心破壞或惡意刪除,卻不告知使用者。因此,使用者如何確保存放在雲端上檔案的完整性,是一個基本且重要的議題。目前的研究將這一方面的解決方案稱作「可證明資料擁有」(PDP)技術;也就是藉由良好的設計方法,使用者可以定期的稽核存放在雲端上的檔案,而雲端伺服器必須提出「證明」,證實其確實完整保有該檔案。目前已經提出的PDP技術,大多採用RSA或雙線性配對密碼系統,但是這些技術比起採用橢圓曲線密碼系統(ECC)為基礎的方法,需花費較多的計算和通訊成本。此外,為達計算和通訊上的成本最小化,目前的PDP技術大多採「集合式驗證法」,但此法往往容易遭遇「存在性偽造」的攻擊。再者,大多的PDP技術,是採隨機的抽取檔案區塊,來檢核該檔案完整性的目的。但這樣的方式對於檔案只被少部分破壞的情況,會有其限制性。之前的文獻大多採用「錯誤更正碼」技術來補足。但我們知道「錯誤更正碼」技術必須增加許多的冗位元,這可能不是最好的策略。有鑑於此,本研究計畫預計提出一個採用只需花費較少的計算就可達到相同安全等級的橢圓曲線密碼學元件,來作為設計PDP技術的基礎。同時針對隨機抽樣方法的限制性,本研究亦會嘗試發展其他的策略,來修正其缺點,以檢測出只遭極少破壞的雲端檔案,以確保雲端中的檔案完整性。
Cloud storage service is one of the most basic applications of cloud computing. In the service, the users can outsource large amount of data to the cloud storage, so that by using different end devices, such as mobile phones, notebooks, or desktop computers in the office, the user can easily retrieve the outsourced file at different locations. Although, this solution has brought in many benefits; however, it also suffers new challenge of data security, for that the user will lose the control of the outsourced files, once they have been outsourced to the cloud. Even, the server may unintentionally delete or maliciously destroy the data without informing the user. Therefore, the importance of keeping the outsourced file intact in the cloud becomes evident. The current research name this kind of solution as a “provable data possession” (PDP) technology. In it, users can periodically audit the outsourced file in the cloud storage; subsequently, the storage server has to respond with a proof to prove that he actually keeps the file unaltered. Most of the currently proposed PDP schemes adopt RSA or bilinear pairings cryptosystems, which are more time-consuming when compared with the ECC one, to design their systems. It costs more computation and communication overhead. To minimize these burdens, these schemes usually use aggregated verification for examining the file integrity. However, the aggregated verification is easy to suffer the existential forgery attack. Moreover, most PDP schemes also use the random sampling to audit the file integrity, but this will incur malfunction when only little portion of the file was corrupted. In this aspect, most of the researches in the literature apply error-correcting code to compensate it. However, we know that the error-correcting code must add redundancy bits to make the scheme work well. This makes great overhead. For this reason, this research plan to use ECC cryptosystem, which only uses less computation overhead to attain the same security level as RSA and bilinear pairings do, as the basis to design our scheme. Meanwhile, aiming at the sampling confinement, this research will try to develop the other strategy to mitigate the limitation of the sampling in order to maintain file integrity when only little part of the file in the cloud was damaged. |
