- 學位論文
多合作者模式下的儲存驗證機制
Multiple-Committed Proof of Data Possession Among Multiple Co-Workers
若您是本文的作者,可授權文章由華藝線上圖書館中協助推廣。
摘要
在這篇論文中,我們建立了一個多人合作模式下的儲存驗證機制。我們的模型中會有一個檔案的最初擁有者和許多的合作者。每個合作者會需要經過檔案擁有者的同意才能加入群組。而每個合作者的公鑰也會經過擁有者的計算和簽章。與之前的模型不同的是,每個合作者在修改或寫入檔案都可以產生他獨有的簽章並對應的修改我們的樹。 我們同時也會需要一個伺服器或信任第三方來扮演擁有者和合作者間的橋樑,儲存擁有者和合作者的公鑰和身分列表,並讓他們能順利的交換訊息。 而在驗證的時候,我們必須先檢查簽章的簽署人的身分,接著取出相對應的公鑰組。來進行驗證。 經過我們的模型,一般的儲存驗證機制都可以轉換成一個多人合作模式下的儲存驗證機制。我們同時也可以使用我們的機制達成對於合作者存取控制的機能。並且,由於所有的簽章都具有公開驗證性,所以我們可以確認任何不當使用者的身分,並使他們無法否認。 我們也對於我們簽章產生的機制進行了小小的改善。使得我們簽章的速度能運行的稍微快速並同時保持我們的安全性。經過我們的實作和實驗,我們發現支持多合作者的代價在我們可以接受的範圍。
並列摘要
Our proposed scheme is a scheme focused on Proof of Data Possession (PDP) among multiple co-workers. We will have a master who originally owns the file and a group of co-workers. Every granted co-worker can generate valid signatures and modify the Merkle Hash Tree on files he writes or modifies. We will also have a server or trusted third party to play the role of bridge between the co-workers and the master, storing the public key and identity list of owners and co-workers. During verification phase, we should first check the signer of the tokens then retrieve the proper public keys to the verifier. We proposed a protocol that can change normal PDP or POR into a shared PDP or a shared POR among many coworkers. The advantage of our scheme is that we can do some access control on the co-workers and keep track of any co-workers’ behavior. If someone cheats, we can undeniably know who the cheater is by examining the fragment of the modified file. We also make some improvements on the BLS signature based PDP making it faster but still secure. Duo to our implementations and experiments, we can truly say that the additional cost of our scheme is acceptable.
參考文獻
[1] R. C. Merkle, "Protocols for public key cryptosystems, " Security and Privacy, IEEE Symposium on, pp. 0-122, 1980.
[2] A. D. Caro, "The Java Pairing Based Cryptography Library," http://gas.dia.unisa.it/projects/jpbc/
[7] H. Shacham, and B. Waters, "Compact proofs of retrievability," In J. Pieprzyk, editor, Advances in Cryptology - ASIACRYPT 2008, volume 5350 of Lecture Notes in Computer Science, pp. 90–107, 2008.
[8] D. Boneh, B. Lynn, and H. Shacham, "Short signatures from the weil pairing," In C. Boyd, editor, Advances in Cryptology ASIACRYPT 2001, volume 2248 of Lecture Notes in Computer Science, pp. 514–532, 2001.
[9] Q. Wang, C. Wang, J. Li, K. Ren, and W. Lou, "Enabling public verifiability and data dynamics for storage security in cloud computing," In ESORICS, pp. 355–370, 2009.
延伸閱讀
- 林正華(2013)。基於角色為基礎存取控制模式之無所不在的資源安全同步分享機制〔碩士論文,國立臺中科技大學〕。華藝線上圖書館。https://doi.org/10.6826/NUTC.2013.00099
- 沈冠毅(2009)。下行多載波分碼多重存取系統之用戶分組與適應性調變機制〔碩士論文,國立暨南國際大學〕。華藝線上圖書館。https://doi.org/10.6837/NCNU.2009.00272
- 郭文中、朱育萱(2010)。無需驗證表的多伺服器認證協定之安全性分析與改良。載於中華民國資訊安全學會(主編),全國資訊安全會議(頁151-156)。中華民國資訊安全學會。https://doi.org/10.29615/CISC.201005.0151
- 張育智(2007)。The Research of the Mathematical Optimization Mode to Hire Miscellaneous Employees〔碩士論文,國立中央大學〕。華藝線上圖書館。https://www.airitilibrary.com/Article/Detail?DocID=U0031-0207200917344068
- 徐雪琪(2009)。Exploring the Quality of Data-Mining again。Journal of Data Analysis,4(6),1-16。https://doi.org/10.6338/JDA.200912_4(6).0001