Research On Lattice-based User Revocable Data Integrity Verification In Cloud Storage

Cloud storage addresses the needs of enterprises and individuals for data storage,usage,sharing and protection through technologies such as distributed and virtualization.Compared to traditional storage methods,cloud storage relieves the burden of local data storage and management for enterprises and individuals,and provides convenient data access.Authorized users can upload,access,and share data anytime,anywhere.However,enterprises and users lose physical control over their data after storing it in cloud servers,raising security questions about whether the data is secure,whether there is a privacy breach,and whether the data can be recovered if the cloud server fails.Therefore,how to ensure the integrity,security and confidentiality of outsourced data needs to be addressed urgently.Security auditing is one of the common approaches to accomplish data integrity verification,where a trusted third party is used to periodically verify the integrity of the data on the cloud without downloading the entire data file.Currently,most data integrity verification schemes in cloud environments use large integer decomposition,discrete logarithms,and other difficult problems.With the rapid development of quantum computing and quantum communication technologies,their security is challenged.Lattice-based cryptography is attracting attention because of its resistance to quantum attacks and high operational efficiency.Therefore,this paper focuses on issues such as,data management security requirements,user identity privacy leakage,single outsourced data sharing,and user dynamic management,and conducts research on lattice-based user revocable data integrity verification schemes in cloud environment.The main work is as follows.(1)A revocable attribute-based data integrity auditing scheme on lattices is proposed.In the key generation stage,the user’s attribute set and the user’s identity information are embedded,and the lattice-based randomization algorithm is used to generate the signature key without key escrow.In the data submission stage,the signature is generated by combining Gaussian sampling algorithm and lattice-based extension algorithm to improve the signature efficiency.Then,the re-signature technique is used to sign only the updated or added data blocks to complete the dynamic data update.Finally,the authorization center periodically updates the revocation list and user attribute set to achieve dynamic management of users,further ensuring the data security and confidentiality.The scheme is proved to satisfy the unforgeability under the Small Integer Solution(SIS)hardness assumption.(2)A data integrity auditing scheme of lattice-based multiple groups outsourcing with revocation is proposed.In the key generation phase,we use the lattice-based delegation technology to resist key exposure attacks.In the signature phase,we combine the rejection sampling algorithm and PLR encryption system to generate signatures,improve the efficiency of signature and verification and realize data batch verification.And,the group manager periodically updates the revocation list to realize user revocation and updates the key for users who have not been revoked to ensure data forward security.Based on the Ring Small Integer Solution(RSIS)and Ring Learning with Errors(RLWE)difficulty assumptions,it is proved that the scheme satisfies unforgeability,traceability and complete anonymity.