边缘环境下基于动态变色龙认证树的完整性审计

段敬; 段婕; 万雪枫; 刘海涛

doi:10.13451/j.sxu.ns.2024007

PDF(1322 KB)

山西大学学报(自然科学版) ›› 2025, Vol. 48 ›› Issue (3) : 505-515. DOI: 10.13451/j.sxu.ns.2024007

信息科学

边缘环境下基于动态变色龙认证树的完整性审计

作者信息 +

国网山西省电力公司信息通信分公司，山西太原 030021

作者简介:

段敬（1983 $-$ ），男，山西太原人，正高级工程师，主要研究方向为数字化业务运营管理。E-mail：catduanjing@163.com

折叠

Integrity Audit Based on Dynamic Chameleon Authentication Tree in Edge Environments

Author information +

History +

摘要

边缘计算结构比传统云计算更具复杂性，因此数据完整性问题变得尤为重要。针对目前完整性审计方案中仍然存在的隐私保护能力差、计算存储开销大、系统复杂度高、不支持动态操作等问题，本文提出基于动态变色龙认证树的完整性审计方案。该方案在数据加密阶段，引入无证书公钥密码体制，在用户端生成数据加解密钥，保证了数据在系统传输过程中的完整性、机密性；在数据上传阶段，采用动态变色龙认证树存储结构，保证数据存取过程全动态操作的同时，减少通信计算开销；并利用边缘节点的计算能力进行完整性审计，避免了因第三方审计机构而产生的单点失效问题。在随机预言模型下，基于计算性Diffie-Hellman困难问题（Computationa Diffie-Hellman Problem，CDH）和离散对数困难问题证明了本方案的机密性。实验证明，相较于其他完整性审计方案，本方案的计算效率更优，能节省约50%的计算存储开销。

Abstract

Edge computing structures are more complex than traditional cloud computing, so data integrity issues become even more important. In order to solve the problems of poor privacy protection ability, high computing and storage overhead, high system complexity, and lack of support for dynamic operation in the current integrity audit schemes, this paper proposes an integrity audit scheme based on dynamic chameleon authentication tree. In the data encryption stage, the scheme introduces a certificateless public key cryptography system to generate a data encryption and decoding key at the user end to ensure the integrity and confidentiality of the data in the process of system transmission; in the data upload stage, the dynamic chameleon authentication tree storage structure is adopted to ensure the full dynamic operation of the data access process and reduce the communication computing overhead; and the computing power of the edge node is used to carry out integrity audit, which avoids the problem of single point failure caused by the third-party audit agency. Under the stochastic oracle model, the confidentiality of the scheme is proved based on the computational DH difficulty problem and the discrete logarithmic difficulty problem. The experiments show that compared with other integrity audit schemes, the proposed scheme has better computing efficiency and can save about 50% of computing and storage overhead.

关键词

数据完整性 / 变色哈希函数 / 无证书公钥密码 / 默克尔树 / 动态审计

Key words

data integrity / chameleon hash function / certificateless public key cryptography / merkle tree / dynamic auditing

中图分类号

TP309.7

引用本文

EndNote

Ris (Procite)

Bibtex

导出引用

段敬 , 段婕 , 万雪枫 , 等. 边缘环境下基于动态变色龙认证树的完整性审计. 山西大学学报(自然科学版). 2025, 48(3): 505-515 https://doi.org/10.13451/j.sxu.ns.2024007

DUAN Jing, DUAN Jie, WAN Xuefeng, et al. Integrity Audit Based on Dynamic Chameleon Authentication Tree in Edge Environments[J]. Journal of Shanxi University(Natural Science Edition). 2025, 48(3): 505-515 https://doi.org/10.13451/j.sxu.ns.2024007

参考文献

列表( 原文顺序 | 文献年度倒序 | 文中引用次数倒序 ) 可视化分析

彭小圣, 邓迪元, 程时杰, 等. 面向智能电网应用的电力大数据关键技术[J]. 中国电机工程学报, 2015, 35(3): 503-511. DOI: 10.13334/j.0258-8013.pcsee.2015.03.001 .

PENG

X S

, DENG

D Y

, CHENG

S J

, et al. Key Technologies of Electric Power Big Data and Its Application Prospects in Smart Grid[J]. Proc CSEE, 2015, 35(3): 503-511. DOI: 10.13334/j.0258-8013.pcsee.2015.03.001 .

本文引用 [1]

2	陈冬,周潭平,宋子超等.智能电网中隐私保护的数据聚合研究综述[J].密码学报,2023, 10(6): 1–13. DOI:10.13868/j.cnki.jcr.000653 . CHEN D, ZHOU T P, SONG Z C, et al. A Review of Data Aggregation on Privacy Protection in Smart Grid[J].J Cryptol Res, 2023, 10(6): 1–13. DOI:10.13868/j.cnki.jcr.000653 . 本文引用 [1]

3	李千叶, 郎帅. 基于物联网技术的智能电网数据安全问题分析[J]. 模具制造, 2023, 23(11): 193-195. DOI: 10.12147/j.cnki.1671-3508.2023.11.061 . LI Q Y, LANG S. Analysis of Data Security Issues in Smart Grid Based on IoT Technology[J]. Die Mould Manuf, 2023, 23(11): 193-195. DOI: 10.12147/j.cnki.1671-3508.2023.11.061 . 本文引用 [1]

程钎, 陈羽, 孙伶雁. 考虑服务配置的细粒度电力任务云边协同优化调度策略[J]. 电力系统保护与控制, 2023, 51(7): 53-62. DOI: 10.19783/j.cnki.pspc.221116 .

CHENG

, CHEN

, SUN

L Y

. Cloud-edge Collaborative Optimization Scheduling Strategy for Fine-grained Power Tasks Considering Service Configuration[J]. Power Syst Prot Contr, 2023, 51(7): 53-62. DOI: 10.19783/j.cnki.pspc.221116 .

本文引用 [1]

张佳乐, 赵彦超, 陈兵, 等. 边缘计算数据安全与隐私保护研究综述[J]. 通信学报, 2018, 39(3): 1-21. DOI: 10.11959/j.issn.1000-436x.2018037 .

ZHANG

J L /Y)

, ZHAO

Y C

, CHEN

, et al. Survey on Data Security and Privacy-preserving for the Research of Edge Computing[J]. J Commun, 2018, 39(3): 1-21. DOI: 10.11959/j.issn.1000-436x.2018037 .

本文引用 [1]

6	王惠莅. 面向云计算环境的数据安全技术研究[D]. 西安: 西安电子科技大学, 2022. WANG H L. Research on Data Security Technology for Cloud Computing Environment[D].Xi'an: Xidian University, 2022. 本文引用 [1]

7	张振超, 刘亚丽, 殷新春, 等. 无证书签名方案的分析及改进[J]. 密码学报, 2020, 7(3): 389-403. DOI: 10.13868/j.cnki.jcr.000375 . ZHANG Z C, LIU Y L, YIN X C, et al. Analysis and Improvement of Certificateless Signature Schemes[J]. J Cryptologic Res, 2020, 7(3): 389-403. DOI: 10.13868/j.cnki.jcr.000375 . 本文引用 [1]

8	ATENIESE G, BURNS R, CURTMOLA R, et al. Provable Data Possession at Untrusted Stores[C]//Proceedings of the 14th ACM Conference on Computer and Communications Security. Alexandria, Virginia, USA: ACM, 2007: 598-609. DOI: 10.1145/1315245.1315318 . 本文引用 [1]

9	JUELS A, KALISKI B S. Pors: Proofs of Retrievability for Large Files[C]//Proceedings of the 14th ACM Conference on Computer and Communications Security. Alexandria, Virginia, USA: ACM, 2007. 584-597. DOI: 10.1145/1315245.1315317 . 本文引用 [1]

10	SHACHAM H, WATERS B. Compact Proofs of Retrievability[C]//Proceedings of the Advances in Cryptology-ASIACRYPT 2008. Berlin, Heidelberg: Springer-Verlag, 2008. 90-107. DOI: 10.1007/978-3-540-89255-7_7 . 本文引用 [1]

李秀艳, 刘明曦, 史闻博, 等. 基于云存储的动态组共享数据完整性验证方案[J]. 计算机工程与设计, 2022, 43(6): 1510-1519. DOI: 10.16208/j.issn1000-7024.2022.06.002 .

X Y

, LIU

M X

, SHI

W B

, et al. Dynamic Group Shared Data Integrity Verification Scheme Based on Cloud Storage[J]. Comput Eng Des, 2022, 43(6): 1510-1519. DOI: 10.16208/j.issn1000-7024.2022.06.002 .

本文引用 [1]

12	刘峰, 赵俊峰. 基于区块链的云存储数据完整性验证方案[J]. 应用科学学报, 2021, 39(1): 164-173. DOI: 10.3969/j.issn.0255-8297.2021.01.014 . LIU F, ZHAO J F. Cloud Storage Data Integrity Verification Scheme Based on Blockchain[J]. J Appl Sci, 2021, 39(1): 164-173. DOI: 10.3969/j.issn.0255-8297.2021.01.014 .

13	雷莹. 云存储系统数据完整性安全审计的研究[D]. 北京: 北京交通大学, 2019. LEI Y. Research on Data Integrity Security Audit of Cloud Storage System[D]. Beijing: Beijing Jiaotong University, 2019. 本文引用 [3]

14	LI J T, ZHANG L, LIU J K, et al. Privacy-preserving Public Auditing Protocol for Low-performance End Devices in Cloud[J]. IEEE Trans Inf Forensics Secur, 2016, 11(11): 2572-2583. DOI: 10.1109/TIFS.2016.2587242 . 本文引用 [1]

15	LIN C, SHEN Z D, CHEN Q, et al. A Data Integrity Verification Scheme in Mobile Cloud Computing[J]. J Netw Comput Appl, 2017, 77(C): 146-151. DOI: 10.1016/j.jnca.2016.08.017 . 本文引用 [2]

16	ZHOU J, JIN Y, HE H, et al. Dynamic Audit Model of Cloud Data Based on Nested Merkle Hash Tree Blockchain[J].J Netw Comput Appl, 2019, 39(12): 3575-3583. 本文引用 [8]

李桐, 任帅, 王刚, 等. 基于变色龙认证树的云边端协同流式数据完整性验证模型[J]. 信息网络安全, 2022(1): 37-45. DOI: 10.3969/j.issn.1671-1122.2022.01.005 .

, REN

, WANG

, et al. Cloud-edge-device Collaborative Integrity Verification Scheme Based on Chameleon Authentication Tree for Streaming Data[J]. Netinfo Secur, 2022, 22(1): 37-45. DOI: 10.3969/j.issn.1671-1122.2022.01.005 .

本文引用 [4]

18	张丽娟. 基于区块链技术的智能电网安全聚合方案[J]. 数字技术与应用, 2023, 41(10): 229-231. DOI: 10.19695/j.cnki.cn12-1369.2023.10.72 . ZHANG L J. Smart Grid Security Aggregation Scheme Based on Blockchain Technology[J]. Digit Technol Appl, 2023, 41(10): 229-231. DOI: 10.19695/j.cnki.cn12-1369.2023.10.72 . 本文引用 [1]

19	韦涛, 周治平. 基于区块链的用能数据完整性保护框架[J]. 电力自动化设备, 2021, 41(12): 102-107. DOI: 10.16081/j.epae.202108010 . WEI T, ZHOU Z P. Integrity Protection Framework for Energy Consumption Data Based on Blockchain[J]. Electr Power Autom Equip, 2021, 41(12): 102-107. DOI: 10.16081/j.epae.202108010 . 本文引用 [1]

20	李丽娟. 变色龙哈希函数设计及应用研究[D]. 郑州: 河南工业大学, 2014. LI L J. Chameleon Hash Function Design and Application Research[D]. Zhengzhou: Henan University of Technology, 2014. 本文引用 [1]

黄雪刚, 高天寒, 李宇溪. 面向流式数据认证的变色龙认证树算法研究[J]. 四川大学学报(工程科学版), 2016, 48(2): 139-144. DOI: 10.15961/j.jsuese.2016.02.020 .

HUANG

X G

, GAO

T H

, LI

Y X

. Research on Chameleon Certification Tree Algorithm for Streaming Data Authentication[J]. J Sichuan Univ Eng Sci Ed, 2016, 48(2): 139-144. DOI: 10.15961/j.jsuese.2016.02.020 .

本文引用 [1]

22	陈科. 基于动态变色龙认证树的流式数据完整性验证研究与应用[D]. 沈阳: 东北大学, 2014. CHEN K. Research and Application of Streaming Data Integrity Verification Based on Dynamic Chameleon Authentication Tree[D].Shenyang: Northeastern University, 2014. 本文引用 [2]

周彦伟, 杨波, 张文政. 不使用双线性映射的无证书签密方案的安全性分析及改进[J]. 计算机学报, 2016, 39(6): 1257-1266. DOI: 10.11897/SP.J.1016.2016.01257 .

ZHOU

Y W

, YANG

, ZHANG

W Z

. Security Analysis and Improvement of Certificateless Signcryption Scheme without Bilinear Pairing[J]. Chin J Comput, 2016, 39(6): 1257-1266. DOI: 10.11897/SP.J.1016.2016.01257 .

本文引用 [1]

24	PRINCE G, DU R Z. Data Integrity Audit Scheme Based on Certificateless Public Key Cryptography in Edge Environment[J]. J Commun, 2022, 43(7): 62-72. 本文引用 [1]

基金

国网山西省电力公司科技项目(52051C220001)

PDF(1322 KB)

Accesses

Citation

Detail

段落导航

Received	Accepted	Published
2023-11-03	2024-01-26	2025-05-25
Issue Date
2025-06-13

选择文件类型/文献管理软件名称

选择包含的内容