Computer Engineering and Applications ›› 2020, Vol. 56 ›› Issue (1): 76-82.DOI: 10.3778/j.issn.1002-8331.1809-0030

Previous Articles     Next Articles

Cloud Storage Deduplication Scheme Using Signature and Hash Technology

ZHANG Guipeng, KUANG Zhenxi, CHEN Pinghua   

  1. School of Computer, Guangdong University of Technology, Guangzhou 510006, China
  • Online:2020-01-01 Published:2020-01-02



  1. 广东工业大学 计算机学院,广州 510006

Abstract: To address the problem that data is monopolized by a single cloud storage service provider and convergence encryption adopted for existing cloud storage systems is vulnerable to brute-force attacks, a cloud storage deduplication scheme using signature and Hash technology is proposed. The scheme which uses a two-layer verification mechanism to audit data integrity, can check the integrity of the file and locate the damaged data block accurately. And a merkle Hash tree is constructed to generate the check coefficient and duplicate-lable, so that the duplicate data can be detected. In addition, a combination of Mapbox and Lockbox is used to encrypt data, which ensures that the unauthaorized users can not access the files directly. The security analysis and simulation results show that the scheme can effectively resist the brute-force attacks, reduce the computation cost of duplicate-lable generation and storage space.

Key words: data deduplication, multiple cloud storage, two-layer verification mechanism, Merkle Hash tree

摘要: 针对单一云存储服务提供商可能对数据进行垄断控制和现有云存储去重系统采用的收敛加密算法容易遭受暴力攻击等问题,提出了一种采用签名与哈希技术的云存储去重方案,通过在数据去重过程中采用双层校验机制对数据完整性进行审计,能够校验文件的完整性和精确地定位到损坏的数据块;同时构造Merkle哈希树来生成校验值,计算出去重标签,保证重复数据能够被检测;使用Mapbox和Lockbox结合的机制加密数据信息,保证非授权用户无法对文件进行访问。安全性分析及仿真实验结果表明,方案有效抵制暴力攻击,并能够降低去重标签的计算开销和减少存储空间。

关键词: 数据去重, 多云存储, 双层校验机制, Merkle哈希树