| 引用本文: |
-
林玮,孙奕,杨佳硕,李宇杰.C2BR-VDS:面向链上链下混合存储的流数据黑盒实时验证方案[J].信息安全学报,已采用 [点击复制]
- lin wei,sun yi,yang jiashuo,li yujie.C2BR-VDS:A Black Box Real time Verification Scheme for Streaming Data for on chain and off chain Hybrid Storage[J].Journal of Cyber Security,Accept [点击复制]
|
|
| 摘要: |
| 为解决流数据外包存储场景中存在的数据丢失、损坏和恶意用户抵赖等安全问题, 本文借助区块链技术的去中心化和不可篡改性的特点, 结合传统流数据外包存储结构和认证, 提出了一种面向链上链下混合存储的流数据黑盒实时验证方案(C2BR-VDS)。该方案基于陷门哈希函数构造链上链下混合存储可认证数据结构, 链下基于陷门哈希函数自适应地存储完整流数据, 链上轻量的存储认证根节点作为关键验证信息, 验证由去中心化结构的智能合约执行, 提升了流数据外包场景下验证节点的可信度。既实现了流数据即来即验证, 提高流数据实时验证的效率, 又降低了区块链的Gas消耗。通过触发智能合约实现第三公平审计方对外包流数据进行完整性验证, 有效监管了云服务器和数据使用者, 防止恶意用户向云服务器对验证结果抵赖, 并且在区块链智能合约上应用zk-SNARKs零知识证明算法, 实现流数据链上隐私保护的黑盒验证。分析C2BR-VDS的安全性, 并且通过实验对比, 对本方案进行了评估, 将链上验证的复杂度控制到对数时间内。 |
| 关键词: 链上链下混合存储 陷门哈希函数 数据流验证 zk-SNARKs |
| DOI: |
| 投稿时间:2024-05-10修订日期:2024-07-16 |
| 基金项目:河南省自然科学基金-面上科学基金项目(No. 242300420297) |
|
| C2BR-VDS:A Black Box Real time Verification Scheme for Streaming Data for on chain and off chain Hybrid Storage |
|
lin wei, sun yi, yang jiashuo, li yujie
|
| (PLA Information Engineering University) |
| Abstract: |
| In order to address the security challenges associated with data loss, corruption and malicious user denial in the context of streaming data outsourcing storage, this paper presents a black box real-time verification scheme for streaming data for on chain and off chain hybrid storage (C2BR-VDS). The scheme makes use of the characteristics of blockchain technology, namely decentralisation and immutability, in conjunction with the conventional structure of streaming data outsourcing storage and the existing authentication mechanisms, with the aim of providing a ro-bust solution for secure data management and verification in this domain. The scheme establishes an on-chain and off-chain hybrid storage system that can be authenticated through the use of the trapdoor hash function. The com-plete stream data set is stored off-chain in accordance with the trapdoor hash function. Furthermore, the scheme employs an on-chain lightweight storage authentication root node as the key for verifying data. The verification is conducted by a smart contract with a distributive structure, thereby enhancing the credibility of the validator node in the context of streaming data outsourcing. The scheme's functions can be broadly divided into three categories: facilitating the instant verification of the stream data set; improving the efficiency of verifying the data set in re-al-time; and reducing the gas consumption of the blockchain. Upon triggering the smart contract, the third impartial auditor verifies the integrity of the outsourced streaming data, effectively supervising the cloud server and data us-ers. This prevents malicious users from denying verification results to the cloud server and applies the ZK-SNARKs zero-knowledge proof algorithm on the blockchain smart contract to achieve enhanced privacy protection on the streaming data chain through the process of verifying the data in a black box. The security of the C2BR-VDS was evaluated through an analysis of its performance and a comparison with the experimental results. The complexity of the on-chain verification process was controlled to logarithmic time. |
| Key words: hybrid storage on and off chain trapdoor hash function data flow verification zk-SNARKs |
