| 摘要: |
| 去中心化存储网络具有可靠性强、成本低和速度快等优点,越来越广泛地使用在各个行业中,但在去中心化存储网络中存在节点好奇和不诚实两大特点,分别导致去中心化网络节点可能窃取用户信息和用户检索时不能获得正确结果两种风险。本文通过在去中心化存储网络中引入属性基可搜索加密算法和多参数动态激励模型,构建了一种基于身份授权的可信去中心化存储网络:为了规避节点好奇的风险,在去中心化存储网络中融入一种创新的属性基可搜索加密算法,基于可搜索加密算法保护存储在节点中的数据;为了规避节点不诚实的风险,提出了基于声誉值的多参数动态激励模型,用于奖励执行诚实检索的节点,同时惩罚不诚实的节点。方案分析表明,本文提出的基于身份授权的可信去中心化存储网络在多对多数据共享过程中可以避免被好奇节点窃取信息,在检索过程中可以避免被不诚实节点返回虚假结果,与现有成果相比,本文在属性基可搜索加密算法方面提升了公钥和主密钥的生成效率,将计算集中在Setup阶段,保持后续检索的高效性,此外,本文也对创新的属性基可搜索加密算法进行了安全性分析;在激励模型方面,充分考虑节点的声誉值情况,对去中心化存储网络中的搜索节点和验证节点进行合适的奖惩,在维持去中心化网络节点活跃性的同时,鼓励节点进行诚实检索,总体而言,基于身份授权的可信去中心化存储网络相比于目前的去中心化存储网络具有较为明显的优势。 |
| 关键词: 去中心化存储网络 属性基可搜索加密 激励模型 |
| DOI:10.19363/J.cnki.cn10-1380/tn.2025.05.04 |
| 投稿时间:2023-04-18修订日期:2023-10-09 |
| 基金项目:本课题得到国家自然基金项目(No. U1836215)、北京邮电大学大学生创新创业项目(No. 202213012)资助 |
|
| Trusted Decentralized Storage Network Based on Identity Authorization |
| ZHANG Jingyu,LIU Qi,PENG Hongrui,YANG Zenghui,YUAN Kaiguo,LI Xiaoyong |
| Beijing University of Posts and Telecommunications, Beijing 100876, China |
| Abstract: |
| With the advantages of high reliability, low cost, and high speed, decentralized storage network is increasingly used in various industries, but there are two major characteristics of node curiosity and dishonesty in decentralized storage network, which lead to two risks that decentralized network nodes may steal user information and users cannot get correct results when searching, respectively. In this paper, a trusted decentralized storage network based on identity authorization is constructed by introducing an attribute-based searchable encryption algorithm and a multi-parameter dynamic incentive model in the decentralized storage network: to avoid the risk of node curiosity, an innovative attribute-based searchable encryption algorithm is incorporated into the decentralized storage network. The searchable encryption algorithm could protect the data stored in the nodes; to avoid the risk of node dishonesty, a multi-parameter dynamic incentive model based on reputation value is proposed to reward nodes that perform honest retrieval while punishing dishonest nodes. The scheme analysis shows that the trusted decentralized storage network based on identity authorization proposed in this paper can avoid information theft by curious nodes in the process of multi-owner to multi-user data sharing, and can avoid false results returned by dishonest nodes in the retrieval process; compared with existing results, this paper improves the efficiency of public key and master key generation in terms of attribute-based searchable encryption algorithm, and the calculation is concentrated in the Setup stage to maintain the high efficiency of subsequent retrieval. In addition, this paper also conducts a security analysis on the innovative attribute-based searchable encryption algorithm; in terms of incentive model, the nodes' reputation value situation is fully considered, and the search nodes and verification nodes in the decentralized storage network are appropriately rewarded and punished to encourage the nodes to perform honest retrieval while maintaining the activity of the decentralized network nodes. Overall, the trusted decentralized storage network based on identity authorization has more obvious advantages over the current decentralized storage network. |
| Key words: decentralized storage network attribute-based searchable encryption incentive model |
