Blockchain-Based Privacy-Preserving Deduplication and Integrity Auditing in Cloud Storage

IF 3.6 2区计算机科学 Q2 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

IEEE Transactions on Computers Pub Date : 2025-02-11 DOI:10.1109/TC.2025.3540670

Qingyang Zhang;Shuai Qian;Jie Cui;Hong Zhong;Fengqun Wang;Debiao He

{"title":"Blockchain-Based Privacy-Preserving Deduplication and Integrity Auditing in Cloud Storage","authors":"Qingyang Zhang;Shuai Qian;Jie Cui;Hong Zhong;Fengqun Wang;Debiao He","doi":"10.1109/TC.2025.3540670","DOIUrl":null,"url":null,"abstract":"Ensuring cloud data security and reducing cloud storage costs have become particularly important. Many schemes expose user file ownership privacy when deduplicating authentication tags and during integrity auditing. Moreover, key management becomes more difficult as the number of files increases. Also, many audit schemes rely on third-party auditors (TPAs), but finding a fully trustworthy TPA is challenging. Therefore, we propose a blockchain-based integrity audit scheme supporting data deduplication. It protects file tag privacy during deduplication of ciphertexts and authentication tags, safeguards audit proof privacy, and effectively protects user file ownership privacy. To reduce key management costs, we introduce identity-based broadcast encryption (IBBE) that does not require interaction with key servers, eliminating additional communication costs. Additionally, we use smart contracts for integrity auditing, eliminating the need for a fully trusted TPA. We evaluate the proposed scheme through security and theoretical analyses and a series of experiments, demonstrating its efficiency and practicality.","PeriodicalId":13087,"journal":{"name":"IEEE Transactions on Computers","volume":"74 5","pages":"1717-1729"},"PeriodicalIF":3.6000,"publicationDate":"2025-02-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Computers","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10880112/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

Ensuring cloud data security and reducing cloud storage costs have become particularly important. Many schemes expose user file ownership privacy when deduplicating authentication tags and during integrity auditing. Moreover, key management becomes more difficult as the number of files increases. Also, many audit schemes rely on third-party auditors (TPAs), but finding a fully trustworthy TPA is challenging. Therefore, we propose a blockchain-based integrity audit scheme supporting data deduplication. It protects file tag privacy during deduplication of ciphertexts and authentication tags, safeguards audit proof privacy, and effectively protects user file ownership privacy. To reduce key management costs, we introduce identity-based broadcast encryption (IBBE) that does not require interaction with key servers, eliminating additional communication costs. Additionally, we use smart contracts for integrity auditing, eliminating the need for a fully trusted TPA. We evaluate the proposed scheme through security and theoretical analyses and a series of experiments, demonstrating its efficiency and practicality.

查看原文本刊更多论文

云存储中基于区块链的隐私保护重复数据删除和完整性审计

确保云数据安全和降低云存储成本变得尤为重要。许多方案在重复数据删除身份验证标记和完整性审计期间暴露用户文件所有权隐私。此外，随着文件数量的增加，密钥管理变得更加困难。此外，许多审计方案依赖于第三方审计员（TPA），但找到一个完全值得信赖的TPA是具有挑战性的。因此，我们提出了一种支持重复数据删除的基于区块链的完整性审计方案。在密文和认证标签重复删除过程中保护文件标签隐私，保护审计证明隐私，有效保护用户文件所有权隐私。为了降低密钥管理成本，我们引入了不需要与密钥服务器交互的基于身份的广播加密（IBBE），从而消除了额外的通信成本。此外，我们使用智能合约进行完整性审计，从而消除了对完全可信的TPA的需求。我们通过安全性和理论分析以及一系列的实验对所提出的方案进行了评估，证明了它的有效性和实用性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Transactions on Computers 工程技术-工程：电子与电气

CiteScore

6.60

自引率

5.40%

发文量

199

审稿时长

6.0 months

期刊介绍： The IEEE Transactions on Computers is a monthly publication with a wide distribution to researchers, developers, technical managers, and educators in the computer field. It publishes papers on research in areas of current interest to the readers. These areas include, but are not limited to, the following: a) computer organizations and architectures; b) operating systems, software systems, and communication protocols; c) real-time systems and embedded systems; d) digital devices, computer components, and interconnection networks; e) specification, design, prototyping, and testing methods and tools; f) performance, fault tolerance, reliability, security, and testability; g) case studies and experimental and theoretical evaluations; and h) new and important applications and trends.