认证数据结构(authenticated data structure, ADS) 解决了数据外包存储场景下服务器的不可信问题, 用户通过ADS可以验证不可信服务器返回查询结果的正确性与完整性, 但数据拥有者的安全性难以保证, 攻击者可以篡改数据拥有者存储的ADS, 破坏对查询结果的完整性、正确性验证. 数据拥有者将ADS存储在区块链上, 借助区块链的不可篡改性, 可以解决上述问题. 但现有ADS实现方案在区块链上维护成本较高并且大部分只支持静态数据的可验证查询, 目前缺少一种针对区块链设计的高效ADS. 通过分析智能合约的gas消耗机制与基于传统MHT的ADS的gas开销, 提出一种新型ADS认证结构SMT, 实现对流数据的高效可验证查询, 并且在区块链上具备更低的gas消耗. 从理论及实验出发, 验证了SMT的高效性, 通过安全性分析, 证明了SMT的安全性.
The authenticated data structure (ADS) solves the problem of untrusted servers in outsourced data storage scenarios as users can verify the correctness and integrity of the query results returned by untrusted servers through the ADS. Nevertheless, the security of data owners is difficult to guarantee, and attackers can tamper with the ADS stored by data owners to impede the integrity and correctness verification of query results. Data owners can store the ADS on the blockchain to solve the above problem by leveraging the immutable nature of the blockchain. However, the existing ADS implementation schemes have high maintenance costs on the blockchain and most of them only support the verifiable query of static data. At present, an efficient ADS tailored to the blockchain is still to be designed. By analyzing the gas consumption mechanism of smart contracts and the gas consumption of the ADS based on the traditional Merkle hash tree (MHT), this study proposes SMT, a new ADS, which achieves efficient and verifiable query of streaming data and has a lower gas consumption on the blockchain. Finally, the study verifies the efficiency of SMT both theoretically and experimentally and proves the security of SMT through security analysis.
孙钰山,杨靖聪,夏琦,高建彬. SMT: 一种区块链上适用于流数据高效认证的数据结构.软件学报,,():1-18复制