The key security management scheme of cloud storage based on blockchain and digital twins

Abstract

As a secure distributed ledger technology, blockchain has attracted widespread attention from academia and industry for its decentralization, immutability, and traceability characteristics. This paper proposes a cloud storage key security management scheme based on blockchain. To resist brute-force attacks launched by adversaries on ciphertexts, the scheme uses an oblivious pseudo-random function (OPRF) to generate randomized convergent keys and improve data confidentiality. Second, the scheme enhances the reliability of concurrent key management through a secret sharing mechanism, where convergent keys are split into key fragments and distributed on blockchain for storage. Even if a certain number of key fragments are lost or damaged, users can still recover complete key information through block transaction records. In addition, the scheme effectively supports file-level and block-level data security deduplication. Security analysis and experimental performance evaluation indicate that this scheme can ensure the security of keys and the confidentiality of data, and it has a low computational overhead for generating file-level encryption keys under this scheme. Even for a 100 MB file, the computational overhead required for generating encryption keys is less than 2 s, which improves computational efficiency.