[1]

M. Aigner, G. Ziegler,

*Proofs from the Book*, 3rd edn. (Springer, Berlin, 2004)

CrossRef[2]

N. Alon, M. Luby, A linear time erasure-resilient code with nearly optimal recovery.

*IEEE Trans. Inf. Theory*
**42**(6), 1732–1736 (1996)

MathSciNetMATHCrossRef[3]

G. Ateniese, R. Burns, R. Curtmola, J. Herring, O. Khan, L. Kissner, Z. Peterson, D. Song, Remote data checking using provable data possession. *ACM Trans. Inf. Syst. Security*
**14**(1) (2011)

[4]

G. Ateniese, R. Di Pietro, L. Mancini, G. Tsudik, Scalable and efficient provable data possession, in *Proceedings of SecureComm 2008, ICST*, ed. by P. Liu, R. Molva (2008), pp. 1–10

[5]

G. Ateniese, S. Kamara, J. Katz, Proofs of storage from homomorphic identification protocols, in

*Proceedings of Asiacrypt 2009*, ed. by M. Matsui. LNCS, vol. 5912 (Springer, Berlin, 2009), pp. 319–333

CrossRef[6]

P. Barreto, M. Naehrig, Pairing-friendly elliptic curves of prime order, in *Proceedings of SAC 2005*, ed. by B. Preneel, S. Tavares. LNCS, vol. 3897 (Springer, Berlin, 2006), pp. 319–331

[7]

M. Bellare, A. Desai, E. Jokipii, P. Rogaway, A concrete security treatment of symmetric encryption, in *Proceedings of FOCS 2007*, ed. by A.R. Karlin (IEEE Computer Society, Los Alamitos, 1997), pp. 394–403

[8]

M. Bellare, O. Goldreich, A. Mityagin, The power of verification queries in message authentication and authenticated encryption. Cryptology ePrint Archive, Report 2004/309, 2004.

http://eprint.iacr.org/
[9]

D. Boneh, B. Lynn, H. Shacham, Short signatures from the Weil pairing.

*J. Cryptol.*
**17**(4), 297–319 (2004)

MathSciNetMATHCrossRef[10]

K.D. Bowers, A. Juels, A. Oprea, Proofs of retrievability: theory and implementation, in *Proceedings of CCSW 2009*, ed. by R. Sion, D. Song (ACM Press, New York, 2009), pp. 43–54

[11]

H. Cohen,

*A Course in Computational Algebraic Number Theory*. Graduate Texts in Mathematics, vol. 138 (Springer, Berlin, 1993)

MATHCrossRef[12]

R. Cramer, V. Shoup, Signature schemes based on the strong RSA assumption.

*ACM Trans. Inf. Syst. Secur.*
**3**(3), 161–185 (2000)

CrossRef[13]

R. Cramer, V. Shoup, Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack.

*SIAM J. Comput.*
**33**(1), 167–226 (2003)

MathSciNetMATHCrossRef[14]

Y. Deswarte, J.-J. Quisquater, A. Saïdane, Remote integrity checking, in *Proceedings of IICIS 2003*, ed. by S. Jajodia, L. Strous. IFIP, vol. 140 (Kluwer Academic, Dordrecht, 2004), pp. 1–11

[15]

Y. Dodis, S. Vadhan, D. Wichs, Proofs of retrievability via hardness amplification, in *Proceedings of TCC 2009*, ed. by O. Reingold. LNCS, vol. 5444 (Springer, Berlin, 2009), pp. 109–127

[16]

D. Freeman, M. Scott, E. Teske, A taxonomy of pairing-friendly elliptic curves.

*J. Cryptol.*
**23**(2), 224–280 (2010)

MathSciNetMATHCrossRef[17]

D. Gazzoni Filho, P. Barreto, Demonstrating data possession and uncheatable data transfer. Cryptology ePrint Archive, Report 2006/150, 2006.

http://eprint.iacr.org/
[18]

O. Goldreich, A sample of samplers: A computational perspective on sampling, in

*Studies in Complexity and Cryptography: Miscellanea on the Interplay Between Randomness and Computation*. LNCS, vol. 6650 (Springer, Berlin, 2011), pp. 302–332

CrossRef[19]

L. Guillou, J.-J. Quisquater, A practical zero-knowledge protocol fitted to security microprocessor minimizing both transmission and memory, in *Proceedings of Eurocrypt 1988*, ed. by C. Günther. LNCS, vol. 330 (Springer, Berlin, 1988), pp. 123–128

[20]

V.T. Hoang, B. Morris, P. Rogaway, An enciphering scheme based on a card shuffle, in

*Proceedings of Crypto 2012*, ed. by R. Safavi-Naini. LNCS, vol. 7417 (Springer, Berlin, 2012), pp. 1–13

CrossRef[21]

C. Huang, H. Simitci, Y. Xu, A. Ogus, B. Calder, P. Gopalan, J. Li, S. Yekhanin, Erasure coding in Windows Azure storage, in *Proceedings of USENIX ATC 2012, USENIX*, ed. by G. Heiser, W. Hsieh (2012)

[22]

A. Juels, B. Kaliski, PORs: Proofs of retrievability for large files, in

*Proceedings of CCS 2007*, ed. by S. De Capitani di Vimercati, P. Syverson (ACM Press, New York, 2007), pp. 584–597. Full version:

http://www.rsa.com/rsalabs/node.asp?id=3357
[23]

M. Lillibridge, S. Elnikety, A. Birrell, M. Burrows, M. Isard, A cooperative Internet backup scheme, in *Proceedings of USENIX Technical 2003, USENIX*, ed. by B. Noble (2003), pp. 29–41.

[24]

M. Liskov, R. Rivest, D. Wagner, Tweakable block ciphers.

*J. Cryptol.*
**24**(3), 588–613 (2011)

MathSciNetMATHCrossRef[25]

M. Mitzenmacher, Digital fountains: A survey and look forward, in *Proceedings of ITW 2004*, ed. by R. Calderbank, A. Orlitsky (IEEE Information Theory Society, New York, 2004), pp. 271–276.

[26]

M. Naor, G. Rothblum, The complexity of online memory checking. *J. ACM*
**56**(1) (2009)

[27]

M. Rabin, Efficient dispersal of information for security, load balancing, and fault tolerance.

*J. ACM*
**36**(2), 335–348 (1989)

MathSciNetMATH[28]

L. Rizzo, Effective erasure codes for reliable computer communication protocols.

*ACM SIGCOMM Comput. Commun. Rev.*
**27**(2), 24–36 (1997)

CrossRef[29]

T. Schwarz, E. Miller, Store, forget, and check: Using algebraic signatures to check remotely administered storage, in *Proceedings of ICDCS 2006*, ed. by M. Ahamad, L. Rodrigues (IEEE Computer Society, New York, 2006)

[30]

M. Shah, M. Baker, J. Mogul, R. Swaminathan, Auditing to keep online storage services honest, in *Proceedings of HotOS 2007, USENIX*, ed. by G. Hunt (2007)

[31]

M. Shah, R. Swaminathan, M. Baker, Privacy-preserving audit and extraction of digital contents. Cryptology ePrint Archive. Report 2008/186, 2008.

http://eprint.iacr.org/