Abstract
The notion of Remote Data Auditing (RDA) has been put forward to achieve the integrity verification for cloud data. However, most of the existing RDA techniques suffer from heavy computational overhead or security attacks. To address this challenge, we introduce an online/offline remote data auditing (OORDA) framework that defines the data auditing process as online and offline phases. Then a concrete OORDA scheme is proposed to ensure secure integrity checking for cloud data. Since some expensive computations are performed offline in advance, the online computational cost can be greatly reduced, which can well solve the performance bottleneck for auditing large-scale data on the auditor. Based on the Computational Diffie–Hellman problem, the proposed OORDA scheme is provably secure in the random oracle model. Performance analysis confirms that the proposed scheme has the optimized efficiency compared with existing schemes, where the average online computational cost can be improved by more than 68% during auditing. Subsequently, a Batch OORDA scheme is presented to support batch data auditing operations, which can reduce the number of pairing operations to constant size at the online phase, independent of the number of data owners. Furthermore, we discuss that the designed file block tag and auditing process can be applied to other related fields, such as verifiable keyword search, verifiable SQL query.
Similar content being viewed by others
References
Ateniese, G., Burns, R., Curtmola, R., Herring, J., Khan, O., Kissner, L., Peterson, Z., Song, D.: Remote data checking using provable data possession. ACM Trans. Inf. Syst. Security 14(1), 12 (2011)
Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song, D.: Provable data possession at untrusted stores. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 598–609. ACM (2007)
Bellare, M., Neven, G.: Multi-signatures in the plain public-key model and a general forking lemma. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp. 390–399. ACM (2006)
Boneh, D., Lynn, B., Shacham, H.: Short signatures from the Weil pairing. J. Cryptol. 17(4), 297–319 (2004)
Chen, L.: Using algebraic signatures to check data possession in cloud storage. Future Gen. Comput. Syst. 29(7), 1709–1715 (2013)
Chen, X., Shang, T., Zhang, F., Liu, J., Guan, Z.: Dynamic data auditing scheme for big data storage. Front. Comput. Sci. 14(1), 219–229 (2020)
Daniel, E., Vasanthi, N.: Ldap: a lightweight deduplication and auditing protocol for secure data storage in cloud environment. Clust. Comput. 22(1), 1247–1258 (2019)
Diffie, W., Hellman, M.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976)
Even, S., Goldreich, O., Micali, S.: On-line/off-line digital signatures. J. Cryptol. 9(1), 35–67 (1996)
Gan, Q., Wang, X., Fang, X.: Efficient and secure auditing scheme for outsourced big data with dynamicity in cloud. Sci. China Inf. Sci. 61(12), 122104 (2018)
Gao, X., Yu, J., Shen, W.T., Chang, Y., Zhang, S.B., Yang, M., Wu, B.: Achieving low-entropy secure cloud data auditing with file and authenticator deduplication. Inf. Sci. 546, 177–191 (2021)
He, D., Wang, H., Zhang, J., Wang, L.: Insecurity of an identity-based public auditing protocol for the outsourced data in cloud storage. Inf. Sci. 375, 48–53 (2017)
Hohenberger, S., Waters, B.: Online/offline attribute-based encryption. In: International Workshop on Public Key Cryptography, pp. 293–310. Springer, Berlin (2014)
Hou, H., Yu, J., Zhang, H., Xu, Y., Hao, R.: Enabling secure auditing and deduplicating data without owner-relationship exposure in cloud storage. Clust. Comput. 21(4), 1849–1863 (2018)
Juels, A., Kaliski Jr, B.S.: Pors: Proofs of retrievability for large files. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 584–597. ACM (2007)
Li, J., Yan, H., Zhang, Y.: Certificateless public integrity checking of group shared data on cloud storage. IEEE Trans. Serv. Comput. 14(1), 71–81 (2021)
Li, J., Zhang, L., Liu, J.K., Qian, H., Dong, Z.: Privacy-preserving public auditing protocol for low-performance end devices in cloud. IEEE Trans. Inf. Foren. Security 11(11), 2572–2583 (2016)
Li, J., Zhang, Y., Chen, X., Xiang, Y.: Secure attribute-based data sharing for resource-limited users in cloud computing. Comput. Security 72, 1–12 (2018)
Li, Y., Yu, Y., Min, G., Susilo, W., Ni, J., Choo, K.K.R.: Fuzzy identity-based data integrity auditing for reliable cloud storage systems. IEEE Trans. Depend. Secure Comput. 16(1), 72–83 (2019)
Liu, J.K., Zhou, J.: An efficient identity-based online/offline encryption scheme. In: International Conference on Applied Cryptography and Network Security, pp. 156–167. Springer, Berlin (2009)
Luo, W., Ma, W., Gao, J.: MHB*T based dynamic data integrity auditing in cloud storage. Clust. Comput. (2021). https://doi.org/10.1007/s10586-021-03248-w
Mishra, R., Ramesh, D., Elda, D.R.: Dynamic large branching hash tree based secure and efficient dynamic auditing protocol for cloud environment. Clust. Comput. 24, 1361 (2020)
Ni, J., Yu, Y., Mu, Y., Xia, Q.: On the security of an efficient dynamic auditing protocol in cloud storage. IEEE Trans. Parallel Distrib. Syst. 25(10), 2760–2761 (2014)
Rabaninejad, R., Asaar, M.R., Attari, M.A., Aref, M.R.: An identity-based online/offline secure cloud storage auditing scheme. Clust. Comput. 23(2), 1455–1468 (2020)
Rabaninejad, R., Attari, M.A., Asaar, M.R., Aref, M.R.: Comments on a lightweight cloud auditing scheme: security analysis and improvement. J. Netw. Comput. Appl. 139, 49–56 (2019)
Shacham, H., Waters, B.: Compact proofs of retrievability. In: International Conference on the Theory and Application of Cryptology and Information Security, pp. 90–107. Springer, Berlin (2008)
Shen, J., Shen, J., Chen, X., Huang, X., Susilo, W.: An efficient public auditing protocol with novel dynamic structure for cloud data. IEEE Trans. Inf. Forensic Security 12(10), 2402–2415 (2017)
Shen, W., Qin, J., Yu, J., Hao, R., Hu, J.: Enabling identity-based integrity auditing and data sharing with sensitive information hiding for secure cloud storage. IEEE Trans. Inf. Forensic Security 14(2), 331–346 (2019)
Shen, W., Yu, J., Xia, H., Zhang, H., Lu, X., Hao, R.: Light-weight and privacy-preserving secure cloud auditing scheme for group users via the third party medium. J. Netw. Comput. Appl. 82, 56–64 (2017)
Sookhak, M., Gani, A., Talebian, H., Akhunzada, A., Khan, S.U., Buyya, R., Zomaya, A.Y.: Remote data auditing in cloud computing environments: a survey, taxonomy, and open issues. ACM Comput. Surv. 47(4), 1–34 (2015)
Suguna, M., Shalinie, S.M.: Privacy preserving auditing protocol for remote data storage. Clust. Comput. 22(3), 6891–6898 (2019)
Tian, H., Nan, F., Jiang, H., Chang, C.C., Ning, J., Huang, Y.: Public auditing for shared cloud data with efficient and secure group management. Inf. Sci. 472, 107–125 (2019)
Wang, C., Chow, S.S., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for secure cloud storage. IEEE Trans. Comput. 62(2), 362–375 (2013)
Wang, Q., Wang, C., Ren, K., Lou, W., Li, J.: Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans. Parallel Distrib. Syst. 22(5), 847–859 (2011)
Wang, Y., Wu, Q., Qin, B., Tang, S., Susilo, W.: Online/offline provable data possession. IEEE Trans. Inf. Forensic Security 12(5), 1182–1194 (2017)
Yang, K., Jia, X.: An efficient and secure dynamic auditing protocol for data storage in cloud computing. IEEE Trans. Parallel Distrib. Syst. 24(9), 1717–1726 (2013)
Yu, Y., Zhang, Y., Ni, J., Au, M.H., Chen, L., Liu, H.: Remote data possession checking with enhanced security for cloud storage. Future Gen. Comput. Syst. 52, 77–85 (2015)
Yuan, J., Yu, S.: Pcpor: public and constant-cost proofs of retrievability in cloud. J. Comput. Security 23(3), 403–425 (2015)
Zhang, J., Dong, Q.: Efficient id-based public auditing for the outsourced data in cloud storage. Inf. Sci. 343, 1–14 (2016)
Zhang, J., Wang, B., He, D., Wang, X.A.: Improved secure fuzzy auditing protocol for cloud data storage. Soft Comput. 23(10), 3411–3422 (2019)
Zheng, W., Lai, C., He, D., Kumar, N., Chen, B.: Secure storage auditing with efficient key updates for cognitive industrial iot environment. IEEE Trans. Ind. Inf. 17(6), 4238–4247 (2021)
Acknowledgements
The authors would like to thank the anonymous reviewers for the helpful comments and suggestions. This work was partially supported by National Natural Science Foundation of China (No.61932010). This work was also supported by the Zhuhai Top Discipline-Information Security.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Gan, Q., Wang, X., Li, J. et al. Enabling online/offline remote data auditing for secure cloud storage. Cluster Comput 24, 3027–3041 (2021). https://doi.org/10.1007/s10586-021-03303-6
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10586-021-03303-6