Skip to main content
SpringerLink
Log in

A secure and efficient public auditing scheme using RSA algorithm for cloud storage

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

Cloud storage is widely used by both individual and organizational users due to the many benefits, such as scalability, ubiquitous access, and low maintenance cost (and generally free for individual users). However, there are known security and privacy issues in migrating data to the cloud. To ensure or verify data integrity, a number of cloud data integrity checking schemes with different properties have been presented in the literature. Most existing schemes were subsequently found to be insecure or have high computation and communication costs. More recently in 2016, Yu et al. (Future Gener Comput Syst 62:85–91, 2016) proposed an identity-based auditing scheme for checking the integrity of cloud data. However, in this paper, we reveal that the scheme is vulnerable to data recovery attack. We also present a new identity-based public auditing scheme and formally prove the security of the scheme under the RSA assumption with large public exponents in the random oracle model. We then evaluate the performance of our proposed scheme and demonstrate that in comparison with Yu et al.’s scheme, our proposal is more practical in real-world applications.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

References

  1. Quick D, Choo K-KR (2015) Impacts of increasing volume of digital forensic data: a survey and future research challenges. Digit Investig 11(4):273–294

    Article  Google Scholar 

  2. Ren K, Wang C, Wang Q (2012) Security challenges for the public cloud. IEEE Internet Comput 16(1):69

    Article  Google Scholar 

  3. Song D, Shi E, Fischer I, Shankar U (2012) Cloud data protection for the masses. J Computer 45(1):39–45

  4. Xia Z, Wang X, Sun X, Wang Q (2016) A secure and dynamic multi-keyword ranked search scheme over encrypted cloud data. IEEE Trans Parallel Distrib Syst 27(2):340–352

    Article  Google Scholar 

  5. Fu Z, Wu X, Guan C, Sun X, Ren K (2016) Toward efficient multi-keyword fuzzy search over encrypted outsourced data with accuracy improvement. IEEE Trans Inf Forensics Secur 11(12):2706–2716

    Article  Google Scholar 

  6. Fu Z, Huang F, Sun X, Vasilakos A, Yang C-N (2016) Enabling semantic search based on conceptual graphs over encrypted outsourced data. IEEE Trans Serv Comput doi:10.1109/TSC.2016.2622697

  7. Osanaiye OA, Choo K-KR, Dlodlo ME (2016) Distributed denial of service (ddos) resilience in cloud: Review and conceptual cloud ddos mitigation framework. J Netw Comput Appl 67:147–165

    Article  Google Scholar 

  8. Iqbal S, Kiah MLM, Dhaghighi B, Hussain M, Khan S, Khurram KM, Choo K-KR (2016) On cloud security attacks: a taxonomy and intrusion detection and prevention as a service. J Netw Comput Appl 74:98–120

    Article  Google Scholar 

  9. Choo K-KR (2014) Legal issues in the cloud. IEEE Cloud Comput 1(1):94–96

    Article  Google Scholar 

  10. Castiglione A, Palmieri F, Choo K-KR (2016) Enhanced network support for federated cloud infrastructures. IEEE Cloud Comput 3(3):16–23

    Article  Google Scholar 

  11. Yavuz AA, Ning P (2009) Baf: An efficient publicly verifiable secure audit logging scheme for distributed systems. In: Computer Security Applications Conference, 2009. ACSAC’09. Annual, pp 219–228, IEEE

  12. Fu Z, Sun X, Liu Q, Zhou L, Shu J (2015) Achieving efficient cloud search services: multi-keyword ranked search over encrypted cloud data supporting parallel computing. IEICE Trans Commun 98(1):190–200

    Article  Google Scholar 

  13. Wang C, Wang Q, Ren K, Lou W (2010) Privacy-preserving public auditing for data storage security in cloud computing. In: INFOCOM, 2010 proceedings IEEE, pp 1–9, Ieee

  14. Xia Z, Wang X, Zhang L, Qin Z, Sun X, Ren K (2016) A privacy-preserving and copy-deterrence content-based image retrieval scheme in cloud computing. IEEE Trans Inf Forensics Secur 11(11):2594–2608

    Article  Google Scholar 

  15. Liu Q, Cai W, Shen J, Fu Z, Liu X, Linge N (2016) A speculative approach to spatial-temporal efficiency with multi-objective optimization in a heterogeneous cloud environment. Secur Commun Netw 9(17):4002–4012

    Article  Google Scholar 

  16. Juels A, Kaliski Jr BS (2007) Pors: Proofs of retrievability for large files. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp 584–597, ACM

  17. Tate SR, Vishwanathan R, Everhart L (2013) Multi-user dynamic proofs of data possession using trusted hardware. In: Proceedings of the 3rd ACM Conference on Data and Application Security and Privacy, pp 353–364, ACM

  18. Ateniese G, Burns R, Curtmola R, Herring J, Kissner L, Peterson Z, Song D (2007) Provable data possession at untrusted stores. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp 598–609, ACM

  19. Worku SG, Xu C, Zhao J, He X (2014) Secure and efficient privacy-preserving public auditing scheme for cloud storage. Comput Electr Eng 40(5):1703–1713

    Article  Google Scholar 

  20. Yang K, Jia X (2013) An efficient and secure dynamic auditing protocol for data storage in cloud computing. IEEE Trans Parallel Distrib Syst 24(9):1717–1726

    Article  Google Scholar 

  21. Wang Q, Wang C, Ren K, Lou W, Li J (2011) Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans Parallel Distrib Syst 22(5):847–859

    Article  Google Scholar 

  22. Yu Y, Xue L, Au MH, Susilo W, Ni J, Zhang Y, Vasilakos AV, Shen J (2016) Cloud data integrity checking with an identity-based auditing mechanism from rsa. Future Gener Comput Syst 62:85–91

    Article  Google Scholar 

  23. Shacham H, Waters B (2008) Compact proofs of retrievability. In: International Conference on the Theory and Application of Cryptology and Information Security, pp 90–107, Springer

  24. Chen B, Curtmola R (2012) Robust dynamic provable data possession. In: 2012 32nd International Conference on Distributed Computing Systems Workshops, pp 515–525, IEEE

  25. Ateniese G, Di Pietro R, Mancini LV, Tsudik G (2008) Scalable and efficient provable data possession. In: Proceedings of the 4th International Conference on Security and Privacy in Communication Networks, p 9, ACM

  26. Ateniese G, Burns R, Curtmola R, Herring J, Khan O, Kissner L, Peterson Z, Song D (2011) Remote data checking using provable data possession. ACM Trans Inf Syst Secur (TISSEC) 14(1):12

    Article  Google Scholar 

  27. Wang C, Chow SS, Wang Q, Ren K, Lou W (2013) Privacy-preserving public auditing for secure cloud storage. IEEE Trans Comput 62(2):362–375

    Article  MATH  MathSciNet  Google Scholar 

  28. Jining Z, Chunxiang X, Fagen L, Zhang W (2013) Identity-based public verification with privacy-preserving for data storage security in cloud computing. IEICE Trans Fundam Electron Commun Comput Sci 96(12):2709–2716

    Google Scholar 

  29. Wang H (2015) Identity-based distributed provable data possession in multicloud storage. IEEE Trans Serv Comput 8(2):328–340

    Article  Google Scholar 

  30. Yu Y, Zhang Y, Mu Y, Susilo W, Liu H (2015) Provably secure identity based provable data possession. In: International Conference on Provable Security, pp 10–325, Springer

  31. Zhang Y, Ni J, Tao X, Wang Y, Yu Y (2016) Provable multiple replication data possession with full dynamics for secure cloud storage. Concurr Comput Pract Exp 28(4):1161–1173

    Article  Google Scholar 

  32. Pointcheval D, Stern J (2000) Security arguments for digital signatures and blind signatures. J Cryptol 13(3):361–396

    Article  MATH  Google Scholar 

  33. Tang C-m, Zhang X-j (2015) A new publicly verifiable data possession on remote storage. J Supercomput, pp 1–15. doi:10.1007/s11227-015-1556-z

  34. Li A, Tan S, Jia Y (2016) A method for achieving provable data integrity in cloud computing. J Supercomput, pp 1–17. doi:10.1007/s11227-015-1598-2

  35. Scott M (2003) Miracl-multiprecision integer and rational arithmetic c/c++ library. Shamus Software Ltd, Dublin

    Google Scholar 

Download references

Acknowledgements

L. Wu is supported by the National Natural Science Foundation of China (No. 61472287), and the Natural Science Foundation of Hubei Province of China (No. 2015CFA068). D. He is supported by the National Natural Science Foundation of China (Nos. 61501333, 61572379), the National High-tech R&D Program of China (863 Program) (No. 2015AA016004), and the Natural Science Foundation of Hubei Province of China (No. 2015CFB257). M. K. Khan is supported by the Deanship of Scientific Research at King Saud University (No. RGP-VPP-288). K.-K. R. Choo is supported by the Cloud Technology Endowed Professorship at The University of Texas at San Antonio.

Author information

Authors and Affiliations

  1. Computer School, Wuhan University, Wuhan, China

    Zhiyan Xu & Libing Wu

  2. College of Computer, Hubei University of Education, Wuhan, China

    Zhiyan Xu

  3. Center of Excellence in Information Assurance (CoEIA), King Saud University, Riyadh, Saudi Arabia

    Muhammad Khurram Khan

  4. Department of Information Systems and Cyber Security, The University of Texas at San Antonio, San Antonio, TX, 78249, USA

    Kim-Kwang Raymond Choo

  5. School of Information Technology and Mathematical Sciences, University of South Australia, Adelaide, SA, 5001, Australia

    Kim-Kwang Raymond Choo

  6. State Key Lab of Software Engineering, Computer School, Wuhan University, Wuhan, China

    Debiao He

Authors
  1. Zhiyan Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Libing Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Muhammad Khurram Khan
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Kim-Kwang Raymond Choo
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Debiao He
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Debiao He.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Xu, Z., Wu, L., Khan, M.K. et al. A secure and efficient public auditing scheme using RSA algorithm for cloud storage. J Supercomput 73, 5285–5309 (2017). https://doi.org/10.1007/s11227-017-2085-8

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-017-2085-8

Keywords

Search

Navigation