Soft Computing

, Volume 21, Issue 8, pp 2151–2164 | Cite as

A position-aware Merkle tree for dynamic cloud data integrity verification

  • Jian Mao
  • Yan Zhang
  • Pei Li
  • Teng Li
  • Qianhong Wu
  • Jianwei Liu
Methodologies and Application

Abstract

In the cloud storage framework, once clients remotely store their data on cloud storage providers, they will lose the physical control over their outsourced data. The risk of unauthorized access to the data increases dramatically. One of the most serious problems in cloud storage is to ensure the correctness of the outsourced data. Specifically, we need to protect these data from unauthorized operations; we also need to detect and recover users’ data after unexpected changes. In this paper, we propose a publicly verifiable scheme to protect the integrity of cloud data and support dynamic maintenance, which is based on a position-aware Merkle tree. We adopt a 3-tuple to define the node of the new Merkle tree, which records the position of the corresponding node, so that users can verify the consistency of the challenge-response blocks by computing the root value directly without retrieving the whole Merkle tree. In our scheme, the storage complexity at the client side is O(1); the computation complexity at the client side is \(O(\log n)\); the computation cost at the server side is \(O(\log n)\) and the communication overhead is \(O(\log n)\). Our method supports unlimited verification challenges as well.

Keywords

Cloud storage Provable data possession Integrity checking Merkle tree 

References

  1. Ateniese G, Burns R, Curtmola R, Herring J, Kissner L, Peterson Z, Song D (2007) Provable data possession at untrusted stores. In: Proceedings of ACM conference on computer and communications security (CCS), pp 598–609Google Scholar
  2. Ateniese G, Pietro D, Mancini L, Tsudik G (2008) Scalable and efficient provable data possession. In: Proceedings of the 4th international conference on security and privacy in communication netowrks, vol 9. ACM, New YorkGoogle Scholar
  3. Ateniese G, Kamara S, Katz J (2009) Proofs of storage from homomorphic identification protocols. In: Advances in cryptology, ASIACRYPT 2009, vol 5912. Springer, Berlin, pp 319–333Google Scholar
  4. Ateniese G, Burns R, Curtmola R, Herring J, Khan O, Kissner L, Peterson Z, Song D (2011) Remote data checking using provable data possession. ACM Trans Inf Syst Secur 14(1):12:1–12:34Google Scholar
  5. Bellare M, Palacio A (2004) The knowledge-of-exponent assumptions and 3-round zero-knowledge protocols. In: Advances in cryptology, CRYPTO 2004, vol 3152. Springer, Berlin, pp 273–289Google Scholar
  6. Boneh D, Lynn B, Shacham H (2001) Short signatures from the weil pairing. In: Proceedings of ASIACRYPT’01. Springer, Berlin, pp 514–532Google Scholar
  7. Castiglione A, Catuogno L, Del Sorbo A, Fiore U, Palmieri F (2014a) A secure file sharing service for distributed computing environments. J Supercomput 67:691–710Google Scholar
  8. Catuogno L, Löhr H, Winandy M, Sadeghi A (2014b) A trusted versioning file system for passive mobile storage devices. J Netw Comput Appl 38:65–75Google Scholar
  9. Chen X, Li J, Huang X, Li J, Xiang Y, Wong D (2014a) Secure outsourced attribute-based signatures. IEEE Trans Parallel Distrib Syst 25:3285–3294Google Scholar
  10. Chen X, Li J, Weng J, Ma J, Lou W (2014b) Verifiablecomputation over large database with incremental. In:Proceedings of ESORICS’14, vol 8712. Springer, New York, pp 148–162Google Scholar
  11. Chen X, Huang X, Li J, Ma J, Luo W (2015) New algorithms for secure outsourcing of large-scale systems of linear equations. IEEE Trans Inf Forensics Secur 10:69–78Google Scholar
  12. Chris Erway C, Küpçü A, Papamanthou C, Tamassia R (2009) Dynamic provable data possession. In: Proceedings of the 16th ACM conference on computer and communications security (CCS). ACM, New York, pp 213–222Google Scholar
  13. Chris Erway C, Küpçü A, Papamanthou C, Tamassia R (2015) Dynamic provable data possession. ACM Trans Inf Syst Secur 17(4):15:1–15:29Google Scholar
  14. Deswarte Y, Quisquater J, Saidane A (2003) Remote integrity checking. In: Conference on integrity and internal control in information systems, vol 03Google Scholar
  15. Esposito C, Ficco M, Palmieri F, Castiglione A (2015) Smart cloud storage service selection based on fuzzy logic, theory of evidence and game theory. IEEE Trans Comput, pp 1Google Scholar
  16. Fan X, Yang G, Mu Y, Yu Y (2015) On indistinguishability in remote data integrity checking. Comput J 58:823–830CrossRefGoogle Scholar
  17. Gazzoni EL, Luiz D, Filho G, Sérgio P, Barreto LM, Politécnica E (2006) Demonstrating data possession and uncheatable data transfer, 2006. IACR ePrint archive. Report 2006/150Google Scholar
  18. Hao Z, Zhong S, Yu N (2011) A privacy-preserving remote data integrity checking protocol with data dynamics and public verifiability. IEEE Trans Knowl Data Eng 23(9):1432–1437Google Scholar
  19. Juels A, Kaliske B (2007) PORs: proofs of retrievability for large files. In: 14th ACM conference on computer and communications security (CCS). ACM, New York, pp 584–597Google Scholar
  20. Kate A, Zaverucha G, Goldberg I (2010) Constant-size commitments to polynomials and their applications. In: Advances in Cryptology, ASIACRYPT 2010, vol 6477. Springer, Berlin, pp 177–194Google Scholar
  21. Li X, Li J, Huang F (2015) A secure cloud storage system supporting privacy-preserving fuzzy deduplication. Soft Comput. doi:10.1007/s00500-015-1596-6
  22. Mao J, Zhang Y, Xu X (2012) Et-dmd: an error-tolerant scheme to detect malicious file deletion on distributed storage. In: 4th international conference on intelligent networking and collaborative systems. IEEE, New York, pp 365–372Google Scholar
  23. Merkle RC (1980) Protocols for public key cryptosystems. In: IEEE symposium on security and privacy, vol 1109. IEEE, New York, pp 122–134Google Scholar
  24. Merkle RC (1989) A certified digital signature. In: Proceedings on advances in cryptology, CRYPTO’89. Springer, Berlin, pp 218C–238Google Scholar
  25. Pcworld (2008) Amazon. Amazon’s s3 down for several hours. http://www.pcworld.com/businesscenter/article/142549/amazons s3 down for several hours.html. Accessed 12 Sept 2014
  26. Shacham H, Waters B (2008) Compact proofs of retrievability. In: Advances in cryptology, ASIACRYPT’08. Springer, BerlinGoogle Scholar
  27. Wang H, Zhang Y (2013) On the knowledge soundness of a cooperative provable data possession scheme in multicloud storage. IEEE Trans Parallel Distrib Syst 25(1):264–267CrossRefGoogle Scholar
  28. Wang Q, Wang C, Li J, Ren K, Lou W (2009) Enabling public verifiability and data dynamics for storage security in cloud computing. In: Computer security, ESORICS 2009, vol 5789. Springer, Berlin, pp 335–370Google Scholar
  29. Wang Q, Wang C, Ren K, Lou W, Li J (2011) Enabling public verifiability and data dynamics for storage security in cloud computing. IEEE Trans Parallel Distrib Syst 22(5):847–859Google Scholar
  30. Wang Y, Wu Q, Wong DS, Qin B (2014) Securely outsourcing exponentiations with single untrusted program for cloud storage. In: Proceedings of ESORICS’14. Springer, Berlin, pp 323–340Google Scholar
  31. Wikipedia (2014a) Cloud storage. http://en.wikipedia.org/wiki/Cloud_stroage. Accessed Aug 2014
  32. Wikipedia (2014b) Merkle tree. http://en.wikipedia.org/wiki/Merkle_tree. Accessed May 2014
  33. Wikipedia (2014c) Sha-1. https://en.wikipedia.org/wiki/SHA-1. Accessed June 2014
  34. Wu Q, Mu Y, Susilo W (2009) Asymmetric group key agreement. In: Advances in cryptology, EUROCRYPT 2009, vol 5479. Springer, Berlin, pp 153–170Google Scholar
  35. Xhafa F, Wang J, Chen X, Liu JK, Li J, Krause P (2014) A secure cloud storage system supporting privacy-preserving fuzzy deduplication. Soft Comput 18:1795–1802CrossRefGoogle Scholar
  36. Xu J, Chang E (2012) Towards efficient proofs of retrievability. In: 7th ACM symposium on information, computer and communications security. ACM, New York, pp 79–80Google Scholar
  37. Yu Y, Yang G, Mu Y, Susilo W (2014) On the security of auditing mechanisms for secure cloud storage. Future Gener Comput Syst Int J Grid Comput Theory Methods Appl 30(1):127–132CrossRefGoogle Scholar
  38. Yu Y, Au MH, Yi Mu ST, Ren J, Susilo W, Dong L (2015) Enhanced privacy of a remote data integrity-checking protocol for secure cloud storage. Int J Inf Secur 14:307–318CrossRefGoogle Scholar
  39. Zheng Q, Xu S (2011) Fair and dynamic proofs of retrievability. In: The first ACM conference on data and application security and privacy. ACM, New York, pp 237–248Google Scholar
  40. Zhu Y, Wang H, Hu Z, Ahn G, Hu H, Yau S (2010) Efficient provable data possession for hybrid clouds. In: 17th ACM conference on Computer and communications security. ACM, New York, pp 756–758Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2015

Authors and Affiliations

  1. 1.School of Electronic and Information EngineeringBeihang UniversityBeijingChina

Personalised recommendations