Springer Nature is making SARS-CoV-2 and COVID-19 research free. View research | View latest news | Sign up for updates

Achieving public verifiability and data dynamics for cloud data in the standard model

  • 254 Accesses

  • 4 Citations

Abstract

As an important cloud service, cloud storage can provide flexible data outsourcing services for data users. After the data are outsourced to the cloud, data user no longer physical controls over the stored data. To ensure these data to be kept intact at the cloud servers, many different solutions have been proposed. Whereas most of existing solutions can only deal with static data. To support dynamic data, some schemes solve it by adopting authenticated data structure. To the best of our knowledge, these schemes may exist the following flaws: (1) they bring heavy communication/computation burdens to the auditor; (2) they exist some security attack; (3) they are only proven to be secure in the random orale model; (4) data may be leaked in the auditing. Motivated by the above problems, we propose two novel public auditing schemes by introducing rb23Tree data structure. They can not only achieve public verification, but also support dynamics data updating. Furthermore, our second scheme also supports data privacy. As for the auditor, to reduce its computational cost and communication cost, our scheme migrates the partial auditing metadata from the cloud server to the auditor, it makes that communication overhead between the auditor and cloud server is constant. Finally, we show that our schemes are proven to be secure in the standard model, and evaluate the auditing performance by simulation experiment and comparison with Wang et al.’s scheme. The results demonstrate that our schemes outperforms Wang et al.’s scheme in terms of computation costs and communication overhead.

This is a preview of subscription content, log in to check access.

Fig. 1
Fig. 2

References

  1. 1.

    Dropbox. https://www.dropbox.com

  2. 2.

    GoogleDrive. http://www.google.com/drive/index.html

  3. 3.

    Yuan, J.: Secure and verifiable data storage and utilization in cloud computing, Ph.D. dissertation, Stanford University (2015). http://pages.erau.edu/~yuanj/cloud-research.html

  4. 4.

    Li, Y., Yu, Y., Min, G., Susilo, W., Ni, J., Choo K-K.R.: Fuzzy identity-based data integrity auditing for reliable cloud storage systems. IEEE Trans. Dependable and Secure Comput. doi:10.1109/TDSC.2017.2662216

  5. 5.

    Choo, Kim-Kwang Raymond, Domingo-Ferrer, Josep, Zhang, Lei: Cloud cryptography: theory, practice and future research directions. Future Gener. Comput. Syst. 62, 51–53 (2016)

  6. 6.

    Juliadotter, N.V., Choo, K.K.R.: Cloud Attack. IEEE Cloud Computing, 2(1): 14–20

  7. 7.

    Osanaiyea, Opeyemi, Choo, Kim-Kwang Raymond, Dlodloa, Mqhele: Distributed denial of service (DDoS) resilience in cloud: review and conceptual cloud DDoS mitigation framework. J. Netw. Comput. Appl. 67, 147–165 (2016)

  8. 8.

    Ateniese, S.G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song, D.: Provable Data Possession at Untrusted Stores. In: Proceedings of 14th ACM Conference Computer and Communication Security (CCS 07), pp. 598–609 (2007)

  9. 9.

    Juels, A., Kaliski Jr., B.S.: PORs: Proofs of retrievability for large files. In: Proceedings of 14th ACM Conference Computer and Communication Security (CCS’07), pp. 584–597 (2007)

  10. 10.

    Erway, C.C., Kupcu, A., Papamanthou, C., Tamassia, R.: Dynamic provable data possession. In: Proceedings of 16th ACM Conference Computer and Communication Security, pp. 213–222 (2009)

  11. 11.

    Shacham, H., Waters, B.: Compact proofs of retrievability. In: Proceedings of 14th International Conference Theory and Application of Cryptology and Information Security: Advances in Cryptology (ASIACRYPT’08), pp. 90–107 (2008)

  12. 12.

    Xiong, H., Beznosov, K., Qin, Z., Ripeanu, M.: Efficient and spontaneous privacy-preserving protocol for secure vehicular communication. In: IEEE-ICC, pp. 1–6 (2010)

  13. 13.

    Ren, K., Wang, C., Wang, Q.: Security challenges for the public cloud. IEEE Internet Comput. 16(1), 69–73 (2012)

  14. 14.

    Wang, H., Wu, Q., Qin, B., Domingo-Ferrer, J.: Identity-based remote data possession checking in public clouds. IET Inf. Secur. doi:10.1049/iet-ifs.2012.0271

  15. 15.

    Sebe, F., Domingo-Ferrer, J., Martnez-Balleste, A., Deswarte, Y., Quisquater, J.-J.: Efficient remote data possession checking in critical information infrastructures. IEEE Trans. Knowl. Data Eng. 20(8), 1034–1038 (2008)

  16. 16.

    Shah, M.A., Baker, M., Mogul, J.C., Swaminathan, R.: Auditing to keep online storage services honest. In: Hunt, G.C. (ed.), Proceedings of 11th USENIX Workshop Hot Topics in Operating Systems (HOTOS) (2007)

  17. 17.

    Chang, E.-C., Xu, J.: Remote integrity check with dishonest storage server. In: Proceedings of 13th European Symposium Research in Computer Security (ESORICS’08), pp. 223–237 (2008)

  18. 18.

    Quick, Darren, Choo, Kim-Kwang Raymond: Google drive: forensic analysis of data remnants. J. Netw. Comput. Appl. 40, 179–193 (2014)

  19. 19.

    Quick, D., Martini, B., Choo, K.K.R.: Cloud Storage Forensics. Syngress Publishing, Elsevier, Waltham (2013)

  20. 20.

    Zhu, Y., Wang, H., Hu, Z., Ahn, G.J., Hu, H., Yau, S.S.: Dynamic audit services for outsourced storage in clouds. IEEE Trans. Serv. Comput. 6(2), 227–238 (2013)

  21. 21.

    Daza, V., Domingo-Ferrer, J., Seb, F., Viejo, A.: Trustworthy privacy-preserving car-generated announcements in vehicular ad hoc networks. IEEE Trans. Veh. Technol. 58(4), 1876–1886 (2009)

  22. 22.

    Gamage, C., Gras, B., Tanenbaum, A.S.: An identity-based ring signature scheme with enhanced privacy. In: Proceedings of IEEE SecureComm Conference, pp. 1–5 (2006)

  23. 23.

    Chen, L., Morrissey, P., Smart, N.P.: DAA: Fixing the pairing based protocols. Cryptology ePrint Archive: Report 2009/198. http://eprint.iacr.org/2009/198. Accessed 10 Dec 2009

  24. 24.

    Jiang, Y., Shi, M., Shen, X., Lin, C.: BAT: a robust signature scheme for vehicular communications using binary authentication tree. IEEE Trans. Wirel. Commun. 8(4), 1974–1983 (2009)

  25. 25.

    Ferrara, A.L., Green, M., Hohenberger, S., Pedersen, M.Ø.: On the practicality of short signature batch verification. http://eprint.iacr.org/2008/015

  26. 26.

    Gritti(B), C., Susilo, W., Plantard, T.: Efficient dynamic provable data possession with public verifiability and data privacy. In: ACISP 2015, LNCS 9144, pp. 395–412 (2015)

  27. 27.

    Pointcheval, D., Stern, J.: Security proofs for signature schemes. In: EUROCRYPT. LNCS, vol. 1070, pp. 387–398 (1996)

  28. 28.

    Goh, E.-J., Jarecki, S.: A signature scheme as secure as the Diffie–Hellman problem. In: EUROCRYPT. LNCS, vol. 2656, pp. 401–415 (2003)

  29. 29.

    Yu, Y. Au, M. H., Ateniese, G., Huang, X., Susilo, W., Dai, Y., Min, G.: Identity-based remote data integrity checking with perfect data privacy preserving for cloud storage. IEEE Trans. Inf. Forensic Secur. 12, 767–778 (2017)

  30. 30.

    Zheng, Q., Xu, S.: Fair and dynamic proofs of retrievability. In: CODASPY’11, ACM, pp. 237–248 (2011)

  31. 31.

    Zhang, J.H., Chen, H., Yang, Y.X.: Efficient blind signature scheme based on modified generalized bilinear inversion. Key Eng. Mater. 439–440, 1265–1270 (2010)

  32. 32.

    Ni, Jianbing, Yong, Yu., Yi, Mu, Xia, Qi: On the security of an efficient dynamic auditing protocol in cloud storage. IEEE Trans. Parallel Distrib. Syst. 25(10), 2760–2761 (2014)

  33. 33.

    Miyaji, A., Nakabayashi, M., Takano, S.: New explicit conditions of elliptic curve traces for FR-reduction. IEICE Trans. Fundam. E84–A(5), 1234-123 (2001)

  34. 34.

    Wang, Q., Wang, C., Ren, K., Lou, W., Li, J.: Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans. Parallel Distrib. Syst. 22(5), 847–859 (2011)

Download references

Acknowledgements

This work was supported by Beijing Municipal Natural Science Foundation (Nos. 4162020, 4132056), Research Fund of Guangxi Key Lab of Multi-source Information Mining & Security (No. MIMS16-01) and the Fundamental Research Funds for the Central Universities under Grant ZYGX2015J059, GK201702004.

Author information

Correspondence to Yong Yu.

Appendix

Appendix

figured

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Zhang, J., Meng, H. & Yu, Y. Achieving public verifiability and data dynamics for cloud data in the standard model. Cluster Comput 20, 2641–2653 (2017). https://doi.org/10.1007/s10586-017-0804-9

Download citation

Keywords

  • Data integrity checking
  • Dynamics data
  • Data privacy
  • rb23Tree
  • Standard model