Identity-based public auditing for cloud storage systems against malicious auditors via blockchain

Abstract

Cloud storage systems provide users with convenient data storage services, which allow users to access and update outsourced data remotely. However, these cloud storage services do not guarantee the integrity of the data that users store in the cloud. Thus, public auditing is necessary, in which a third-party auditor (TPA) is delegated to audit the integrity of the outsourced data. This system allows users to enjoy on-demand cloud storage services without the burden of continually auditing their data integrity. However, certain TPAs might deviate from the public auditing protocol and/or collude with the cloud servers. In this article, we propose an identity-based public auditing (IBPA) scheme for cloud storage systems. In IBPA, the nonces in a blockchain are employed to construct unpredictable and easily verified challenge messages, thereby preventing the forging of auditing results by malicious TPAs to deceive users. Users need only to verify the TPAs’ auditing results in batches to ensure the integrity of their data that are stored in the cloud. A detailed security analysis shows that IBPA can preserve data integrity against various attacks. In addition, a comprehensive performance evaluation demonstrates that IBPA is feasible and efficient.

This is a preview of subscription content, access via your institution.

References

  1. 1

    Wang C, Wang Q, Ren K, et al. Privacy-preserving public auditing for data storage security in cloud computing. In: Proceedings of INFOCOM, San Diego, 2010

    Google Scholar 

  2. 2

    Wang C, Chow S S M, Wang Q, et al. Privacy-preserving public auditing for secure cloud storage. IEEE Trans Comput, 2013, 62: 362–375

    MathSciNet  Article  MATH  Google Scholar 

  3. 3

    Ni J B, Yu Y, Mu Y, et al. On the security of an efficient dynamic auditing protocol in cloud storage. IEEE Trans Paral Distrib Syst, 2014, 25: 2760–2761

    Article  Google Scholar 

  4. 4

    Ateniese G, Burns R, Curtmola R, et al. Provable data possession at untrusted stores. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, Alexandria, 2007. 598–609

    Google Scholar 

  5. 5

    Zhang Y, Xu C X, Li H W, et al. HealthDep: an efficient and secure deduplication scheme for cloud-assisted ehealth systems. IEEE Trans Ind Inf, 2018, 14: 4101–4112

    Article  Google Scholar 

  6. 6

    Wang Q, Wang C, Li J, et al. Enabling public verifiability and data dynamics for storage security in cloud computing. In: Proceedings of European Symposium on Research in Computer Security, Saint-Malo, 2009. 355–370

    Google Scholar 

  7. 7

    Zhang J H, Dong Q C. Efficient ID-based public auditing for the outsourced data in cloud storage. Inf Sci, 2016, 343: 1–14

    MathSciNet  Google Scholar 

  8. 8

    Armknecht F, Bohli J, Karame G, et al. Outsourced proofs of retrievability. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, 2014. 831–843

    Google Scholar 

  9. 9

    Juels A, Kaliski B. PORs: proofs of retrievability for large files. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, Alexandria, 2007. 584–597

    Google Scholar 

  10. 10

    Shacham H, Waters B. Compact proofs of retrievability. In: Proceedings of International Conference on the Theory and Application of Cryptology and Information Security, Melbourne, 2008. 90–107

    Google Scholar 

  11. 11

    Worku S G, Xu C X, Zhao J N. Cloud data auditing with designated verifier. Front Comput Sci, 2014, 8: 503–512

    MathSciNet  Article  MATH  Google Scholar 

  12. 12

    Worku S G, Xu C X, Zhao J N, et al. Secure and efficient privacy-preserving public auditing scheme for cloud storage. Comput Electr Eng, 2014, 40: 1703–1713

    Article  Google Scholar 

  13. 13

    Zhao J N, Xu C X, Li F G, et al. Identity-based public verification with privacy-preserving for data storage security in cloud computing. IEICE Trans Fund Electron, 2013, 96: 2709–2716

    Article  Google Scholar 

  14. 14

    Liu C, Chen J J, Yang L T, et al. Authorized public auditing of dynamic big data storage on cloud with efficient verifiable fine-grained updates. IEEE Trans Paral Distrib Syst, 2014, 25: 2234–2244

    Article  Google Scholar 

  15. 15

    Shen J, Shen J, Chen X F, et al. An efficient public auditing protocol with novel dynamic structure for cloud data. IEEE Trans Inf Forensic Secur, 2017, 12: 2402–2415

    Article  Google Scholar 

  16. 16

    Zhang Y, Xu C X, Liang X H, et al. Efficient public verification of data integrity for cloud storage systems from indistinguishability obfuscation. IEEE Trans Inf Forensic Secur, 2017, 12: 676–688

    Article  Google Scholar 

  17. 17

    Zhang Y, Xu C X, Li H W, et al. Cryptographic public verification of data integrity for cloud storage systems. IEEE Cloud Comput, 2016, 3: 44–52

    Article  Google Scholar 

  18. 18

    Wang B Y, Li B C, Li H. Oruta: privacy-preserving public auditing for shared data in the cloud. IEEE Trans Cloud Comput, 2014, 2: 43–56

    Article  Google Scholar 

  19. 19

    Wang B Y, Li B C, Li H. Panda: public auditing for shared data with efficient user revocation in the cloud. IEEE Trans Serv Comput, 2015, 8: 92–106

    Article  Google Scholar 

  20. 20

    Yuan J W, Yu S C. Public integrity auditing for dynamic data sharing with multiuser modification. IEEE Trans Inf Forensic Secur, 2015, 10: 1717–1726

    Article  Google Scholar 

  21. 21

    Jiang T, Chen X F, Ma J F. Public integrity auditing for shared dynamic cloud data with group user revocation. IEEE Trans Comput, 2016, 65: 2363–2373

    MathSciNet  Article  MATH  Google Scholar 

  22. 22

    Liu X M, Zhang T, Ma J F, et al. Efficient data integrity verification using attribute based multi-signature scheme in wireless network. In: Proceedings of the 5th International Conference on Intelligent Networking and Collaborative Systems, Xi’an, 2013. 173–180

    Google Scholar 

  23. 23

    Liu X M, Ma J F, Xiong J B, et al. Personal health records integrity verification using attribute based proxy signature in cloud computing. In: Proceedings of International Conference on Internet and Distributed Computing Systems, Hangzhou, 2013. 238–251

    Google Scholar 

  24. 24

    Wang Y J, Wu Q H, Qin B, et al. Identity-based data outsourcing with comprehensive auditing in clouds. IEEE Trans Inf Forensic Secur, 2017, 12: 940–952

    Article  Google Scholar 

  25. 25

    Wang H Q, He D B, Tang S H. Identity-based proxy-oriented data uploading and remote data integrity checking in public cloud. IEEE Trans Inf Forensic Secur, 2016, 11: 1165–1176

    Article  Google Scholar 

  26. 26

    Zhang Y, Xu C X, Yu S, et al. SCLPV: secure certificateless public verification for cloud-based cyber-physical-social systems against malicious auditors. IEEE Trans Comput Soc Syst, 2015, 2: 159–170

    Article  Google Scholar 

  27. 27

    Sookhak M, Gani A, Talebian H, et al. Remote data auditing in cloud computing environments: a survey, taxonomy, and open issues. ACM Comput Surv (CSUR), 2015, 47: 65

    Article  Google Scholar 

  28. 28

    Nakamoto S. Bitcoin: a peer-to-peer electronic cash system. 2008. https://doi.org/www.bitcoin.org

    Google Scholar 

  29. 29

    Wood G. Ethereum: a Secure Decentralised Generalised Transaction Ledger. Ethereum Project Yellow Paper, 2014

    Google Scholar 

  30. 30

    Pilkington M. Blockchain technology: principles and applications. In: Research Handbook on Digital Transformations. Cheltenham: Edward Elgar Publishing, 2016. 225–253

    Google Scholar 

  31. 31

    Buterin V. On public and private blockchains. 2015. https://doi.org/blog.ethereum.org/2015/08/07/on-public-and-privateblockchains/

    Google Scholar 

  32. 32

    Yu Y, Au M H, Ateniese G, et al. Identity-based remote data integrity checking with perfect data privacy preserving for cloud storage. IEEE Trans Inf Forensic Secur, 2017, 12: 767–778

    Article  Google Scholar 

  33. 33

    Li Y N, Yu Y, Min G Y, et al. Fuzzy identity-based data integrity auditing for reliable cloud storage systems. IEEE Trans Depend Secure Comput, 2017. doi: 10.1109/TDSC.2017.2662216

    Google Scholar 

Download references

Acknowledgements

This work was supported by National Key R&D Program of China (Grant No. 2017YFB-0802000), and National Natural Science Foundation of China (Grant No. 61370203).

Author information

Affiliations

Authors

Corresponding authors

Correspondence to Jingting Xue or Chunxiang Xu.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Xue, J., Xu, C., Zhao, J. et al. Identity-based public auditing for cloud storage systems against malicious auditors via blockchain. Sci. China Inf. Sci. 62, 32104 (2019). https://doi.org/10.1007/s11432-018-9462-0

Download citation

Keywords

  • cloud storage
  • public integrity auditing
  • identity-based cryptography
  • blockchain
  • security analysis