Skip to main content
SpringerLink
Log in

Verifiable Auditing Protocol with Proxy Re-Encryption for Outsourced Databases in Cloud

  • Computer Science
  • Published:
Wuhan University Journal of Natural Sciences

Abstract

As a new computing paradigm, outsourcing computing provides inexpensive, on-demand, convenient storage and computing services for cloud clients. For the security of outsourcing databases to the cloud, it is important to allow the user to verify the query results returned by the cloud server. So far, tremendous efforts have been carried out to study secure outsourcing computing. The existing scheme supports that the user can detect the correctness and completeness of the query results even if the cloud server returns an empty set. However, since the data owner performs the database encryption operations and uploads the encrypted database to the cloud server, they require the user to request the data owner to decrypt the query results. In this paper, we propose a new scheme, which can accurately verify the search results. Meanwhile, the users can decrypt the query results independently. Furthermore, the proposed scheme supports a large number of data owners to upload their encrypted database to the cloud server, and it can efficiently verify the query results. Besides, we can prove that our proposed solution can achieve the desired security properties.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Mell P, Grance T. The NIST definition of cloud computing[J]. Communications of the ACM, 2009, 53(6): 50–50.

    Google Scholar 

  2. Atallah M J, Pantazopoulos K N, Rice J R, et al. Secure outsourcing of scientific computations[J]. Communications of the ACM, 2002, 54(01):215–272.

    Google Scholar 

  3. Buyya R, Yeo C S, Venugopal S, et al. Cloud computing and emerging IT platforms: Vision, hype, and reality for delivering computing as the 5th utility[J]. Future Generation Computer Systems, 2009, 25(6):599–616.

    Article  Google Scholar 

  4. Chen X, Li J, Ma J, et al. New algorithms for secure outsourcing of modular exponentiations[C] //Computer Security -ESORICS 2012. Berlin: Springer-Verlag, 2012: 2386–2396.

    Google Scholar 

  5. Mykletun E, Narasimha M, Tsudik G. Authentication and integrity in outsourced databases[J]. ACM Transactions on Storage, 2004, 2(2): 107–138.

    Article  Google Scholar 

  6. Nuckolls G. Verified query results from hybrid authentication trees[C]//Ifip Wg 11.3 Working Conference on Data and Applications Security. Berlin: Springer-Verlag, 2005: 84–98.

    Chapter  Google Scholar 

  7. Pang H H, Jain A, Ramamritham K, et al. Verifying completeness of relational query results in data publishing [C]//Proceedings of the 2005 ACM SIGMOD International Conference on Management of Data. New York: ACM Press, 2005: 407–418.

    Chapter  Google Scholar 

  8. Narasimha M, Tsudik G. Authentication of outsourced databases using signature aggregation and chaining[C] //International Conference on Database Systems for Advanced Applications. Berlin Heidelberg: Springer-Verlag, 2006: 420–436.

    Chapter  Google Scholar 

  9. Pang H H, Zhang J, Mouratidis K. Scalable verification for outsourced dynamic databases[J]. Proceedings of the VLDB Endowment, 2009, 2(1): 802–813.

    Article  Google Scholar 

  10. Mouratidis K, Sacharidis D, Pang H. Partially materialized digest scheme: an efficient verification method for outsourced databases[J]. VLDB Journal, 2009, 18(1): 363–381.

    Article  Google Scholar 

  11. Alazzi B, Pizzonia M, Pucacco S. Query racing: Fast completeness certification of query results[C] //Data and Applications Security and Privacy XXIV. Berlin: Springer-Verlag, 2010: 177–192.

    Chapter  Google Scholar 

  12. Devanbu P T, Gertz M, Martel C U, et al. Authentic third-party data publication[C]//IFIP TC11/Wg11.3 Fourteenth Working Conference on Database Security: Data and Application Security, Development and Directions. London: Kluwer, 2000: 101–112.

    Google Scholar 

  13. Bertino E, Carminati B, Ferrari E, et al. Selective and authentic third-party distribution of XML documents[J]. IEEE Transactions on Knowledge & Data Engineering, 2004, 16(10): 1263–1278.

    Article  Google Scholar 

  14. Devanbu P, Gertz M, Martel C, et al. Authentic data publication over the Internet[J]. Journal of Computer Security, 2003, 11(3):291–314.

    Article  Google Scholar 

  15. Sion R. Query execution assurance for outsourced databases[C] //International Conference on Very Large Data Bases. New York: ACM Press, 2005: 601–612.

    Google Scholar 

  16. Xie M, Wang H, Yin J, et al. Integrity auditing of outsourced data[C]//International Conference on Very Large Data Bases. New York: ACM Press, 2007: 782–793.

    Google Scholar 

  17. Mykletun E, Narasimha M, Tsudik G. Signature bouquets: Immutability for aggregated/condensed signatures[J]. Lecture Notes in Computer Science, 2004, 3193: 160–176.

    Article  Google Scholar 

  18. Chai Q, Gong G. Verifiable symmetric searchable encryption for semi-honest-but-curious cloud servers[C] //IEEE International Conference on Communications. Washington D C: IEEE, 2012: 917–922.

    Google Scholar 

  19. Wang J, Ma H, Tang Q, et al. Efficient verifiable fuzzy keyword search over encrypted data in cloud computing[J]. Computer Science & Information Systems, 2013, 10(2): 667–684.

    Article  Google Scholar 

  20. Wang J, Chen X, Huang X, et al. Verifiable auditing for outsourced database in cloud computing[J]. IEEE Transactions on Computers, 2015, 64(11): 3293–3303.

    Article  Google Scholar 

  21. Ateniese G, Benson K, Hohenberger S. Key-Private proxy re-encryption[C] //Topics in Cryptology-CT-RSA 2009. Berlin Heidelberg: Springer-Verlag, 2009:279–294.

    Chapter  Google Scholar 

  22. Evdokimov S, Günther O. Encryption techniques for secure database outsourcing[C] //Computer Security-ESORICS 2007, European Symposium on Research in Computer Security. Berlin: Springer-Verlag, 2007: 327–342.

    Chapter  Google Scholar 

  23. Dan B, Gentry C, Lynn B, et al. Aggregate and verifiably encrypted signatures from bilinear maps[J]. Lecture Notes in Computer Science, 2003, 2656(1): 416–432.

    Google Scholar 

  24. Merkle R C. Protocols for public key cryptosystems[C]//1980 IEEE Symposium on Security and Privacy. Washington D C: IEEE, 1980: 122–122.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. State Key Laboratory of Integrated Service Networks, Xidian University, Xi’an, 710071, Shaanxi, China

    Ziyuan Gao, Baocang Wang, Hequn Liu, Ke Lu & Yu Zhan

  2. Key Laboratory of Cognitive Radio and Information Processing of Ministry of Education, Guilin University of Electronic Technology, Guilin, 541004, Guangxi, China

    Baocang Wang

Authors
  1. Ziyuan Gao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Baocang Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hequn Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ke Lu
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Yu Zhan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Baocang Wang.

Additional information

Foundation item: Supported by the National Key Research and Development Program of China (2017YFB0802000), the National Natural Science Foundation of China (61572390, U1736111), the Natural Science Foundation of Ningbo City (201601HJ-B01382), and the Open Foundation of Key Laboratory of Cognitive Radio and Information Processing of Ministry of Education (Guilin University of Electronic Technology) (CRKL160202)

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Gao, Z., Wang, B., Liu, H. et al. Verifiable Auditing Protocol with Proxy Re-Encryption for Outsourced Databases in Cloud. Wuhan Univ. J. Nat. Sci. 23, 120–128 (2018). https://doi.org/10.1007/s11859-018-1302-5

Download citation

  • Received:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11859-018-1302-5

Key words

CLC number

Search

Navigation