Advertisement

Dynamic Provable Data Possession Protocols with Public Verifiability and Data Privacy

  • Clémentine Gritti
  • Rongmao Chen
  • Willy Susilo
  • Thomas Plantard
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10701)

Abstract

Cloud storage services have become accessible and used by everyone. Nevertheless, stored data are dependable on the behavior of the cloud servers, and losses and damages often occur. One solution is to regularly audit the cloud servers in order to check the integrity of the stored data. The Dynamic Provable Data Possession scheme with Public Verifiability and Data Privacy presented in ACISP’15 is a straightforward design of such solution. However, this scheme is threatened by several attacks. In this paper, we carefully recall the definition of this scheme as well as explain how its security is dramatically menaced. Moreover, we proposed two new constructions for Dynamic Provable Data Possession scheme with Public Verifiability and Data Privacy based on the scheme presented in ACISP’15, one using Index Hash Tables and one based on Merkle Hash Trees. We show that the two schemes are secure and privacy-preserving in the random oracle model.

Keywords

Provable Data Possession Dynamicity Public verifiability Data privacy Index Hash Tables Merkle Hash Trees 

Notes

Acknowledgments

This work was partially supported by the TREDISEC project (G.A. no 644412), funded by the European Union (EU) under the Information and Communication Technologies (ICT) theme of the Horizon 2020 (H2020) research and innovation programme.

References

  1. 1.
    Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song, D.: Provable data possession at untrusted stores. In: Proceedings of CCS 2007, pp. 598–609 (2007)Google Scholar
  2. 2.
    Ateniese, G., Di Pietro, R., Mancini, L.V., Tsudik, G.: Scalable and efficient provable data possession. In: Proceedings of SecureComm 2008, pp. 1–10 (2008)Google Scholar
  3. 3.
    Chen, B., Curtmola, R.: Auditable version control system. In: Proceedings of NDSS 2014 (2014)Google Scholar
  4. 4.
    Erway, C., Küpçü, A., Papamanthou, C., Tamassia, R.: Dynamic provable data possession. In: Proceedings of CCS 2009, pp. 213–222 (2009)Google Scholar
  5. 5.
    Esiner, E., Küpçü, A., Özkasap, O.: Analysis and optimization on flexDPDP: a practical solution for dynamic provable data possession. In: Proceedings of ICC 2014 (2014)Google Scholar
  6. 6.
    Etemad, M., Küpçü, A.: Tranparent, distributed, and replicated dynamic provable data possession. In: Proceedings of ACNS 2013 (2013)Google Scholar
  7. 7.
    Fan, X., Yang, G., Mu, Y., Yu, Y.: On indistinguishability in remote data integrity checking. Comput. J. 58(4), 823–830 (2015)CrossRefGoogle Scholar
  8. 8.
    Gritti, C., Chen, R., Susilo, W., Plantard, P.: Dynamic provable data possession protocols with public verifiability and data privacy (2015). https://arxiv.org/abs/1709.08434
  9. 9.
    Gritti, C., Susilo, W., Plantard, T.: Efficient dynamic provable data possession with public verifiability and data privacy. In: Foo, E., Stebila, D. (eds.) ACISP 2015. LNCS, vol. 9144, pp. 395–412. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-19962-7_23 CrossRefGoogle Scholar
  10. 10.
    Hao, Z., Zhong, S., Yu, N.: A privacy-preserving remote data integrity checking protocol with data dynamics and public verifiability. IEEE Trans. Knowl. Data Eng. 23(9), 1432–1437 (2011)CrossRefGoogle Scholar
  11. 11.
    Liu, C., Ranjan, R., Yang, C., Zhang, X., Wang, L., Chen, J.: MuR-DPA: top-down levelled multi-replica merkle hash tree based secure public auditing for dynamic big data storage on cloud. IEEE Trans. Comput. 64(9), 2609–2622 (2015)MathSciNetCrossRefzbMATHGoogle Scholar
  12. 12.
    Merkle, R.C.: Secrecy, authentication, and public key systems. Ph.D. thesis, Stanford University (1979)Google Scholar
  13. 13.
    Shacham, H., Waters, B.: Compact proofs of retrievability. In: Proceedings of ASIACRYPT 2008, pp. 90–107 (2008)Google Scholar
  14. 14.
    Wang, B., Li, B., Li, H.: Knox: privacy-preserving auditing for shared data with large groups in the cloud. In: Bao, F., Samarati, P., Zhou, J. (eds.) ACNS 2012. LNCS, vol. 7341, pp. 507–525. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-31284-7_30 CrossRefGoogle Scholar
  15. 15.
    Wang, B., Li, B., Li, H.: Oruta: privacy-preserving public auditing for shared data in the cloud. IEEE Trans. Cloud Comput. 2(1), 43–56 (2012)CrossRefGoogle Scholar
  16. 16.
    Wang, B., Li, B., Li, H.: Panda: public auditing for shared data with efficient user revocation in the cloud. IEEE Trans. Serv. Comput. 8(1), 92–106 (2015)CrossRefGoogle Scholar
  17. 17.
    Wang, C., Chow, S., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for secure cloud storage. IEEE Trans. Comput. 62(2), 362–375 (2013)MathSciNetCrossRefzbMATHGoogle Scholar
  18. 18.
    Wang, C., Wang, Q., Ren, K., Cao, N., Lou, W.: Toward secure and dependable storage services in cloud computing. IEEE Trans. Serv. Comput. 5(2), 220–232 (2012)CrossRefGoogle Scholar
  19. 19.
    Wang, C., Wang, Q., Ren, K., Lou, W.: Ensuring data storage security in cloud computing. In: Proceedings of IWQoS 2009 (2009)Google Scholar
  20. 20.
    Wang, C., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for data storage security in cloud computing. In: Proceedings of INFOCOM 2010, pp. 525–533 (2010)Google Scholar
  21. 21.
    Wang, Q., Wang, C., Li, J., Ren, K., Lou, W.: Enabling public verifiability and data dynamics for storage security in cloud computing. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 355–370. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-04444-1_22 CrossRefGoogle Scholar
  22. 22.
    Wang, Q., Wang, C., Ren, K., Lou, W., Li, J.: Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans. Parallel Distrib. Syst. 22(5), 847–859 (2011)CrossRefGoogle Scholar
  23. 23.
    Yu, S., Wang, C., Ren, K., Lou, W.: Achieving secure, scalable, and fine-grained data access control in cloud computing. In: Proceedings of INFOCOM 2010, pp. 534–542 (2010)Google Scholar
  24. 24.
    Yu, Y., Au, M.H., Mu, Y., Tang, S., Ren, J., Susilo, W., Dong, L.: Enhanced privacy of a remote data integrity-checking protocol for secure cloud storage. IJIS 14, 1–12 (2014)Google Scholar
  25. 25.
    Zhu, Y., Ahn, G.-J., Hu, H., Yau, S.S., An, H.G., Hu, C.-J.: Dynamic audit services for outsourced storages in clouds. IEEE Trans. Serv. Comput. 6(2), 227–238 (2013)CrossRefGoogle Scholar
  26. 26.
    Zhu, Y., Wang, H., Hu, Z., Ahn, G.-J., Hu, H., Yau, S.S.: Dynamic audit services for integrity verification of outsourced storages in clouds. In: Proceedings of SAC 2011, pp. 1550–1557 (2011)Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Clémentine Gritti
    • 1
  • Rongmao Chen
    • 2
  • Willy Susilo
    • 3
  • Thomas Plantard
    • 3
  1. 1.EURECOMSophia AntipolisFrance
  2. 2.College of ComputerNational University of Defense TechnologyChangshaChina
  3. 3.School of Computing and Information TechnologyUniversity of WollongongWollongongAustralia

Personalised recommendations