# Dynamic Provable Data Possession Protocols with Public Verifiability and Data Privacy

## Abstract

Cloud storage services have become accessible and used by everyone. Nevertheless, stored data are dependable on the behavior of the cloud servers, and losses and damages often occur. One solution is to regularly audit the cloud servers in order to check the integrity of the stored data. The Dynamic Provable Data Possession scheme with Public Verifiability and Data Privacy presented in ACISP’15 is a straightforward design of such solution. However, this scheme is threatened by several attacks. In this paper, we carefully recall the definition of this scheme as well as explain how its security is dramatically menaced. Moreover, we proposed two new constructions for Dynamic Provable Data Possession scheme with Public Verifiability and Data Privacy based on the scheme presented in ACISP’15, one using Index Hash Tables and one based on Merkle Hash Trees. We show that the two schemes are secure and privacy-preserving in the random oracle model.

## Keywords

Provable Data Possession Dynamicity Public verifiability Data privacy Index Hash Tables Merkle Hash Trees## Notes

### Acknowledgments

This work was partially supported by the TREDISEC project (G.A. no 644412), funded by the European Union (EU) under the Information and Communication Technologies (ICT) theme of the Horizon 2020 (H2020) research and innovation programme.

## References

- 1.Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song, D.: Provable data possession at untrusted stores. In: Proceedings of CCS 2007, pp. 598–609 (2007)Google Scholar
- 2.Ateniese, G., Di Pietro, R., Mancini, L.V., Tsudik, G.: Scalable and efficient provable data possession. In: Proceedings of SecureComm 2008, pp. 1–10 (2008)Google Scholar
- 3.Chen, B., Curtmola, R.: Auditable version control system. In: Proceedings of NDSS 2014 (2014)Google Scholar
- 4.Erway, C., Küpçü, A., Papamanthou, C., Tamassia, R.: Dynamic provable data possession. In: Proceedings of CCS 2009, pp. 213–222 (2009)Google Scholar
- 5.Esiner, E., Küpçü, A., Özkasap, O.: Analysis and optimization on flexDPDP: a practical solution for dynamic provable data possession. In: Proceedings of ICC 2014 (2014)Google Scholar
- 6.Etemad, M., Küpçü, A.: Tranparent, distributed, and replicated dynamic provable data possession. In: Proceedings of ACNS 2013 (2013)Google Scholar
- 7.Fan, X., Yang, G., Mu, Y., Yu, Y.: On indistinguishability in remote data integrity checking. Comput. J.
**58**(4), 823–830 (2015)CrossRefGoogle Scholar - 8.Gritti, C., Chen, R., Susilo, W., Plantard, P.: Dynamic provable data possession protocols with public verifiability and data privacy (2015). https://arxiv.org/abs/1709.08434
- 9.Gritti, C., Susilo, W., Plantard, T.: Efficient dynamic provable data possession with public verifiability and data privacy. In: Foo, E., Stebila, D. (eds.) ACISP 2015. LNCS, vol. 9144, pp. 395–412. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-19962-7_23 CrossRefGoogle Scholar
- 10.Hao, Z., Zhong, S., Yu, N.: A privacy-preserving remote data integrity checking protocol with data dynamics and public verifiability. IEEE Trans. Knowl. Data Eng.
**23**(9), 1432–1437 (2011)CrossRefGoogle Scholar - 11.Liu, C., Ranjan, R., Yang, C., Zhang, X., Wang, L., Chen, J.: MuR-DPA: top-down levelled multi-replica merkle hash tree based secure public auditing for dynamic big data storage on cloud. IEEE Trans. Comput.
**64**(9), 2609–2622 (2015)MathSciNetCrossRefzbMATHGoogle Scholar - 12.Merkle, R.C.: Secrecy, authentication, and public key systems. Ph.D. thesis, Stanford University (1979)Google Scholar
- 13.Shacham, H., Waters, B.: Compact proofs of retrievability. In: Proceedings of ASIACRYPT 2008, pp. 90–107 (2008)Google Scholar
- 14.Wang, B., Li, B., Li, H.: Knox: privacy-preserving auditing for shared data with large groups in the cloud. In: Bao, F., Samarati, P., Zhou, J. (eds.) ACNS 2012. LNCS, vol. 7341, pp. 507–525. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-31284-7_30 CrossRefGoogle Scholar
- 15.Wang, B., Li, B., Li, H.: Oruta: privacy-preserving public auditing for shared data in the cloud. IEEE Trans. Cloud Comput.
**2**(1), 43–56 (2012)CrossRefGoogle Scholar - 16.Wang, B., Li, B., Li, H.: Panda: public auditing for shared data with efficient user revocation in the cloud. IEEE Trans. Serv. Comput.
**8**(1), 92–106 (2015)CrossRefGoogle Scholar - 17.Wang, C., Chow, S., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for secure cloud storage. IEEE Trans. Comput.
**62**(2), 362–375 (2013)MathSciNetCrossRefzbMATHGoogle Scholar - 18.Wang, C., Wang, Q., Ren, K., Cao, N., Lou, W.: Toward secure and dependable storage services in cloud computing. IEEE Trans. Serv. Comput.
**5**(2), 220–232 (2012)CrossRefGoogle Scholar - 19.Wang, C., Wang, Q., Ren, K., Lou, W.: Ensuring data storage security in cloud computing. In: Proceedings of IWQoS 2009 (2009)Google Scholar
- 20.Wang, C., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for data storage security in cloud computing. In: Proceedings of INFOCOM 2010, pp. 525–533 (2010)Google Scholar
- 21.Wang, Q., Wang, C., Li, J., Ren, K., Lou, W.: Enabling public verifiability and data dynamics for storage security in cloud computing. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 355–370. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04444-1_22 CrossRefGoogle Scholar
- 22.Wang, Q., Wang, C., Ren, K., Lou, W., Li, J.: Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans. Parallel Distrib. Syst.
**22**(5), 847–859 (2011)CrossRefGoogle Scholar - 23.Yu, S., Wang, C., Ren, K., Lou, W.: Achieving secure, scalable, and fine-grained data access control in cloud computing. In: Proceedings of INFOCOM 2010, pp. 534–542 (2010)Google Scholar
- 24.Yu, Y., Au, M.H., Mu, Y., Tang, S., Ren, J., Susilo, W., Dong, L.: Enhanced privacy of a remote data integrity-checking protocol for secure cloud storage. IJIS
**14**, 1–12 (2014)Google Scholar - 25.Zhu, Y., Ahn, G.-J., Hu, H., Yau, S.S., An, H.G., Hu, C.-J.: Dynamic audit services for outsourced storages in clouds. IEEE Trans. Serv. Comput.
**6**(2), 227–238 (2013)CrossRefGoogle Scholar - 26.Zhu, Y., Wang, H., Hu, Z., Ahn, G.-J., Hu, H., Yau, S.S.: Dynamic audit services for integrity verification of outsourced storages in clouds. In: Proceedings of SAC 2011, pp. 1550–1557 (2011)Google Scholar