Abstract
Remote data integrity checking (RDIC) enables a server to prove to an auditor the integrity of a stored file. It is a useful technology for remote storage such as cloud storage. The auditor could be a party other than the data owner; hence, an RDIC proof is based usually on publicly available information. To capture the need of data privacy against an untrusted auditor, Hao et al. formally defined “privacy against third party verifiers” as one of the security requirements and proposed a protocol satisfying this definition. However, we observe that all existing protocols with public verifiability supporting data update, including Hao et al.’s proposal, require the data owner to publish some meta-data related to the stored data. We show that the auditor can tell whether or not a client has stored a specific file and link various parts of those files based solely on the published meta-data in Hao et al.’s protocol. In other words, the notion “privacy against third party verifiers” is not sufficient in protecting data privacy, and hence, we introduce “zero-knowledge privacy” to ensure the third party verifier learns nothing about the client’s data from all available information. We enhance the privacy of Hao et al.’s protocol, develop a prototype to evaluate the performance and perform experiment to demonstrate the practicality of our proposal.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Notes
Amazon’s Cloud Crash Disaster Permanently Destroyed Many Customers’ Data, http://www.businessinsider.com.au/amazon-lost-data-2011-4.
This is to offset the winning probability based on random guessing.
This is allowed in the random oracle model where \(H_1\) is modeled as an ideal random function.
References
Fernandes, D.A.B., Soares, L.F.B., Gomes, J.V., Freire, M.M., Incio, P.R.M.: Security issues in cloud environments: a survey. Int. J. Inf. Secur. 1–58 (2013). doi:10.1007/s10207-013-208-7
Armbrust, M., Fox, A., Griffith, R., Joseph, A., Katz, R., Konwinski, A., Lee, G., Patterson, D., Rabkin, A., Stoica, I., et al.: A view of cloud computing. Commun. ACM 53(4), 50–58 (2010)
Wei, L., Zhu, H., Cao, Z., Dong, X., Jia, W., Chen, Y., Vasilakos, A.V.: Security and privacy for storage and computation in cloud computing. Inf. Sci. 258(10), 371–386 (2014)
Cloud Security Alliance, Top threats to cloud computing (2010). http://www.cloudsecurityalliance.org
Blum, M., Evans, W., Gemmell, P., Kannan, S., Naor, M.: Checking the correctness of memories. In: Proceedings 32nd Annual Symposium on Foundations of Computer Science (FOCS 1991), pp. 90–99 (1991)
Ateniese, G., Burns, R.C., Curtmola, R., Herring, J., Kissner, L., Peterson, Z.N.J., Song,D.X.: Provable data possession at untrusted stores. In: Proceedings 14th ACM Conference on Computer and Communications Security (ACM CCS 2007), pp. 598–609 (2007)
Ateniese, G., Burns, R.C., Curtmola, R., Herring, J., Khan, O., Kissner, L., Peterson, Z.N.J., Song, D.: Remote data checking using provable data possession. ACM Trans. Inf. Syst. Secur. 14, 1–34 (2011)
Juels, A., Pors Jr, B.S.K.: Proofs of retrievability for large files. In: Proceedings 14th ACM Conference on Computer and Communications Security (ACM CCS 2007), pp. 584–597 (2007)
Shacham, H., Waters, B.: Compact proofs of retrievability. In: Proceedings 14th Annual International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT 2008), pp. 90–107 (2008)
Wang, Q., Wang, C., Li, J., Ren, K., Lou, W.: Enabling public verifiability and data dynamics for storage security in cloud computing. In: Proceedings 14th European Symposium on Research in Computer Security (ESORDICS 2009), pp. 355–370 (2009)
Wang, C., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for data storage security in cloud computing. In: Proceedings 29th Conference on Computer Communications (IEEE INFOCOM 2010), pp. 525–533 (2010)
Wang, C., Ren, K., Lou, W., Li, J.: Toward publicly auditable secure cloud data storage services. IEEE Netw. 24(4), 19–24 (2010). doi:10.1109/MNET.2010.5510914
Wang, Q., Wang, C., Ren, K., Lou, W., Li, J.: Enabling public audibility and data dynamics for storage security in cloud computing. IEEE Trans. Parallel Distrib. Syst. 22(5), 847–859 (2011)
Wang, C., Chow, S.S., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for secure cloud storage. IEEE Trans. Comput. 62(2), 362–375 (2013)
Yang, K., Jia, X.: An efficient and secure dynamic auditing protocol for data storage in cloud computing. IEEE Trans. Parallel Distrib. Syst. 24(9), 1717–1726 (2013)
Zhu, Y., Ahn, G.-J., Hu, H., Yau, S.S., An, H.G., Hu, C.-J.: Dynamic audit services for outsourced storages in clouds. IEEE Trans. Serv. Comput. 6(2), 227–238 (2013)
Zhu, Y., Hu, H., Ahn, G.-J., Yau, S.S.: Efficient audit service outsourcing for data integrity in clouds. J. Syst. Softw. 85(5), 1083–1095 (2012)
Wang, H., Zhang, Y.: On the knowledge soundness of a cooperative provable data possession scheme in multicloud storage. IEEE Trans. Parallel Distrib. Syst. (2013). doi:10.1109/TPDS.2013.16
Ateniese, G., Pietro,R.D., Mancini, L.V., Tsudik, G.: Scalable and efficient provable data possession. In: Proceedings 4th International Conference on Security and Privacy in Communication Networks (SecureComm 2008) (2008). doi:10.1145/1460877.1460889
Wang, C., Wang, Q., Ren, K., Lou, W.: Ensuring data storage security in cloud computing. In: Proceedings 17th International Workshop on Quality of Service (IWQoS 2009) (2009)
Erway, C., Kupcu, A., Papamanthou, C., Tamassia, R.: Dynamic provable data possession. In: Proceedings 16th ACM Conference on Computer and Communications Security (ACM CCS 2009) (2009)
Boneh, D., Lynn, B., Shacham, H.: Short signatures from the weil pairing. J. Cryptol. 17, 297–319 (2004)
Sebé, F., Domingo-Ferrer, J., Martinez-Balleste, A., Deswarte, Y., Quisquater, J.J.: Efficient remote data possession checking in critical information infrastructures. IEEE Trans. Knowl. Data Eng. 20(8), 1034–1038 (2008)
Hao, Z., Zhong, S., Yu, N.: A privacy-preserving remote data integrity checking protocol with data dynamics and public verifiability. IEEE Trans. Knowl. Data Eng. 23(9), 1432–1437 (2011)
Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public key cryptosystems. Commun. ACM 21, 120–126 (1978)
Lin, S., Costello, D.J.: Error Control Coding, 2nd edn. Prentice-Hall, Upper Saddle River (2004)
Pointcheval, D., Stern, J.: Security arguments for digital signatures and blind signatures. J. Cryptol. 13(3), 361–396 (2000)
Damgård, I., Fujisaki, E.: A statistically-hiding integer commitment scheme based on groups with hidden order. In: Proceedings 8th Annual International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT 2002), pp. 125–142(2002)
Shoup, V.: A Computational Introduction to Number Theory and Algebra. Cambridge University Press, Cambridge (2008)
Bosma, W., Cannon, J., Playoust, C.: The MAGMA algebra system. I. The user language. J. Symb. Comput. 24(3–4), 235–265 (1997)
Acknowledgments
This work was supported by National Natural Science Foundation of China (U1135004, 61170080), Guangdong Province Universities and Colleges Pearl River Scholar Funded Scheme (2011), and High-level Talents Project of Guangdong Institutions of Higher Education (2012).
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Yu, Y., Au, M.H., Mu, Y. et al. Enhanced privacy of a remote data integrity-checking protocol for secure cloud storage. Int. J. Inf. Secur. 14, 307–318 (2015). https://doi.org/10.1007/s10207-014-0263-8
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-014-0263-8