SeShare: Secure cloud data sharing based on blockchain and public auditing

In a data sharing group, each user can upload, modify, and access group files and a user is required to generate a new signature for the modified file after modification. There is a situation that two or more users modify the same file at almost the same time, which should be avoided as it gives rise to a signature conflict. However, the existing schemes do not take it into consideration. In this paper, we proposed a new mechanism SeShare for data storing based on blockchain to realize signature uniqueness, which solves the problem of generating signatures for the same file meanwhile by different group users. Specifically, we record every signature of a file in a blockchain in chronological order, and only one user is allowed to add new signature at the end of the blockchain when modification conflicts occur. On the other hand, to provide a secure data sharing service, SeShare introduces an efficient public auditing scheme for file integrity verification when a group user leaves the group. We also prove the security of the proposed scheme and evaluate the performance at the end of this paper. Our experimental results demonstrate the efficiency of public auditing for user leaving.

[1]  Yong Wang,et al.  Provable multiple replication data possession with full dynamics for secure cloud storage , 2016, Concurr. Comput. Pract. Exp..

[2]  Alex Pentland,et al.  Decentralizing Privacy: Using Blockchain to Protect Personal Data , 2015, 2015 IEEE Security and Privacy Workshops.

[3]  Zoe L. Jiang,et al.  Privacy-Preserving Public Auditing for Secure Cloud Storage , 2013, IEEE Transactions on Computers.

[4]  Robert H. Deng,et al.  Key-Aggregate Cryptosystem for Scalable Data Sharing in Cloud Storage , 2014, IEEE Transactions on Parallel and Distributed Systems.

[5]  A. Muthukumaravel,et al.  Ensuring Distributed Accountability for Data Sharing in Cloud , 2014 .

[6]  Hui Li,et al.  Panda: Public Auditing for Shared Data with Efficient User Revocation in the Cloud , 2015, IEEE Transactions on Services Computing.

[7]  Huaqun Wang,et al.  Incentive and Unconditionally Anonymous Identity-Based Public Provable Data Possession , 2019, IEEE Transactions on Services Computing.

[8]  M. Anwar Hasan,et al.  Integrity Verification of Multiple Data Copies over Untrusted Cloud Servers , 2012, 2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (ccgrid 2012).

[9]  Marvin Theimer,et al.  Reclaiming space from duplicate files in a serverless distributed file system , 2002, Proceedings 22nd International Conference on Distributed Computing Systems.

[10]  Björn Scheuermann,et al.  Bitcoin and Beyond: A Technical Survey on Decentralized Digital Currencies , 2016, IEEE Communications Surveys & Tutorials.

[11]  Qi Xia,et al.  SDIVIP2: shared data integrity verification with identity privacy preserving in mobile clouds , 2016, Concurr. Comput. Pract. Exp..

[12]  P.Hema Latha,et al.  A SECURE ANTI-COLLUSION DATA SHARING SCHEME FOR DYNAMIC GROUPS IN THE CLOUD , 2016 .

[13]  Ivan Stojmenovic,et al.  An overview of Fog computing and its security issues , 2016, Concurr. Comput. Pract. Exp..

[14]  Jun Zhang,et al.  Modeling Propagation Dynamics of Social Network Worms , 2013, IEEE Transactions on Parallel and Distributed Systems.

[15]  Cong Wang,et al.  Privacy-Preserving Public Auditing for Data Storage Security in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[16]  Jie Wu,et al.  Time-based proxy re-encryption scheme for secure data sharing in a cloud environment , 2014, Inf. Sci..

[17]  Giuseppe Ateniese,et al.  Redactable Blockchain – or – Rewriting History in Bitcoin and Friends , 2017, 2017 IEEE European Symposium on Security and Privacy (EuroS&P).

[18]  Jing Li,et al.  Dynamic data integrity auditing for secure outsourcing in the cloud , 2017, Concurr. Comput. Pract. Exp..

[19]  Mihir Bellare,et al.  Message-Locked Encryption and Secure Deduplication , 2013, EUROCRYPT.

[20]  Eli Ben-Sasson,et al.  Zerocash: Decentralized Anonymous Payments from Bitcoin , 2014, 2014 IEEE Symposium on Security and Privacy.

[21]  Anmin Fu,et al.  NPP: A New Privacy-Aware Public Auditing Scheme for Cloud Data Sharing with Group Users , 2017, IEEE Transactions on Big Data.

[22]  Shui Yu,et al.  Big Privacy: Challenges and Opportunities of Privacy Study in the Age of Big Data , 2016, IEEE Access.

[23]  Yi Mu,et al.  Comments on a Public Auditing Mechanism for Shared Cloud Data Service , 2015, IEEE Transactions on Services Computing.

[24]  Nagwa Lotfy Badr,et al.  Integrity as a service for replicated data on the cloud , 2017, Concurr. Comput. Pract. Exp..

[25]  Hubert Ritzdorf,et al.  On the Security and Performance of Proof of Work Blockchains , 2016, IACR Cryptol. ePrint Arch..

[26]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[27]  Wanlei Zhou,et al.  A Sword with Two Edges: Propagation Studies on Both Positive and Negative Information in Online Social Networks , 2015, IEEE Transactions on Computers.

[28]  Huang Longxia,et al.  Privacy-Preserving Public Auditing for Dynamic Group Based on Hierarchical Tree , 2016 .

[29]  Wanlei Zhou,et al.  Identifying Propagation Sources in Networks: State-of-the-Art and Comparative Studies , 2017, IEEE Communications Surveys & Tutorials.

[30]  Huaqun Wang,et al.  Identity-Based Distributed Provable Data Possession in Multicloud Storage , 2015, IEEE Transactions on Services Computing.

[31]  Yang Xiang,et al.  Modeling the Propagation of Worms in Networks: A Survey , 2014, IEEE Communications Surveys & Tutorials.

[32]  Huaqun Wang,et al.  Efficient Dynamic Provable Data Possession from Dynamic Binary Tree , 2016, ProvSec.