OPoR: Enabling Proof of Retrievability in Cloud Computing with Resource-Constrained Devices

Cloud computing moves the application software and databases to the centralized large data centers, where the management of the data and services may not be fully trustworthy. In this work, we study the problem of ensuring the integrity of data storage in cloud computing. To reduce the computational cost at user side during the integrity verification of their data, the notion of public verifiability has been proposed. However, the challenge is that the computational burden is too huge for the users with resource-constrained devices to compute the public authentication tags of file blocks. To tackle the challenge, we propose OPoR, a new cloud storage scheme involving a cloud storage server and a cloud audit server, where the latter is assumed to be semi-honest. In particular, we consider the task of allowing the cloud audit server, on behalf of the cloud users, to pre-process the data before uploading to the cloud storage server and later verifying the data integrity. OPoR outsources and offloads the heavy computation of the tag generation to the cloud audit server and eliminates the involvement of user in the auditing and in the pre-processing phases. Furthermore, we strengthen the proof of retrievability (PoR) model to support dynamic data operations, as well as ensure security against reset attacks launched by the cloud storage server in the upload phase.

[1]  Cong Wang,et al.  Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing , 2009, ESORICS.

[2]  Hovav Shacham,et al.  Aggregate and Verifiably Encrypted Signatures from Bilinear Maps , 2003, EUROCRYPT.

[3]  Hui Li,et al.  Oruta: Privacy-Preserving Public Auditing for Shared Data in the Cloud , 2012, 2012 IEEE Fifth International Conference on Cloud Computing.

[4]  Yonggang Wen,et al.  Towards end-to-end secure content storage and delivery with public cloud , 2012, CODASPY '12.

[5]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[6]  Hovav Shacham,et al.  Compact Proofs of Retrievability , 2008, Journal of Cryptology.

[7]  Kenneth G. Paterson,et al.  Proxy Signatures Secure Against Proxy Key Exposure , 2008, Public Key Cryptography.

[8]  Michael K. Reiter,et al.  Space-Efficient Block Storage Integrity , 2005, NDSS.

[9]  Ari Juels,et al.  Proofs of retrievability: theory and implementation , 2009, CCSW '09.

[10]  Cong Wang,et al.  Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing , 2011, IEEE Transactions on Parallel and Distributed Systems.

[11]  Cong Wang,et al.  Privacy-Preserving Public Auditing for Data Storage Security in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[12]  Yupu Hu,et al.  Provably secure multi-proxy signature scheme with revocation in the standard model , 2011, Comput. Commun..

[13]  Jin Li,et al.  An Efficient Proof of Retrievability with Public Auditing in Cloud Computing , 2013, 2013 5th International Conference on Intelligent Networking and Collaborative Systems.

[14]  Mary Baker,et al.  Privacy-Preserving Audit and Extraction of Digital Contents , 2008, IACR Cryptol. ePrint Arch..

[15]  Jin Li,et al.  Hidden attribute-based signatures without anonymity revocation , 2010, Inf. Sci..

[16]  Satoshi Obana,et al.  The Hierarchy of Key Evolving Signatures and a Characterization of Proxy Signatures , 2004, EUROCRYPT.

[17]  Wenjing Lou,et al.  Dependable and Secure Sensor Data Storage with Dynamic Integrity Assurance , 2009, IEEE INFOCOM 2009.

[18]  Roberto Di Pietro,et al.  Scalable and efficient provable data possession , 2008, IACR Cryptol. ePrint Arch..

[19]  Tingwen Huang,et al.  Outsourcing Large Matrix Inversion Computation to A Public Cloud , 2013, IEEE Transactions on Cloud Computing.

[20]  Jianfeng Ma,et al.  New Algorithms for Secure Outsourcing of Modular Exponentiations , 2012, IEEE Transactions on Parallel and Distributed Systems.

[21]  Shouhuai Xu,et al.  Secure and efficient proof of storage with deduplication , 2012, CODASPY '12.

[22]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[23]  Ralph C. Merkle,et al.  Protocols for Public Key Cryptosystems , 1980, 1980 IEEE Symposium on Security and Privacy.

[24]  Stephen S. Yau,et al.  Dynamic audit services for integrity verification of outsourced storages in clouds , 2011, SAC.

[25]  Moni Naor,et al.  The complexity of online memory checking , 2005, 46th Annual IEEE Symposium on Foundations of Computer Science (FOCS'05).

[26]  Shouhuai Xu,et al.  Fair and dynamic proofs of retrievability , 2011, CODASPY '11.

[27]  Baochun Li,et al.  Oruta: Privacy-Preserving Public Auditingfor Shared Data in the Cloud , 2014, IEEE Trans. Cloud Comput..

[28]  Sawan Kumar,et al.  Ensuring data storage security in Cloud Computing , 2009, 2009 17th International Workshop on Quality of Service.

[29]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[30]  Jin Li,et al.  Outsourcing Encryption of Attribute-Based Encryption with MapReduce , 2012, ICICS.

[31]  Jia Xu,et al.  Remote Integrity Check with Dishonest Storage Server , 2008, ESORICS.

[32]  Jianfeng Ma,et al.  Fine-Grained Access Control System Based on Outsourced Attribute-Based Encryption , 2013, ESORICS.

[33]  Gail-Joon Ahn,et al.  Cooperative Provable Data Possession for Integrity Verification in Multicloud Storage , 2012, IEEE Transactions on Parallel and Distributed Systems.

[34]  Ethan L. Miller,et al.  Store, Forget, and Check: Using Algebraic Signatures to Check Remotely Administered Storage , 2006, 26th IEEE International Conference on Distributed Computing Systems (ICDCS'06).