Dynamic Proofs of Retrievability for Coded Cloud Storage Systems

Cloud storage allows users to store their data in a remote server to get rid of expensive local storage and management costs and then access data of interest anytime anywhere. A number of solutions have been proposed to tackle the verification of remote data integrity and retrievability in cloud storage systems. Most of existing schemes, however, do not support efficient data dynamics and/or suffer from security vulnerabilities when involving dynamic data operations. In this paper, we propose a dynamic proof of retrievability scheme supporting public auditability and communication-efficient recovery from data corruptions. To this end, we split up the data into data blocks and encode each data block individually using outer code and inner code before outsourcing so that i) an update inside any data block only affects a few codeword symbols and ii) communication-efficient data repair for a breakdown server can be achieved and communication overhead for small data corruptions within a server can be eliminated. Based on the encoded data blocks, we utilize rb23Tree to enforce the data sequence for dynamic operations, preventing the cloud service provider from manipulating data block to pass the integrity check in the dynamic scenario. Formal security analysis and extensive experimental evaluations are conducted, showing that the proposed scheme is practical for use in cloud storage systems.

[1]  Marko Vukolic,et al.  Robust data sharing with key-value stores , 2011, IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012).

[2]  Reza Curtmola,et al.  Remote data checking for network coding-based distributed storage systems , 2010, CCSW '10.

[3]  Hovav Shacham,et al.  Aggregate and Verifiably Encrypted Signatures from Bilinear Maps , 2003, EUROCRYPT.

[4]  Marten van Dijk,et al.  Iris: a scalable cloud file system with efficient integrity checks , 2012, ACSAC '12.

[5]  Reza Curtmola,et al.  Remote data checking using provable data possession , 2011, TSEC.

[6]  Alysson Neves Bessani,et al.  DepSky: dependable and secure storage in a cloud-of-clouds , 2011, EuroSys '11.

[7]  Miguel Correia,et al.  SCFS: A Shared Cloud-backed File System , 2014, USENIX Annual Technical Conference.

[8]  Huaqun Wang,et al.  Proxy Provable Data Possession in Public Clouds , 2013, IEEE Transactions on Services Computing.

[9]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[10]  Zhenyu Yang,et al.  LT codes-based secure and reliable cloud storage service , 2012, 2012 Proceedings IEEE INFOCOM.

[11]  F. Moore,et al.  Polynomial Codes Over Certain Finite Fields , 2017 .

[12]  Reza Curtmola,et al.  Towards self-repairing replication-based storage systems using untrusted clouds , 2013, CODASPY.

[13]  Stephen S. Yau,et al.  Dynamic audit services for integrity verification of outsourced storages in clouds , 2011, SAC.

[14]  M. Mrinalni Vaknishadh,et al.  Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing , 2012 .

[15]  Hovav Shacham,et al.  Compact Proofs of Retrievability , 2008, Journal of Cryptology.

[16]  David Cash,et al.  Dynamic Proofs of Retrievability Via Oblivious RAM , 2013, Journal of Cryptology.

[17]  Randy H. Katz,et al.  Above the Clouds: A Berkeley View of Cloud Computing , 2009 .

[18]  Gail-Joon Ahn,et al.  Zero-knowledge proofs of retrievability , 2011, Science China Information Sciences.

[19]  Marko Vukolic,et al.  Robust data sharing with key-value stores , 2012, DSN.

[20]  Ngoc Tram Anh Nguyen Fair and dynamic proofs of retrievability , 2014 .

[21]  Alexandros G. Dimakis,et al.  Network Coding for Distributed Storage Systems , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[22]  Ramakrishna Kotla,et al.  SafeStore: A Durable and Practical Storage System , 2007, USENIX Annual Technical Conference.

[23]  Shao-hui Wang,et al.  Public Auditing for Ensuring Cloud Data Storage Security With Zero Knowledge Privacy , 2012, IACR Cryptol. ePrint Arch..

[24]  Yihua Zhang,et al.  Efficient dynamic provable possession of remote data via balanced update trees , 2013, ASIA CCS '13.

[25]  Yi Mu,et al.  Asymmetric Group Key Agreement , 2009, EUROCRYPT.

[26]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[27]  Henry C. H. Chen,et al.  Enabling Data Integrity Protection in Regenerating-Coding-Based Cloud Storage , 2012, 2012 IEEE 31st Symposium on Reliable Distributed Systems.

[28]  M. Phil,et al.  PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTING , 2015 .

[29]  Yang Tang,et al.  NCCloud: applying network coding for the storage repair in a cloud-of-clouds , 2012, FAST.

[30]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[31]  Ari Juels,et al.  HAIL: a high-availability and integrity layer for cloud storage , 2009, CCS.

[32]  Cong Wang,et al.  Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing , 2009, ESORICS.

[33]  Shriniwas Gadage,et al.  Cooperative Provable Data possession for integrity verification in multicloud , 2015 .