An efficient ID-based message recoverable privacy-preserving auditing scheme

One of the most important benefits of public cloud storage is outsourcing of management and maintenance with easy accessibility and retrievability over the internet. However, outsourcing data on the cloud brings new challenges such as integrity verification and privacy of data. More concretely, once the users outsource their data on the cloud they have no longer physical control over the data and this leads to the integrity protection issue. Hence, it is crucial to guarantee proof of data storage and integrity of the outsourced data. Several pairing-based auditing solutions have been proposed utilizing the Boneh-Lynn-Shacham (BLS) short signatures. They basically provide a desirable and efficient property of non-repudiation protocols. In this work, we propose the first ID-based privacy-preserving public auditing scheme with message recoverable signatures. Because of message recoverable auditing scheme, the message itself is implicitly included during the verification step that was not possible in previously proposed auditing schemes. Furthermore, we point out that the algorithm suites of existing schemes is either insecure or very inefficient due to the choice of the underlying bilinear map and its baseline parameter selections. We show that our scheme is more efficient than the recently proposed auditing schemes based on BLS like short signatures.

[1]  Michael Scott,et al.  A Taxonomy of Pairing-Friendly Elliptic Curves , 2010, Journal of Cryptology.

[2]  Xiaohua Jia,et al.  Data storage auditing service in cloud computing: challenges, methods and opportunities , 2011, World Wide Web.

[3]  Cong Wang,et al.  Toward publicly auditable secure cloud data storage services , 2010, IEEE Network.

[4]  Lanxiang Chen,et al.  Using algebraic signatures to check data possession in cloud storage , 2013, Future Gener. Comput. Syst..

[5]  晋輝 趙,et al.  H. Cohen, G. Frey, R. Avanzi, C. Doche, T. Lange, K. Nguyen and F. Vercauteren (eds.): Handbook of Elliptic and Hyperelliptic Curve Cryptography, Discrete Math. Appl. (Boca Raton)., Chapman & Hall/CRC, 2006年,xxxiv + 808ページ. , 2009 .

[6]  Mary Baker,et al.  Privacy-Preserving Audit and Extraction of Digital Contents , 2008, IACR Cryptol. ePrint Arch..

[7]  Yalin Chen,et al.  Crypto-analyses on "secure and efficient privacy-preserving public auditing scheme for cloud storage" , 2014, IACR Cryptol. ePrint Arch..

[8]  Nigel P. Smart,et al.  Advances in Elliptic Curve Cryptography (London Mathematical Society Lecture Note Series) , 2005 .

[9]  Hui Li,et al.  Oruta: Privacy-Preserving Public Auditing for Shared Data in the Cloud , 2012, 2012 IEEE Fifth International Conference on Cloud Computing.

[10]  Ian F. Blake,et al.  Advances in Elliptic Curve Cryptography: Frontmatter , 2005 .

[11]  M. Phil,et al.  PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTING , 2015 .

[12]  Cong Wang,et al.  Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing , 2009, ESORICS.

[13]  Yu Chen,et al.  Auditing for Data Integrity and Reliability in Cloud Storage , 2015, Handbook on Data Centers.

[14]  Sanjit Chatterjee,et al.  On cryptographic protocols employing asymmetric pairings - The role of Ψ revisited , 2011, Discret. Appl. Math..

[15]  Hovav Shacham,et al.  Compact Proofs of Retrievability , 2008, Journal of Cryptology.

[16]  Antoine Joux,et al.  A quasi-polynomial algorithm for discrete logarithm in finite fields of small characteristic , 2013, IACR Cryptol. ePrint Arch..

[17]  Pin Zhou,et al.  Demystifying data deduplication , 2008, Companion '08.

[18]  Antoine Joux,et al.  A Heuristic Quasi-Polynomial Algorithm for Discrete Logarithm in Finite Fields of Small Characteristic , 2014, EUROCRYPT.

[19]  Raylin Tso,et al.  Efficient ID-Based Digital Signatures with Message Recovery , 2007, CANS.

[20]  Roberto Di Pietro,et al.  Scalable and efficient provable data possession , 2008, IACR Cryptol. ePrint Arch..

[21]  Nenghai Yu,et al.  A Privacy-Preserving Remote Data Integrity Checking Protocol with Data Dynamics and Public Verifiability , 2011, IEEE Transactions on Knowledge and Data Engineering.

[22]  Tanja Lange,et al.  Handbook of Elliptic and Hyperelliptic Curve Cryptography , 2005 .

[23]  Baochun Li,et al.  Oruta: Privacy-Preserving Public Auditingfor Shared Data in the Cloud , 2014, IEEE Trans. Cloud Comput..

[24]  Fenghua Li,et al.  Certificateless public auditing for data integrity in the cloud , 2013, 2013 IEEE Conference on Communications and Network Security (CNS).

[25]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[26]  Jinjun Chen,et al.  A Big Picture of Integrity Verification of Big Data in Cloud Computing , 2015, Handbook on Data Centers.

[27]  Kenneth G. Paterson,et al.  Pairings for Cryptographers , 2008, IACR Cryptol. ePrint Arch..

[28]  Thorsten Kleinjung,et al.  Breaking `128-bit Secure' Supersingular Binary Curves (or how to solve discrete logarithms in $\F_{2^{4 \cdot 1223}}$ and $\F_{2^{12 \cdot 367}}$) , 2014 .

[29]  Xiaojun Zhang,et al.  An Efficient Provable Secure Public Auditing Scheme for Cloud Storage , 2014, KSII Trans. Internet Inf. Syst..

[30]  Salve Bhagyashri Salve Bhagyashri,et al.  Privacy-Preserving Public Auditing For Secure Cloud Storage , 2014 .

[31]  Francisco Rodríguez-Henríquez,et al.  Weakness of 𝔽36·509 for Discrete Logarithm Cryptography , 2013, Pairing.

[32]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[33]  Ejaz Ahmed,et al.  A review on remote data auditing in single cloud server: Taxonomy and open issues , 2014, J. Netw. Comput. Appl..

[34]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[35]  Yong Yu,et al.  Remote data possession checking with enhanced security for cloud storage , 2015, Future Gener. Comput. Syst..

[36]  Sangita S. Chaudhari,et al.  Secure and efficient public auditing scheme for cloud storage , 2016, 2016 International Conference on Computing, Analytics and Security Trends (CAST).

[37]  Paulo S. L. M. Barreto,et al.  Demonstrating data possession and uncheatable data transfer , 2006, IACR Cryptol. ePrint Arch..

[38]  Cong Wang,et al.  Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing , 2011, IEEE Transactions on Parallel and Distributed Systems.

[39]  Yi Mu,et al.  Enhanced privacy of a remote data integrity-checking protocol for secure cloud storage , 2014, International Journal of Information Security.