Privacy-preserving certificateless provable data possession scheme for big data storage on cloud

Cloud storage is generally regarded as one of the most promising technologies to address various big data challenges (e.g. secure storage for big data), due to the capability to provide scalability and functional diversity. However, how to efficiently audit the integrity of outsourced data remains a research challenge. Provable data possession (PDP) scheme can potentially be used to verify the integrity of outsourced data without downloading such data. However, existing PDP schemes suffer from either certificate management or key escrow problems. A number of certificateless PDP (CLPDP) schemes for the public cloud storage have been designed to address the above problems. However, most of them do not offer privacy protection from the verifier (i.e. verifier could obtain the data stored in the cloud when verifying their integrity). In this paper, we propose a privacy-preserving CLPDP (PP-CLPDP) scheme to address certificate management and key escrow problems, as well as ensuring privacy protection. We also prove the security and evaluate the performance of our proposed PP-CLPDP scheme.

[1]  Kim-Kwang Raymond Choo,et al.  Impacts of increasing volume of digital forensic data: A survey and future research challenges , 2014, Digit. Investig..

[2]  Josep Domingo-Ferrer,et al.  Identity-based remote data possession checking in public clouds , 2014, IET Inf. Secur..

[3]  Reza Curtmola,et al.  Remote data checking using provable data possession , 2011, TSEC.

[4]  Jianhong Zhang,et al.  IPad: ID-based public auditing for the outsourced data in the standard model , 2015, Cluster Computing.

[5]  Zhihua Xia,et al.  A Secure and Dynamic Multi-Keyword Ranked Search Scheme over Encrypted Cloud Data , 2016, IEEE Transactions on Parallel and Distributed Systems.

[6]  Yuh-Min Tseng,et al.  Revocable Certificateless Public Key Encryption , 2015, IEEE Systems Journal.

[7]  Zhangjie Fu,et al.  Privacy-Preserving Smart Semantic Search Based on Conceptual Graphs Over Encrypted Outsourced Data , 2017, IEEE Transactions on Information Forensics and Security.

[8]  Jianhua Chen,et al.  New certificateless short signature scheme , 2013, IET Inf. Secur..

[9]  Joseph K. Liu,et al.  Privacy-Preserving Ciphertext Multi-Sharing Control for Big Data Storage , 2015, IEEE Transactions on Information Forensics and Security.

[10]  Huaqun Wang,et al.  Identity-Based Distributed Provable Data Possession in Multicloud Storage , 2015, IEEE Transactions on Services Computing.

[11]  Xingming Sun,et al.  Toward Efficient Multi-Keyword Fuzzy Search Over Encrypted Outsourced Data With Accuracy Improvement , 2016, IEEE Transactions on Information Forensics and Security.

[12]  Yi Mu,et al.  Certificateless Signature Revisited , 2007, ACISP.

[13]  Hu Xiong,et al.  Cost-Effective Scalable and Anonymous Certificateless Remote Authentication Protocol , 2014, IEEE Transactions on Information Forensics and Security.

[14]  Jacques Stern,et al.  Security Arguments for Digital Signatures and Blind Signatures , 2015, Journal of Cryptology.

[15]  Xingming Sun,et al.  Achieving Efficient Cloud Search Services: Multi-Keyword Ranked Search over Encrypted Cloud Data Supporting Parallel Computing , 2015, IEICE Trans. Commun..

[16]  John Gantz,et al.  The Digital Universe in 2020: Big Data, Bigger Digital Shadows, and Biggest Growth in the Far East , 2012 .

[17]  Athanasios V. Vasilakos,et al.  Cloud data integrity checking with an identity-based auditing mechanism from RSA , 2016, Future Gener. Comput. Syst..

[18]  Jayaprakash Kar,et al.  Certificateless Public Key Cryptography: A Research Survey , 2016 .

[19]  Josep Domingo-Ferrer,et al.  Efficient Remote Data Possession Checking in Critical Information Infrastructures , 2008, IEEE Transactions on Knowledge and Data Engineering.

[20]  William Yurcik,et al.  The evolution of storage service providers: techniques and challenges to outsourcing storage , 2005, StorageSS '05.

[21]  M. Mrinalni Vaknishadh,et al.  Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing , 2012 .

[22]  Jianhong Zhang,et al.  Efficient ID-based public auditing for the outsourced data in cloud storage , 2016, Inf. Sci..

[23]  Kim-Kwang Raymond Choo,et al.  Cloud Storage Forensics , 2013, Contemporary Digital Forensic Investigations of Cloud and Mobile Applications.

[24]  Michael Scott,et al.  Implementing Cryptographic Pairings on Smartcards , 2006, CHES.

[25]  Xingming Sun,et al.  Enabling Semantic Search Based on Conceptual Graphs over Encrypted Outsourced Data , 2019, IEEE Transactions on Services Computing.

[26]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[27]  Zhihua Xia,et al.  A Privacy-Preserving and Copy-Deterrence Content-Based Image Retrieval Scheme in Cloud Computing , 2016, IEEE Transactions on Information Forensics and Security.

[28]  Gail-Joon Ahn,et al.  Cooperative Provable Data Possession for Integrity Verification in Multicloud Storage , 2012, IEEE Transactions on Parallel and Distributed Systems.

[29]  Roberto Di Pietro,et al.  Scalable and efficient provable data possession , 2008, IACR Cryptol. ePrint Arch..

[30]  Athanasios V. Vasilakos,et al.  Revocable Identity-Based Access Control for Big Data with Verifiable Outsourced Computing , 2017, IEEE Transactions on Big Data.

[31]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[32]  Yuh-Min Tseng,et al.  An efficient user authentication and key exchange protocol for mobile client-server environment , 2010, Comput. Networks.

[33]  Sherali Zeadally,et al.  Certificateless Public Auditing Scheme for Cloud-Assisted Wireless Body Area Networks , 2018, IEEE Systems Journal.

[34]  Kim-Kwang Raymond Choo,et al.  framework for digital forensic evidence : Storage , intelligence , review and archive , 2014 .

[35]  Yi Mu,et al.  Provably Secure Identity Based Provable Data Possession , 2015, ProvSec.

[36]  Kim-Kwang Raymond Choo,et al.  Fuzzy Identity-Based Data Integrity Auditing for Reliable Cloud Storage Systems , 2019, IEEE Transactions on Dependable and Secure Computing.

[37]  Fenghua Li,et al.  Certificateless public auditing for data integrity in the cloud , 2013, 2013 IEEE Conference on Communications and Network Security (CNS).

[38]  Xiaodong Liu,et al.  A speculative approach to spatial-temporal efficiency with multi-objective optimization in a heterogeneous cloud environment , 2016, Secur. Commun. Networks.