Survey and a New Taxonomy of Proofs of Retrievability on the Cloud Storage

Proof of Retrievability (PoR) is a technique used to ensure the authenticity of data on outsourced storage services. It improves the soundness and the robustness of the data integrity scheme and allows clients to recover the remote data. Under the circumstance of considering untrusted parties including the Cloud Storage Provider (CSP) and Third Party Authenticator (TPA), incorporating PoR and zero-knowledge Proofs, which is another technique used to allow a prover to convince a verifier that a secret exists without revealing the secret itself, will ensure client integrity verification, strengthen privacy, and improve fairness to both sides. In this paper, we present, on one hand, the state-of-the-art of PoR under zero-knowledge constructs following an existing data integrity scheme taxonomy of cloud storage. We analyze the PoR scheme formalism and its similarities with zero-knowledge concepts, in addition to the techniques used to settle robustness and zero-knowledge proofs methods. On the other hand, we propose our improved taxonomy of proofs of retrievability enriched by the zero-knowledge, the cryptography model, and the cryptographic setup. The proposed taxonomy equips researchers with a tool to think about the PoR scheme from those perspectives. In the end, we state some fruitful lines of works that PoR can take advantage of; i.e Bulletproofs, Interactive Oracle Proofs, and Interactive Oracle Proofs of Proximity For Reed-Solomon.

[1]  Gail-Joon Ahn,et al.  Zero-knowledge proofs of retrievability , 2011, Science China Information Sciences.

[2]  Yan Yu,et al.  IPOR: An efficient IDA-based proof of retrievability scheme for cloud storage systems , 2017, 2017 IEEE International Conference on Communications (ICC).

[3]  Yuto Lim,et al.  A survey on Proof of Retrievability for cloud data integrity and availability: Cloud storage state-of-the-art, issues, solutions and future trends , 2018, J. Netw. Comput. Appl..

[4]  Xiaolei Dong,et al.  Security and privacy for storage and computation in cloud computing , 2014, Inf. Sci..

[5]  Ari Juels,et al.  HAIL: a high-availability and integrity layer for cloud storage , 2009, CCS.

[6]  Karen A. Scarfone,et al.  Trusted Cloud: Security Practice Guide for VMware Hybrid Cloud Infrastructure as a Service (IaaS) Environments , 2018 .

[7]  F. Moore,et al.  Polynomial Codes Over Certain Finite Fields , 2017 .

[8]  Ari Juels,et al.  Proofs of retrievability: theory and implementation , 2009, CCSW '09.

[9]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[10]  David Cash,et al.  Dynamic Proofs of Retrievability Via Oblivious RAM , 2013, Journal of Cryptology.

[11]  Silvio Micali,et al.  Computationally Sound Proofs , 2000, SIAM J. Comput..

[12]  Shouhuai Xu,et al.  Fair and dynamic proofs of retrievability , 2011, CODASPY '11.

[13]  P. Maymounkov Online codes , 2002 .

[14]  Anmin Fu,et al.  DIPOR: An IDA-based dynamic proof of retrievability scheme for cloud storage systems , 2018, J. Netw. Comput. Appl..

[15]  Reza Curtmola,et al.  Remote data checking for network coding-based distributed storage systems , 2010, CCSW '10.

[16]  I. Reed,et al.  Polynomial Codes Over Certain Finite Fields , 1960 .

[17]  Pengcheng Zhou,et al.  Zero knowledge Proofs for Cloud Storage Integrity Checking , 2019, 2020 39th Chinese Control Conference (CCC).

[18]  Manuel Blum,et al.  Checking the correctness of memories , 2005, Algorithmica.

[19]  Ghassan O. Karame,et al.  Mirror: Enabling Proofs of Data Replication and Retrievability in the Cloud , 2016, USENIX Security Symposium.

[20]  Mihir Bellare,et al.  On Defining Proofs of Knowledge , 1992, CRYPTO.

[21]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[22]  Frederik Armknecht,et al.  Cloud Storage File Recoverability , 2017, IACR Cryptol. ePrint Arch..

[23]  Luis Javier García Villalba,et al.  Hy-SAIL: Hyper-Scalability, Availability and Integrity Layer for Cloud Storage Systems , 2019, IEEE Access.

[24]  Ivan Damgård,et al.  Generic Lower Bounds for Root Extraction and Signature Schemes in General Groups , 2002, EUROCRYPT.

[25]  Ejaz Ahmed,et al.  A review on remote data auditing in single cloud server: Taxonomy and open issues , 2014, J. Netw. Comput. Appl..

[26]  Eli Ben-Sasson,et al.  Interactive Oracle Proofs , 2016, TCC.

[27]  Bo Yang,et al.  An alternative approach to public cloud data auditing supporting data dynamics , 2018, Soft Computing.

[28]  Su-Juan Qin,et al.  Improved Proofs Of Retrievability And Replication For Data Availability In Cloud Storage , 2020, Comput. J..

[29]  Dan Boneh,et al.  Bulletproofs: Short Proofs for Confidential Transactions and More , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[30]  Eli Ben-Sasson,et al.  Fast Reed-Solomon Interactive Oracle Proofs of Proximity , 2017, Electron. Colloquium Comput. Complex..

[31]  Hovav Shacham,et al.  Compact Proofs of Retrievability , 2008, Journal of Cryptology.

[32]  Leonid A. Levin,et al.  Checking computations in polylogarithmic time , 1991, STOC '91.

[33]  Shucheng Yu,et al.  PCPOR: Public and constant-cost proofs of retrievability in cloud , 2015, J. Comput. Secur..

[34]  Miroslaw Kutylowski,et al.  Proof of Possession for Cloud Storage via Lagrangian Interpolation Techniques , 2012, NSS.

[35]  Cong Wang,et al.  Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing , 2009, ESORICS.

[36]  Qian Wang,et al.  Dynamic Proofs of Retrievability for Coded Cloud Storage Systems , 2018, IEEE Transactions on Services Computing.

[37]  AlamMasoom,et al.  A survey of cloud computing data integrity schemes , 2017 .

[38]  C. P. Schnorr,et al.  Efficient Identification and Signatures for Smart Cards (Abstract) , 1989, EUROCRYPT.

[39]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[40]  Dwaine E. Clarke,et al.  Towards constant bandwidth overhead integrity checking of untrusted data , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[41]  R Aparna,et al.  Survey on Data Integrity and Verification for Cloud Storage , 2020, 2020 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT).

[42]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[43]  Azman Osman Lim,et al.  SW-POR: A Novel POR Scheme Using Slepian-Wolf Coding for Cloud Storage , 2014, 2014 IEEE 11th Intl Conf on Ubiquitous Intelligence and Computing and 2014 IEEE 11th Intl Conf on Autonomic and Trusted Computing and 2014 IEEE 14th Intl Conf on Scalable Computing and Communications and Its Associated Workshops.

[44]  Wee Keong Ng,et al.  Blockchain-Based System for Secure Data Storage with Private Keyword Search , 2017, 2017 IEEE World Congress on Services (SERVICES).

[45]  Douglas R. Stinson,et al.  Multi-prover proof of retrievability , 2016, IACR Cryptol. ePrint Arch..

[46]  Yuto Lim,et al.  Partial binary encoding for Slepian-Wolf Based Proof of Retrievability , 2017, 2017 IEEE 15th Student Conference on Research and Development (SCOReD).

[47]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[48]  Reza Curtmola,et al.  Robust dynamic remote data checking for public clouds , 2012, CCS.