Towards Practical Auditing of Dynamic Data in Decentralized Storage

Decentralized storage (DS) projects such as Filecoin are gaining traction. Their openness mandates effective auditing mechanisms to assure users that their data remains intact. A blockchain is typically employed here as an unbiased public auditor. While the case for static data is relatively easy to handle, on-chain auditing of dynamic data with practical performance guarantees is still an open problem. Dynamic Proof-of-Storage (PoS) schemes developed for conventional cloud storage are not applicable to DS, since they require large storage proofs and/or large auditor states that are unmanageable by a resource-constrained blockchain. To fill the gap, we propose a family of dynamic on-chain auditing protocols that can produce concretely small auditor states while retaining the compact proofs promised by static PoS schemes. Our design revolves around a set of succinct data structures and optimization techniques for index information management. With proper instantiation and realistic parameters, our protocols can achieve 0.25MB on-chain state and 1.2KB storage proof for the auditing of 1TB data, outperforming previous dynamic PoS schemes that are adaptable for DS by orders of magnitude. As another practical contribution, we introduce a data abstraction layer that allows one to deploy the auditing protocols on arbitrary storage systems hosting dynamic data.

[1]  Wei Guo,et al.  Dynamic Proof of Data Possession and Replication With Tree Sharing and Batch Verification in the Cloud , 2022, IEEE Transactions on Services Computing.

[2]  Man Ho Au,et al.  Enabling Secure and Efficient Decentralized Storage Auditing With Blockchain , 2021, IEEE Transactions on Dependable and Secure Computing.

[3]  D. Wong,et al.  Lightweight and Privacy-Preserving Delegatable Proofs of Storage with Data Dynamics in Cloud Storage , 2021, IEEE Transactions on Cloud Computing.

[4]  Dario Fiore,et al.  Incrementally Aggregatable Vector Commitments and Applications to Verifiable Decentralized Storage , 2020, ASIACRYPT.

[5]  Jean-Guillaume Dumas,et al.  Dynamic proofs of retrievability with low server storage , 2020, USENIX Security Symposium.

[6]  Man Ho Au,et al.  Towards Privacy-assured and Lightweight On-chain Auditing of Decentralized Storage , 2020, 2020 IEEE 40th International Conference on Distributed Computing Systems (ICDCS).

[7]  David Mohaisen,et al.  Exploring the Attack Surface of Blockchain: A Comprehensive Survey , 2020, IEEE Communications Surveys & Tutorials.

[8]  Mohammad Etemad,et al.  Generic Dynamic Data Outsourcing Framework for Integrity Verification , 2020, ACM Comput. Surv..

[9]  P. Lee,et al.  Coupling Decentralized Key-Value Stores with Erasure Coding , 2019, SoCC.

[10]  Ian Miers,et al.  PIEs: Public Incompressible Encodings for Decentralized Storage , 2019, IACR Cryptol. ePrint Arch..

[11]  Angelo Massimo Perillo,et al.  Audita: A Blockchain-based Auditing Framework for Off-chain Storage , 2019, IACR Cryptol. ePrint Arch..

[12]  Abutalib Aghayev,et al.  File systems unfit as distributed storage backends: lessons from 10 years of Ceph evolution , 2019, SOSP.

[13]  Dan Boneh,et al.  Batching Techniques for Accumulators with Applications to IOPs and Stateless Blockchains , 2019, IACR Cryptol. ePrint Arch..

[14]  Hong Jiang,et al.  Dynamic and Public Auditing with Fair Arbitration for Cloud Data , 2018, IEEE Transactions on Cloud Computing.

[15]  Jin Liu,et al.  Dynamic-Hash-Table Based Public Auditing for Secure Cloud Storage , 2017, IEEE Transactions on Services Computing.

[16]  Michael J. Fischer,et al.  Scalable Bias-Resistant Distributed Randomness , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[17]  Jian Shen,et al.  An Efficient Public Auditing Protocol With Novel Dynamic Structure for Cloud Data , 2017, IEEE Transactions on Information Forensics and Security.

[18]  Frank Kargl,et al.  KopperCoin - A Distributed File Storage with Financial Incentives , 2016, ISPEC.

[19]  Charalampos Papamanthou,et al.  Authenticated Hash Tables Based on Cryptographic Accumulators , 2016, Algorithmica.

[20]  Eli Ben-Sasson,et al.  Succinct Non-Interactive Zero Knowledge for a von Neumann Architecture , 2014, USENIX Security Symposium.

[21]  M. Anwar Hasan,et al.  Enabling Dynamic Data and Indirect Mutual Trust for Cloud Computing Storage Systems , 2013, IEEE Transactions on Parallel and Distributed Systems.

[22]  Elaine Shi,et al.  Practical dynamic proofs of retrievability , 2013, CCS.

[23]  Xiaohua Jia,et al.  An Efficient and Secure Dynamic Auditing Protocol for Data Storage in Cloud Computing , 2013, IEEE Transactions on Parallel and Distributed Systems.

[24]  Mihir Bellare,et al.  DupLESS: Server-Aided Encryption for Deduplicated Storage , 2013, USENIX Security Symposium.

[25]  David Cash,et al.  Dynamic Proofs of Retrievability Via Oblivious RAM , 2013, Journal of Cryptology.

[26]  Shucheng Yu,et al.  Proofs of retrievability with public verifiability and constant communication cost in cloud , 2013, Cloud Computing '13.

[27]  Stephen S. Yau,et al.  Dynamic Audit Services for Outsourced Storages in Clouds , 2013, IEEE Transactions on Services Computing.

[28]  Marten van Dijk,et al.  Iris: a scalable cloud file system with efficient integrity checks , 2012, ACSAC '12.

[29]  Nir Bitansky,et al.  From extractable collision resistance to succinct non-interactive arguments of knowledge, and back again , 2012, ITCS '12.

[30]  Nenghai Yu,et al.  A Privacy-Preserving Remote Data Integrity Checking Protocol with Data Dynamics and Public Verifiability , 2011, IEEE Transactions on Knowledge and Data Engineering.

[31]  Ian Goldberg,et al.  Constant-Size Commitments to Polynomials and Their Applications , 2010, ASIACRYPT.

[32]  Jonathan Katz,et al.  Proofs of Storage from Homomorphic Identification Protocols , 2009, ASIACRYPT.

[33]  Roberto Tamassia,et al.  Dynamic provable data possession , 2009, IACR Cryptol. ePrint Arch..

[34]  Hovav Shacham,et al.  Compact Proofs of Retrievability , 2008, Journal of Cryptology.

[35]  Roberto Di Pietro,et al.  Scalable and efficient provable data possession , 2008, IACR Cryptol. ePrint Arch..

[36]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[37]  Hovav Shacham,et al.  Aggregate and Verifiably Encrypted Signatures from Bilinear Maps , 2003, EUROCRYPT.

[38]  Rafail Ostrovsky,et al.  Software protection and simulation on oblivious RAMs , 1996, JACM.

[39]  Ralph C. Merkle,et al.  A Digital Signature Based on a Conventional Encryption Function , 1987, CRYPTO.

[40]  Erez Zadok,et al.  Filebench: A Flexible Framework for File System Benchmarking , 2016, login Usenix Mag..

[41]  Daniel Davis Wood ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[42]  Sherman S. M. Chow,et al.  Privacy-Preserving Public Auditing for Secure Cloud Storage , 2014 .

[43]  Cong Wang,et al.  Toward Secure and Dependable Storage Services in Cloud Computing , 2012, IEEE Transactions on Services Computing.