TIMER: Secure and Reliable Cloud Storage against Data Re-outsourcing

The semi-trusted servers in cloud environment may outsource the files of their clients to some low expensive servers to increase their profit. To some extent, such behavior may violate the wishes of cloud users and impair their legitimate rights and interests. In this paper, a probabilistic challenge-response scheme is proposed to prove that the clients' files are available and stored in a specified cloud server. In order to resist the collusion of cloud servers, common cloud infrastructure with some reasonable limits, such as rational economic security model, semi-collusion security model and response time bound, are exploited. These limits guarantee that a malicious cloud server could not conduct a t-round communication in a finite time. We analyze the security and performance of the proposed scheme and demonstrate that our scheme provides strong incentives for economically rational cloud providers against re-outsourcing the clients' data to some other cloud providers.

[1]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[2]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[3]  Jean-Sébastien Coron,et al.  On the Exact Security of Full Domain Hash , 2000, CRYPTO.

[4]  Kwangjo Kim,et al.  Efficient ID-Based Blind Signature and Proxy Signature from Bilinear Pairings , 2003, ACISP.

[5]  Jean-Jacques Quisquater,et al.  Remote Integrity Checking - How to Trust Files Stored on Untrusted Servers , 2003, IICIS.

[6]  Sushil Jajodia,et al.  Integrity and internal control on information systems VI : IFIP TC11/WG11.5 Sixth Working Conference on Integrity and Internal Control in Information Systems (IICIS), 13-14 November 2003, Lausanne, Switzerland , 2004 .

[7]  Abe Masayuki,et al.  An efficiently-verifiable zero-knowledge argument for proofs of knowledge , 2005 .

[8]  Ethan L. Miller,et al.  Store, Forget, and Check: Using Algebraic Signatures to Check Remotely Administered Storage , 2006, 26th IEEE International Conference on Distributed Computing Systems (ICDCS'06).

[9]  Paulo S. L. M. Barreto,et al.  Demonstrating data possession and uncheatable data transfer , 2006, IACR Cryptol. ePrint Arch..

[10]  Srdjan Capkun,et al.  Secure Localization with Hidden and Mobile Base Stations , 2006, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.

[11]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[12]  Emin Gün Sirer,et al.  Octant: A Comprehensive Framework for the Geolocalization of Internet Hosts , 2007, NSDI.

[13]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[14]  Charalampos Papamanthou,et al.  Dynamic provable data possession , 2009, IACR Cryptology ePrint Archive.

[15]  Roberto Di Pietro,et al.  Scalable and efficient provable data possession , 2008, IACR Cryptol. ePrint Arch..

[16]  Hovav Shacham,et al.  Compact Proofs of Retrievability , 2008, ASIACRYPT.

[17]  Yevgeniy Dodis,et al.  Proofs of Retrievability via Hardness Amplification , 2009, IACR Cryptol. ePrint Arch..

[18]  Michal Kaczmarczyk,et al.  HYDRAstor: A Scalable Secondary Storage , 2009, FAST.

[19]  Sándor Laki,et al.  A detailed path-latency model for router geolocation , 2009, 2009 5th International Conference on Testbeds and Research Infrastructures for the Development of Networks & Communities and Workshops.

[20]  Cezary Dubnicki,et al.  HydraFS: A High-Throughput File System for the HYDRAstor Content-Addressable Storage System , 2010, FAST.

[21]  Benny Pinkas,et al.  Side Channels in Cloud Services: Deduplication in Cloud Storage , 2010, IEEE Security & Privacy.

[22]  Benny Pinkas,et al.  Proofs of ownership in remote storage systems , 2011, CCS '11.

[23]  Ronald L. Rivest,et al.  How to tell if your cloud files are vulnerable to drive crashes , 2011, CCS '11.

[24]  Jin Li,et al.  Efficient Fair Conditional Payments for Outsourcing Computations , 2012, IEEE Transactions on Information Forensics and Security.

[25]  Jianfeng Ma,et al.  New Algorithms for Secure Outsourcing of Modular Exponentiations , 2014, IEEE Trans. Parallel Distributed Syst..