A Secure and Efficient Data Integrity Verification Scheme for Cloud-IoT Based on Short Signature

The Internet of Things (IoT) is also known as the Internet of everything. As an important part of the new generation of intelligent information technology, the IoT has attracted the attention both of researchers and engineers all over the world. Considering the limited capacity of smart products, the IoT mainly uses cloud computing to expand computing and storage resources. The massive data collected by the sensor are stored in the cloud storage server, also the cloud vulnerability will directly threaten the security and reliability of the IoT. In order to ensure data integrity and availability in the cloud and IoT storage system, users need to verify the integrity of remote data. However, the existing remote data integrity verification schemes are mostly based on the RSA and BLS signature mechanisms. The RSA-based scheme has too much computational overhead. The BLS signature-based scheme needs to adopt a specific hash function, and the batch signature efficiency in the big data environment is low. Therefore, for the computational overhead and signature efficiency issues of these two signature mechanisms, we propose a scheme of data integrity verification based on a short signature algorithm (ZSS signature), which supports privacy protection and public auditing by introducing a trusted third party (TPA). The computational overhead is effectively reduced by reducing hash function overhead in the signature process. Under the assumption of CDH difficult problem, it can resist adaptive chosen-message attacks. The analysis shows that the scheme has a higher efficiency and safety.

[1]  Kim-Kwang Raymond Choo,et al.  A secure and efficient public auditing scheme using RSA algorithm for cloud storage , 2017, The Journal of Supercomputing.

[2]  Jian Shen,et al.  User Collusion Avoidance CP-ABE With Efficient Attribute Revocation for Cloud Storage , 2018, IEEE Systems Journal.

[3]  Mary Baker,et al.  Privacy-Preserving Audit and Extraction of Digital Contents , 2008, IACR Cryptol. ePrint Arch..

[4]  B. B. Gupta,et al.  Security in Internet of Things: issues, challenges, taxonomy, and architecture , 2017, Telecommunication Systems.

[5]  Athanasios V. Vasilakos,et al.  Cloud data integrity checking with an identity-based auditing mechanism from RSA , 2016, Future Gener. Comput. Syst..

[6]  Chen Yuan,et al.  On the security of two identity-based signature schemes based on pairings , 2016, Inf. Process. Lett..

[7]  Arun Katara,et al.  A New Technique of Data Integrity for Analysis of the Cloud Computing Security , 2013, 2013 5th International Conference on Computational Intelligence and Communication Networks.

[8]  Sherali Zeadally,et al.  Certificateless Provable Data Possession Scheme for Cloud-Based Smart Grid Data Management Systems , 2018, IEEE Transactions on Industrial Informatics.

[9]  M. Kasahara,et al.  A New Traitor Tracing , 2002, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[10]  Annamalai Rajendran,et al.  Integrity verification using Identity based Provable Data Possession in multi storage cloud , 2017, 2017 International Conference on Computational Intelligence in Data Science(ICCIDS).

[11]  Eui-Nam Huh,et al.  Cloud of Things: Integrating Internet of Things and cloud computing and the issues involved , 2014, Proceedings of 2014 11th International Bhurban Conference on Applied Sciences & Technology (IBCAST) Islamabad, Pakistan, 14th - 18th January, 2014.

[12]  Jinjun Chen,et al.  External integrity verification for outsourced big data in cloud and IoT: A big picture , 2015, Future Gener. Comput. Syst..

[13]  Kostas E. Psannis,et al.  Secure integration of IoT and Cloud Computing , 2018, Future Gener. Comput. Syst..

[14]  M. Mrinalni Vaknishadh,et al.  Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing , 2012 .

[15]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[16]  Wang Dongsheng,et al.  Enable data dynamics for algebraic signatures based remote data possession checking in the cloud storage , 2014, China Communications.

[17]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[18]  Preeti Kulshrestha,et al.  A New Secret Handshakes Scheme with Dynamic Matching Based on ZSS , 2015 .

[19]  Giovanni Schmid,et al.  Identity-based secure group communications using pairings , 2015, Comput. Networks.

[20]  Jian Xu,et al.  Privacy-preserving data integrity verification by using lightweight streaming authenticated data structures for healthcare cyber-physical system , 2020, Future Gener. Comput. Syst..

[21]  Reihaneh Safavi-Naini,et al.  An Efficient Signature Scheme from Bilinear Pairings and Its Applications , 2004, Public Key Cryptography.

[22]  Jia-Lun Tsai,et al.  A Privacy-Aware Authentication Scheme for Distributed Mobile Cloud Computing Services , 2015, IEEE Systems Journal.

[23]  M. R. Sumalatha,et al.  Improving public auditability, data possession in data storage security for cloud computing , 2012, 2012 International Conference on Recent Trends in Information Technology.

[24]  Gabriel Neagu,et al.  A Cloud-IoT based sensing service for health monitoring , 2017, 2017 E-Health and Bioengineering Conference (EHB).

[25]  Cong Wang,et al.  Dynamic Data Operations with Deduplication in Privacy-Preserving Public Auditing for Secure Cloud Storage , 2017, 22017 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC).

[26]  Tan Shuan,et al.  Research and Development of Provable Data Integrity in Cloud Storage , 2015 .

[27]  In Lee,et al.  The Internet of Things (IoT): Applications, investments, and challenges for enterprises , 2015 .

[28]  Liming Zhu,et al.  Blockchain Based Data Integrity Service Framework for IoT Data , 2017, 2017 IEEE International Conference on Web Services (ICWS).

[29]  Lanxiang Chen,et al.  Using algebraic signatures to check data possession in cloud storage , 2013, Future Gener. Comput. Syst..

[30]  Ming Xu,et al.  Cryptanalysis of Remote Data Integrity Checking Protocol Proposed by L. Chen for Cloud Storage , 2014, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[31]  Athanasios V. Vasilakos,et al.  IoT-Based Big Data Storage Systems in Cloud Computing: Perspectives and Challenges , 2017, IEEE Internet of Things Journal.

[32]  Jinjun Chen,et al.  MuR-DPA: Top-Down Levelled Multi-Replica Merkle Hash Tree Based Secure Public Auditing for Dynamic Big Data Storage on Cloud , 2015, IEEE Transactions on Computers.