Efficient and Privacy Preserving Third Party Auditing for a Distributed Storage System

When using distributed storage systems to outsource data storage into the cloud, it is often vital that this is done in a privacy preserving way, i.e., without the storage servers learning anything about the stored data. Especially when storing critical data, one often further requires efficient means to check whether the data is actually stored correctly on these servers. In the best case, such an auditing could itself be outsourced to a third party which does not need to be trusted by the data owner. That is, also the auditing mechanism should guarantee privacy, even if the auditor collaborates with a (sub) set of the storage servers. However, so far only a small number of privacy preserving third party auditing mechanisms has been presented for single server storage solutions, and no such protocols exist at all for a distributed storage setting. In this paper, we therefore define and instantiate a privacy preserving auditable distributed storage system. Our instantiation can be based on any homomorphic secret sharing scheme, and is fully keyless, efficient, and information-theoretically private. Furthermore, it supports batch audits, and is backward compatible with existing secret sharing based storage solutions.

[1]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[2]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[3]  Douglas R. Stinson,et al.  Unconditionally secure social secret sharing scheme , 2010, IET Inf. Secur..

[4]  Stephan Krenn,et al.  Efficient Zero-Knowledge Proofs for Commitments from Learning with Errors over Rings , 2015, ESORICS.

[5]  Athina Markopoulou,et al.  NC-Audit: Auditing for network coding storage , 2012, 2012 International Symposium on Network Coding (NetCod).

[6]  Florian Kerschbaum,et al.  Symmetric-Key Based Proofs of Retrievability Supporting Public Verification , 2015, ESORICS.

[7]  Cong Wang,et al.  Ensuring data storage security in Cloud Computing , 2009, 2009 17th International Workshop on Quality of Service.

[8]  Baruch Awerbuch,et al.  Verifiable secret sharing and achieving simultaneity in the presence of faults , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[9]  Ethan L. Miller,et al.  Store, Forget, and Check: Using Algebraic Signatures to Check Remotely Administered Storage , 2006, 26th IEEE International Conference on Distributed Computing Systems (ICDCS'06).

[10]  Avi Wigderson,et al.  Multi-prover interactive proofs: how to remove intractability assumptions , 2019, STOC '88.

[11]  Daniel Slamanig,et al.  ARCHISTAR: Towards Secure and Robust Cloud Based Data Sharing , 2015, 2015 IEEE 7th International Conference on Cloud Computing Technology and Science (CloudCom).

[12]  Thomas Plantard,et al.  Efficient Dynamic Provable Data Possession with Public Verifiability and Data Privacy , 2015, ACISP.

[13]  I. Damgård,et al.  The protocols. , 1989, The New Zealand nursing journal. Kai tiaki.

[14]  Ari Juels,et al.  HAIL: a high-availability and integrity layer for cloud storage , 2009, CCS.

[15]  David Cash,et al.  Dynamic Proofs of Retrievability Via Oblivious RAM , 2013, Journal of Cryptology.

[16]  Mary Baker,et al.  Auditing to Keep Online Storage Services Honest , 2007, HotOS.

[17]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[18]  Thomas Plantard,et al.  Improvements on Efficient Dynamic Provable Data Possession scheme with Public Verifiability and Data Privacy , 2015, IACR Cryptol. ePrint Arch..

[19]  Hovav Shacham,et al.  Compact Proofs of Retrievability , 2008, Journal of Cryptology.

[20]  Moti Yung,et al.  Robust efficient distributed RSA-key generation , 1998, STOC '98.

[21]  Hugo Krawczyk,et al.  Secret Sharing Made Short , 1994, CRYPTO.

[22]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[23]  Nesrine Kaaniche,et al.  SHoPS: Set Homomorphic Proof of Data Possession Scheme in Cloud Storage Applications , 2015, 2015 IEEE World Congress on Services.

[24]  Mihir Bellare,et al.  On Defining Proofs of Knowledge , 1992, CRYPTO.

[25]  Reza Curtmola,et al.  MR-PDP: Multiple-Replica Provable Data Possession , 2008, 2008 The 28th International Conference on Distributed Computing Systems.

[26]  Paul Feldman,et al.  A practical scheme for non-interactive verifiable secret sharing , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[27]  Elaine Shi,et al.  Practical dynamic proofs of retrievability , 2013, CCS.