An Adaptive Authenticated Data Structure With Privacy-Preserving for Big Data Stream in Cloud

With the rapid development of 5G network, big data and IoT, data in many environments is often continuously and dynamically generated with high growth rates, just like stream. Thus, we call it big data stream, which plays an increasingly important role in all walks of life. However, how to verify its authenticity becomes a challenge when this big data stream in an untrusted environment such as cloud platform, for it faces the problems just like delay-sensitive, unpredictable data size and privacy leaks caused by third-party audits. To solve these problems, we propose a new authenticate data structure named privacy-preserving adaptive trapdoor hash authentication tree (P-ATHAT) by introducing trapdoor hash and BLS signature to the Merkle hash tree. The P-ATHAT scheme realizes real-time verification of data stream and can dynamically expand its structure as the data stream arrives. These characteristics not only shorten the authentication path but also solve the single point failure problem of the conventional authentication trees and enhance the robustness of the scheme. Moreover, we construct a homomorphic verification scheme above tree structure to solve the privacy leakage problem in third-party audit. Finally, security analysis and detailed experimental evaluation are performed on the proposed scheme, both results demonstrate that it is desirable for big data stream authentication and privacy-preserving in practical application.

[1]  Cong Wang,et al.  Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing , 2009, ESORICS.

[2]  Zoe L. Jiang,et al.  Privacy-Preserving Public Auditing for Secure Cloud Storage , 2013, IEEE Transactions on Computers.

[3]  Elaine Shi,et al.  Streaming Authenticated Data Structures , 2013, EUROCRYPT.

[4]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[5]  Jianfeng Wang,et al.  Efficient and Secure Storage for Outsourced Data: A Survey , 2016, Data Science and Engineering.

[6]  Mary Baker,et al.  Auditing to Keep Online Storage Services Honest , 2007, HotOS.

[7]  Jinjun Chen,et al.  Authorized Public Auditing of Dynamic Big Data Storage on Cloud with Efficient Verifiable Fine-Grained Updates , 2014, IEEE Transactions on Parallel and Distributed Systems.

[8]  Jeffrey S. Chase,et al.  Strong accountability for network storage , 2007, TOS.

[9]  Keke Gai,et al.  Privacy-Preserving Energy Trading Using Consortium Blockchain in Smart Grid , 2019, IEEE Transactions on Industrial Informatics.

[10]  Hugo Krawczyk,et al.  Chameleon Hashing and Signatures , 1998, IACR Cryptol. ePrint Arch..

[11]  Jianfeng Ma,et al.  Verifiable Computation over Large Database with Incremental Updates , 2014, IEEE Transactions on Computers.

[12]  Chia-Mu Yu POSTER: Lightweight Streaming Authenticated Data Structures , 2015, CCS.

[13]  Jian Xu,et al.  Dynamic authenticated data structures with access control for outsourcing data stream , 2017, IET Inf. Secur..

[14]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[15]  Cong Wang,et al.  Privacy-Preserving Public Auditing for Data Storage Security in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[16]  Mark Simkin,et al.  VeriStream - A Framework for Verifiable Data Streaming , 2015, Financial Cryptography.

[17]  Dominique Schröder,et al.  Verifiable data streaming , 2012, CCS.

[18]  Lei Zhou,et al.  Data integrity verification of the outsourced big data in the cloud environment: A survey , 2018, J. Netw. Comput. Appl..

[19]  Xi Chen,et al.  Streaming Authenticated Data Structures: Abstraction and Implementation , 2014, CCSW.

[20]  Keke Gai,et al.  Permissioned Blockchain and Edge Computing Empowered Privacy-Preserving Smart Grid Networks , 2019, IEEE Internet of Things Journal.

[21]  Jianfeng Ma,et al.  New efficient constructions of verifiable data streaming with accountability , 2019, Annals of Telecommunications.

[22]  Jian Shen,et al.  Towards achieving flexible and verifiable search for outsourced database in cloud computing , 2017, Future Gener. Comput. Syst..

[23]  Cong Wang,et al.  Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing , 2011, IEEE Transactions on Parallel and Distributed Systems.

[24]  Kee Sung Kim,et al.  Efficient verifiable data streaming , 2015, Secur. Commun. Networks.

[25]  Stephen S. Yau,et al.  Dynamic audit services for integrity verification of outsourced storages in clouds , 2011, SAC.

[26]  Shouhuai Xu,et al.  Efficient query integrity for outsourced dynamic databases , 2012, CCSW '12.

[27]  Roberto Tamassia,et al.  Authenticated Data Structures , 2003, ESA.

[28]  Michael Gertz,et al.  A General Model for Authenticated Data Structures , 2004, Algorithmica.

[29]  Yiannis Tsiounis,et al.  On the Security of ElGamal Based Encryption , 1998, Public Key Cryptography.

[30]  Xiaohua Jia,et al.  An Efficient and Secure Dynamic Auditing Protocol for Data Storage in Cloud Computing , 2013, IEEE Transactions on Parallel and Distributed Systems.

[31]  Yang Guo,et al.  A survey on peer-to-peer video streaming systems , 2008, Peer-to-Peer Netw. Appl..

[32]  Hung-Min Sun,et al.  A Study of User-Friendly Hash Comparison Schemes , 2009, 2009 Annual Computer Security Applications Conference.

[33]  David Chaum,et al.  Minimum Disclosure Proofs of Knowledge , 1988, J. Comput. Syst. Sci..

[34]  Hong Jiang,et al.  Full integrity and freshness for cloud data , 2018, Future Gener. Comput. Syst..

[35]  Nenghai Yu,et al.  A Privacy-Preserving Remote Data Integrity Checking Protocol with Data Dynamics and Public Verifiability , 2011, IEEE Transactions on Knowledge and Data Engineering.

[36]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[37]  Feifei Li,et al.  Proof-Infused Streams: Enabling Authentication of Sliding Window Queries On Streams , 2007, VLDB.

[38]  Daniele Micciancio,et al.  Generalized Compact Knapsacks Are Collision Resistant , 2006, ICALP.

[39]  Diana Berbecaru,et al.  On the Performance and Use of a Space-Efficient Merkle Tree Traversal Algorithm in Real-Time Applications for Wireless and Sensor Networks , 2008, 2008 IEEE International Conference on Wireless and Mobile Computing, Networking and Communications.

[40]  Jianfeng Ma,et al.  New Publicly Verifiable Databases with Efficient Updates , 2015, IEEE Transactions on Dependable and Secure Computing.

[41]  Giuseppe Di Battista,et al.  Authenticated Relational Tables and Authenticated Skip Lists , 2007, DBSec.

[42]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[43]  Yannan Li,et al.  Delegation of signing rights for emerging 5G networks , 2016, Concurr. Comput. Pract. Exp..

[44]  Rainer W. Gerling,et al.  WebTrust - A Comprehensive Authenticity and Integrity Framework for HTTP , 2014, ACNS.

[45]  Keke Gai,et al.  Privacy-Preserving Content-Oriented Wireless Communication in Internet-of-Things , 2018, IEEE Internet of Things Journal.