Bidirectional data verification for cloud storage

This paper presents a storage enforcing remote verification scheme, PGV (Pretty Good Verification) as a bidirectional data integrity checking mechanism for cloud storage. At its core, PGV relies on the well-known polynomial hash; we show that the polynomial hash provably possesses the storage enforcement property and is also efficient in terms of performance. In addition to the traditional application of a client verifying the storage content at a remote server, PGV can also be applied to de-duplication scenarios where the server wants to verify whether the client possesses a significant amount of information about a file (and not just a partial knowledge/fingerprint of the file) before granting access to an existing file.While existing schemes are often developed to handle a malicious adversarial model, we argue that such a model is often too strong of an assumption, resulting in over-engineered, resource-intensive mechanisms. Instead, the storage enforcement property of PGV aims at removing a practical incentive for a storage server to cheat in order to save on storage space in a covert adversarial model.We theoretically prove the power of PGV by combining Kolmogorov complexity and list decoding and experimentally show the simplicity and low overhead of PGV by comparing it with existing schemes. Altogether, PGV provides a good, practical way to perform storage enforcing remote verification.

[1]  Yehuda Lindell,et al.  Security Against Covert Adversaries: Efficient Protocols for Realistic Adversaries , 2007, Journal of Cryptology.

[2]  Ming Li,et al.  An Introduction to Kolmogorov Complexity and Its Applications , 2019, Texts in Computer Science.

[3]  Ari Juels,et al.  HAIL: a high-availability and integrity layer for cloud storage , 2009, CCS.

[4]  Stanislaw Jarecki,et al.  Cryptographic Primitives Enforcing Communication and Storage Complexity , 2002, Financial Cryptography.

[5]  Reza Curtmola,et al.  MR-PDP: Multiple-Replica Provable Data Possession , 2008, 2008 The 28th International Conference on Distributed Computing Systems.

[6]  Thomas Johansson,et al.  On Families of Hash Functions via Geometric Codes and Concatenation , 1993, CRYPTO.

[7]  Yevgeniy Dodis,et al.  Proofs of Retrievability via Hardness Amplification , 2009, IACR Cryptol. ePrint Arch..

[8]  Ran Canetti,et al.  Security and composition of cryptographic protocols: a tutorial (part I) , 2006, SIGA.

[9]  Ari Juels,et al.  New approaches to security and availability for cloud data , 2013, CACM.

[10]  Shouhuai Xu,et al.  Secure and efficient proof of storage with deduplication , 2012, CODASPY '12.

[11]  W. G. Horner,et al.  A new method of solving numerical equations of all orders, by continuous approximation , 1815 .

[12]  CanettiRan Security and composition of cryptographic protocols , 2006 .

[13]  Roberto Di Pietro,et al.  Scalable and efficient provable data possession , 2008, IACR Cryptol. ePrint Arch..

[14]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[15]  Ethan L. Miller,et al.  Store, Forget, and Check: Using Algebraic Signatures to Check Remotely Administered Storage , 2006, 26th IEEE International Conference on Distributed Computing Systems (ICDCS'06).

[16]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[17]  Cong Wang,et al.  Security Challenges for the Public Cloud , 2012, IEEE Internet Computing.

[18]  Sergey Yekhanin,et al.  Locally Decodable Codes and Private Information Retrieval Schemes , 2010, Information Security and Cryptography.

[19]  Hovav Shacham,et al.  Compact Proofs of Retrievability , 2008, ASIACRYPT.

[20]  Benny Pinkas,et al.  Proofs of ownership in remote storage systems , 2011, CCS '11.

[21]  Cong Wang,et al.  Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing , 2009, ESORICS.

[22]  Miriam Allalouf,et al.  Storage modeling for power estimation , 2009, SYSTOR '09.

[23]  Rusins Freivalds,et al.  Probabilistic Machines Can Use Less Running Time , 1977, IFIP Congress.

[24]  A. Kolmogorov Three approaches to the quantitative definition of information , 1968 .

[25]  Ari Juels,et al.  Proofs of retrievability: theory and implementation , 2009, CCSW '09.

[26]  Venkatesan Guruswami,et al.  List Decoding of Error-Correcting Codes (Winning Thesis of the 2002 ACM Doctoral Dissertation Competition) , 2005, Lecture Notes in Computer Science.

[27]  Cong Wang,et al.  Ensuring data storage security in Cloud Computing , 2009, 2009 17th International Workshop on Quality of Service.