Securely Outsourcing Exponentiations with Single Untrusted Program for Cloud Storage

Provable Data Possession (PDP) allows a file owner to outsource her files to a storage server such that a verifier can check the integrity of the outsourced file. Public verifiable PDP schemes allow any one other than the file owner to be a verifier. At the client side (file owner or verifier), a substantial number of modular exponentiations is often required. In this paper we make PDP more practical via proposing a protocol to securely outsource the (most generic) variable-exponent variable-base exponentiations in one untrusted program model. Our protocol demonstrates advantages in efficiency or privacy over existing protocols coping with only special cases in two or single untrusted program model. We then apply our generic protocol to Shacham-Waters PDP and a variant of Yuan-Yu PDP. The analyses show that our protocol makes PDP much more efficient at the client side.

[1]  Ian Goldberg,et al.  Constant-Size Commitments to Polynomials and Their Applications , 2010, ASIACRYPT.

[2]  Igor E. Shparlinski,et al.  Cryptography and computational number theory , 2001 .

[3]  Reihaneh Safavi-Naini,et al.  Private Outsourcing of Polynomial Evaluation and Matrix Multiplication Using Multilinear Maps , 2013, CANS.

[4]  Sébastien Canard,et al.  Delegating a Pairing Can Be Both Secure and Efficient , 2014, ACNS.

[5]  Ming Li,et al.  Computing encrypted cloud data efficiently under multiple keys , 2013, 2013 IEEE Conference on Communications and Network Security (CNS).

[6]  Anna Lysyanskaya,et al.  How to Securely Outsource Cryptographic Computations , 2005, TCC.

[7]  Moti Yung,et al.  Computer Security – ESORICS 2012 , 2012, Lecture Notes in Computer Science.

[8]  D. Boneh,et al.  Short Signatures from the Weil Pairing , 2001, Journal of Cryptology.

[9]  Ming Li,et al.  Storing Shared Data on the Cloud via Security-Mediator , 2013, 2013 IEEE 33rd International Conference on Distributed Computing Systems.

[10]  Yevgeniy Vahlis,et al.  Verifiable Delegation of Computation over Large Datasets , 2011, IACR Cryptol. ePrint Arch..

[11]  Siu-Ming Yiu,et al.  Efficient Forward and Provably Secure ID-Based Signcryption Scheme with Public Verifiability and Public Ciphertext Authenticity , 2003, ICISC.

[12]  G. Edward Suh,et al.  Speeding up Exponentiation using an Untrusted Computational Resource , 2006, Des. Codes Cryptogr..

[13]  Xiao Liu,et al.  Who Is Touching My Cloud , 2014, ESORICS.

[14]  Sean W. Smith,et al.  Batch Pairing Delegation , 2007, IWSEC.

[15]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[16]  Markus Kasper,et al.  The World is Not Enough: Another Look on Second-Order DPA , 2010, IACR Cryptol. ePrint Arch..

[17]  Patrick Traynor,et al.  Secure outsourced garbled circuit evaluation for mobile devices , 2013, J. Comput. Secur..

[18]  Jin Li,et al.  Outsourcing computation of modular exponentiations in cloud computing , 2013, Cluster Computing.

[19]  Ramarathnam Venkatesan,et al.  Speeding up Discrete Log and Factoring Based Schemes via Precomputations , 1998, EUROCRYPT.

[20]  Jongin Lim,et al.  Information Security and Cryptology - ICISC 2003 , 2003, Lecture Notes in Computer Science.

[21]  Hovav Shacham,et al.  Compact Proofs of Retrievability , 2008, ASIACRYPT.

[22]  Craig Gentry,et al.  Non-interactive Verifiable Computing: Outsourcing Computation to Untrusted Workers , 2010, CRYPTO.

[23]  Jianfeng Ma,et al.  New Algorithms for Secure Outsourcing of Modular Exponentiations , 2012, IEEE Transactions on Parallel and Distributed Systems.

[24]  Josep Domingo-Ferrer,et al.  Ciphertext-policy hierarchical attribute-based encryption with short ciphertexts , 2014, Inf. Sci..

[25]  Masakatsu Nishigaki,et al.  Advances in Information and Computer Security - 6th International Workshop, IWSEC 2011, Tokyo, Japan, November 8-10, 2011. Proceedings , 2011, IWSEC.

[26]  Jin Li,et al.  An Efficient Proof of Retrievability with Public Auditing in Cloud Computing , 2013, 2013 5th International Conference on Intelligent Networking and Collaborative Systems.

[27]  Josep Domingo-Ferrer,et al.  Simultaneous authentication and secrecy in identity-based data upload to cloud , 2013, Cluster Computing.

[28]  Elisabeth Oswald,et al.  A Comprehensive Evaluation of Mutual Information Analysis Using a Fair Evaluation Framework , 2011, CRYPTO.

[29]  Lakshminarayanan Subramanian,et al.  Two-Party Computation Model for Privacy-Preserving Queries over Distributed Databases , 2009, NDSS.

[30]  Kaisa Nyberg,et al.  Advances in Cryptology — EUROCRYPT'98 , 1998 .

[31]  Josep Domingo-Ferrer,et al.  Identity-based remote data possession checking in public clouds , 2014, IET Inf. Secur..

[32]  Bogdan Warinschi,et al.  Advances in Cryptology - Asiacrypt 2008 , 2008 .

[33]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[34]  Phong Q. Nguyen,et al.  Distribution of Modular Sums and the Security of the Server Aided Exponentiation , 2001 .

[35]  Josep Domingo-Ferrer,et al.  Tracing and revoking leaked credentials: accountability in leaking sensitive outsourced data , 2014, AsiaCCS.

[36]  Mark Manulis,et al.  Cryptology and Network Security , 2012, Lecture Notes in Computer Science.

[37]  Yehuda Lindell,et al.  More Efficient Constant-Round Multi-Party Computation from BMR and SHE , 2016, IACR Cryptol. ePrint Arch..

[38]  Shucheng Yu,et al.  Proofs of retrievability with public verifiability and constant communication cost in cloud , 2013, Cloud Computing '13.

[39]  Tal Rabin Advances in Cryptology - CRYPTO 2010, 30th Annual Cryptology Conference, Santa Barbara, CA, USA, August 15-19, 2010. Proceedings , 2010, CRYPTO.