Efficient, dynamic and identity-based Remote Data Integrity Checking for multiple replicas

Abstract Nowadays, cloud storage plays an increasingly important role in our daily life. However, the cloud users do not have the physical possession of their own data anymore. To confirm whether the outsourced files are maintained intact without downloading them entirely, a mechanism namely Remote Data Integrity Checking (RDIC) is invented. Currently, some RDIC schemes allow the data owners with limited computation or communication power to delegate the checking task to a third-party verifier. However, most of these schemes rely on the complicated and resource consuming public key infrastructure (PKI). In this paper, we propose a novel identity-based RDIC scheme, namely Efficient, Dynamic and Identity-based Multiple Replication Provable Data Possession (EDID-MRPDP) without the burden of PKI. We introduce a new construction of Homomorphic Verifiable Tag (HVT) and a novel data structure namely Compressed Authentication Array (CAA), which allow EDID-MRPDP to perform batch verification for multiple data owners and cloud servers simultaneously and efficiently, both from computation and communication aspects. To the best of our knowledge, EDID-MRPDP is the first ID-based RDIC scheme with full dynamic updates and multi-replica batch checking. We provide comprehensive correctness and soundness proofs of EDID-MRPDP. Meanwhile, the detailed performance analyses and simulations show that EDID-MRPDP is practical for large-scale cloud applications.

[1]  Jiankun Hu,et al.  Identity-Based Data Outsourcing With Comprehensive Auditing in Clouds , 2017, IEEE Transactions on Information Forensics and Security.

[2]  Yong Yu,et al.  Identity-Based Remote Data Integrity Checking With Perfect Data Privacy Preserving for Cloud Storage , 2017, IEEE Transactions on Information Forensics and Security.

[3]  Ari Juels,et al.  HAIL: a high-availability and integrity layer for cloud storage , 2009, CCS.

[4]  Hui Li,et al.  Panda: Public Auditing for Shared Data with Efficient User Revocation in the Cloud , 2015, IEEE Transactions on Services Computing.

[5]  Hui Li,et al.  Oruta: Privacy-Preserving Public Auditing for Shared Data in the Cloud , 2012, 2012 IEEE Fifth International Conference on Cloud Computing.

[6]  Jin Liu,et al.  Dynamic-Hash-Table Based Public Auditing for Secure Cloud Storage , 2017, IEEE Transactions on Services Computing.

[7]  Tao Jiang,et al.  Public Integrity Auditing for Shared Dynamic Cloud Data with Group User Revocation , 2016, IEEE Transactions on Computers.

[8]  Kim-Kwang Raymond Choo,et al.  Fuzzy Identity-Based Data Integrity Auditing for Reliable Cloud Storage Systems , 2019, IEEE Transactions on Dependable and Secure Computing.

[9]  Xavier Boyen,et al.  Multipurpose Identity-Based Signcryption (A Swiss Army Knife for Identity-Based Cryptography) , 2003, CRYPTO.

[10]  Huaqun Wang,et al.  Proxy Provable Data Possession in Public Clouds , 2013, IEEE Transactions on Services Computing.

[11]  Huaqun Wang,et al.  Incentive and Unconditionally Anonymous Identity-Based Public Provable Data Possession , 2019, IEEE Transactions on Services Computing.

[12]  M. Anwar Hasan,et al.  Integrity Verification of Multiple Data Copies over Untrusted Cloud Servers , 2012, 2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (ccgrid 2012).

[13]  Jian Shen,et al.  An Efficient Public Auditing Protocol With Novel Dynamic Structure for Cloud Data , 2017, IEEE Transactions on Information Forensics and Security.

[14]  David Cash,et al.  Dynamic Proofs of Retrievability via Oblivious RAM , 2013, EUROCRYPT.

[15]  Cong Wang,et al.  Security Challenges for the Public Cloud , 2012, IEEE Internet Computing.

[16]  Jean-Sébastien Coron,et al.  On the Exact Security of Full Domain Hash , 2000, CRYPTO.

[17]  Ralph C. Merkle,et al.  Protocols for Public Key Cryptosystems , 1980, 1980 IEEE Symposium on Security and Privacy.

[18]  Lei Zhang,et al.  Privacy-Preserving Public Auditing Protocol for Low-Performance End Devices in Cloud , 2016, IEEE Transactions on Information Forensics and Security.

[19]  Huaqun Wang,et al.  Identity-Based Distributed Provable Data Possession in Multicloud Storage , 2015, IEEE Transactions on Services Computing.

[20]  Yi Mu,et al.  Enhanced privacy of a remote data integrity-checking protocol for secure cloud storage , 2014, International Journal of Information Security.

[21]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[22]  Stephen S. Yau,et al.  Dynamic Audit Services for Outsourced Storages in Clouds , 2013, IEEE Transactions on Services Computing.

[23]  Jinjun Chen,et al.  MuR-DPA: Top-Down Levelled Multi-Replica Merkle Hash Tree Based Secure Public Auditing for Dynamic Big Data Storage on Cloud , 2015, IEEE Transactions on Computers.

[24]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[25]  Cong Wang,et al.  Toward Secure and Dependable Storage Services in Cloud Computing , 2012, IEEE Transactions on Services Computing.

[26]  Teng Li,et al.  A position-aware Merkle tree for dynamic cloud data integrity verification , 2015, Soft Computing.

[27]  Wenting Shen,et al.  Light-weight and privacy-preserving secure cloud auditing scheme for group users via the third party medium , 2017, J. Netw. Comput. Appl..

[28]  Elaine Shi,et al.  Practical dynamic proofs of retrievability , 2013, CCS.

[29]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[30]  John Black,et al.  Ciphers with Arbitrary Finite Domains , 2002, CT-RSA.

[31]  Gail-Joon Ahn,et al.  Cooperative Provable Data Possession for Integrity Verification in Multicloud Storage , 2012, IEEE Transactions on Parallel and Distributed Systems.

[32]  Cong Wang,et al.  Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing , 2011, IEEE Transactions on Parallel and Distributed Systems.

[33]  Huaqun Wang,et al.  Identity-Based Proxy-Oriented Data Uploading and Remote Data Integrity Checking in Public Cloud , 2016, IEEE Transactions on Information Forensics and Security.

[34]  Roberto Di Pietro,et al.  Scalable and efficient provable data possession , 2008, IACR Cryptol. ePrint Arch..

[35]  M. Anwar Hasan,et al.  On Verifying Dynamic Multiple Data Copies over Cloud Servers , 2011, IACR Cryptol. ePrint Arch..

[36]  Han Zhong,et al.  Efficient and Secure Identity-Based Public Auditing for Dynamic Outsourced Data with Proxy , 2017, KSII Trans. Internet Inf. Syst..

[37]  Jung Hee Cheon,et al.  An Identity-Based Signature from Gap Diffie-Hellman Groups , 2003, Public Key Cryptography.

[38]  Reza Curtmola,et al.  MR-PDP: Multiple-Replica Provable Data Possession , 2008, 2008 The 28th International Conference on Distributed Computing Systems.

[39]  Willy Susilo,et al.  Online/Offline Provable Data Possession , 2017, IEEE Transactions on Information Forensics and Security.

[40]  Ming Li,et al.  Privacy-preserving public auditing for shared cloud data supporting group dynamics , 2013, 2013 IEEE International Conference on Communications (ICC).

[41]  Cong Wang,et al.  Dynamic Data Operations with Deduplication in Privacy-Preserving Public Auditing for Secure Cloud Storage , 2017, 22017 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC).

[42]  Stephen S. Yau,et al.  Efficient provable data possession for hybrid clouds , 2010, CCS '10.

[43]  Hovav Shacham,et al.  Compact Proofs of Retrievability , 2008, ASIACRYPT.

[44]  Jean-Jacques Quisquater,et al.  Remote Integrity Checking - How to Trust Files Stored on Untrusted Servers , 2003, IICIS.