Secure and efficient privacy-preserving public auditing scheme for cloud storage

Cloud computing poses many challenges on integrity and privacy of users' data though it brings an easy, cost-effective and reliable way of data management. Hence, secure and efficient methods are needed to ensure integrity and privacy of data stored at the cloud. Wang et al. proposed a privacy-preserving public auditing protocol in 2010 but it is seriously insecure. Their scheme is vulnerable to attacks from malicious cloud server and outside attackers regarding to storage correctness. So they proposed a scheme in 2011 with an improved security guarantee but it is not efficient. Thus, in this paper, we proposed a scheme which is secure and with better efficiency. It is a public auditing scheme with third party auditor (TPA), who performs data auditing on behalf of user(s). With detail security analysis, our scheme is proved secure in the random oracle model and our performance analysis shows the scheme is efficient.

[1]  Nenghai Yu,et al.  A Privacy-Preserving Remote Data Integrity Checking Protocol with Data Dynamics and Public Verifiability , 2011, IEEE Transactions on Knowledge and Data Engineering.

[2]  Shouhuai Xu,et al.  Secure and efficient proof of storage with deduplication , 2012, CODASPY '12.

[3]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[4]  Reza Curtmola,et al.  Remote data checking using provable data possession , 2011, TSEC.

[5]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[6]  Ninghui Li,et al.  Introduction to special section SACMAT'08 , 2011, TSEC.

[7]  Cong Wang,et al.  Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing , 2009, ESORICS.

[8]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[9]  Martin Gilje Jaatun,et al.  Beyond lightning: A survey on security challenges in cloud computing , 2013, Comput. Electr. Eng..

[10]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[11]  Roberto Di Pietro,et al.  Scalable and efficient provable data possession , 2008, IACR Cryptol. ePrint Arch..

[12]  Shouhuai Xu,et al.  Fair and dynamic proofs of retrievability , 2011, CODASPY '11.

[13]  Hyunsoo Yoon,et al.  Secure and efficient data retrieval over encrypted data using attribute-based encryption in cloud storage , 2013, Comput. Electr. Eng..

[14]  Chunxiang Xu,et al.  Cryptanalysis of Wang's Auditing Protocol for Data Storage Security in Cloud Computing , 2012, ICICA.

[15]  Yevgeniy Dodis,et al.  Proofs of Retrievability via Hardness Amplification , 2009, IACR Cryptol. ePrint Arch..

[16]  Ari Juels,et al.  HAIL: a high-availability and integrity layer for cloud storage , 2009, CCS.

[17]  Cong Wang,et al.  Privacy-Preserving Public Auditing for Data Storage Security in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[18]  Hovav Shacham,et al.  Compact Proofs of Retrievability , 2008, ASIACRYPT.

[19]  Cong Wang,et al.  Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing , 2011, IEEE Transactions on Parallel and Distributed Systems.