Abstract
Outsourcing data to the cloud for personal use is becoming an everyday trend rather than an extreme scenario. The frequent outsourcing of data increases the possible attack window because users do not fully control their personal files. Typically, once there are established secure channels between two endpoints, communication is considered secure. However, in the cloud model the receiver–the cloud–cannot be fully trusted, either because it has been under adversarial control, or because it acts maliciously to increase its revenue by deleting infrequent accessed file blocks. One approach used by current literature to address the aforementioned security concerns is via Remote Data Integrity Checking (RDIC) protocols, whereby a data owner can challenge an untrusted cloud service provider (CSP) to prove faithful storage of its data.
Current RDIC protocols assume that the original data format remains unchanged. However, users may wish to compress their data in order to enjoy less charges. In that case, current RDIC protocols become impractical because, each time compression happens on a file, the user has to run a new RDIC protocol. In this work we initiate the study for Auditable Compressed Storage (ACS). After defining the new model we instantiate two protocols for different widely used compression techniques: run length encoding and Huffman encoding. In contrast with conventional RDIC, our protocols allow a user to delegate the compression to the cloud in a provably secure way: The client can verify correctness of compression without having to download the entire uncompressed file and check it against the compressed one.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Ateniese, G., et al.: Remote data checking using provable data possession. ACM Trans. Inf. Syst. Secur. 14, 12:1–12:34 (2011)
Ateniese, G., et al.: Provable data possession at untrusted stores. In: Proceedings of the 14th ACM CCS, pp. 598–609 (2007)
Ateniese, G., Di Pietro, R., Mancini, L.V., Tsudik, G.: Scalable and efficient provable data possession. In: Proceedings of the 4th SecureComm, pp. 9:1–9:10 (2008)
Cash, D., Küpçü, A., Wichs, D.: Dynamic proofs of retrievability via oblivious RAM. J. Cryptol. 30(1), 22–57 (2017)
Erway, C., Küpçü, A., Papamanthou, C., Tamassia, R.: Dynamic provable data possession. In: Proceedings of the 16th ACM CCS, pp. 213–222 (2009)
Esiner, E., Kachkeev, A., Braunfeld, S., Küpçü, A., Özkasap, O.: FlexDPDP: flexlist-based optimized dynamic provable data possession. Trans. Storage 12(4), 23:1–23:44 (2016)
Etemad, M., Küpçü, A.: Transparent, distributed, and replicated dynamic provable data possession. In: Proceedings of the 11th ACNS, pp. 1–18 (2013)
Huffman, D.A.: A method for the construction of minimum-redundancy codes. Proc. Inst. Radio Eng. 40(9), 1098–1101 (1952)
Juels, A., Kaliski Jr., B.S.: PORs: proofs of retrievability for large files. In: Proceedings of the 14th ACM CCS, pp. 584–597 (2007)
Mohammad Etemad, M., Küpçü, A.: Generic efficient dynamic proofs of retrievability. In: Proceedings of the ACM CCSW, pp. 85–96 (2016)
Shacham, H., Waters, B.: Compact proofs of retrievability. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 90–107. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-89255-7_7
Shi, E., Stefanov, E., Papamanthou, C.: Practical dynamic proofs of retrievability. In: Proceedings of the 2013 ACM CCS, pp. 325–336 (2013)
Stefanov, E., van Dijk, M., Juels, A., Oprea, A.: Iris: a scalable cloud file system with efficient integrity checks. In: Proceedings of the 28th ACSAC, pp. 229–238 (2012)
Wang, Q., Wang, C., Li, J., Ren, K., Lou, W.: Enabling public verifiability and data dynamics for storage security in cloud computing. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 355–370. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04444-1_22
Zhang, Y., Blanton, M.: Efficient dynamic provable possession of remote data via update trees. Trans. Storage 12(2), 9:1–9:45 (2016)
Acknowledgments
This research was supported by the US National Science Foundation under Grants No. CNS 1801430, CNS 1054754, and DGE 1565478.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Leontiadis, I., Curtmola, R. (2019). Auditable Compressed Storage. In: Lin, Z., Papamanthou, C., Polychronakis, M. (eds) Information Security. ISC 2019. Lecture Notes in Computer Science(), vol 11723. Springer, Cham. https://doi.org/10.1007/978-3-030-30215-3_4
Download citation
DOI: https://doi.org/10.1007/978-3-030-30215-3_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-30214-6
Online ISBN: 978-3-030-30215-3
eBook Packages: Computer ScienceComputer Science (R0)