Abstract
As an important method, cloud-based data auditing can realize the integrity checking of the outsourced data efficiently. However, the existing public auditing schemes are mainly based on the PKI (public key infrastructure). In this infrastructure, the auditor must validate the certificates of data user before auditing data integrity. Thus, there exist some drawbacks in such infrastructure. (1) It brings the heavy computation burdens on the auditor in the auditing process (2) Complicated management of public key certificate makes the whole auditing protocol inefficient, in particular, in the multi-user setting. To overcome complicated key management and key exposure and reduce computation cost in the auditing process, we propose ID-based data integrity public auditing scheme with forward security in this paper. After a private key of data user is compromised, all previous produced authentication tags still remain valid. And we also show that our construction is provably secure under the RSA assumption with prime exponents. Due to being based on RSA, none of pairing operation is required in any algorithm, it makes that auditing efficiency is greatly improved since the implementations of pairings are much harder than those of exponentiations in a RSA group. The highlight in our scheme is that the auditor’s verification cost is constant, it is independent of the number of the challenged set. Comparing with Yu et al.’s scheme, our scheme has more advantages in terms of computation cost and communication overhead. And implementation results also show that our scheme is very practical and suitable for the multi-user setting in the real life.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Note that we make a slightly modified version [22, 26] of the original RSA problem definition. Here, we require the exponent to be a prime number.
References
Yong, Y., Xue, L., Au, M.H., Susilo, W., Ni, J., Zhang, Y.F., et al.: Cloud data integrity checking with an identity-based auditing mechanism from RSA. Future Gen. Comput. Syst. 62, 51–53 (2016). doi:10.1016/j.future.2016.02.003
May, P., Ehrlich, H.-C., Steinke, T.: ZIB structure prediction pipeline: composing a complex biological workflow through web services. In: Nagel, W.E., Walter, W.V., Lehner, W. (eds.) Euro-Par 2006. LNCS, vol. 4128, pp. 1148–1158. Springer, Heidelberg (2006)
M.I.R.A.C.L. library, Shamus Software Ltd., 94 Shangan Road, Ballymun, Dublin, Ireland
Czajkowski, K., Fitzgerald, S., Foster, I., Kesselman, C.: Grid information services for distributed resource sharing. In: 10th IEEE International Symposium on High Performance Distributed Computing, pp. 181–184. IEEE Press, New York (2001)
Wang, H.: Identity-based distributed provable data possession in multicloud storage IEEE T. Serv. Compsut. 8(2), 328–340 (2015)
ElGamal, T.: A public-key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inf. Theor. 31, 469–472 (1985)
Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song, D.: Provable data possession at untrusted stores. In: Proceedings 14th ACM Conference Computer and Communications Security (CCS 2007), pp. 598–609 (2007)
Juels, A., Kaliski, B.S.: PORs: proofs of retrievability for large files. In: Proceedings 14th ACM Conference Computer and Communications Security (CCS 2007), pp. 584–597 (2007)
Wang, Q., Wang, C., Ren, K., Lou, W., Li, J.: Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans. Parallel Distrib. Syst. 22(5), 847–859 (2011)
Zhang, Y., Blanton, M.: Efficient dynamic provable possession of remote data via balanced update trees. In: Proceedings 8th ACM SIGSAC Symposium Information, Computer and Communications Security (ASIACCS 2013), pp. 183–194 (2013)
Zheng, Q., Xu, S.: Fair and dynamic proofs of retrievability. In: Proceedings First ACM Conference Data and Application Security and Privacy (CODASPY 2011), pp. 237–248 (2011)
Stefanov, E., Dijk, M.V., Oprea, A., Jules, A.: Iris: A Scalable Cloud File System with Efficient Integrity Checks, Report /585, Cryptology ePrint Archive (2011)
Gritti, C., Susilo, W., Plantard, T.: Efficient dynamic provable data possession with public verifiability and data privacy. In: Foo, E., Stebila, D. (eds.) ACISP 2015. LNCS, vol. 9144, pp. 395–412. Springer, Heidelberg (2015)
Wang, Q., Wang, C., Ren, K., Lou, W., Li, J.: Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans. Parallel Distrib. Syst. 22(5), 847–859 (2011)
Jianhong, Z., Qiaocui, D.: Efficient ID-based public auditing for the outsourced data in cloud storage. Inf. Sci. 344, 1–14 (2016)
Zhang, J., Li, P., Mao, J.: IPad: ID-based public auditing for the outsourced data in the standard model. Cluster Comput. 19(1), 127–138 (2016)
Ren, K., Wang, C., Wang, Q.: Security challenges for the public cloud. IEEE Internet Comput. 16(1), 69–73 (2012)
Understanding the Cloud Computing Stack: SaaS, PaaS, IaaS. https://support.rackspace.com/white-paper/understanding-the-cloud-computing-stack-saas-paas-iaas/
Acknowledgments
This work was supported by Beijing Municipal Natural Science Foundation (Nos: 4162020,4132056) and The importation and development of High-Caliber Talents project of Beijing municipal Institutions (CIT&TCD201304004).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing AG
About this paper
Cite this paper
Zhang, J., Li, P., Sun, Z., Mao, J. (2016). ID-based Data Integrity Auditing Scheme from RSA with Resisting Key Exposure. In: Chen, L., Han, J. (eds) Provable Security. ProvSec 2016. Lecture Notes in Computer Science(), vol 10005. Springer, Cham. https://doi.org/10.1007/978-3-319-47422-9_5
Download citation
DOI: https://doi.org/10.1007/978-3-319-47422-9_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-47421-2
Online ISBN: 978-3-319-47422-9
eBook Packages: Computer ScienceComputer Science (R0)