Skip to main content
Springer Nature Link
Log in

Intrusion-Resilient Public Auditing Protocol for Data Storage in Cloud Computing

  • Conference paper
  • First Online:
Information Security and Privacy (ACISP 2018)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10946))

Included in the following conference series:

Abstract

Cloud storage auditing is a crucial service that provides integrity checking for clients’ data in the cloud server. However, if the client’s auditing secret key is exposed, the malicious cloud server can tamper even throw away the client’s data without being detected. In this paper, we propose an intrusion-resilient public auditing protocol that can reduce the damage caused by key exposure. In our protocol, the auditing secret key is managed by the client with the help of a third party auditor (TPA), who cannot compute the client’s auditing secret key. Our protocol divides the lifetime of file stored on cloud into several time periods, and each time period is further divided into several refreshing periods. We show that our protocol is secure (i.e., backward security and forward security) against the adversary as long as the client and TPA are compromised in different refreshing period. Our protocol still captures the forward security when the client and TPA are compromised in the same refreshing period.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song, D.: Provable data possession at untrusted stores. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, CCS 2007, pp. 598–609. ACM, New York (2007). https://doi.org/10.1145/1315245.1315318

  2. Barsoum, A.F., Hasan, M.A.: Provable multicopy dynamic data possession in cloud computing systems. IEEE Trans. Inf. Forensics Secur. 10(3), 485–497 (2015). https://doi.org/10.1109/TIFS.2014.2384391

    Article  Google Scholar 

  3. Canetti, R., Halevi, S., Katz, J.: A forward-secure public-key encryption scheme. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 255–271. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-39200-9_16

    Chapter  Google Scholar 

  4. Curtmola, R., Khan, O., Burns, R., Ateniese, G.: MR-PDP: multiple-replica provable data possession. In: Proceedings of the 28th International Conference on Distributed Computing Systems, pp. 411–420 (2008). https://doi.org/10.1109/ICDCS.2008.68

  5. Dodis, Y., Franklin, M., Katz, J., Miyaji, A., Yung, M.: Intrusion-resilient public-key encryption. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 19–32. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36563-X_2

    Chapter  Google Scholar 

  6. Gentry, C., Silverberg, A.: Hierarchical ID-based cryptography. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 548–566. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-36178-2_34

    Chapter  Google Scholar 

  7. Hu, F., Wu, C.H., Irwin, J.D.: A new forward secure signature scheme using bilinear maps. IACR Cryptology Eprint Archive 2003 (2003)

    Google Scholar 

  8. Juels, A., Kaliski Jr., B.S.: PORs: proofs of retrievability for large files. In: Proceedings of CCS 2007, pp. 584–597 (2007). https://doi.org/10.1145/1315245.1315317

  9. Kang, B.G., Park, J.H., Hahn, S.G.: A new forward secure signature scheme. IACR Cryptol. Eprint Archive 13(5), 821–825 (2008)

    Google Scholar 

  10. Shacham, H., Waters, B.: Compact proofs of retrievability. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 90–107. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-89255-7_7

    Chapter  Google Scholar 

  11. Wang, B., Li, B., Li, H.: Public auditing for shared data with efficient user revocation in the cloud. Proc. IEEE INFOCOM 2013, 2904–2912 (2013). https://doi.org/10.1109/INFCOM.2013.6567101

    Article  Google Scholar 

  12. Wang, C., Chow, S.S.M., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for secure cloud storage. IEEE Trans. Comput. 62, 362–375 (2013). https://doi.org/10.1109/TC.2011.245

    Article  MathSciNet  MATH  Google Scholar 

  13. Wang, Q., Wang, C., Ren, K., Lou, W., Li, J.: Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans. Parallel Distrib. Syst. 22, 847–859 (2010). https://doi.org/10.1109/TPDS.2010.183

    Article  Google Scholar 

  14. Yang, K., Jia, X.: An efficient and secure dynamic auditing protocol for data storage in cloud computing. IEEE Trans. Parallel Distrib. Syst. 24(9), 1717–1726 (2013). https://doi.org/10.1109/TPDS.2012.278

    Article  Google Scholar 

  15. Yu, J., Ren, K., Wang, C.: Enabling cloud storage auditing with verifiable outsourcing of key updates. IEEE Trans. Inf. Forensics Secur. 11(6), 1362–1375 (2016). https://doi.org/10.1109/TIFS.2016.2528500

    Article  Google Scholar 

  16. Yu, J., Ren, K., Wang, C., Varadharajan, V.: Enabling cloud storage auditing with key-exposure resistance. IEEE Trans. Inf. Forensics Secur. 10(6), 1167–1179 (2015). https://doi.org/10.1109/TIFS.2015.2400425

    Article  Google Scholar 

  17. Yu, J., Wang, H.: Strong key-exposure resilient auditing for secure cloud storage. IEEE Trans. Inf. Forensics Secur. 12(8), 1931–1940 (2017). https://doi.org/10.1109/TIFS.2017.2695449

    Article  Google Scholar 

  18. Yu, J., Hao, R., Kong, F., Cheng, X., Fan, J., Chen, Y.: Forward-secure identity-based signature: security notions and construction. Inf. Sci. 181(3), 648–660 (2011). https://doi.org/10.1016/j.ins.2010.09.034

    Article  MathSciNet  MATH  Google Scholar 

  19. Yu, J., Kong, F., Cheng, X., Hao, R., Li, G.: One forward-secure signature scheme using bilinear maps and its applications. Inf. Sci. 279, 60–76 (2014). https://doi.org/10.1016/j.ins.2014.03.082

    Article  MATH  Google Scholar 

  20. Yuan, J., Yu, S.: Public integrity auditing for dynamic data sharing with multiuser modification. IEEE Trans. Inf. Forensics Secur. 10(8), 1717–1726 (2015). https://doi.org/10.1109/TIFS.2015.2423264

    Article  Google Scholar 

  21. Zhu, Y., Ahn, G.J., Hu, H., Yau, S.S., An, H.G., Hu, C.J.: Dynamic audit services for outsourced storages in clouds. IEEE Trans. Serv. Comput. 6(2), 227–238 (2013). https://doi.org/10.1109/TSC.2011.51

    Article  Google Scholar 

Download references

Acknowledgment

The work was supported by the National Natural Science Foundation of China (No. 61502008, No. 61572001), The Natural Science Foundation of Anhui Province (No. 1708085QF136, No. 1508085QF132), Doctorial Research Start-up Foundation of Anhui University. The authors are very grateful to the anonymous referees for their detailed comments and suggestions regarding this paper.

Author information

Authors and Affiliations

  1. School of Computer Science and Technology, Anhui University, Hefei, China

    Yan Xu, Ran Ding, Jie Cui & Hong Zhong

Authors
  1. Yan Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ran Ding
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jie Cui
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Hong Zhong
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Hong Zhong .

Editor information

Editors and Affiliations

  1. University of Wollongong, Wollongong, NSW, Australia

    Willy Susilo

  2. University of Wollongong, Wollongong, NSW, Australia

    Guomin Yang

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG, part of Springer Nature

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Xu, Y., Ding, R., Cui, J., Zhong, H. (2018). Intrusion-Resilient Public Auditing Protocol for Data Storage in Cloud Computing. In: Susilo, W., Yang, G. (eds) Information Security and Privacy. ACISP 2018. Lecture Notes in Computer Science(), vol 10946. Springer, Cham. https://doi.org/10.1007/978-3-319-93638-3_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-93638-3_23

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-93637-6

  • Online ISBN: 978-3-319-93638-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics