Abstract
In the cloud storage framework, once clients remotely store their data on cloud storage providers, they will lose the physical control over their outsourced data. The risk of unauthorized access to the data increases dramatically. One of the most serious problems in cloud storage is to ensure the correctness of the outsourced data. Specifically, we need to protect these data from unauthorized operations; we also need to detect and recover users’ data after unexpected changes. In this paper, we propose a publicly verifiable scheme to protect the integrity of cloud data and support dynamic maintenance, which is based on a position-aware Merkle tree. We adopt a 3-tuple to define the node of the new Merkle tree, which records the position of the corresponding node, so that users can verify the consistency of the challenge-response blocks by computing the root value directly without retrieving the whole Merkle tree. In our scheme, the storage complexity at the client side is O(1); the computation complexity at the client side is \(O(\log n)\); the computation cost at the server side is \(O(\log n)\) and the communication overhead is \(O(\log n)\). Our method supports unlimited verification challenges as well.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Notes
We use the term user and client interchangeably in this paper.
References
Ateniese G, Burns R, Curtmola R, Herring J, Kissner L, Peterson Z, Song D (2007) Provable data possession at untrusted stores. In: Proceedings of ACM conference on computer and communications security (CCS), pp 598–609
Ateniese G, Pietro D, Mancini L, Tsudik G (2008) Scalable and efficient provable data possession. In: Proceedings of the 4th international conference on security and privacy in communication netowrks, vol 9. ACM, New York
Ateniese G, Kamara S, Katz J (2009) Proofs of storage from homomorphic identification protocols. In: Advances in cryptology, ASIACRYPT 2009, vol 5912. Springer, Berlin, pp 319–333
Ateniese G, Burns R, Curtmola R, Herring J, Khan O, Kissner L, Peterson Z, Song D (2011) Remote data checking using provable data possession. ACM Trans Inf Syst Secur 14(1):12:1–12:34
Bellare M, Palacio A (2004) The knowledge-of-exponent assumptions and 3-round zero-knowledge protocols. In: Advances in cryptology, CRYPTO 2004, vol 3152. Springer, Berlin, pp 273–289
Boneh D, Lynn B, Shacham H (2001) Short signatures from the weil pairing. In: Proceedings of ASIACRYPT’01. Springer, Berlin, pp 514–532
Castiglione A, Catuogno L, Del Sorbo A, Fiore U, Palmieri F (2014a) A secure file sharing service for distributed computing environments. J Supercomput 67:691–710
Catuogno L, Löhr H, Winandy M, Sadeghi A (2014b) A trusted versioning file system for passive mobile storage devices. J Netw Comput Appl 38:65–75
Chen X, Li J, Huang X, Li J, Xiang Y, Wong D (2014a) Secure outsourced attribute-based signatures. IEEE Trans Parallel Distrib Syst 25:3285–3294
Chen X, Li J, Weng J, Ma J, Lou W (2014b) Verifiablecomputation over large database with incremental. In:Proceedings of ESORICS’14, vol 8712. Springer, New York, pp 148–162
Chen X, Huang X, Li J, Ma J, Luo W (2015) New algorithms for secure outsourcing of large-scale systems of linear equations. IEEE Trans Inf Forensics Secur 10:69–78
Chris Erway C, Küpçü A, Papamanthou C, Tamassia R (2009) Dynamic provable data possession. In: Proceedings of the 16th ACM conference on computer and communications security (CCS). ACM, New York, pp 213–222
Chris Erway C, Küpçü A, Papamanthou C, Tamassia R (2015) Dynamic provable data possession. ACM Trans Inf Syst Secur 17(4):15:1–15:29
Deswarte Y, Quisquater J, Saidane A (2003) Remote integrity checking. In: Conference on integrity and internal control in information systems, vol 03
Esposito C, Ficco M, Palmieri F, Castiglione A (2015) Smart cloud storage service selection based on fuzzy logic, theory of evidence and game theory. IEEE Trans Comput, pp 1
Fan X, Yang G, Mu Y, Yu Y (2015) On indistinguishability in remote data integrity checking. Comput J 58:823–830
Gazzoni EL, Luiz D, Filho G, Sérgio P, Barreto LM, Politécnica E (2006) Demonstrating data possession and uncheatable data transfer, 2006. IACR ePrint archive. Report 2006/150
Hao Z, Zhong S, Yu N (2011) A privacy-preserving remote data integrity checking protocol with data dynamics and public verifiability. IEEE Trans Knowl Data Eng 23(9):1432–1437
Juels A, Kaliske B (2007) PORs: proofs of retrievability for large files. In: 14th ACM conference on computer and communications security (CCS). ACM, New York, pp 584–597
Kate A, Zaverucha G, Goldberg I (2010) Constant-size commitments to polynomials and their applications. In: Advances in Cryptology, ASIACRYPT 2010, vol 6477. Springer, Berlin, pp 177–194
Li X, Li J, Huang F (2015) A secure cloud storage system supporting privacy-preserving fuzzy deduplication. Soft Comput. doi:10.1007/s00500-015-1596-6
Mao J, Zhang Y, Xu X (2012) Et-dmd: an error-tolerant scheme to detect malicious file deletion on distributed storage. In: 4th international conference on intelligent networking and collaborative systems. IEEE, New York, pp 365–372
Merkle RC (1980) Protocols for public key cryptosystems. In: IEEE symposium on security and privacy, vol 1109. IEEE, New York, pp 122–134
Merkle RC (1989) A certified digital signature. In: Proceedings on advances in cryptology, CRYPTO’89. Springer, Berlin, pp 218C–238
Pcworld (2008) Amazon. Amazon’s s3 down for several hours. http://www.pcworld.com/businesscenter/article/142549/amazons s3 down for several hours.html. Accessed 12 Sept 2014
Shacham H, Waters B (2008) Compact proofs of retrievability. In: Advances in cryptology, ASIACRYPT’08. Springer, Berlin
Wang H, Zhang Y (2013) On the knowledge soundness of a cooperative provable data possession scheme in multicloud storage. IEEE Trans Parallel Distrib Syst 25(1):264–267
Wang Q, Wang C, Li J, Ren K, Lou W (2009) Enabling public verifiability and data dynamics for storage security in cloud computing. In: Computer security, ESORICS 2009, vol 5789. Springer, Berlin, pp 335–370
Wang Q, Wang C, Ren K, Lou W, Li J (2011) Enabling public verifiability and data dynamics for storage security in cloud computing. IEEE Trans Parallel Distrib Syst 22(5):847–859
Wang Y, Wu Q, Wong DS, Qin B (2014) Securely outsourcing exponentiations with single untrusted program for cloud storage. In: Proceedings of ESORICS’14. Springer, Berlin, pp 323–340
Wikipedia (2014a) Cloud storage. http://en.wikipedia.org/wiki/Cloud_stroage. Accessed Aug 2014
Wikipedia (2014b) Merkle tree. http://en.wikipedia.org/wiki/Merkle_tree. Accessed May 2014
Wikipedia (2014c) Sha-1. https://en.wikipedia.org/wiki/SHA-1. Accessed June 2014
Wu Q, Mu Y, Susilo W (2009) Asymmetric group key agreement. In: Advances in cryptology, EUROCRYPT 2009, vol 5479. Springer, Berlin, pp 153–170
Xhafa F, Wang J, Chen X, Liu JK, Li J, Krause P (2014) A secure cloud storage system supporting privacy-preserving fuzzy deduplication. Soft Comput 18:1795–1802
Xu J, Chang E (2012) Towards efficient proofs of retrievability. In: 7th ACM symposium on information, computer and communications security. ACM, New York, pp 79–80
Yu Y, Yang G, Mu Y, Susilo W (2014) On the security of auditing mechanisms for secure cloud storage. Future Gener Comput Syst Int J Grid Comput Theory Methods Appl 30(1):127–132
Yu Y, Au MH, Yi Mu ST, Ren J, Susilo W, Dong L (2015) Enhanced privacy of a remote data integrity-checking protocol for secure cloud storage. Int J Inf Secur 14:307–318
Zheng Q, Xu S (2011) Fair and dynamic proofs of retrievability. In: The first ACM conference on data and application security and privacy. ACM, New York, pp 237–248
Zhu Y, Wang H, Hu Z, Ahn G, Hu H, Yau S (2010) Efficient provable data possession for hybrid clouds. In: 17th ACM conference on Computer and communications security. ACM, New York, pp 756–758
Acknowledgments
The authors thank Zhenkai Liang for suggestions on various aspects of this paper. The authors also thank anonymous reviewers for their insightful comments. This work was supported in part by the National Natural Science Foundation of China (No. 61402029), the Beijing Natural Science Foundation (No. 4132056), the National 973 Project of China (No. 2012CB315905) and the National Natural Science Foundation of China (No. 61170246, 376349).
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that there is no conflict of interests regarding the publication of this paper.
Additional information
Communicated by V. Loia.
Rights and permissions
About this article
Cite this article
Mao, J., Zhang, Y., Li, P. et al. A position-aware Merkle tree for dynamic cloud data integrity verification. Soft Comput 21, 2151–2164 (2017). https://doi.org/10.1007/s00500-015-1918-8
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00500-015-1918-8