Abstract
Due to the existence of many security threats in the cloud, remote data integrity checking (RDIC) is crucial for implementing secure cloud storage. It allows the data users to check the integrity of their data without retrieving whole data. As a solution to this, so far many researchers designed RDIC protocols using public key infrastructure (PKI). In this scenario, a public verifier must approve the data users’ certificates before the integrity checking task is to be performed. Thus, it suffers from the complex key management problem to approve the certificates, and it also incurs high computation cost over the public verifier. To solve the certificate management issue in PKI-based protocols and to provide security against quantum computer attacks, in this work, we design a Certificateless RDIC protocol using lattices. In this approach, the data integrity checking can be initiated using data owner’s identity (his name or email address) along with some secret information, which can guarantee the right public key is used for RDIC. Therefore, we can avoid the certificate management issue in PKI-based protocols to verify the data integrity. Finally, our security analysis guarantees that our Certificateless RDIC protocol is secure and it provides the privacy against the verifier, and performance analysis guarantees that it makes the less computation overhead over the public verifier.
Similar content being viewed by others
References
Armbrust M, Fox A, Griffith R, Joseph AD, Katz RH, Konwinski A, Lee G, Patterson DA, Rabkin A, Stoica I, Zaharia M (2010) A view of cloud computing. Commun ACM 53(4):50–58
Krebs B (2009) Payment processor breach may be largest ever. http://voices.washingtonpost.com/securityfix/2009/01/paymentprocessorbreachmayb.html
Ateniese G, Burns R, Curtmola R, Herring J, Kissner L, Peterson Z, Song D (2007) Provable data possession at untrusted stores. In: The Proceedings of ACM CCS 2007, pp 598–610
Wang C, Wang Q, Ren K, Lou WJ (2010) Privacy—preserving public auditing for data storage security in Cloud Computing, In: Proceedings IEEE INFOCOM, San Diego, pp 1–9
Ateniese G, Pietro RD, Mancini LV, Sudik T (2008) Scalable and efficient Provable data possession. In: Proceedings of the 4th international conference on security and privacy in communication networks. Istanbul, Turkey. ACM, pp 1–10
Shacham H, Waters B (2008) Compact proofs of retrievability. In: International conference on Advances in Cryptography-ASIACRYPT 2008. Springer, Berlin, pp. 90–107
Juels A, Kaliski BS (2007) Proofs of retrievability for large files. In: Proc. 14th ACM Conf. Computer and Communication Security (CCS’07), pp 584–597
Zhu Y, Wang H, Hu Z, Ahn GJ, Hu H, Yau SS (2011) Dynamic audit services for integrity verification of outsourced storage in clouds. In: the Proceedings of ACM SA, pp 1550–1557
Wang B, Li H, Li M (2013) Privacy-preserving public auditing for shared cloud data supporting group dynamics. In: the Proceedings of IEEE ICC 2013, pp 62–74
Zhao JN, Xu CX, Li FG, Zhang W (2013) Identity-based public verification with privacy-preserving for data storage security in cloud computing. IEICE Trans 96-A(12):2709–2716
Wang H (2015) Identity-based distributed provable data possession in multi cloud storage. IEEE Trans Serv Comput 8(2):328–340
Wang H, Wu Q, Qin B, Domingo-Ferrer J (2014) Identity-based remote data possession checking in public clouds. IET Inf Secur 8(2):114–121
Zhang J, Dong Q (2016) Efficient id-based public auditing for the outsourced data in cloud storage. Inf Sci 343:1–14
Yu Y, Au MH, Ateniese G (2017) Identity-based remote data integrity checking with perfect data privacy preserving for cloud storage. IEEE Tran Inf Forensics Secur 12(4):767–778
Al-Riyami S, Paterson KG (2003) Certificateless public key cryptography. In: the Proceedings of ASIACRYPT 2003. Springer, pp 452–473
Wang B, Li B, Li H, Fenghua (2013) Certificateless public auditing for data integrity in the cloud. In: 2013 IEEE Conference on Communications and Network Security, CNS 2013, pp 136–144. https://doi.org/10.1109/cns.2013.6682701
Gentry C, Peikert C, Vaikuntanathan V (2008) Trapdoors for hard lattices and new cryptographic constructions. In: Proceedings of the 40th annual ACM symposium on Theory of computing. ACM, pp 197–206
David C, Hofheinz D, Kiltz E (2009) How to delegate a lattice basis. J IACR Cryptol ePrint Arch 25:351–362
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no conflict of interest.
Rights and permissions
About this article
Cite this article
Sasikala, C., Shoba Bindu, C. Certificateless remote data integrity checking using lattices in cloud storage. Neural Comput & Applic 31, 1513–1519 (2019). https://doi.org/10.1007/s00521-018-3546-6
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00521-018-3546-6