Skip to main content
SpringerLink
Log in

Achieving public verifiability and data dynamics for cloud data in the standard model

  • Published:
Cluster Computing Aims and scope Submit manuscript

Abstract

As an important cloud service, cloud storage can provide flexible data outsourcing services for data users. After the data are outsourced to the cloud, data user no longer physical controls over the stored data. To ensure these data to be kept intact at the cloud servers, many different solutions have been proposed. Whereas most of existing solutions can only deal with static data. To support dynamic data, some schemes solve it by adopting authenticated data structure. To the best of our knowledge, these schemes may exist the following flaws: (1) they bring heavy communication/computation burdens to the auditor; (2) they exist some security attack; (3) they are only proven to be secure in the random orale model; (4) data may be leaked in the auditing. Motivated by the above problems, we propose two novel public auditing schemes by introducing rb23Tree data structure. They can not only achieve public verification, but also support dynamics data updating. Furthermore, our second scheme also supports data privacy. As for the auditor, to reduce its computational cost and communication cost, our scheme migrates the partial auditing metadata from the cloud server to the auditor, it makes that communication overhead between the auditor and cloud server is constant. Finally, we show that our schemes are proven to be secure in the standard model, and evaluate the auditing performance by simulation experiment and comparison with Wang et al.’s scheme. The results demonstrate that our schemes outperforms Wang et al.’s scheme in terms of computation costs and communication overhead.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2

Similar content being viewed by others

References

  1. Dropbox. https://www.dropbox.com

  2. GoogleDrive. http://www.google.com/drive/index.html

  3. Yuan, J.: Secure and verifiable data storage and utilization in cloud computing, Ph.D. dissertation, Stanford University (2015). http://pages.erau.edu/~yuanj/cloud-research.html

  4. Li, Y., Yu, Y., Min, G., Susilo, W., Ni, J., Choo K-K.R.: Fuzzy identity-based data integrity auditing for reliable cloud storage systems. IEEE Trans. Dependable and Secure Comput. doi:10.1109/TDSC.2017.2662216

  5. Choo, Kim-Kwang Raymond, Domingo-Ferrer, Josep, Zhang, Lei: Cloud cryptography: theory, practice and future research directions. Future Gener. Comput. Syst. 62, 51–53 (2016)

    Article  Google Scholar 

  6. Juliadotter, N.V., Choo, K.K.R.: Cloud Attack. IEEE Cloud Computing, 2(1): 14–20

  7. Osanaiyea, Opeyemi, Choo, Kim-Kwang Raymond, Dlodloa, Mqhele: Distributed denial of service (DDoS) resilience in cloud: review and conceptual cloud DDoS mitigation framework. J. Netw. Comput. Appl. 67, 147–165 (2016)

    Article  Google Scholar 

  8. Ateniese, S.G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song, D.: Provable Data Possession at Untrusted Stores. In: Proceedings of 14th ACM Conference Computer and Communication Security (CCS 07), pp. 598–609 (2007)

  9. Juels, A., Kaliski Jr., B.S.: PORs: Proofs of retrievability for large files. In: Proceedings of 14th ACM Conference Computer and Communication Security (CCS’07), pp. 584–597 (2007)

  10. Erway, C.C., Kupcu, A., Papamanthou, C., Tamassia, R.: Dynamic provable data possession. In: Proceedings of 16th ACM Conference Computer and Communication Security, pp. 213–222 (2009)

  11. Shacham, H., Waters, B.: Compact proofs of retrievability. In: Proceedings of 14th International Conference Theory and Application of Cryptology and Information Security: Advances in Cryptology (ASIACRYPT’08), pp. 90–107 (2008)

  12. Xiong, H., Beznosov, K., Qin, Z., Ripeanu, M.: Efficient and spontaneous privacy-preserving protocol for secure vehicular communication. In: IEEE-ICC, pp. 1–6 (2010)

  13. Ren, K., Wang, C., Wang, Q.: Security challenges for the public cloud. IEEE Internet Comput. 16(1), 69–73 (2012)

    Article  Google Scholar 

  14. Wang, H., Wu, Q., Qin, B., Domingo-Ferrer, J.: Identity-based remote data possession checking in public clouds. IET Inf. Secur. doi:10.1049/iet-ifs.2012.0271

  15. Sebe, F., Domingo-Ferrer, J., Martnez-Balleste, A., Deswarte, Y., Quisquater, J.-J.: Efficient remote data possession checking in critical information infrastructures. IEEE Trans. Knowl. Data Eng. 20(8), 1034–1038 (2008)

    Article  Google Scholar 

  16. Shah, M.A., Baker, M., Mogul, J.C., Swaminathan, R.: Auditing to keep online storage services honest. In: Hunt, G.C. (ed.), Proceedings of 11th USENIX Workshop Hot Topics in Operating Systems (HOTOS) (2007)

  17. Chang, E.-C., Xu, J.: Remote integrity check with dishonest storage server. In: Proceedings of 13th European Symposium Research in Computer Security (ESORICS’08), pp. 223–237 (2008)

  18. Quick, Darren, Choo, Kim-Kwang Raymond: Google drive: forensic analysis of data remnants. J. Netw. Comput. Appl. 40, 179–193 (2014)

    Article  Google Scholar 

  19. Quick, D., Martini, B., Choo, K.K.R.: Cloud Storage Forensics. Syngress Publishing, Elsevier, Waltham (2013)

    Google Scholar 

  20. Zhu, Y., Wang, H., Hu, Z., Ahn, G.J., Hu, H., Yau, S.S.: Dynamic audit services for outsourced storage in clouds. IEEE Trans. Serv. Comput. 6(2), 227–238 (2013)

    Article  Google Scholar 

  21. Daza, V., Domingo-Ferrer, J., Seb, F., Viejo, A.: Trustworthy privacy-preserving car-generated announcements in vehicular ad hoc networks. IEEE Trans. Veh. Technol. 58(4), 1876–1886 (2009)

    Article  Google Scholar 

  22. Gamage, C., Gras, B., Tanenbaum, A.S.: An identity-based ring signature scheme with enhanced privacy. In: Proceedings of IEEE SecureComm Conference, pp. 1–5 (2006)

  23. Chen, L., Morrissey, P., Smart, N.P.: DAA: Fixing the pairing based protocols. Cryptology ePrint Archive: Report 2009/198. http://eprint.iacr.org/2009/198. Accessed 10 Dec 2009

  24. Jiang, Y., Shi, M., Shen, X., Lin, C.: BAT: a robust signature scheme for vehicular communications using binary authentication tree. IEEE Trans. Wirel. Commun. 8(4), 1974–1983 (2009)

    Article  Google Scholar 

  25. Ferrara, A.L., Green, M., Hohenberger, S., Pedersen, M.Ø.: On the practicality of short signature batch verification. http://eprint.iacr.org/2008/015

  26. Gritti(B), C., Susilo, W., Plantard, T.: Efficient dynamic provable data possession with public verifiability and data privacy. In: ACISP 2015, LNCS 9144, pp. 395–412 (2015)

  27. Pointcheval, D., Stern, J.: Security proofs for signature schemes. In: EUROCRYPT. LNCS, vol. 1070, pp. 387–398 (1996)

  28. Goh, E.-J., Jarecki, S.: A signature scheme as secure as the Diffie–Hellman problem. In: EUROCRYPT. LNCS, vol. 2656, pp. 401–415 (2003)

  29. Yu, Y. Au, M. H., Ateniese, G., Huang, X., Susilo, W., Dai, Y., Min, G.: Identity-based remote data integrity checking with perfect data privacy preserving for cloud storage. IEEE Trans. Inf. Forensic Secur. 12, 767–778 (2017)

  30. Zheng, Q., Xu, S.: Fair and dynamic proofs of retrievability. In: CODASPY’11, ACM, pp. 237–248 (2011)

  31. Zhang, J.H., Chen, H., Yang, Y.X.: Efficient blind signature scheme based on modified generalized bilinear inversion. Key Eng. Mater. 439–440, 1265–1270 (2010)

    Article  Google Scholar 

  32. Ni, Jianbing, Yong, Yu., Yi, Mu, Xia, Qi: On the security of an efficient dynamic auditing protocol in cloud storage. IEEE Trans. Parallel Distrib. Syst. 25(10), 2760–2761 (2014)

    Article  Google Scholar 

  33. Miyaji, A., Nakabayashi, M., Takano, S.: New explicit conditions of elliptic curve traces for FR-reduction. IEICE Trans. Fundam. E84–A(5), 1234-123 (2001)

    MATH  Google Scholar 

  34. Wang, Q., Wang, C., Ren, K., Lou, W., Li, J.: Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans. Parallel Distrib. Syst. 22(5), 847–859 (2011)

    Article  Google Scholar 

Download references

Acknowledgements

This work was supported by Beijing Municipal Natural Science Foundation (Nos. 4162020, 4132056), Research Fund of Guangxi Key Lab of Multi-source Information Mining & Security (No. MIMS16-01) and the Fundamental Research Funds for the Central Universities under Grant ZYGX2015J059, GK201702004.

Author information

Authors and Affiliations

  1. College of Science, North China University of Technology, Beijing, 100144, China

    Jianhong Zhang & Hongxin Meng

  2. Guangxi Key Lab of Multi-source Information Mining & Security, Guilin, China

    Jianhong Zhang

  3. School of Computer Science, Shaanxi Normal University, Xi’an, 710062, China

    Yong Yu

Authors
  1. Jianhong Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hongxin Meng
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yong Yu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yong Yu.

Appendix

Appendix

figure d

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Zhang, J., Meng, H. & Yu, Y. Achieving public verifiability and data dynamics for cloud data in the standard model. Cluster Comput 20, 2641–2653 (2017). https://doi.org/10.1007/s10586-017-0804-9

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10586-017-0804-9

Keywords

Search

Navigation