Abstract
Integrity audit technology is proposed to protect data in remote cloud servers from being tampered with. However, the challenge is that the computational complexity is too large for users with resource-constrained devices during integrity verification. Also, many prior works lack support for dynamic operations. In this paper, a trusted third party is employed to complete the public auditing to reduce the computational complexity of users. Meanwhile, a trusted proxy server is employed to compute the tags under the delegation of the data owner. To improve the efficiency of data retrieval and support dynamic operations, a new authentication structure is proposed by combining Merkle Hash Tree and B* tree. Based on the new authentication structure, we propose a public integrity auditing scheme, which is secure against forge attacks under the assumptions of the discrete logarithm problem and the computational Diffie-Hellman problem in bilinear groups in the random oracle model. Security analysis and experiment results show that our scheme is provably secure and has low communication complexity and computational complexity.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Ateniese, G., Burns, R., Curtmola, R., et al.: Provable data possession at untrusted stores. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 598–609. ACM (2007)
Juels, A., Kaliski, Jr B.S.: PORs: proofs of retrievability for large files. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 584–597. ACM (2007)
Shacham, H., Waters, B.: Compact proofs of retrievability. In: International Conference on the Theory and Application of Cryptology and Information Security, pp. 90–107. Springer, Heidelberg (2008)
Sun, Y., Liu, Q., Chen, X., Du, X.: An adaptive authenticated data structure with privacy-preserving for big data stream in cloud. IEEE Trans. Inf. Forensics Secur. 15, 3295–3310 (2020)
Zhang, Y., Xu, C., Lin, X., Shen, X.S.: Blockchain-based public integrity verification for cloud storage against procrastinating auditors. IEEE Trans. Cloud Comput. (2019). https://doi.org/10.1109/TCC.2019.2908400
Zhang, X., Zhao, J., Xu, C., Li, H., Wang, H., Zhang, Y.: CIPPPA: conditional identity privacy-preserving public auditing for cloud-based WBANs against malicious auditors. IEEE Trans. Cloud Comput. (2019). https://doi.org/10.1109/TCC.2019.2927219
Shen, W., Qin, J., Yu, J., Hao, R., Hu, J., Ma, J.: Data integrity auditing without private key storage for secure cloud storage. IEEE Trans. Cloud Comput. (2019). https://doi.org/10.1109/TCC.2019.2921553
Balasubramanian, V., Mala, T.: Cloud data integrity checking using bilinear pairing and network coding. Clust. Comput. 22(3), 6927–6935 (2019)
Fan, Y., Lin, X., Tan, G., et al.: One secure data integrity verification scheme for cloud storage. Future Gener. Comput. Syst. 96, 376–385 (2019)
Li, F., Hadjieleftheriou, M., Kollios, G., et al.: Dynamic authenticated index structures for outsourced databases. In: Proceedings of the 2006 ACM SIGMOD international conference on Management of data, pp. 121–132. ACM (2006)
Erway, C.C., \(K\ddot{u}pc\ddot{u}\) A., Papamanthou, C., et al.: Dynamic provable data possession. In Proceedings of the 14th International Conference on Computer Communication Security, pp. 213–222. ACM (2009)
Wang, Q., Wang, C., Ren, K., et al.: Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans. Parallel Distrib. Syst. 22(5), 847–859 (2011)
Liu, C., Ranjan, R., Yang, C., et al.: Mur-DPA: top-down levelled multi-replica merkle hash tree based secure public auditing for dynamic big data storage on cloud. IEEE Trans. Comput. 64(9), 2609–2622 (2015)
Zhu, Y., Ahn, G.J., Hu, H., et al.: Dynamic audit services for outsourced storages in clouds. IEEE Trans. Serv. Comput. 6(2), 227–238 (2013)
Yuan, J., Yu, S.: Public integrity auditing for dynamic data sharing with multiuser modification. IEEE Trans. Inf. Forensics Secur. 10(8), 1717–1726 (2015)
Zhang, J., Meng, H., Yu, Y.: Achieving public verifiability and data dynamics for cloud data in the standard model. Clust. Comput. 20(3), 2641–2653 (2017)
Li, J., Squicciarini, A.C., Lin, D., et al.: MMB \(^{cloud} \)-tree: authenticated index for verifiable cloud service selection. IEEE Trans. Depend. Secur. Comput. 14(2), 185–198 (2017)
Shen, J., Shen, J., Chen, X., Huang, X., Susilo, W.: An efficient public auditing protocol with novel dynamic structure for cloud data. IEEE Trans. Inf. Forensics Secur. 12(10), 2402–2415 (2017)
Li, X., Liu, S., Lu, R.: Comments on a public auditing protocol with novel dynamic structure for cloud data. IEEE Trans. Inf. Forensics Secur. 15, 2881–2883 (2020)
Jin, H., Jiang, H., Zhou, K.: Dynamic and public auditing with fair arbitration for cloud data. IEEE Trans. Cloud Comput. 6(3), 680–693 (2018)
Shang, T., Zhang, F., Chen, X., Liu, J., Lu, X.: Identity-based dynamic data auditing for big data storage. IEEE Trans. Big Data (2019). https://doi.org/10.1109/TBDATA.2019.2941882
Daniel, E., Vasanthi, N.A.: LDAP: a lightweight deduplication and auditing protocol for secure data storage in cloud environment. Clust. Comput. 22(1), 1247–1258 (2019)
He, K., Chen, J., Yuan, Q., Ji, S., He, D., Du, R.: Dynamic group-oriented provable data possession in the cloud. IEEE Trans. Depend. Secur. Comput. (2019). https://doi.org/10.1109/TDSC.2019.2925800
Sengupta, B., Ruj, S.: Efficient proofs of retrievability with public verifiability for dynamic cloud storage. IEEE Trans. Cloud Comput. 8(1), 138–151 (2020)
Rao, L., Zhang, H., Tu, T.: Dynamic outsourced auditing services for cloud storage based on batch-leaves-authenticated Merkle hash tree. IEEE Trans. Serv. Comput. 13(3), 451–463 (2020)
Liang, W., Fan, Y., Li, K.C., et al.: Secure data storage and recovery in industrial blockchain network environments. IEEE Trans. Ind. Inform. 16(10), 6543–6552 (2020)
Mishra, R., Ramesh, D., Edla, D.R.: Dynamic large branching hash tree based secure and efficient dynamic auditing protocol for cloud environment. Clust. Comput. (2020). https://doi.org/10.1007/s10586-020-03193-0
Rabaninejad, R., Asaar, M.R., Attari, M.A., et al.: An identity-based online/offline secure cloud storage auditing scheme. Clust. Comput. 23, 1455–1468 (2020)
Yu, Y., Au, M.H., Ateniese, G., et al.: Identity-based remote data integrity checking with perfect data privacy preserving for cloud storage. IEEE Trans. Inf. Forensics Secur. 12(4), 767–778 (2017)
Wang, Y., Wu, Q., Qin, B., et al.: Identity-based data outsourcing with comprehensive auditing in clouds. IEEE Trans. Inf. Forensics Secur. 12(4), 940–952 (2017)
Li, J., Tan, X., Chen, X., et al.: Opor: enabling proof of retrievability in cloud computing with resource-constrained devices. IEEE Trans. Cloud Comput. 3(2), 195–205 (2015)
Li, J., Yan, H., Zhang, Y.: Identity-based privacy preserving remote data integrity checking for cloud storage. IEEE Syst. J. (2020). https://doi.org/10.1109/JSYST.2020.2978146
Acknowledgements
The authors would like to thank the editor and anonymous reviewers for their valuable advice that is very helpful for improving our paper. This work was supported by Scientific Research Program Funded by Shaanxi Provincial Education Department (Program No. 20JK0906), National Natural Science Foundation of China under grant (No. 61802302), National Key R&D Program of China (No. 2017YFB0802400), and the Research Foundation of Education Bureau of Hunan Province (No. 17C1538).
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Luo, W., Ma, W. & Gao, J. MHB*T based dynamic data integrity auditing in cloud storage. Cluster Comput 24, 2115–2132 (2021). https://doi.org/10.1007/s10586-021-03248-w
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10586-021-03248-w