Skip to main content
SpringerLink
Log in

Enhancing cloud storage security against a new replay attack with an efficient public auditing scheme

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

The cloud storage service becomes a popular tendency based on the cloud computing, which can solve user’s storage bottleneck problem. Data security problems are solved by remote data auditing in cloud storage, which attracts more researchers to pay attention to data verification. In this paper, a new replay attack is defined, and attack process is analyzed in some schemes which cannot avoid the new replay attack. An auditing protocol is proposed that can withstand this attack and supports public auditing, dynamic auditing and batch auditing. The proposed scheme introduces a new data structure which is stored locally by users for dynamic operation. It can avoid the third part auditor getting the outsourced data information. Compared with the related schemes, the experimental results show that the computation costs of the proposal are reasonable and are highly efficient in the stage of verification.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13

Similar content being viewed by others

References

  1. Dewan H, Hansdah RC (July 2011) A survey of cloud storage facilities. In: Proceeding of the 7th IEEE World Congress Service, pp 224–231

  2. Liu C, Ranjan R, Zhang X et al (2014) Public auditing for big data storage in cloud computing—a survey. In: IEEE International Conference on Computational Science and Engineering. IEEE, pp 1128–1135

  3. Ren K, Wang C, Wang Q (2012) Security challenges for the public cloud. IEEE Internet Comput 16(1):69–73

    Article  MathSciNet  Google Scholar 

  4. Ryoo J, Rizvi S, Aiken W, Kissell J (2014) Cloud security auditing: challenges and emerging approaches. IEEE Secur Priv 12(6):68–74

    Article  Google Scholar 

  5. Ateniese G, Burns R, Curtmola R, Herring J, Kissner L, Peterson Z, Song D (2007) Provable data possession at untrusted stores. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, Virginia, USA, pp 598–609

  6. Hsien WF, Yang CC, Hwang MS (2016) A survey of public auditing for secure data storage in cloud computing. Int J Netw Secur 18(1):133–142

    Google Scholar 

  7. Zhang Y, Xu C, Liang X et al (2017) Efficient public verification of data integrity for cloud storage systems from indistinguishability obfuscation. IEEE Trans Inf Forensics Secur 12(3):676–688

    Article  Google Scholar 

  8. Tian H, Chen Y, Chang CC et al (2015) Dynamic-hash-table based public auditing for secure cloud storage. IEEE Trans Serv Comput 1:99

    Google Scholar 

  9. Sookhak M, Yu FR, Zomaya AY (2018) Auditing big data storage in cloud computing using divide and conquer tables. IEEE Trans Parallel Distrib Syst 29(5):999–1012

    Article  Google Scholar 

  10. Zhu Y, Ahn GJ, Hu H et al (2013) Dynamic audit services for outsourced storages in clouds. IEEE Trans Serv Comput 6(2):227–238

    Article  Google Scholar 

  11. Shen J, Shen J, Chen X et al (2017) An efficient public auditing protocol with novel dynamic structure for cloud data. IEEE Trans Inf Forensics Secur 12(10):2402–2415

    Article  Google Scholar 

  12. Garg N, Bawa S (2017) RITS-MHT: relative indexed and time stamped Merkle hash tree based data auditing protocol for cloud computing. J Netw Comput Appl 84:1–13

    Article  Google Scholar 

  13. Juels A, Burton J, Kaliski S (2007) Pors: proofs of retrievability for large files. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, Virginia, USA, pp 584–597

  14. Wang C, Wang Q, Ren K, Lou W (2009) Ensuring data storage security in cloud computing. In: Proceedings of the 17th International Workshop on Quality of Service (IWQoS’09), South Carolina, USA, pp 1–9

  15. Wang Q, Wang C, Ren K, Lou W, Li J (2011) Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans Parallel Distrib Syst 22(5):847–859

    Article  Google Scholar 

  16. Erway C, Papamanthou AKC, Tamassia R (2009) Dynamic provable data possession. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, Illinois, USA, pp 213–222

  17. Wang C, Chow SSM, Wang Q, Ren K, Lou W (2013) Privacy-preserving public auditing for secure cloud storage. IEEE Trans Comput 62(2):362–375

    Article  MathSciNet  Google Scholar 

  18. Shen W, Yu J, Xia H et al (2017) Light-weight and privacy-preserving secure cloud auditing scheme for group users via the third party medium. J Netw Comput Appl 82:56–64

    Article  Google Scholar 

  19. Wang C, Ren K, Lou W, Li J (2010) Toward publicly auditable secure cloud data storage services. IEEE Netw 24(4):19–24

    Article  Google Scholar 

  20. Wang J, Chen X, Huang X et al (2015) Verifiable auditing for outsourced database in cloud computing. IEEE Trans Comput 64(11):3293–3303

    Article  MathSciNet  Google Scholar 

  21. Yan Y, Wu L, Gao G et al (2018) A dynamic integrity verification scheme of cloud storage data based on lattice and Bloom filter. J Inf Secur Appl 39:10–18

    Google Scholar 

  22. Yu Y, Zhang Y, Ni J et al (2015) Remote data possession checking with enhanced security for cloud storage. Future Gener Comput Syst 52:77–85

    Article  Google Scholar 

  23. Wang C, Wang Q, Ren K, Lou W (2010) Privacy-preserving public auditing for data storage security in cloud computing. In: Proceeding of the IEEE INFOCOM, pp 1–9

  24. Sookhak M, Gani A, Khan MK et al (2017) Dynamic remote data auditing for securing big data storage in cloud computing. Inf Sci 380:101–116

    Article  Google Scholar 

  25. Yi M, Wei J, Song L (2017) Efficient integrity verification of replicated data in cloud computing system. Comput Secur 65:202–212

    Article  Google Scholar 

  26. Feng B, Ma X, Guo C et al (2016) An efficient protocol with bidirectional verification for storage security in cloud computing. IEEE Access 4:7899–7911

    Article  Google Scholar 

  27. Wei J, Zhang R, Liu J et al (2017) Dynamic data integrity auditing for secure outsourcing in the cloud. Concurr Comput Pract Exp 29(12):e4013

    Article  Google Scholar 

  28. Saxena R, Dey S (2016) Cloud audit: a data integrity verification approach for cloud computing. Proc Comput Sci 89:142–151

    Article  Google Scholar 

  29. Tang X, Qi Y, Huang Y (2016) Reputation audit in multi-cloud storage through integrity verification and data dynamics. In: 2016 IEEE 9th International Conference on Cloud Computing (CLOUD). IEEE, pp 624–631

  30. Boneh D, Lynn B, Shacham H (2001) Short signatures from the weil pairing. In: Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology (ASIACRYPT’01), Gold Coast, Australia, pp 514–532

  31. Bao F, Deng R, Zhu H (2003) Variations of Diffie–Hellman problem. Proc ICICS 2003:301–312

    Google Scholar 

  32. Kaisa N, Rueppel R (1996) Message recovery for signature schemes based on the discrete logarithm problem. Des Codes Cryptogr 7(1):61–81

    MATH  Google Scholar 

  33. Lynn B (2015) The pairing-based cryptographic library. http://crypto.Stanford.edu/pbc/

Download references

Acknowledgements

This work is supported by the National Science foundation of China (Nos. 61472074, U1708262, 61662089) and the Fundamental Research Funds for the Central Universities (No. N172304023).

Author information

Authors and Affiliations

  1. School of Computer and Communication Engineering, Northeastern University, Shenyang, 110819, Liaoning, People’s Republic of China

    Kuan Fan & Mingxi Liu

  2. School of Electrical and Information Technology, Yunnan Minzu University, Kunming, 650031, Yunnan, People’s Republic of China

    Guofang Dong

  3. School of Computer and Communication Engineering, Northeastern University, Qinhuangdao, 066000, Hebei, People’s Republic of China

    Wenbo Shi

Authors
  1. Kuan Fan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mingxi Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Guofang Dong
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Wenbo Shi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Wenbo Shi.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Fan, K., Liu, M., Dong, G. et al. Enhancing cloud storage security against a new replay attack with an efficient public auditing scheme. J Supercomput 76, 4857–4883 (2020). https://doi.org/10.1007/s11227-018-2645-6

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-018-2645-6

Keywords

Search

Navigation