Abstract
The cloud storage service becomes a popular tendency based on the cloud computing, which can solve user’s storage bottleneck problem. Data security problems are solved by remote data auditing in cloud storage, which attracts more researchers to pay attention to data verification. In this paper, a new replay attack is defined, and attack process is analyzed in some schemes which cannot avoid the new replay attack. An auditing protocol is proposed that can withstand this attack and supports public auditing, dynamic auditing and batch auditing. The proposed scheme introduces a new data structure which is stored locally by users for dynamic operation. It can avoid the third part auditor getting the outsourced data information. Compared with the related schemes, the experimental results show that the computation costs of the proposal are reasonable and are highly efficient in the stage of verification.
Similar content being viewed by others
References
Dewan H, Hansdah RC (July 2011) A survey of cloud storage facilities. In: Proceeding of the 7th IEEE World Congress Service, pp 224–231
Liu C, Ranjan R, Zhang X et al (2014) Public auditing for big data storage in cloud computing—a survey. In: IEEE International Conference on Computational Science and Engineering. IEEE, pp 1128–1135
Ren K, Wang C, Wang Q (2012) Security challenges for the public cloud. IEEE Internet Comput 16(1):69–73
Ryoo J, Rizvi S, Aiken W, Kissell J (2014) Cloud security auditing: challenges and emerging approaches. IEEE Secur Priv 12(6):68–74
Ateniese G, Burns R, Curtmola R, Herring J, Kissner L, Peterson Z, Song D (2007) Provable data possession at untrusted stores. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, Virginia, USA, pp 598–609
Hsien WF, Yang CC, Hwang MS (2016) A survey of public auditing for secure data storage in cloud computing. Int J Netw Secur 18(1):133–142
Zhang Y, Xu C, Liang X et al (2017) Efficient public verification of data integrity for cloud storage systems from indistinguishability obfuscation. IEEE Trans Inf Forensics Secur 12(3):676–688
Tian H, Chen Y, Chang CC et al (2015) Dynamic-hash-table based public auditing for secure cloud storage. IEEE Trans Serv Comput 1:99
Sookhak M, Yu FR, Zomaya AY (2018) Auditing big data storage in cloud computing using divide and conquer tables. IEEE Trans Parallel Distrib Syst 29(5):999–1012
Zhu Y, Ahn GJ, Hu H et al (2013) Dynamic audit services for outsourced storages in clouds. IEEE Trans Serv Comput 6(2):227–238
Shen J, Shen J, Chen X et al (2017) An efficient public auditing protocol with novel dynamic structure for cloud data. IEEE Trans Inf Forensics Secur 12(10):2402–2415
Garg N, Bawa S (2017) RITS-MHT: relative indexed and time stamped Merkle hash tree based data auditing protocol for cloud computing. J Netw Comput Appl 84:1–13
Juels A, Burton J, Kaliski S (2007) Pors: proofs of retrievability for large files. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, Virginia, USA, pp 584–597
Wang C, Wang Q, Ren K, Lou W (2009) Ensuring data storage security in cloud computing. In: Proceedings of the 17th International Workshop on Quality of Service (IWQoS’09), South Carolina, USA, pp 1–9
Wang Q, Wang C, Ren K, Lou W, Li J (2011) Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans Parallel Distrib Syst 22(5):847–859
Erway C, Papamanthou AKC, Tamassia R (2009) Dynamic provable data possession. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, Illinois, USA, pp 213–222
Wang C, Chow SSM, Wang Q, Ren K, Lou W (2013) Privacy-preserving public auditing for secure cloud storage. IEEE Trans Comput 62(2):362–375
Shen W, Yu J, Xia H et al (2017) Light-weight and privacy-preserving secure cloud auditing scheme for group users via the third party medium. J Netw Comput Appl 82:56–64
Wang C, Ren K, Lou W, Li J (2010) Toward publicly auditable secure cloud data storage services. IEEE Netw 24(4):19–24
Wang J, Chen X, Huang X et al (2015) Verifiable auditing for outsourced database in cloud computing. IEEE Trans Comput 64(11):3293–3303
Yan Y, Wu L, Gao G et al (2018) A dynamic integrity verification scheme of cloud storage data based on lattice and Bloom filter. J Inf Secur Appl 39:10–18
Yu Y, Zhang Y, Ni J et al (2015) Remote data possession checking with enhanced security for cloud storage. Future Gener Comput Syst 52:77–85
Wang C, Wang Q, Ren K, Lou W (2010) Privacy-preserving public auditing for data storage security in cloud computing. In: Proceeding of the IEEE INFOCOM, pp 1–9
Sookhak M, Gani A, Khan MK et al (2017) Dynamic remote data auditing for securing big data storage in cloud computing. Inf Sci 380:101–116
Yi M, Wei J, Song L (2017) Efficient integrity verification of replicated data in cloud computing system. Comput Secur 65:202–212
Feng B, Ma X, Guo C et al (2016) An efficient protocol with bidirectional verification for storage security in cloud computing. IEEE Access 4:7899–7911
Wei J, Zhang R, Liu J et al (2017) Dynamic data integrity auditing for secure outsourcing in the cloud. Concurr Comput Pract Exp 29(12):e4013
Saxena R, Dey S (2016) Cloud audit: a data integrity verification approach for cloud computing. Proc Comput Sci 89:142–151
Tang X, Qi Y, Huang Y (2016) Reputation audit in multi-cloud storage through integrity verification and data dynamics. In: 2016 IEEE 9th International Conference on Cloud Computing (CLOUD). IEEE, pp 624–631
Boneh D, Lynn B, Shacham H (2001) Short signatures from the weil pairing. In: Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology (ASIACRYPT’01), Gold Coast, Australia, pp 514–532
Bao F, Deng R, Zhu H (2003) Variations of Diffie–Hellman problem. Proc ICICS 2003:301–312
Kaisa N, Rueppel R (1996) Message recovery for signature schemes based on the discrete logarithm problem. Des Codes Cryptogr 7(1):61–81
Lynn B (2015) The pairing-based cryptographic library. http://crypto.Stanford.edu/pbc/
Acknowledgements
This work is supported by the National Science foundation of China (Nos. 61472074, U1708262, 61662089) and the Fundamental Research Funds for the Central Universities (No. N172304023).
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Fan, K., Liu, M., Dong, G. et al. Enhancing cloud storage security against a new replay attack with an efficient public auditing scheme. J Supercomput 76, 4857–4883 (2020). https://doi.org/10.1007/s11227-018-2645-6
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-018-2645-6