Skip to main content
SpringerLink
Log in

Verifying remote data integrity in peer-to-peer data storage: A comprehensive survey of protocols

  • Published:
Peer-to-Peer Networking and Applications Aims and scope Submit manuscript

Abstract

This paper surveys protocols that verify remote data possession. These protocols have been proposed as a primitive for ensuring the long-term integrity and availability of data stored at remote untrusted hosts. Externalizing data storage to multiple network hosts is becoming widely used in several distributed storage and P2P systems, which urges the need for new solutions that provide security properties for the remote data. Replication techniques cannot ensure on their own data integrity and availability, since they only offer probabilistic guarantees. Moreover, peer dynamics (i.e., peers join and leave at any time) and their potential misbehavior (e.g., free-riding) exacerbate the difficult challenge of securing remote data. To this end, remote data integrity verification protocols have been proposed with the aim to detect faulty and misbehaving storage hosts, in a dynamic and open setting as P2P networks. In this survey, we analyze several of these protocols, compare them with respect to expected security guarantees and discuss their limitations.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

Notes

  1. http://wua.la/en/home.html

  2. http://allmydata.org/

  3. http://www.ubistorage.com/

  4. http://www.cucku.com/

References

  1. Ateniese G, Di Pietro R, Mancini LV, Tsudik G (2008) Scalable and efficient provable data possession. In Proceedings of the 4th international conference on security and privacy in communication networks (SecureComm’08), 1–10, 2008

  2. Ateniese G, Burns R, Curtmola R, Herring J, Kissner L, Peterson Z, Song D (2007) Provable data possession at untrusted stores. In Proceedings of the 14th ACM conference on computer and communications security, ACM, 2007, 598–609

  3. Bellare M, Goldreich O, Goldwasser S (1995) Incremental cryptography and application to virus protection. In Proceedings of the 27th annual ACM symposium on theory of computing, Las Vegas, Nevada, United States, 45–56, May 29-June 01, 1995

  4. Blum M, Evans WS, Gemmell P, Kannan S, Naor M (1991) Checking the correctness of memories. In 32nd annual symposium on foundations of computer science, San Juan, Puerto Rico, 90–99, 1–4 October 1991

  5. Bowers KD, Juels A, Oprea A (2009) HAIL: a high-availability and integrity layer for cloud storage. 16th ACM Conference on Computer and Communications Security CCS, November 9–13, 2009

  6. Caronni G, Waldvogel M (2003) Establishing trust in distributed storage providers. In Proceedings of 3rd IEEE international conference on P2P computing, Linkoping, Sweden, 128–133, September 2003

  7. Chang EC, Xu J (2008) Remote integrity check with dishonest storage server. 13th European Symposium on Research in Computer Security (ESORICS), 223–237, 2008

  8. Deswarte Y, Quisquater J-J, Saïdane A (2004) Remote integrity checking. In Proceedings of 6th working conference on Integrity and Internal Control in Information Systems (IICIS)

  9. Erway C, Kupcu A, Papamanthou C, Tamassia R (2008) In Proceedings of the ACM International Conference on Computer and Communications Security (CCS), Chicago IL, USA, 213–222, 2009

  10. Filho LDG, Barreto PSLM (2006) Demonstrating data possession and uncheatable data transfer. Cryptology ePrint Archive, Report 2006/150, 2006. http://eprint.iacr.org

  11. Golle P, Jarecki S, Mironov I (2002) Cryptographic primitives enforcing communication and storage complexity. In Proceeding of financial cryptography, 120–135, 2002

  12. Juels A, Kaliski BS (2007) PORs: proofs of retrievability for large files. Cryptology ePrint archive, June 2007. Report 2007/243

  13. Koblitz N (1987) Elliptic curve cryptosystems. Mathematics of computation, vol 48, 203–209, 1987

  14. Leng C, Terpstra WW, Kemme B, Stannat W, Buchmann AP (2008) Maintaining replicas in unstructured P2P systems. CoNEXT, page 19. ACM, 2008

  15. Lillibridge M, Elnikety S, Birrell A, Burrows M, Isard M (2003) A cooperative internet backup scheme. In Proceedings of the 2003 usenix annual technical conference (General Track), San Antonio, Texas, 29–41, June 2003

  16. Merkle RC (1987) A digital signature based on a conventional encryption function. In CRYPTO '87, conference on the theory and applications of cryptographic techniques on advances in cryptology (1988), 369–378

  17. Naor M, Rothblum GN (2005) The complexity of online memory checking. In Proceeding of 46th Annual IEEE Symposium on Foundations of Computer Science (FOCS 2005), 573–584

  18. Okamoto T (2006) Cryptography based on bilinear maps. The 16th International Symposium on Applied Algebra, Algebraic Algorithms and Error-Correcting Codes—AAECC-16, Lecture notes in computer science, vol 3857. Springer-Verlag, pp 35–502006

  19. Oualha N (2009) Security and cooperation for peer-to-peer data storage. PhD Thesis, EURECOM/Telecom ParisTech, June, 2009

  20. Oualha N, Roudier Y (2007) Securing ad hoc storage through probabilistic cooperation assessment. 3rd Workshop on Cryptography for Ad hoc Networks, July 8th, 2007, Wroclaw, Poland. Electronic notes in theoretical computer science, vol 192, N°2, May 26, 2008, pp 17–29

  21. Oualha N, Roudier Y (2008) Reputation and audits for self-organizing storage. In Proceedings of the 1st workshop on Security in Opportunistic and SOCial Networks (SOSOC 2008), Istanbul, Turkey, September 2008

  22. Oualha N, Roudier Y (2010) Securing P2P storage with a self-organizing payment scheme. 3rd international workshop on autonomous and spontaneous security (SETOP 2010), Athens, Greece, September 23, 2010

  23. Oualha N, Önen M, Roudier Y (2008) A security protocol for self-organizing data storage. 23rd International Information Security Conference (IFIP SEC 2008), Milan, Italy, 675–679, September 2008

  24. Oualha N, Önen M, Roudier Y (2010) Secure P2P data storage and maintenance. Hindawi Int J Digit Multimedia Broadcast 2010, Article ID 720251, 2010

  25. Oualha N, Önen M, Roudier Y (2008) A security protocol for self-organizing data storage. EURECOM Research Report RR-08-208 (extended version), 2008

  26. Pugh W (1989) Skip lists: a probabilistic alternative to balanced trees. In workshop on algorithms and data structures (1989), pp. 437–449

  27. Schwarz T, Miller EL (2006) Store, forget, and check: using algebraic signatures to check remotely administered storage. In Proceedings of the IEEE Int’l Conference on Distributed Computing Systems (ICDCS '06), July 2006

  28. Sebé F, Domingo-Ferrer J, Martínez-Ballesté A, Deswarte Y, Quisquater J-J (2007) Efficient remote data possession checking in critical information infrastructures. IEEE Trans Knowl Data Eng 20:1034–1038, Aug 2008. ISSN: 1041-4347

    Article  Google Scholar 

  29. Shacham H, Waters B (2008) Compact proofs of retrievability. In Proceedings of Asiacrypt 2008, lecture notes in computer science, vol 5350. Springer-Verlag, pp. 90–107, 2008

  30. Wang C, Wang Q, Ren K, Lou W (2010) Privacy-preserving public auditing for data storage security in cloud computing. In Proceedings of the 29th conference on information communications, San Diego, California, USA, 525–533, March 14–19, 2010

  31. Wang Q, Wang C, Li J, Ren K, Lou W (2009) Enabling public verifiability and data dynamics for storage security in cloud computing. 14th European Symposium on Research in Computer Security (ESORICS 2009), Saint Malo, France, pp. 355–70, September 21–25, 2009

  32. Zeng K (2008) Publicly verifiable remote data integrity. 10th International Conference on Information and Communications Security (ICICS 2008), pp. 419–434, 20–22 October, 2008

  33. Dodis Y, Vadhan S, Wichs D (2009) Proofs of retrievability via hardness amplification. In Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography (TCC '09), Omer Reingold (ed). Springer-Verlag, Berlin, Heidelberg, 109–127

  34. Bowers KD, Juels A, Oprea A (2009) Proofs of retrievability: theory and implementation. In Proceedings of the 2009 ACM workshop on cloud computing security (CCSW '09). ACM, New York, NY, USA, 43–54

Download references

Author information

Authors and Affiliations

  1. CEA, LIST, Communicating Systems Laboratory, CEA Saclay Nano-INNOV, Bât. 451 – PC 94, 91191, Gif sur Yvette Cedex, France

    Nouha Oualha

  2. Institut Telecom - TELECOM ParisTech, Dep. Informatique et Réseaux, CNRS LTCI-UMR 5141, 46 rue Barrault, 75634, Paris Cedex 13, France

    Jean Leneutre

  3. Dep. Réseaux et Sécurité, EURECOM, 2225, Route des Crêtes, 06650, Valbonne Sophia Antipolis, France

    Yves Roudier

Authors
  1. Nouha Oualha
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jean Leneutre
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yves Roudier
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Nouha Oualha.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Oualha, N., Leneutre, J. & Roudier, Y. Verifying remote data integrity in peer-to-peer data storage: A comprehensive survey of protocols. Peer-to-Peer Netw. Appl. 5, 231–243 (2012). https://doi.org/10.1007/s12083-011-0117-3

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12083-011-0117-3

Keywords

Search

Navigation